#ubuntu-server 2006-11-20
<grogoreo> hi
<grogoreo> I'm running shorewall but it seems that it's slowing the system down and when I try to ping it, nothing comes back for a long time though I can use services like HTTP and SSH
<grogoreo> but when I turn it off I can ping it no problem
<napg> Hi, could someone help me make a network server for internet sharing?
<mralphabet> napg: you could look at http://jonpeck.blogspot.com/2006/11/how-to-configure-80-fileserver-in-45.html for some insight
<napg> thanks, i'll go check it
#ubuntu-server 2006-11-21
<fvlgnn> salve a tutti
<fvlgnn> posso esporre un problema?
<thom> well, i think the first problem is this is an english language channel, and the second is that support questions should really go to #ubuntu first
<thom> or try #ubuntu-it (i assume)
<fvlgnn> ok tnk
<fvlgnn> bye
#ubuntu-server 2006-11-22
<\sh> moins
<\sh> does anyone know if there are debian packages for hp server utils like hpasm or hpacucli?
<lullabud> anybody have experience with clvm and the redhat-cluster-suite on 6.06?
<fabbione> lullabud: yes
<CMM1411> Samba is "EVIL" .. I've got it "Share to Everyone" and still the XP boxes can "See" the server, but not inside. I've added them via "smbpasswd -a <user> and on the XP machines when attempting to map I click "Use different username" .. and weather I browse for the server, or type in \\192.168.1.7\var\www\websites .. or not it doesn't go .. 
<CMM1411> help?
<CMM1411> #ubuntu
<lullabud> fabbione:  i can't get clvm to even install.  i've even tried `apt-source -b clvm` and it keeps giving dpkg errors.
<fabbione> lullabud: https://bugz.launchpad.net/distros/ubuntu/+source/lvm2/+bug/56496
<fabbione> lullabud: i uploaded the fixed packages about 10 minutes ago
<fabbione> it will take more or less a week to have them in updates
<lullabud> wow, awesome. =)
<fabbione> a solution is to configure the cluster and run cman to form the cluster
<fabbione> and then apt-get install..
<fabbione> that will make clvm start
<fabbione> (and install)
<lullabud> fabbione:  many thanks, i might give that a shot.
<grogoreo> hi
<grogoreo> should a firewall (more specifically Shorewall) affect the speed of the connection? If not, then I'm having troubles with Shorewall as I can't seem to ping the server though I can connect to its services like SSH and HTTP.
<infinity> You're filtering ICMP, that's why you can't ping.
<grogoreo> could filtering ICMP slow down the connection as well? As if I stop the daemon it quickens up
<grogoreo> is Shorewall just a wrapper for IPTables?
<ajmitch> yes, filtering ICMP could potentially cause many problems
<grogoreo> I can't really see where filtering ICMP is in the configs. Could Shorewall also be hogging resources?
<grogoreo> ah, I've found it. You put it in the rules file
#ubuntu-server 2006-11-23
<menyesg> hi... i understand it's a development channel, therefore I won't ask my very important question :P
<menyesg> but do you have any information where should I get help about mdadm on Ubuntu Server 6.10?
<spike> menyesg: #ubuntu
<spike> there are no difference between mdadm shipped with ubuntu-server or ubuntu
<spike> or kubuntu and any other version for what it matters
<menyesg> hm, okay thanks... btw, in #ubuntu I did not get answers, but I keep trying
<menyesg> thanks anyway
<menyesg> have a nice day
<menyesg> bye
#ubuntu-server 2006-11-24
<nanomike> How do I use postfix with SMTP-AUTH and TLS once I've installed it? Followed this guide: https://help.ubuntu.com/6.10/ubuntu/serverguide/C/email-services.html
<esquilax> are there any specific config type changes that go into auto-lamp or is it really as simple as apt-get apache2 php5-mysql libapache2-mod-php5 mysql-server
<infinity> The latter.
<esquilax> ty
<krampo_h> hello, I was looking for some kind of software with GUI, which could restart services (eg. Apache, ProFTPd, Samba ...etc.).  Preferably not webmin and even not web based. Perfectly if it would be some kind of frontend to default /etc/init.d xxx restart commands...
<krampo_h> ok, sorry, just read the topic
<J_P> hi all
<J_P> people, I have one Pentium IV D, what ubuntu I install: 6.10-server-i386 or 6.10-server-AMD64 ?
#ubuntu-server 2006-11-26
* Starting logfile irclogs/ubuntu-server.log
<shwag> its a bit confusing that /var/log/messages shows "new full speed USB device using uhci_hcd."  It can tell that the device is full speed, but it is using uhci...which is the non high speed driver.
<shwag> Maybe it would be easier to understand if it mentioned that the device is running at a lower rater because the bus doesnt support usb2.
#ubuntu-server 2007-11-19
<m1r> nealmcb: http://pastebin.com/d5de9903f , can u check ?
<nealmcb> m1r: what about it?
<m1r> nealmcb:  in network interfaces i got writen down : auto eth0 , and sistem cant bring that up, it request more info. on 7.04 i have just : auto eth1 and it is working (bringing up eth1 ) without aditional info about card.
<m1r> address , network , netmask , etc...
<nealmcb> eth0 is 10.1.0.1 - right?
<nealmcb> so it is up, right?
<m1r> yes i set it temporarly with ifconfig
<m1r> but when i want restart network, i get error as on top of pastebin
<m1r> it refuses to bring it up
<m1r> i need to enter more info on card to be able to get it up
<nealmcb> like what other info? give some examples
<m1r> address , network , netmask ,etc...
<nealmcb> so are you saying dhcp isn't working?
<m1r> no
<m1r> it is not working
<nealmcb> I don't know what "Ignoring unknown interface eth0=eth0" means - sorry
<m1r> ok np , tnx :)
<nealmcb> but I have heard of some gutsy network issues I think  - hmmmm
<nealmcb> hardware discovery issues?
<m1r> all ok on lspci
<m1r> both cards , wlan0 and eth0 works on other pcs
<m1r> wlan belkin , eth realtek
<nealmcb> Bug 155603
<ubotu> Launchpad bug 155603 in network-manager "[gutsy] network device name change after Gutsy upgrade, suddenly no/intermittent network" [Undecided,New] https://launchpad.net/bugs/155603
<nealmcb> that bug had some similar keywords...
<m1r> let me check
<m1r> nope, i have fresh install
<m1r> and i need to serve dhcp on eth0 , not recive :/
<kgoetz> hi all. can someone suggest a scriptable way of importing a database dump innto mysql? 'mysqlimport' doesnt seem to be what i want, because its talking about some text file (which i have no idea about)
<ajmitch> just pipe it in
<ajmitch> mysql -ufoo -pinsecurepassword database < foo.sql
<kgoetz> and i can do multiple tables/databases like that?
<ajmitch> multiple tables, certainly
<ajmitch> you most likely can do so with multiple databases
<kgoetz> i'll try it out and see i guess.
<kgoetz> thanks for that
<ajmitch> I live to serve
<CyberMad> i try install ubuntu-server 7.10, actually this is my 1st time install the server edition. Installation is finish, does the startup is stop on * Running local boot scripts (/etc/rc.local) [OK] ??  but i can open other shell by hit ALT + F2
<CyberMad> i install standard server system with: SAMBA + LAMP + OpenSSH
<CyberMad> looks like the /etc/rc.local is hanging, correct?
<CyberMad> why that happen?
<CyberMad> not compatible with my PC?
<ajmitch> or that getty is started too soon, and so if you hit enter, you'd see that it's really sitting at a login prompt
<ajmitch> just not showing it :)
<CyberMad> by default ubuntu-server not install the X Window, right?
<CyberMad> so how do i install gnome?
<CyberMad> or do you have other opinion / recommendation?
<CyberMad> nevermind.. i'm in hurry
<CyberMad> got to go now..
<CyberMad> thanks a lot ajmitch
<kgoetz> nooooo! the gutsy server kernel doesnt have framebuffer :'(
<nealmcb> ajmitch: ahh right - your work week has begun already....
<ajmitch> nealmcb: yes, and? :)
<nealmcb> ajmitch: it just hadn't occurred to me before that the "server team hours" included a lot of the weekend because of time zones
<ajmitch> heh, right
<ajmitch> well I'm not really on the server team
<nealmcb> do we have any regulars in hawaii??
 * ajmitch shrugs
<nealmcb> well, you are helpful here, that is for sure....  team membership is a bit nebulous I'd say
<ajmitch> I don't think I've really provided a lot of help at all
<ajmitch> my main contributions have been small ones in packaging
<nealmcb> ajmitch: by "here" I meant in irc
<ajmitch> yeah
<kraut> moin
<thedom> Why might postfix bounce all mail with "User unknown in virtual alias table" unless I set /etc/mymailname to "localhost"?
<thedom> Err, /etc/mailname rather.
<soren> thedom: Could you pastebin the contents of...
<soren> oh, he buggered off.
<soren> figures.
<XiXaQ> I'm trying to setup kolab on gutsy server. I'd already installed the LAMP task, and then I installed kolabd and kolab-webadmin with all their dependencies.. What else must I do?
<zul> morning
<XiXaQ> hello zul :)
<jetole> morning guys
<jetole> I don't know if anyone here is overly familier withrouting or the 95th percentile bandwidth pricing concept but I need a way to measure the bandwidth spped that has moved through a linux machine, such as a way to find out that right now the machine is using 0.23Mbps (example) as inbound or 0.49Mbps as outbound
<jetole> and if anyone knows any software that can do this on a regular basis and provide with web images, something similar to mrtgg then that would be even better
<Petaris_Aki> Could anyone assist me in configuring OpenLDAP on an LTSP server
<Petaris_Aki> I followed a how-to but it isn't working
<Petaris_Aki> I can do an ldapsearch and get results back but the authentication isn't working
<Petaris_Aki> I followed this:  http://ubuntuforums.org/showthread.php?p=3723403
<Petaris_Aki> I am authenticating to an OS X server
<Petaris_Aki> I have the home directories mapped via NFS
<Petaris_Aki> brb
<Petaris> I restarted my server
<Petaris> which apparently was a mistake
<Petaris> now it won't finish booting
<Petaris> its just stuck with an nss_ldap error
<Petaris> :/
<Petaris> I am in "recovery mode"
<Petaris> I thought that would let you bypass that
<soren> jdstrand: around?
<jdstrand> soren: yep
<jdstrand> hej
<soren> jdstrand: Petaris' problem sounds like something you'd know about :)
 * Petaris boots the install cd
<Petaris> I am booting the install cd's recovery system
<Petaris> I can't fix it if I have no shell
<Petaris> ok
<Petaris> I have a shell
<Petaris> jdstrand: I was configuring LDAP and it blew up on me
<jdstrand> Petaris: this is on gutsy
<jdstrand> ?
<Petaris> See notes from Petaris_Aki above
<Petaris> yeah, gutsy
<jdstrand> bug #155947
<ubotu> Launchpad bug 155947 in libnss-ldap "ldap config  causes Ubuntu to hang at a reboot" [Undecided,Incomplete] https://launchpad.net/bugs/155947
<jdstrand> try using 'bind_policy soft' in /etc/ldap.conf
<jdstrand> Petaris: ^^
<Petaris> ok
<jdstrand> Petaris: note this is a workaround, not a fix, but should be fine until the fix is found
<Petaris> I'm looking at the bug now
<Petaris> I will try that workaround
<_ruben> jetole: there's a patch for mrtg around that prints the 95 percentile in the pages it creates
<Petaris> jdstrand: I changed ldap.conf
<Petaris> the one in /etc
<Petaris> but what about the one in /etc/ldap/ ?
<jdstrand> Petaris: don't bother with that one.  the client (pam and nss) code looks at /etc/ldap.conf
<Petaris> ok
<Petaris> I'll reboot and try this
<jdstrand> ok
<Petaris> jdstrand, Its gotten further then before
<Petaris> Thanks
<Petaris> :)
<jdstrand> Petaris: great!
<Petaris> Now I just need to find out why it is failing
<Petaris> wth?  The server just rebooted itself
<Petaris> :/
<Petaris> hrm
<Petaris> ok
<Petaris> now I'm up and running
<Petaris> jdstrand, Do you know of a how-to that will work to get ldap authentication setup correctly?
<jdstrand> Petaris: a lot really depends on the server you are trying to authenticate against
<Petaris> right
<Petaris> OS X in my case
<Petaris> :/
<jdstrand> Petaris: wiki.ubuntu.com has quite a few
<Petaris> thats where I got the one I was working from
<Petaris> but I guess it needs tweaking to work with OS X OpenDirectory
<jdstrand> Petaris: it should be the same except for pam-ldap.conf and libnss-ldap.conf are now unified into /etc/ldap.conf
<Petaris> ok
<Petaris> I also didn
<jdstrand> and by 'it' I mean those wikis should still work for the most part.  It's just Ubuntu now has a unified ldap.conf file
<Petaris> didn't seem to like the ldapi:/// uri
<Petaris> right, I figured thats what you ment
<Petaris> *meant
<jdstrand> Petaris: if you didn't already, you might try with an IP address rather than hostname
<Petaris> thats what I was using
<Petaris> to avoid any DNS issues that might arrise
<Petaris> though the server is listed in /etc/hosts
<jdstrand> Petaris: I have not actually tried to authenticate against OS X, so unfortuntately, I don't have much more to suggest?
<jdstrand> s/?/:(/
<jdstrand> mathiaz: ^^
<jdstrand> mathiaz: have you done anything with ldap auth against OS X?
<mathiaz> jdstrand: nope.
<mathiaz> Petaris: I think you may need to tweak the attributes used to authenticate.
<mathiaz> Petaris: I'm not sure that OpenDirectory uses the standard schema to store information.
<zul> when is the next server team meeting?
<mathiaz> Petaris: you may wanna look at how to setup a MacOsX Client to authenticate against an Linux LDAP directory - you may have an idea about the attribute names.
<mathiaz> zul: tomorrow.
<mathiaz> zul: I'll send an announcement soon.
<Petaris> mathiaz, ok, I had it working on k12ltsp (fedora) but they had all the voodoo done in the background
<Petaris> jdstrand: Thanks for all your help
<Petaris> :)
<mathiaz> Petaris: I've setup MacosX clients once and I remember I had to change the default configuration to get it working.
<jdstrand> Petaris: np.  wish I could help more.
<Petaris> if I figure it out I will write down what I did and add it to the wiki
<ScatterBrain> Anyone running Dell's OMSA on Gutsy yet?
<akincer> Is there a good reason why a Tripplite KVM keyboard would work on the Gutsy desktop install but not server? Seems odd since a KVM would more likely be used on server as opposed to desktop
<akincer> I get that they are different kernels, I just don't understand why that would be one of the drivers cut if that is indeed what happened
<mralphabet> akincer: I doubt it was a kernel driver, usually the server kernel just has some patches applied to it
<mralphabet> akincer: do you have a link to the product page?
<akincer> Strange enough. Used the KVM to install Gutsy desktop on a server class machine for the heck of it. Putting server on today to make it a true server class machine. Had to hook up an external keyboard. Not a good thing
<akincer> Let me get it. Hang on
<akincer> http://www.tripplite.com/products/product.cfm?productID=3131
<mralphabet> that doesn't work?
<mralphabet> just the keyboard?
<akincer> Monitor works fine. Touchpad is superfluous obviously. Setup still going, so not sure it works after setup is complete yet. But keyboard doesn't work at all.
<mralphabet> strange
<akincer> Yep. I'll know shortly if it works after setup.
<pookey> hi all
<pookey> I'm attempted to join the team to maintain a PHP APC package
<pookey> I have applied for membership and am awaiting approval
<Petaris> jdstrand: Ok, getent passwd and getent group are giving me my users
<Petaris> *and groups
<Petaris> but I still can't login as any of them
<Petaris> any thoughts?
<pookey> Petaris: you've checked your logs I assume?
<jdstrand> Petaris: getent shows that nss is working.  logins are ging to be pam.  check /etc/pam.d/common-*
<jdstrand> Petaris: also make sure that you don't have nscd enabled or any other caching
<Petaris> ok
<Petaris> ahh
<jdstrand> Petaris: depending on how OS X does the authentication, you may need to adjust /etc/ldap.conf and/or /etc/ldap.secret to be able to auth against the shadow stuff
<Petaris> there is nss_updatedb
<Petaris> its looking like pam_ldap can't contact the server for some reason
<Petaris> pookey: yes I checked my logs
<pookey> you've tested querying the ldap server from the machine ?
<Petaris> yeah, ldapsearch works fine
<Petaris> so does getent passwd and group
<pookey> oh yes, so you said.. I guess that means it can ;)
<Petaris> the log gives pam_ldap: ldap_simple_bind: can't contact ldap server
<Petaris> when I try to login as an ldap user
<pookey> mathiaz: thanks
<Petaris> common-* all look fine too
<Petaris> jdstrand: ldap.secret is fine
<Petaris> looking through ldap.conf again now
<Petaris> is it right for ldapi uri to have three / behind it
<Petaris> ?
<pookey> I'venever done ldap/nss..  only mysql, and that's easier to debug :)
<Petaris> ahh
<Petaris> I'll try this
<sommer> Petaris: I ususally enter them wih only 2 /'s
 * Petaris reboots
<Petaris> sommer: ok, thats what I just changed
<akincer> Nope, Tripp-Lite KVM doesn't work even after install
<akincer> Not a particularly good thing. I can manage, but this would be a huge no-no in some data centers
<Petaris> still doesn't work
<Petaris> here is what the log says
<Petaris> http://phpfi.com/277333
<pookey> all I cna think of suggseting is stracing hte p rocess, of sniffing network traffic to see if any ldap connection is being attempted
<pookey> oh.. OS X?
<sommer> Petaris: the root user has an account in LDAP ?
<pookey> I don't see why that's relivent? it's a connection error in the logs...
<Petaris> sommer: yes
<sommer> pookey: it also says authentication error
<Petaris> root user is "diradmin"
<sommer> ah user=testu?
<Petaris> yeah, that is the user I am testing with
<Petaris> they are in ldap
<Petaris> I can login as them on other boxes
<sommer> Petaris: just so I'm clear you're tyring to login to Linux authenticating to a OSX ldap server?
<Petaris> sommer: Yes
<sommer> does the server have Posix account attributes?
<Petaris> the root user I set is uid=diradmin,cn=users,dc=Yumi,dc=FSD
<Petaris> Yes
<Petaris> er, which server
<Petaris> the OS X box ?
<sommer> the LDAP server... might double check that the account has a gidNumber, uidNumber, etc
<Petaris> it does have posix attributes
<Petaris> it does
<Petaris> they all do
<sommer> mmmm...I'd think that would work then
<sommer> can other hosts connect to LDAP on the server?
<Petaris> uid for testu is 1067
<Petaris> yes, but there are no other linux hosts atm
<sommer> but OSX clients can connect?
<Petaris> but I did have this working with k12ltsp (fedora)
<Petaris> no OS X clients either, just windows but I can connect via pGina
<sommer> Petaris: are you using TLS, do you need to?
<Petaris> no, I'm not
<Petaris> I am just trying to get this to work in its basic forms
<sommer> do you know if the server requires TLS?
<Petaris> it doesn't
<Petaris> I have it turned off
<Petaris> not TLS but SSL
<Petaris> the server doesn't even support TLS that I know of
<Petaris> just SSL and its not required
<Petaris> *it seems to break any authentication
<sommer> ah gotcha
<Petaris> I should have gone with Novell instead of Apple for implementing LDAP :/
<Petaris> Apple was massively cheaper though
<Petaris> sommer: I was following this how-to: https://help.ubuntu.com/community/LDAPClientAuthentication
<sommer> Petaris: I'm not familiar with Open Directory, but is there a way to turn on more logging?
<Petaris> I already have it at its highest level
<Petaris> *on the OS X server
<sommer> and you said that getent passwd worked
<Petaris> nothing in there about a failure for testu
<Petaris> yes
<Petaris> just checked again, still does
<sommer> mmm... the other thing you might try is to run a packet sniffer like tcpdump or ethereal and check the LDAP packets
<pookey> that's what I said ;)
<sommer> yep... it's good idea
<pookey> or strace the ssh process
<sommer> forgot who mentioned it though :-)
<pookey> I'll let you off ;)
<sommer> thx
<pookey> it's ok, I'm new here, I'm insignificant till proven significant :)
<sommer> Petaris: also, I think you mentioned it, but have you double checked the options in /etc/ldap.conf
<Petaris> yeah, they look ok as far as I can tell
<sommer> Petaris: can you login, not over ssh as a user in LDAP?'
<pookey> ug, the packaging guide is 77 pages
 * pookey prints
<pookey> warm paper from a laser printer is one of the nicer things in life :)
<Petaris> sommer: no, that is what I have been trying
<sommer> Petaris: ah, just wanted to make sure
<Petaris_Aki> sommer: http://phpfi.com/277341
<Petaris_Aki> my ldap.conf
<sommer> Petaris_Aki: you might try changing: uri ldapi://172.20.0.20
<sommer> to: #uri ldap://172.20.0.20 if you haven't already
<Petaris> ok, I will try that
<sommer> also, try uncommenting this line: #scope sub
<Petaris_Aki> I just did the ldap://  It worked
<Petaris_Aki> kind of
<Petaris_Aki> now I get an error about not being able to create the home directory
<Petaris_Aki> and then it logged testu out
<sommer> ah... you might try manually creating /home/testu
<sommer> to test anyway
<Petaris_Aki> should I still try uncommenting #scope sub?
<sommer> I don't think so it looks like you're almost there
<Petaris_Aki> thats not where its trying to create it
<Petaris_Aki> hrm
<sommer> woops... ya wherever the homeDirectory attribute points to
<Petaris_Aki> my nfs mounts didn't automatically mount
<Petaris_Aki> thats why the permission denied I bet
<sommer> could be
<Petaris_Aki> but why didn't they auto mount :/
<Petaris_Aki> hrm
<Petaris_Aki> I just tried su -
<sommer> Petaris_Aki: can you mount the nfs share without LDAP?
<Petaris_Aki> I got this:
<Petaris_Aki> petaris@Aki:~$ su -
<Petaris_Aki> Password:
<Petaris_Aki> You are required to change your LDAP password immediately.
<Petaris_Aki> Enter login(LDAP) password:
<Petaris_Aki> New password:
<Petaris_Aki> sommer: yes
<sommer> have you seen this article: http://www.macdevcenter.com/pub/a/mac/2007/06/27/discover-the-power-of-open-directory-part-2.html
 * Petaris_Aki looks
<sommer> looks like there's instructions for setting up NFS
<sommer> with LDAP
<Petaris_Aki> hrm
<Petaris_Aki> interesting
<zeasier> how do you set a system wide http proxy?
<Petaris_Aki> bugger, now I can't mount my nfs stuff anymore
<Petaris_Aki> :/
<zeasier> where the server uses a proxy for outgoing http requests
<mralphabet> zeasier: system wide? local system (as in the PC?), network wide?
<mralphabet> network wide you can set your edge router to force http through a proxy.
<zeasier> heh, i don't think our sys admins would like that
<zeasier> they seem to think outgoing http is bad but they left us an unauthticated proxy for that sort of thing
<mralphabet> well, if outgoing http is bad, then they can take control of it
<zeasier> defaulting it at the router defeats the purpose
<zeasier> we need to set up our server to use that proxy without having to rewrite all of it's scripts
<mralphabet> so your question is really, "how can I set up an open proxy for users to use if they wish?" ;)
<zeasier> in particular we need apache and php to use this proxy
<zeasier> though we already might have a solution there
<zeasier> i was just wondering if we can set it at a lower level
<mralphabet> http://news.softpedia.com/news/Seting-Up-a-HTTP-Proxy-Server-with-Authentication-and-Filtering-52467.shtml
<mralphabet> this would 'ideally' be on a seperate machine from your standard apache server
<zeasier> yeah we've already has such a proxy availible to us
<mralphabet> you could even look at the vmware machines and I think there is a prebuilt one that runs in the free versions of vmware
<zeasier> just wondering if there is some way to set our servers to forward all http requests to that proxy
<zeasier> at the lowest level possible
<zeasier> (within reason)
<mralphabet> so . . . client requests http from webA and webA says "if  you want http, talk to proxyB"
<zeasier> yeah when ever webA makes a http request it should use proxyB
<zeasier> aparently there is a environment variable called http_proxy or something
<zeasier> but it doesn't seem to proliterate all the way to php
<akincer> mralphabet: if you didn't see my earlier comment, the Tripp-Lite KVM doesn't work with server at all. I'm going to see what happens in dmesg when I unplug and plug it back in
<pookey> Petaris: did you get it working?
<Petaris> pookey: partially
<Petaris> now I am fighting a weird permissions issue with NFS for the user home dirs
<Petaris> The login was solved by changing ldapi:// to ldap://
<ScatterBrain> Is there a package that I can install that will pull down the whole LAMP stack at once?
<Petaris> ScatterBrain: apt-get install apache mysql-server php
<Petaris> that should pull it all down for you
<nealmcb> dendrobates: where do we stand on blueprint drafting?  will we talk about that in the meeting tomorrow?
<Petaris> but you will still need to do some configuring
<nealmcb> ScatterBrain: I think you can also instally them by running "sudo tasksel"
<nealmcb> and picking from the menu
<ScatterBrain> nealmcb: thx...I'll try that.
<nealmcb> (nice terminal-based menu :-)
<dendrobates> nealmcb: we hope to be done tomorrow.  But that means quite a bit of work.
<nealmcb> though it would be nice if there was an easy way to see just what tasksel proposes to install - I just noticed the "video creation and editing suite"
<nealmcb> dendrobates: cool.  and is there an archive of the gobby documents?
<dendrobates> nealmcb: I'm not sure.  i saved them locally at the end of each session.
<nealmcb> I saved some, but not all
<dendrobates> what are you looking for?
<nealmcb> just eternally curious right now
<phaidros> whats the recommended way to have mailinglist on a postfix/virtual system?
<phaidros> especially if I'd wanted to have different webinterfaces for different list hosts ..
<phaidros> any suggestions?
<mfstitz> does anyone know anything about configuring ubuntu clients to authenticate against an LDAP server?
<mfstitz> all are running guttsy
<Burgundavia> mfstitz: http://packages.ubuntu.com/cgi-bin/search_packages.pl?searchon=names&version=all&exact=1&keywords=auth-client-config
<mfstitz> I've already downloaded and configured this file
<Burgundavia> https://help.ubuntu.com/community/LDAPClientAuthentication <-- this is out of date, but does tell you how to test if your setup is correct
<Burgundavia> also, for some reason, gdm requires a restart to pickup any pam changes
<spiekey> hi
<spiekey> how can i rename my network interface?
<spiekey> so that eth0 becomes "internet"
<dthacker> spiekey: I don't know if that's possible, and I wouldn't recommend it if it was.
#ubuntu-server 2007-11-20
<spiekey> hmm..ok. Maybe you are right
<mfstitz> thanks burgundavia, I'll give this a try
<spiekey> dthacker: its definately possible
<spiekey> i have seen it and its a nice idea really
<dthacker> spiekey: 5 minutes of googling has only shown me how to make eth1 into eth0.
<dthacker> So I'll stick with conventional names.  Good luck.
<kgoetz> just noticed vim highlights chmod but not chown
<jetole> Hey guys, I am looking for a software I can setup on a server that allows me to measure throughput speeds, it's not actually, technically a server as much as a routing firewall and I want to use it to measure 95th percentile
<jetole> basically anything that can tell me how fast the data travelling in one direction through a nic is at any moment would be great if anyone can recommend something
<cpuobsessed> i'm trying to setup routing on a dial-out connection
<cpuobsessed> i'm running ubuntu-server on a powerpc mac with 7.04
<cpuobsessed> it'll dialout using pon, but none of the PCs on my home network can connect
<_ruben> jetole: mrtg with the 95 percentile patch would be the easiest way, a more advanced option would be to use cacti. and then there's probably also a ton of apps dedicated to the sole purpose of providing 95 percentile numbers
<Nafallo> _ruben: sounds like a nice patch to incl. in Ubuntu ;-)
<_ruben> its a rather trivial one as well .. it adds a script to calculate the 95 percentile on a daily basis .. and a small modification to the html templates to include the 95 percentile
<_ruben> i doubt if its still actively maintained, and i think i added my own few modifications as well back in the day (been using cacti and several custom scripts for quite some time now)
<Nafallo> ah
<Nafallo> shouldn't be to hard to write though, I guess.
<_ruben> if i had been using it still i'd most likely volunteer to maintain a package for ubuntu of it
<Nafallo> wouldn't it be easier to patch the existing package and add an option for 95th enabled?
<_ruben> indeed, the basics of the script are very simple .. its actually how i learned perl in the first place (followed by patching qmail-scanner.pl)
<_ruben> depends a bit on what the mrtg package exactly entails currently .. and since it includes a patch of a static html template (afaik), its a bit tricky to make it optional
<_ruben> the details have faded out over time a bit ;)
<Nafallo> anyway, I need to head for work
<Nafallo> laters
<_ruben> ok, cya (i arrived at work 1hr ago :P)
<cpuobsessed> i'm trying to setup routing on a dial-out connection
<cpuobsessed> i'm running ubuntu-server on a powerpc mac with 7.04
<cpuobsessed> it'll dialout using pon, but none of the PCs on my home network can connect
<dholbach> heya! can you guys check out bug 68818, bug bug 160176, bug 149641, bug 130836, bug 134068?
<ubotu> Launchpad bug 68818 in squid "squid transparent proxy is broken" [High,Fix committed] https://launchpad.net/bugs/68818
<ubotu> Launchpad bug 149641 in logcheck "logcheck fails when auth.log.1.gz missing" [Undecided,Fix committed] https://launchpad.net/bugs/149641
<ubotu> Launchpad bug 130836 in apache2 "Specify OpenDocument icon(s) in Apache2 configuration" [Wishlist,Triaged] https://launchpad.net/bugs/130836
<ubotu> Launchpad bug 134068 in ubuntu "[needs-packaging] libapache2-mod-bwshare" [Wishlist,Fix committed] https://launchpad.net/bugs/134068
<dholbach> bug 160176 too
<ubotu> Launchpad bug 160176 in bind9 "L.ROOT-SERVERS.NET record needs an update" [Low,Fix committed] https://launchpad.net/bugs/160176
<ivoks> let's take a look.
<ivoks> i like the idea of mod-bwshare
<ivoks> i used mod_evasive untill now
<dholbach> that guy is waiting for a review for quite a while :-/
<ivoks> but... we have a tool like that already :/
<dholbach> we have an editor already... oh wait :-)
<ivoks> :)
<ivoks> i'm thinking about main...
<dholbach> editor/mp3-player/cd-burning-appliaction/... :-)
<ivoks> ok, i'll take a look at it
<dholbach> let's get it into universe first before we think about main
<dholbach> ivoks: you ROCK
<ivoks> i'm already preparing some stuff for apache
 * dholbach hugs ivoks
<dholbach> everybody hug ivoks :)
<ivoks> please, we, at #ubuntu-server, don't hug :)
<dholbach> soren, mathiaz and keescook hug too
<ivoks> oh no... :D
<dholbach> and I'm sure I saw dendro-away hugging too :)
<ivoks> i'll move to redhat :D
<soren> ivoks: Aw, come one.
 * soren hugs ivoks 
<ivoks> dholbach: best thing i can promise is comparions of this and mod_evasive
<dholbach> :-)
<dholbach> a review of the packaging would be a good start
<ivoks> and that :)
 * dholbach cleaned up a lot of other bits on http://people.ubuntu.com/~dholbach/sponsoring already
<ivoks> dholbach: i hate custom licenses
<ivoks> http://www.topology.org/src/bwshare/LICENCE
<dholbach> nghnghngh
<ivoks> now, is this one compatibile with apache license? :)
<dholbach> poor archive-admins
<ivoks> oh ok...
 * ivoks hugs back
<soren> lamont: Could you be pursuaded to do the SRU's for bug 160176 ?
<ubotu> Launchpad bug 160176 in bind9 "L.ROOT-SERVERS.NET record needs an update" [Low,Fix committed] https://launchpad.net/bugs/160176
<zul> morning
<ScottK> Good morning zul
<zul> hey ScottK
<svschwartz> hello
<svschwartz> problem with apache2 ssl support
<svschwartz> a2enmod ssl
<svschwartz> then reloaded apache
<svschwartz> and got unexpected error code -12263
<svschwartz> from apache log: Invalid method in request \x16\x03\x01
<Kamping_Kaiser> hi all. how long until hte meeting?
<zul> another 3 hourish
<Kamping_Kaiser> gah. thats 2.30 am here. i think my commitment isnt going to last out
<Kamping_Kaiser> svschwartz, you have https running over http port (or visa versa)
<zul> Kamping_Kaiser: sorry 2 hours
<Kamping_Kaiser> much better - just before 2am :P
 * Kamping_Kaiser has work tomorrow :(
<Kamping_Kaiser> i'm going to crash - pass on my apoligies to the meeting.
<Kamping_Kaiser> later all.
<jetole> _ruben: does mrtg not take the data from another router? isn't that what mrtg stands for?
<lamont> soren: I fail to see the urgency
<soren> lamont: Well, it's not exactly urgent for another 6 months, but there's not exactly much to gain from procrastinating it a whole lot, is there?
<lamont> 6 months, 2 years, it's so hard to tell....
<soren> lamont: Hm?
<lamont> it becomes an issue when there are 2 root nameservers that are wrong.  and then only for startup.
<lamont> those IP's tend not to be given to people that the ones who had the root server there don't trust
<lamont> and then it's a perf issue at startup
<soren> lamont: I can't say I'm entirely comfortable putting a lot of security into the fact that the ip's *tend* to not be given to evil h4x0rs.
<soren> Er.. s/security/trust/
<lamont> soren: true.  it's more of a historical thing
<lamont> and it's not like they're totally hijackable and such
<soren> lamont: While I can see that it MIGHT not be completely unreasonable to not SRU it, I belive The Right Thing[tm] to do is update it. No worries, I'll do it. You're just "the bind guy" so I thought I'd see if I could weasel out of it. :)
<soren> It's kind of when we constantly patch security holes in all sorts of stuff that we're not even sure is exploitable, but just to be sure, we fix it.
 * soren forgot all about lunch
<lamont> soren: yeah.  it's more motivation than anything else..
<lamont> I figure there'll be some other update to bind before I get to that :-)
<soren> :)
<soren> Yeah, if we're really lucky, there'll be some vulnerability in it, so that the security team will have to do it. Muhaha.
<akincer> Not patching a security hole because of doubts of how exploitable it may or may not be is, IMHO, a catastrophic mistake.
<ScottK> Well trusting the root is kind of how DNS works.  DNSSEC is the solution, but until the root is signed ...
<soren> akincer: Just be clear: We don't avoid doing security patches even in those cases.
<akincer> I understand. It's the reason I use Ubuntu from the top to the bottom of the stack everywhere I cn
<akincer> can
<soren> akincer: I was just comparing the two situations and saying that we should apply the same logic to the two.
 * soren really, really, *really* goes to lunch now
<akincer> Sadly, we humans must eat. Go :)
<akincer> Well, not so sadly if the food is good :)
<akincer> DNS is a tree of trust that some would argue is potentially a house of cards. But oddly enough, even the "bad guys" rely on that trust for their everyday internet uses. It isn't in their interest to destroy it
<akincer> Have any of you played with the latest versions of bacula and the bat admin tool? I'm digging it
<soren> akincer: Which version is that?
<soren> akincer: Looks shiny.
<juliux> soren, http://waste.mandragor.org/dongo.png newest server from ubuntu-eu.org ;) running ubuntu;)
 * soren drools uncontrollably
<soren> juliux: Where did it come from?
<juliux> soren, from transtec
<juliux> soren, we only paid the second cpu and 4gb ram
<soren> Nice.
<soren> Oh, quad-core things?
<juliux> the server has two quad-core cpus;)
<juliux> so 8 cores 8gb ram on 1he;)
<juliux> and ubuntu on it
<zul> but its idle ;)
<jdstrand> hi coffeedude! (it's Jamie)
<jdstrand> (from Ubuntu)
<soren> Meeting in #ubuntu-meeting in one minute and 22 seconds.
<coffeedude> jdstrand: morning
<soren> nealmcb: Around?
<soren> nealmcb: -> #ubuntu-meeting
<jdstrand> nealmcb: your presence is requested in #ubuntu-meeting
<jdstrand> (JeOS discussion)
<akincer> soren: I've been playing with 2.2.5. The bat tool has all appearances that it can be compiled and run on a desktop pointing to a bacula server
<nealmcb> soren: howdy
<soren> nealmcb: -> #ubuntu-meeting
<lamont> soren: and yeah, SRU certainly makes sense, it's not at the top of my list of projects though...
<soren> lamont: Alright. I'll look into it in a few days then.
<lamont> soren: re default-mta package... you want to go ahead and create the default mta package, and I'll upload it to debian (depends: exim4) and we can start the discussion there, so as to separate the two discussions better?
<soren> lamont: It's worth a try :)
<lamont> given that I'm the postfix maintainer for debian, me uploading an exim4-depending default-mail-transport-agent package should help migrate the discussion towards having the meta package.
<Gargoyle> Is there a more agressive way to kill processes other than kill -9 PID
<Gargoyle> ?
<lamont> Gargoyle: well, there's /sbin/reboot.  But that's kinda overkill.
<lamont> I can't think of anything in between, though
<lamont> soren: what's the meeting in #u-m, btw?
 * lamont kinda bets "server team"
<soren> Good guess.
<soren> lamont: Good point about you uploading the package, by the way.
<Gargoyle> he he DRBD > /sbin/reboot!!! :-)
<soren> Gargoyle: No, kill -9 is the most agressive there is.
<soren> Gargoyle: Why do you ask?
<Gargoyle> Testing my DRBD cluster, and it seems to have gotten itself in a mess
<Gargoyle> The system was working ok, but trying to to anything with the drbd volume caused that process to lock up (tar, ls, etc)
<soren> Gargoyle: Yeah, they're stuck in I/O-wait. You need them to let go somehow.
 * Gargoyle yanked the power cable out!
<soren> Um..
<soren> Well, yes, that's on option.
<Gargoyle> he he
<Gargoyle> hmmm... it was working so well last week!
<lamont> Gargoyle: if kill -9 won't kill the pid, then it's blocked in the kernel at an uninterruptable priority.  once it wakes up from that (assuming you can arrange it), then it should be killable.  until then, reboot or air-gap is the only answer
<Gargoyle> And it's not picked itself up properly after the reboot. :(
<soren> lamont: Well, not only killable, it'll die a swift death automagically, right?
<Gargoyle> Is there a way to find out what process is holding a device open?
<ivoks> lsof
<soren> or fuser
<soren> fuser -m might also be interesting.
<lamont> soren: if you previously did kill -9, and it finishes it's uninteruptible wait, then yes.  quick death
<soren> lamont: Right, thought so.
<lamont> the signal is pending, it's just not delivered because we slept saying 'leave me alone. lalalalalala'
<lamont> (those are all supposed to be _very_quick_ waits)
<lamont> e.g., disk i/o
<lamont> never terminal i/o
<soren> Sure.
<pookey> does anyone have problems using /etc/init.d/apache restart out of interest? it doesnt 'actually kill the running apache for me
<lamont> pookey: it doesn't need to
<lamont> and yes, I use it from time to time
<pookey> lamont: it doesn't? I end up with more and more apache processes every time I use it - chewing up more and more memory
<pookey> ps aux | grep apache | grep ^root | wc -l    == 5, restart apache a few times via the init script,   and it's gone up to 7...
<ivoks> pookey: then fix your configuration
<ivoks> oh, running as root...
<ivoks> hm...
<ivoks> that should be one
<pookey> indeed it should
<Gargoyle> can anyone help me forcefully stop drbd? I am trying to send a node into secondary and am getting this: drbd0: State change failed: Device is held open by someone
<ivoks> Gargoyle: is it mounted?
<Gargoyle> nope
<lamont> "restart" is required to get one to a state similar to stop/start.  if the daemon can do that without stopping and starting, then restart is allowed to do that.
<lamont> pookey: it sounds like what you really want to do is: /etc/init.d/apache stop; /etc/init.d/apache start
<pookey> lamont: I just tested that action too - that doesnt' work either
<pookey> apache2ctl start && apache2ctl stop  does however
<pookey> I'll investigate futher, was just wondering if it was a known issue
<lamont> sounds like a borken init script then
<pookey> apache2ctl stop  sends a SIGTERM, the init script sends a SIGWINCH
<Gargoyle> ivoks: Just removed drbd and heartbeat from init and trying a reboot.
<pookey> which doenst' quite seem rihgt to me :)
<Gargoyle> The odd thing is that the console does the shutdown all the way to [* Will now restart] and then hangs
<Gargoyle> could be a hardware issue I suppose.
<ivoks> Gargoyle: i droped heartbeat
<ivoks> whenever i stoped it, it kept hanging
<ivoks> that and lots of other problems made me think about what soren said
<Gargoyle> what do you use instead? rcs?
<ivoks> 'duh, we already have redhat cluster for that'
<ivoks> yes,,, rcs
<ivoks> but nothing is trivial to set up
<ivoks> what FS do you use on that drbd?
<Gargoyle> ivoks: might have to revisit the docs. heartbeat seemed a bit easier to setup
<Gargoyle> ivoks: ext3
<pookey> ahh... it's apache2ctl graceful-stop that seems to be  failing
<ivoks> then you won't have problems
<ivoks> i'm using GFS, so i have to start drbd before rechat cluster
<Gargoyle> ivoks: Sounds a bit similar, at the moment drbd starts up before heartbeat.
<Gargoyle> heartbeat just handles the promotion to Pri/Sec and mounting the filesystem
<pookey> ahh... it's apache2ctl graceful-stop that seems to be left doing an epoll fd 29, which is '/anon_inode:[eventpoll]';,
<pookey> ah no, that's not always the case... meh
<pookey> this looks like an apache bug anyway, not ubuntu
<Gargoyle> ivoks: If you have used drbd before on the same disk, is there anything other than drbdadm create-md all that needs doing?
<Gargoyle> ivoks: It said meta data was updated, but bitmap was not.
<Gargoyle> trying reiserfs this time!
<pookey> ug, I maed that mistake once
<pookey> after loosing my entire file system, i've not bothered again
<Gargoyle> is ext3 still the best?
<nealmcb> ivoks: did soren say something about heartbeat that I missed
<pookey> Gargoyle: I hear lots of good things about XFS
<pookey> actually , Iuse XFS on 2 of my server - but generally stick with ext3
<nealmcb> and reiserfs is in a state of limbo as I recall
<pookey> well, he's in prison? ;)
<Gargoyle> hmmm
<Gargoyle> On a 4 disk raid5, how long do you expect it would take to format ext3?
<Gargoyle> each disk is 140Gig, SCSI
<pookey> I couldn't  really guess ... 'not long' though I'd have thought
<pookey> I remember seeing a fantastic notice in windows however, which might apply... 'This may take some time, or considerably longer' :D
<Gargoyle> LOL
<Gargoyle> I might run some dell hardware tests tomorrow. losing confidence in these servers - DVD drive failed this morning.
<pookey> which server?
<Gargoyle> I thought it was cheap ass CD-R's until I had burnt 3 copies of 7.10
<Gargoyle> PowerEdge 1850
<Gargoyle> 18 months old, maybe 2 years.
<pookey> we have a fwe of those, good mahcines.... as far as we've expreienced anyway
<pookey> (we being both current, and former employer)
<pookey> but.. I've only managed about 10 in my time, so.... YMMV
<Gargoyle> yeah, they seem ok. But a "firend of the boss" shipped them up from london in his car.
<pookey> oh, where are you?
<Gargoyle> and one of the front plates is bent where it sticks out for the rack screws.
<Gargoyle> Manchester
<pookey> didn't spot you were a fellow UKer :)
 * Gargoyle is idling in ubuntu-uk
<Gargoyle> :)
<pookey> I noticed just a moment ago :)
<Gargoyle> The two machines and drbd worked fine last week
<pookey> using it for email?
<Gargoyle> I was yanking power cables out and all sorts, and the cluster was working ok.
<Gargoyle> I did a clean install yesterday to write/check my docs and it all went wrong with my first test (nic failure of slave!)
<Gargoyle> Nahh, MySQL database
<ivoks> Gargoyle: i'm using drbd only on primary/primary setups
<ivoks> Gargoyle: with network file system, so both machines could write at the same time
<pookey> any chance of getting a copy of your docs? I've neve rplayed with DRDB... all I know is that when I was working for an ISP, they considered the idea and then binned it for some erason - but that was 3 years ago,perhaps it's better now
<Gargoyle> no real need for that with MySQL
<pookey> Gargoyle: why DRDB, and not replication?
<ivoks> this is for mysql?
<pookey> I've not looked at how mysql's clustering support is for a  year or so...
<ivoks> mysql-cluster is great, but slow and NDB
<ivoks> mysql replication is great, but no buts...
<Gargoyle> sure pookey. They are a mix up of other sources, and stuff I have gathered from here and #linux-ha
<Gargoyle> ivoks: Replication is not syncronous
<pookey> Gargoyle: I'd appreciate it if yo ucoudl throw it at pookey at pookey co uk
<ivoks> right, it's not...
<pookey> Gargoyle: I thought you could somehow do multi-master with MySQL ? or does that need cluster ...
<Gargoyle> pookey: Not sure. It was the case that it was not supported, but I think I saw a white paper on it on a MySQL news feed a few weeks ago.
<pookey> I'm just curious as to why, I'm not suggseting you're doing it all wrong BTW :)
<pookey> I wsa googling... http://capttofu.livejournal.com/1752.html  that looks quite interesting
<Gargoyle> We can't really use cluster because our database is HUGE!
<Gargoyle> 300Gig + last time we checked.
<pookey> Gargoyle: may I ask who you work for or what it's for ?
<Gargoyle> pookey: Telemetry data.
 * Gargoyle knows where you drive your car!!   mu-ha ha ha ha.... :D
<pookey> I honestly don't think you do :)
 * pookey doens't drive ;)
<pookey> although.. you might know that I guess...
 * Gargoyle knows where you ride your bike!! mu-ha ha haaa.a.. forget it.. moment has passed! ;)
<Gargoyle> pookey: Word doc (uhhh) or PDF?
<pookey> for your 300gig DB? definatly PDF ;)
<pookey> or PDF if yo umean the document
<Gargoyle> he he
<Gargoyle> on its way pookey
<pookey> thanks :)
<Gargoyle> hmmm when did I ask that filesystem question....
<pookey> which one?
<pookey> 17:36 < Gargoyle> trying reiserfs this time!
<Gargoyle> pookey: Yup, half an hour seems a while to initialise reiserfs on a 400GB volume!
<Gargoyle> I think it's locked up again.
<pookey> still goin' eh?
<Gargoyle> pookey: where abouts you from?
<pookey> Oxfordshire currently
<Gargoyle> Well, I am all fed up with drbd and mysql for today, going home...
 * Gargoyle hates his drive home.
<nealmcb> so what is up with CONFIG_IPC_NS=y, CONFIG_UTS_NS=y in the server kernel  but not the desktop kernel?  http://www.enterprisenetworkingplanet.com/netos/article.php/3712031
<mathiaz> zul: can you link the blue print to the wiki page for the xen spec (https://blueprints.launchpad.net/ubuntu/+spec/xen-hardy) ?
<mathiaz> zul: the wiki page correctly links to the blueprint, but the blueprint doesn't link to the wiki page.
<zul> mathiaz: done
<mathiaz> zul: thanks :)
<mathiaz> dendro-away: you've assigned the virtualization spec to me - as a drafter. Is this correct ?
<ajmitch> awesome, next meeting is only 5AM
<ajmitch> (for me)
<sommer> ajmitch: just drink coffee :-)
<ajmitch> I think I'd need a direct injection
<sommer> heh... I know people with IV starting skillz
 * ajmitch doesn't see the web app frameworks listed as a task on the roadmap page
<mathiaz> ajmitch: the roadmap is not updated yet.
<ajmitch> I thought that was an item from a few weeks ago?
<mathiaz> ajmitch: I've just edited the spec tough: https://wiki.ubuntu.com/WebAppsPackaging
<mathiaz> ajmitch: it boils down to two points:
<mathiaz> ajmitch: make some improvement on the apache configuration by including mod-fcgid in main
<mathiaz> ajmitch: and evaluate wwwconfig-common and dbconfig-common to see if they can be used as the official way to package web application in ubuntu.
<mathiaz> ajmitch: which means moving them into main, writing some documentation and making sure that webapps in main uses the framework.
<ajmitch> right, and wwwconfig-common has certainly been 'rejected' - even moodle's packaging had to be rewritten
<ajmitch> gettign either of those into main would be a challenge
 * ajmitch is more interested in the python & php web app side of things at this stage, using django, zope/plone & working on a php web app as a job
<ajmitch> I already have one largish php web app in debian that desperately needs fixed up to avoid wwwconfig-common
<mathiaz> ajmitch: do you know the reasons for the rejection ?
<ajmitch> it was basically unmaintained, and that people were told to use something else, iirc
<ajmitch> eg http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=293141
<ubotu> Debian bug 293141 in wwwconfig-common "wwwconfig-common should suggest apache2" [Wishlist,Open]
<ajmitch> "wwwconfig-common will probably be depricated. And actually it should
<ajmitch> not be used for apache configuration, especially on apache2 as
<ajmitch> there are a conf.d directory instead."
<ajmitch> projects like grok are generally installed from python eggs at the moment, which drops things into /usr/lib/python2.X/site-packages
<ajmitch> so I'd rather see them in debian (and ubuntu)
<ajmitch> fwiw, there's a reasonably urgent security fix needed for zope-cmfplone
<nealmcb> hmmm - odd that "apt-cache --installed rdepends libpcre3 " prints out libpcrecpp0 6 times....
<nealmcb> keescook: (repeat since this is useful for your bug): hmmm - odd that "apt-cache --installed rdepends libpcre3 " prints out libpcrecpp0 6 times....
<nealmcb> I doubt it is related to your bug, just seems odd....
<keescook> nealmcb: that is kind of funny.  which release?
<nealmcb> gutsy
<keescook> yeah, same for me.  must be something in apt-cache.  There are multiple apps that depend on libpcrecpp0, so maybe they're each causing a hit?  Dunno.  :)
<keescook> nealmcb: mostly I just want to know it's all still working.  I'm starting to think I'm being overly cautious, but full-version updates creep me out, even when upstream is ABI-compat :)
<nealmcb> I looked at that a bit and it didn't seem quite that way....
<nealmcb> keescook: yeah - I'd be cautious too with 183 dependencies....
<keescook> :)
<nealmcb> how long has this version been out, and how much use has it had?
<keescook> the version itself has seen tons of use.  And even the transition from 6.7 to 7.4 I'm comfortable with, based on Debian Etch's total lack of bug reports about it.
<keescook> 6.4 to 7.4 weirded me out a little due to the need for a few more ABI fix-ups.  It tested out fine for me, but I've only got so many configs I can try when testing.  I start to run out of ideas.  ;)
<kgoetz> is thre some way to add a user into a mysql database usingn bash? i have a line to select, but it seems i dont have a user  - echo "select Host, User from user;" |mysql -u root --password=root mysql
<ajmitch> if it's mysql users, then you could use mysqladmin
#ubuntu-server 2007-11-21
<ajmitch> hm, or not, I don't see the user admin functions there
<fujin_> Hello.
<fujin_> Any pam_ldap/nss_ldap guru's around?
<kgoetz> surely i dont have to !ask you of all people? :)
<fujin_> I need to work out how to make the aforementioned NOT lookup information for root, cups, postfix etc.
<kgoetz> insert lines to check against sytem passwd first, then against ldap
<fujin_> I don't want to check against system passwd first.
<kgoetz> *shrug*
<kgoetz> at your option
<osmosis> well... installed phpmyadmin but im not getting it at  http://localhost/phpmyadmin . I checked and /etc/apache2/conf.d/phpmyadmin.conf  exists. Not sure what to do.
<_ruben> jetole: not "another router", "any router" .. with router in the broadest sense of the word .. mrtg can monitor localhost and random *nix/win machines just fine (as long as it has a snmp server running)
<joerlend> how do one install web applications from the repositories? I mean, I install the packages, but that isn't enough. Is there a unified way?
<soren> joerlend: Which one in particular are you trying to install? (Explaining by example is helpful here, you see)
<joerlend> well, just now, it's kolab-webadmin, but I was trying to understand the general process.
<joerlend> I've stayed away from the web application packages in the repos because I haven't seen any use for them. It doesn't seem to be explained anywhere.
<soren> joerlend: kolab-webadmin conveniently lands at http://yourhostname/admin/
<joerlend> no, it doesn't.
<soren> elaborate, please.
<joerlend> it lands at /usr/share/kolab-webadmin
<soren> That's a filesystem path.
<joerlend> yes, and apache doesn't know anything about it.
<soren> Which is not a very convenient way to address web pages.
<soren> joerlend: Have you tried http://whatever/admin/
<soren> ?
<joerlend> yes, of course.
<joerlend> I haven't seen any webapp where that works.
<soren> "that"?
<joerlend> yes, that which you just described.
<soren> I have given one specific example of how to access kolab-webadmin.
<soren> I'd like for you to explain how you have attempted to apply the same approach to other webapps.
<soren> (It may not look like it, but I am actually trying to be helpful here)
<joerlend> ok, then you're saying that if I sudo apt-get install phpmyadmin, then afterwards, assuming I've already installed LAMP of course, it should be automatically available in http://localhost/phpmyadmin?
<soren> http://localhost/phpmyadmin/ yes
<joerlend> heh, that actually seems to work now.
<joerlend> it provided a configuration script.
<soren> As should any other webapp.
<joerlend> but they don't.
<joerlend> kolab-webadmin, for instance, had a README in /usr/share/doc/kolab-webadmin or something, that told me to create one symlink here, and one there, and so forth. Still didn't work though.
<soren> joerlend: It (sort of) works for me.
<joerlend> it's necessary to edit php-files in order to make it run at all.
<soren> joerlend: The requests land in the webapp, but as I've not set up kolab itself, it just fails spectacularly.
<joerlend> there is no dialogs for configuring the webserver.
<joerlend> there is no "admin" available from apache at all.
<soren> joerlend: That's really a different issue. "Requires me to edit php files to know where the kolab server is" != "Does not provide a url scheme to access it"
<joerlend> ?
<joerlend> I'm saying that it's easier to download and install manually than it is to install from repositories.
<soren> I've never installed kolab-webadmin manually. How is it easier?
<joerlend> extract the zip and put it in the webroot, configure the files, and you're done.
<soren> And with the ubuntu packages, instead of extracting zip into webroot, you need to apt-get install kolab-webadmin and create a symlink.
<soren> Doesn't sound much more difficult to me.
<soren> ..am I missing something?
<joerlend> the process is just the same, except that using packages, I had to find out where the packages was located first, then copy that folder to the webroot, and then do what I'd usually do in the first place.
<joerlend> well, the repositories saved me the trouble of actually downloading the tarball, but in return I got an older version.
<soren> That's the way distributions work.
<joerlend> ?
<soren> They grab source, package it and make it available.
<soren> They're (we're) perpetually playing catch-up with the upstream.
<Kamping_Kaiser> webapps arnt always easiest to setup :(
<joerlend> so there isn't any reason to use debs for webapps then?
<soren> joerlend: In return, someone has tested it for you, provides upgrade paths, and makes sure it doesn't kill your cat.
<soren> joerlend: Did I say that?
<joerlend> oh, ok. It does have some advantages anyway then.
<soren> joerlend: If your life depends on having the absolute latest release of any given piece of software at *all* times, there's no distribution out there for you, I'm afraid.
<joerlend> I'm not talking about that.
<soren> joerlend: "< ~joerlend> so there isn't any reason to use debs for webapps then?"   <--- Then what did that mean?
<joerlend> I just didn't see any reason why I should use the repositories when they actually complicated things.
<soren> joerlend: ...and I don't see how they complicate things.
<soren> joerlend: You are clearly used to installing the kolab webadmin thing from source. Anything we'll do, will be different from that and as such might cause surprises for you.
<joerlend> well, when I download and extract a tarball, I know where it's located. I'll just move it into the right place and set permissions, and I'm done.
<joerlend> I'm not talking about kolab-webadmin.
<soren> joerlend: When I install a webapp in Ubuntu, I really shouldn't need to know where it's located.
<Kamping_Kaiser> it would be nice if the packaged webapps wound up in tehir own vhosts by default (but i suppose that requires relevent dns changes ;(... handt though of that)
<Kamping_Kaiser> or at least a standard of linking into apaches conf.d with a file that alias /myname to /mypath
<joerlend> I'm just saying that I wish the debs would make the webapp available to the webserver, and not just extract the tarball to some directory somewhere where apache can't get to it.
<soren> joerlend: I know that the packager has put any configuration files into /etc and that there's probably a configuration snippet provided that is either already shoved into apache or can be very easily shoved into apache.
<Kamping_Kaiser> joerlend, you want the packageing system to be an centralised wget for webapps?
<avatar_> roundcube-webmail from packages does provide /etc/apache2/conf.d/roundcube-webmail
<avatar_> so does cacti
<joerlend> no, I just want it to install the application and not just download it.
<Kamping_Kaiser> incl. config?
<soren> joerlend: The fact that it doesn't put things directly into /var/www is a feature.
<joerlend> ok, then what's the difference between downloading the tarball and extracting it and installing the deb?
<Kamping_Kaiser> soren, have to agree.
<soren> joerlend: Upgrade path, qa, integration, and possibly configuration.
<joerlend> integration?
<soren> joerlend: Yes.
<joerlend> ?
<soren> joerlend: While an upstream webapp author only provides the webapp in question, Debian and Ubuntu provide a lot of other stuff.
<soren> joerlend: If we think it's a good idea, we can make it a lot easier for said webapp to integrate with other software installed.
<joerlend> well, if all the webapps worked the same way as phpmyadmin, I'd be happy. They don't,.
<soren> joerlend: Also, we provide security updates automatically.
<soren> joerlend: File bugs. Please.
<joerlend> ok, so it _should_ present automatic configuration of apache?
<soren> joerlend: Most webapps I've come across in the archive do something similar to what phpmyadmin does.
<soren> joerlend: Of course.
<soren> joerlend: If it makes sense.
<joerlend> ok, then I understand.
<soren> joerlend: ...and most do.
<joerlend> none of the webapps I've tried so far has done that, until phpmyadmin now.
<soren> joerlend: I don't have any statistics to back this up, only years and years of experience.
<Kamping_Kaiser> squirrelmail is anoying. theres no way to reconfigure with dpkg.
<soren> joerlend: Examples, please.
<soren> Kamping_Kaiser: squirrelmail is annoying. full stop.
<Kamping_Kaiser> soren, yeah. no argument
<joerlend> soren, phpmyadmin didn't do it the last time I tried. Granted, it's been a while.
<soren> joerlend: Like a decade or so?
<joerlend> no, but probably a year.
<soren> joerlend: It's been doing this for at least all of this millenium.
<joerlend> couldn't have.
<soren> You're not going to back that up?
<soren> With some.. you know.. information?
<joerlend> well, there was no ubuntu repositories..
<soren> Debian?
<joerlend> yes. I don't know what they're doing.
<joerlend> is there a right way of installing a web application=
<joerlend> ?
<soren> Our phpmyadmin package comes from Debian.
<joerlend> I just installed the package zabbix-frontend-php. I didn't receive any information about it, except that the package has been installed. There is no symlink in /var/www. I'm guessing I have to use dpkg -L and locate the files, find out if there is a README or something and follow that guide to install it manually? Is that true, or not?
<Kamping_Kaiser> does it have a file in /etc/apache/conf.d ?
<zul> morning
<Kamping_Kaiser> pschulz01, welcome in
<Kamping_Kaiser> congrats
<joerlend> Kamping_Kaiser, yes, but I'm trying to understand how this works...
<soren> joerlend: there's not supposed to be a symlink in /var/Www
<joerlend> oh and it seems I have to create a user for it manually. Shouldn't some script do that?
<joerlend> soren, ok?
<Kamping_Kaiser> joerlend, it should come 'preconfigured' to (eg localhost/<appname>
<soren> joerlend: It sets up an alias in apache.
<soren> joerlend: I sincerely hope that's what phpmyadmin does, too.
<soren> It is.
<joerlend> and all webapps in the repository should work this way?
<soren> Yes.
<soren> ...that's the way phpmyadmin has done it for as long as I can remember.
<joerlend> perhaps I've misunderstood the procedure.
<pschulz01> Kamping_Kaiser: Thanks... lots of emails to send :-)
<joerlend> I haven't been able to find any documentation on this subject anywhere.
<soren> That's why I tried to point out the difference between file system paths and web paths.
<Kamping_Kaiser> pschulz01, sorry, lots of people got told :)
<soren> joerlend: There might not be any. Where would be an appropriate place to put such documentation?
<joerlend> help.ubuntu.com?
<soren> Front page?
<soren> :)
<joerlend> perhaps under the "Installing applications" section?
<joerlend> https://help.ubuntu.com/7.10/add-applications/C/index.html <-- that would be a good place for such documentation.
<soren> There's supposed to be a server section somewhere.
<soren> https://help.ubuntu.com/7.10/server/C/
<sommer> hey all
<Kamping_Kaiser> hey
<sommer> soren, joerlend: acutally wabapps are on the list to be added to the server Docs: https://wiki.ubuntu.com/ServerGuide
<soren> Great.
<soren> joerlend: Would you be willing to help out in writing that?
<sommer> you can also find phpmyadmin steps here: https://help.ubuntu.com/community/phpMyAdmin
<joerlend> soren, yes, if I could understand it.
<Kamping_Kaiser> night all
<sommer> Kamping_Kaiser: later on
<Kamping_Kaiser> pschulz01, congrats again. catch you online :)
<soren> joerlend: You're clearly getting there.. :)
<ivoks> i hate compiling kernel :/
<soren> ivoks: don't?
<soren> There. Problem solved.
<soren> Who's next?
<joerlend> s:)
<sommer> heh
<ivoks> soren: bug 158288
<ubotu> Launchpad bug 158288 in redhat-cluster-suite "Node hangs at clvm when joining cluster" [Critical,Confirmed] https://launchpad.net/bugs/158288
<ivoks> there, o have to :/
<ivoks> i
<joerlend> soren, ok, the webapp is complaining about a php setting. Is it appropriate to edit /etc/php5/apache2/php.ini, or should I do that somewhere else?
<soren> Fabio's fixing it. Take the day off :)
<soren> joerlend: Which setting?
<soren> joerlend: With no further information, the answer is "somewhere else".
<ivoks> soren: lol... it's not that simple... aparently, this comes up only in some circumstances...
<soren> joerlend: The php.ini should provide sane, usable defaults.
<ivoks> so, fabio created a patch, now i'm building a kernel for testing
<soren> joerlend: If you've uncovered something that hints towards the defaults being insufficient, we'll consider tweaking them.
<joerlend> soren, in general.
<joerlend> is there a php.ini-file per webapp or something?
<soren> joerlend: No.
<soren> joerlend: Some settings can be tweaked from apache.
<soren> Until, of course, we switch to php as a fastcgi application.
<soren> :)
<joerlend> ok. Zabbix complained about max execution time being less than 300 seconds.
<ivoks> hehe
<ivoks> speed is the problem?
<ivoks> one word: eaccelerator
<joerlend> no, installation is the problem.
<joerlend> well, configuration. It won't let me proceed until php.ini is fixed.
<ivoks> then fix it
<joerlend> it also complains about timezone. It isn't set in php.ini. That's a bug, isn't it?
<ivoks> no
<joerlend> ok?
<ivoks> php exports time zone of the system
<ivoks> if your system is misconfigured, then, well...
<joerlend> well, the webapp will not run until I've set it.
<joerlend> what format do I use, and will that cause other webapps to malfunction?
<soren> Any idea why zabbix might want max execution time to be > 300 seconds?
<ivoks> broken by design?
<soren> It's especially curious as it's something you can even tweak from within a php script.
<joerlend> I have no idea. I just wanted to try it out, because I would really use a webbased system monitor.
<ivoks> you've tried nagios?
<joerlend> no.
<_ruben> seems to be more along the lines of cacti i think
<ivoks> nagios?
<ivoks> nagios monitor server or/and services
<ivoks> and can report failed service/server
<_ruben> and cacti can show nice grapsh .. we use both
<_ruben> graphs even
<zul> we use hobbit nice and effective
<ivoks> whatever you do, don't touch zenoss :)
<ivoks> it does an evil thing to sudoers
<soren> cricket is allegedly very nice for graphing stuff. I use nagios myself to monitor service availability and such.
<_ruben> heh .. hobbit's a bigbrother 'clone' .. we used bb for years .. is rather limited though, though perhaps hobbit has filled in the gaps
<joerlend> ivoks, then it should be available as http://localhost/nagios?
<ivoks> joerlend: yes
<joerlend> it isn't.
<ivoks> you installed it, right?
<ivoks> and it's running?
<joerlend> I installed it..
<joerlend> :)
<joerlend> well, there are alot of other packages. I only installed nagios2
<ivoks> install at least nagios-text
<joerlend> ok.. If it's required, shouldn't the package depend on it?
<ivoks> no
<joerlend> ehrm. It asked me for a password, but not a username. I still have to provide one.. What is it?
<ivoks> couse you can choose several backends
<soren> joerlend: nagiosadmin
<soren> ivoks: It could depend on nagios2-text | nagios2-pgsql | nagios2-mysql, though.
<soren> ivoks: I don't remember why it doesn't.
<spiekey> howdy!
<soren> hello
<spiekey> i have some routing problem here i think...maybe someone can help me out here.
<spiekey> http://pastebin.ca/792530
<spiekey> i canÂ´t get to the 2nd router interface (10.190.104.53).
<spiekey> the packets never get to my router.
<spiekey> so i am assuming my ubuntu box does not know which interface to use for this destination
<spiekey> whoever answers first gets a cookie! ;)
<spiekey> sorry, typo. The Client Gateway is not *.51 but *.59
<spiekey> Corrected version: http://pastebin.ca/792533
<_ruben> bridging a dmz and lan .. wtf?
<spiekey> why not? ;)
<_ruben> odd .. overly complicated ..
<spiekey> ok, its not common...but i need it that way
 * spiekey has to mentiont that this is going to be a bridged firewall.
<_ruben> so eth1 is part of the bridge but should also be used 'seperately'? .. never worked with bridges myself, but it all sounds very nasty
<_ruben> or wait .. you want to access an ip on the router itself ... even stranger
<spiekey> _ruben: well, the ip of the router or an ip behind...whats the diffrence?! ;)
<_ruben> ow .. "Router" isnt the box with 3 nics .. which is a bridge indeed .. ok
<spiekey> the "Router" is some Cisco box
<_ruben> in that case you lack a route to 10.190.104 i'd say
<spiekey> _ruben: exactly
<_ruben> dunno what the ubuntu way for that is, yet, tho
<spiekey> this did not work out for me: route add -net 10.0.0.0 netmask 255.0.0.0 gateway 10.206.160.125
<_ruben> jikes .. the route command .. scary .. better use 'ip' .. its syntax is much 'nicer'
<spiekey> hehe
<spiekey> i only know the route command :P
<_ruben> and that's a pretty wide subnet mask
<spiekey> but wait..i have an idea...
<spiekey> just thought that...i wanted to cover it all ;)
<spiekey> yey!
<spiekey> it works!
<spiekey> thats ruben! ;)
<spiekey> thanks
<_ruben> still wondering why such a setup would be needed, then again, i probably do not want to know ;)
<_ruben> (curiousity versus sanity)
<spiekey> ruben: all i am doing is to replace a simple 9,90$ Switch with a Firewall ;)
<spiekey> so thats even an improvement.
<spiekey> unfortunatelly i am not responible of the other two connected networks.
<_ruben> ic
<spiekey> ic?
<_ruben> i see
<spiekey> ah! :)
<nealmcb> joerlend, soren, sommer: good conversation - I've had many of the same questions, and getting it documented in a way that easily answers the sorts of questions that joerlend  is asking would be a nice win!
<sommer> nealmcb: ya, webapps are on my doc to-do list.... I believe this was also discussed at UDS, but I'm not sure of the links
<nealmcb> sommer: right - I was thinking a link to that blueprint would be handy for joerlend
<sommer> nealmcb: I think this is it: https://wiki.ubuntu.com/WebAppsPackaging
<nealmcb> sommer: thanks
<sommer> np
<nealmcb> joerlend: ^
<methods> does server have pcmcia supoprt ?
<zul> it should
<methods> it didn' even lite up my card
<soren> methods: Does it if you're running the -generic kernel?
<methods> i just installed  i havn't touched anything
<soren> methods: Let me rephrase:
<methods> 2.6.22-14-server
<soren> methods: Do you have any reason to believe it's specific to the server edition?
<methods> nope
<soren> Ah.
<methods> just firured it might not have laptop stuff
<soren> It has pcmcia drivers, yes.
<soren> pcmciautils is even installed by default.
<methods> your right
<methods> but the card isn't even lit up
<AnRkey_> does ubuntu have a webdav server?
<AnRkey_> and if so what is it called?
<joerlend> apache?
<joerlend> sommer, thanks for the link.
<AnRkey_> am i missing something here? how would I use apache to set up a webdav server? does anyone have a link or something for me?
<AnRkey_> ok i found it
<AnRkey_> thanks joerlend
<methods> any advice ?
<methods> on how to test if this card can work ?
<mralphabet> methods: what card is it?
<methods> mralphabet: u.s. robotics 10/100
<methods> usr7901
<methods> hm dmesg shows it was inserted and registered
<methods> but i see no activity lights and ifconfig doesn' tshow it
<mralphabet> umm, is it plugged into the ethernet?
<methods> you mean into the network ?
<methods> it should still show up
<methods> in ifconfig -a
<methods> non of the pcmcia net modules seem to work
<methods> only has 10 too
<sommer> methods: just to double check do you have pcmciautils installed?
<methods> yes
<sommer> you might also try pcmcia-cs, it says deprecated so there's probably a replacement package (not sure if pcmciautils is the package)
<sommer> your card is mentioned here: https://lists.ubuntu.com/archives/edgy-changes/2006-June/000422.html
<nealmcb> ivoks (or whoever) - re: this avahi debate....  I've seen various claims of avahi breaking other uses of .local (e.g. the vpn case), but I also see there have been efforts to automatically disable avahi if .local unicast dns is detected.  are those not working?  can we try to fix them?
<soren> That could work.
<soren> ....but I'd like to reiterate my point that avahi is not installed on ubuntu server.
<soren> Scenario: I'm in the bush. I've got nothing but a (charged) laptop and an Ubuntu Server CD. Question: How do I avahify this laptop?
<soren> Answers on my desk tomorrow morning, no less than 500 words. Class dismissed.
 * soren calls it a day
<methods> whats avahi
<nealmcb> methods: apt-cache show avahi-daemon
<nealmcb> and see www.zeroconf.org/
<nealmcb> (and be careful about cntl-w when switching your fingers from emacs to pidgin -:(
<proprietarysucks> anyone know a guide for 'kickstarting' ubuntu? I have it all set up I just don't know how to do the 'automation' part of it (like the kickstart file for red-hat).. anyone know what I'm trying to say?
<methods> kickstart ?
<methods> you want programs to start up ?
<zul> proprietarysucks: like preseeds?
<proprietarysucks> I just want the install to be automated
<zul> proprietarysucks: https://wiki.ubuntu.com/KickstartCompatibility
<proprietarysucks> as in, I write down the answers to the install questions in a file and direct the kernel to it
<proprietarysucks> yes thanks
<proprietarysucks> what is the little animal name for the current release
<zul> gibbon
<proprietarysucks> thanks
<proprietarysucks> can anyone tell me what the kernel option   --     does ?
<CharlieSu> would anyone look at this http://pastebin.com/m408b8e2 and tell me why i can't get to port 993?  i'm trying to setup email
<mralphabet> proprietarysucks: what are you looking at?
<proprietarysucks> the ubuntu server 7.10 pxeboot kernel appends
<proprietarysucks> they all end with --
<mralphabet> CharlieSu: setup email with . . .
<CharlieSu> mralphabet: ?
<CharlieSu> mralphabet: i think the problem is that im' not listening on ip4 and only ipv6
<CharlieSu> but i don't know how to change that
<mralphabet> CharlieSu: what package?
<CharlieSu> mralphabet: imaps
<CharlieSu> courrier
<mralphabet> on fiesty? gutsy?
<mralphabet> dapper?
<proprietarysucks> that wiki page you sent me doesn't apply to 710. also, it implies that most normal kickstart settings were compatible, yet none seem to be being applied.
<CharlieSu> 7.10
<CharlieSu> mralphabet: also here is this    http://pastebin.com/m2e4444d4
<CharlieSu> and this
<CharlieSu> http://pastebin.com/m408b8e2
<CharlieSu> might help
<CharlieSu> phunki.com is the domain..    i try telnet phunki.com 993
<mralphabet> have you looked at etc/courier/imapd?
<CharlieSu> mralphabet: i don't see anything about ip4 or ip6 in that file
<mralphabet> CharlieSu: do you have an ADDRESS: line in it?
<mralphabet> or could you pastebin etc/courier/imapd file?
<CharlieSu> SSLADDRESS=0
<CharlieSu> YEAH
<CharlieSu> http://pastebin.com/m755de3a9
<mralphabet> #
<mralphabet> #  Address to listen on, can be set to a single IP address.
<mralphabet> #
<mralphabet> #
<mralphabet> #
<mralphabet> # ADDRESS=127.0.0.1
<mralphabet> #
<mralphabet> #
<mralphabet> ADDRESS=0
<nealmcb> mralphabet: please stop that
<CharlieSu> that bad?
<CharlieSu> doesn't 0 mean everything?
<mralphabet> CharlieSu: set that to an IP address you want to listen to and see if your netstat changes
<mralphabet> CharlieSu: if that doesn't work, I would suggest finding somebody who is more familiar with courier or possibly the courier channels (if there are any)
<nealmcb> is that ip address really used to select which interface to listen on?
<CharlieSu> mralphabet: it did
<CharlieSu> tcp        0      0 65.90.217.148:993       0.0.0.0:*               LISTEN     -
<mralphabet> and does it answer now?
<CharlieSu> BUT...  when i do 'telnet phunki.com 993'  no answer
<CharlieSu> look at iptables
<CharlieSu> http://pastebin.com/m2e4444d4
<nealmcb> CharlieSu: well, I don't see imaps (port 993) on there with the other ports allowed in....
<CharlieSu> nealmcb: ok..  do i need to do something similar to this 'PAROLE     tcp  --  anywhere             anywhere            tcp dpt:pop3' ?
<nealmcb> I would guess so - with imaps rather than pop3 - but I don't fully follow that firewall scheme
<nealmcb> what do you use to configure your firewall?
<osmosis> how do I set my default crontab -e  editor ?
<zul> export EDITOR="<your choice here>"
<nealmcb> osmosis: man crontab
<nealmcb> "VISUAL" is also consulted
<methods> i dont think pcmciautils supports this card
<folke> Do you know when the fixed firehol packet is going to gutsy?
<Burgundavia> folke: is it a security bug?
<nealmcb> is there a way to get the host command (or some other similar command) to search according to nsswitch.conf?  i.e. to do mdns queries (and in particular ip address queries via mdns)?
<folke> Burgundavia: Well, firehol wont work for bash31 i think?
<Burgundavia> folke: if it is not a security update and there is a simple patch that fixes that problem, it might be a target for an SRU
<folke> Burgundavia: Ah, I am an old debian user.. So I must RTFM about SRU :)
<Burgundavia> and SRU is a stable release update
<Burgundavia> like Ubuntu, we don't push new upstreams into stable versions of Ubuntu
<Burgundavia> this allows small patches to specific problems to be pushed into the stable version of Ubuntu
<folke> Burgundavia: Ah, I see.. Is it a special repo that I must add, or is those packet added to gutsy repos?
<Burgundavia> well, no SRU has yet happened for firehol, at least that I know of
<Burgundavia> do you have a bug #?
<Burgundavia> and a patch for the problem?
<folke> #78017, and I found that there was already a fix for this problem.
<folke> But I found the SRU on ubuntu wiki, so I will read up on it before I ask more silly questions :)
<folke> Burgundavia: Thanks for the help.
<Burgundavia> no worries
<Burgundavia> folke: it looks liek the SRU process is already underway
<Burgundavia> all that needs to happen is for you to show that the update doesn't break anything and fixes the bug and then it can go into -updates
<folke> Burgundavia: Ah, perfect.. I will try it out tomorrow at work..
<nealmcb> but 78017
<nealmcb> bug 78017
<ubotu> Launchpad bug 78017 in firehol "[SRU] firehol locks down Feisty & Gusty systems" [Medium,Fix committed] https://launchpad.net/bugs/78017
<nealmcb> wow - that bug has taken quite a while......
#ubuntu-server 2007-11-22
<nealmcb> to respond to my question:  is there a way to get the host command (or some other similar command) to search according to nsswitch.conf?  i.e. to do mdns queries (and in particular ip address queries via mdns)?
<nealmcb> getent hosts 192.168.1.18 works nicely
 * kgoetz thinks canonical should employ someone to moderate the lists.
<ajmitch> er, why?
<kgoetz> i keep sending from teh wrong account (so they go into the que (sp?)), and now and then they sit for 'a while'.
<kgoetz> does depend which list
<ajmitch> it's hardly something that needs a paid employee
<kgoetz> i figure a gazillion lists. almost enough work *grin*
<jkakar> So, I've just setup a new ubuntu-server (gutsy).  I was happy that the installer asked me if I wanted LAMP, Samba, etc.
<jkakar> During the process I check 'samba' but I now realize that I don't actually need it.  Is there a recommended way to cleanly remove it?
<jjesse> kgoetz: they need to hire another full time kde developer before they hire someone to monitor lists :)
<fujin_> jkakar: dpkg --purge samba
<fujin_> jkakar: you can actually probably do
<fujin_> sudo tasksel remove samba
<fujin_> sudo tasksel list
<fujin_> cancel that
<fujin_> can't do removal with tasksel
<fujin_> oh, yes you can
<fujin_> do tasksel --list-tasks, find the samba one, do tasksel remove <task>
<fujin_> sorry :P
<jkakar> fujin_: Ah cool, thanks.
<fujin_> will remove everything that the tasksel did, afaik
<jkakar> Ta.
<jkakar> fujin_: Yeah, I guess you're right.  I did 'apt-get remove samba-common --purge' and now tasksel reports 'samba' as being uninstalled.
<jkakar> Thanks for the help.
<kgoetz> jjesse: hehe. probably ture enough
<macd> lionel, ping
<kgoetz> wb
<kgoetz> âC++ is an octopus made by nailing extra legs onto a dog.â âunknown
<nealmcb> kgoetz: you could subscribe your other accounts also, and use the setting to avoid getting mail sent to the other ones
<nealmcb> fujin_: it just isn't clear from the man page whether tasksel remove does a purge or not - I assume not
<nealmcb> but I'm glad to learn that there is a remove option!
<sahafeez> dumb question - how do i set a service (apache) in init.d not start on boot? do i just remove the file?
<sahafeez> figured it out
<mohan> hi...can any one tell me  any GUI is there for DNS Server
<mohan> plzz help me...
<mohan> i want to configure DNS Server.... can anyone help me sir
<c1|freaky> hi all
<c1|freaky> i just installed mod music index and tried to restart apache2. but it can't restart apache2 because it says the address was allready in use.
<c1|freaky> when i do ps aux | grep apache2 nothing shows up
<c1|freaky> just the grep process
<c1|freaky> and now i dont know what process is using port 80
<c1|freaky> how can i find out what process is using it?
<avatar_> c1|freaky: sudo fuser -u -v -n tcp 80
<c1|freaky> ok thank you :D
<c1|freaky> is there anything like durep -w - a disc usage reporting tool which converts the reports into html format in soem way?
<c1|freaky> i cant get durep to work
<c1|freaky> oih
<c1|freaky> i guess i found out what i was doing wrong
<mohan> any GUI is there for DNS Server
<Kamping_Kaiser> afaik not
<mohan> any GUI is there for DHCP Server
<Kamping_Kaiser> afaik not
<Kamping_Kaiser> not in ubuntu at any rate
<mohan> kamping_kaiser,thanks
<Kamping_Kaiser> mohan, they are hoping for some in the next release.
<Kamping_Kaiser> no probs.
<mohan> thank u
<coNP[uni]> Is there a way to tell grub what kind of filesystem resides on a given partition?
<coNP[uni]> (It does not want to find /boot/grub/stage1 and I guess it might be because it does not know that this is an ext3 filesystem)
<Kamping_Kaiser> it shouldnt care, as long as it can support the filesystem in question
<coNP[uni]> it is an ext3 but has partition type ntfs
<coNP[uni]> but I thought it should not be a problem
<c1|freaky> how can i allow cgi scripts to be executed also from another path than /usr/lib/cgi-bin/ so i can password protect a cgi script and not all together
<c1|freaky> ?
<c1|freaky> im using apache2
<soren> coNP[uni]: stage1 is not read off of the disk at boot time, it gets.. Oh, he buggered off.
<soren> meh
<jgonzalez> hi there... I would like to use syslog-ng, but it seems that implies to uninstall ubuntu-minimal (https://bugs.launchpad.net/ubuntu/+source/syslog-ng/+bug/42555/)... I'm new to ubuntu, but I seem to recall that this may cause problems when upgrading between releases... any option?
<ubotu> Launchpad bug 42555 in ubuntu-meta "ubuntu-minimal should support recommends (was: syslog-ng causes ubuntu-minimal to be removed.)" [Wishlist,Fix released]
<svschwartz> hi everybody
<svschwartz> can anybody suggest solution for creating drive images with MBR etc
<svschwartz> ext2/ext3 partitions
<lionel> macd: arround ?
<lionel> hi mathiaz
<mathiaz> hi lionel
<macd> lionel, ping
<lionel> \o/
<lionel> macd: did you see my comments on the ML ?
<macd> sure, did and I just shot a reply
<macd> so you should have that pretty soon
<lionel> cool, reading now
<lionel> well, ok.
<lionel> my problem with mongrel is that you need to start a mongrel instance for each app no ? It does not support virtualhosting or similar. Correct me if I'm wrong
<macd> Correct, each rails app needs one or more mongrel
<lionel> so adding a new app means adding a new init.d :-(
<macd> well, maybe
<macd> There is a method to tell which mongrels to start on boot through mongrel, so just adding the init script would be a one time thing
<macd> I see where your going with fcgid and mongrel, and it makes sense from a complications point of view why to stray from mongrel
<macd> but mongrel is pretty much the defacto standard in the ror world these days
<mathiaz> macd: I've just replied to your mail for RoR
<mathiaz> macd: what's the issue with fcgid ?
<macd> mathiaz, performance manly
<mathiaz> hi ivoks !
<mathiaz> ivoks: you've popped in at the right time as we're disscussing mod_fcgid for Ruby On Rails.
<mathiaz> macd: so you think that using apache2.2 as a reverse proxy for mongrel makes more sense.
<mathiaz> macd: could you explain to me what mongrel is exactly ?
<macd> mathiaz, yes@ apache+mongrel
<macd> mongrel is a lightweight http/ruby server
<mathiaz> macd: I have a vague idea about it, just want to make sure I understand it correctly.
<macd> but it really doesnt excel at serving static content, so thats where apache fits in
<mathiaz> macd: can it run under a different user than apache2 ?
<macd> mathiaz, yes or no, its all spec'd in the mongrel config
<mathiaz> macd: ok. One of the main reason fcgid is interesting is from a security point of view
<ivoks> hi
<mathiaz> macd: as the scripts don't run in the same address space as the web server
<ivoks> (let me just catch up with the conversation)
<mathiaz> ivoks: correct me if I'm wrong on the fcgid thing.
<mathiaz> macd: IIUC using mongrel would provide the same level of security ?
<ivoks> i was just reading mail post on list and had plan to respond
<MatBoy> I'm having the following problem that I can't get fixed with apt-get -f install or anyway to force stuff http://www.pastebin.ca/793761
<ivoks> macd: you're Mamading?
<macd> mathiaz, the dispatch cgi for the rails app lives in a public directory, but is only read by mongrel
<macd> and the rails framework "routes" get/post requests via the app, so you could say it lives in a seperate place
<lamont> MatBoy: the joys of using backports, eh?
<macd> ivoks, no, I'm David P.
<ivoks> oh, sorry
<lamont> purge all of the relevant packages and then install
<lamont> MatBoy: specifically all of the packages mentioned in : which is also in package ruby-net-ssh and such
<MatBoy> lamont, hehe, yeah indeed... uhm with what option ? because I'm quite stuck for the first time
<lamont> apt-get remove --purge
<ivoks> apache+fcgid would help us with lots of current problems
<mathiaz> ivoks: right.. but that is mainly for php scripts.
<ivoks> no
<ivoks> fcgid is mainly used for ruby
<ivoks> but can (and should) also be used for php
<MatBoy> lamont, because using apt-get remove --purge will give me the -f install message again
<mathiaz> ivoks: mongrel already provides the separation from the http server
<ivoks> and python and perl...
<ivoks> i see
<lamont> MatBoy: dpkg --purge --force-depends for the truly brave
<macd> Alot of the RoR world just doesnt like fcgid, and its mainly due to performance
<lamont> MatBoy: and you need to purge both the 1.8 and non-1.8 versions of the packages as mentioned in all your errors.
<lamont> then apt-get -f install stands a chance of fixing the depends that you've broken with the dpkg --purge --force-depends
<ivoks> macd: fcgid with any web server or fcgid with apache?
<lamont> MatBoy: and if apt ever tells you to type 'Yes, do as I say!", don't.
<MatBoy> lamont, hehe indeed
<lamont> s/as/what/
<lamont> sigh
<lamont> it's been too long
<macd> ivoks, I'd venture to say any web server, over the past year or so RoR community has gone through numerous "the right stuff" setups, and its finally settled on Apache+Mongrel for the past 6 or so months
<MatBoy> lamont, ok, I was playing with the force things btw, thanks !
<lamont> it's very very very rare that saying that is the right answer.
<macd> Some people are also touting nginx, personally I thinks its inferior to apache
<ivoks> macd: ok, i have to admit i've never hard about mongrel
<ivoks> i'm just not into ror stuff
<ivoks> what i do know is that people often misconfigure apache :)
<ivoks> or are unaware or MPMs in it
<macd> isnt that the truth ;)
<mathiaz> macd mentionned in the spec to use the worker MPM
<macd> mod_proxy used to remove mpm-perchild and install mpm-prefork, that was horrible.
<ivoks> apache-worker+fcgid does provide really impressive results
<ivoks> macd: have you worked with worker?
<macd> Yeah, we deployed ror stacks in alot of configurations in the past
<ivoks> all my experinece is based on PHP...
<ivoks> macd: and, what's your view on mpm-worker+fcgid?
<MatBoy> lamont, is there no way to do a sudo dpkg --purge --force-depends ruby* ?
<macd> mpm-worker+fcgid from a setup perspective, easy.
<macd> performance, you just can't beat mongrel
<ivoks> ok, i understand that
<ivoks> sec phone
<mathiaz> macd: If the consensus in the RoR community is to use a mod_proxy+mongrel setup, we should go for this solution.
<macd> mathiaz, thats exactly how I feel, giving the people what they want is what ubuntu is about
<ivoks> ok... so we would provide support for ror ouside of worker+fcgid idea
<lamont> MatBoy: I use vi, and my mouse to assemble that list usually
<ivoks> mathiaz: i don't mind that... but we should take a look at mongrel
<MatBoy> lamont, I removed the packages, did an autoremove
<MatBoy> and will install again :)
<mathiaz> ivoks: the idea is to provide an task equivalent to the LAMP task.
<ivoks> yeah...
<ivoks> if worker+fsgid is realld that worse than mongrel...
<ivoks> with worker+fcgid, we could have easy plug and play support for different languages
<ivoks> man, lots of typos :)
<mathiaz> ivoks: right. OTOH if it's not a standard practice in the RoR community it may not be the best option.
<ivoks> right
<ivoks> macd: do you have any info about security issues with mongrel?
<ivoks> CVE-2006-5467
<ubotu> The cgi.rb CGI library for Ruby 1.8 allows remote attackers to cause a denial of service (infinite loop and CPU consumption) via an HTTP request with a multipart MIME body that contains an invalid boundary specifier, as demonstrated using a specifier that begins with a "-" instead of "--" and contains an inconsistent ID. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-5467)
<ivoks> i found only one CVE
<macd> yeah, mongrel is pure ruby, so anything ruby may affect it
<macd> Mongrel is @ http://mongrel.rubyforge.org/
<macd> Mongrel has a fix for the CGI issue in Ruby, so that systems running older Ruby dont have an issue
<ivoks> ok, this CVE is not a mongrel issue
<macd> http://rubyforge.org/pipermail/mongrel-users/2006-October/001946.html
<ivoks> mathiaz: so, we should look at including it in main?
<macd> It kind of is
<mathiaz> ivoks: that would be one the goal of the spec.
<ivoks> ok... http://mongrel.rubyforge.org/docs/apache.html
<ivoks> this is very easy :)
<ivoks> macd: would you be interested in testing some setups we create?
<macd> yeah, no problem
<ivoks> in about a month or so...
<ivoks> when i finish mail stuff :)
<mathiaz> ivoks: hum... there is a caveat section at the very bottom of the page
<mathiaz> ivoks:     So yes the net result is that you can really only put a couple of mongrels behind apacheâs proxy engine (about 2 âhello worldâ rails mongrels).
<mathiaz> ivoks: that's not very encouraging... :/
<macd> and I just saw the newer mongrel can run multiple rails apps
<macd> I dont think that caveat is completely right
<macd> we run modest hardware with a few dozen mongrels behind a single apache
<ivoks> yeah.. if this is ture, and mongrel is bet tool, then we should drop ror :D
<ivoks> s/bet/best/
<ivoks> i'll investigate it
<macd> yeah, who in their right mind would use a web framework that a server could only run 1 or 2 instances of ;P
<macd> Jason Hoffman must have a 486 ;)
<mathiaz> hum.. it seems that there is two options here. More research may need to be done then.
<ivoks> iirc, we don't even have mod_proxy_balancer
<macd> its in mod_proxy I _think_
<ivoks> right, it is
<macd> on gutsy just doing a2enmod proxy allows you to use balancer
<macd> s/gutsy/hardy
<ivoks> ok, i'll investigate it
<macd> I have a hardy vm I setup last night with the RoR stack configured I could snapshot for you
<ivoks> mathiaz: i should finish mail stuff by the end of the week, so there'll be time for this...
<ivoks> that would be great!
<macd> It's in virtualbox format, would that be ok?
<ivoks> am...
<ivoks> well, ok
<macd> actually
<macd> Im thinking I could just run a diff on everything modified
<macd> include the new files added also
<macd> that might be easier than me trying to upload a few hundred megs
<ivoks> macd: you could send me output of dpkg --get-selections
<ivoks> and configuration files
<ivoks> macd: send it to ivoks@ubuntu.com
<mathiaz> macd: what's mongrel_cluster ?
<macd> I can get that together in a day or so, I've got some stuff on my plate atm
<ivoks> i'll have to say bye now...
<macd> see ya ivoks
<macd> mathiaz, mongrel_cluster is a script that facilitates starting multiple mongrels
<macd> mathiaz, I should also mention its a few ruby files
<macd> + an init script
<mathiaz> macd: does this start apache2 ?
<ivoks> no
<ivoks> just coupld of mongrels, right?
<macd> mathiaz, no, apache is still started through its own init
<ivoks> bye
<macd> mathiaz, on startup apache checks the status of the mongrels and will give an error/take them out of the balancer if they arent available
<macd> [Thu Nov 22 04:34:23 2007] [debug] proxy_util.c(1610): proxy: worker http://172.17.129.167:8004 already initialized
<macd> something like that
<mathiaz> macd: ok.
<mathiaz> macd: what's needed to configure on the DB side ?
<mathiaz> macd: you mentionned in the spec that you need to create a user and a db for rails.
<macd> mathiaz, yes, assuming we have some sort of sample app installed
<mathiaz> macd: so you need to create databases for each rail apps installed.
<macd> mathiaz, the rails app needs to know the db connection info, i.e. socket/pipe, and a user:pass for it.
<mathiaz> macd: but rails, the framework, doesn't need it's own db ?
<macd> mathiaz, correct, it does not
<mathiaz> macd: ok.
<macd> mathiaz, this is where RoR gets wierd, without a sample app, theres no configuration to be done on mongrel, apache, or mysql
<macd> which could be as simple as the default rails app created with "rails newapp"
<mathiaz> macd: right... There is still some work to be done so that when the first apps is depoloyed you don't need to setup  everythin.
<mathiaz> macd: I've edited the spec (https://wiki.ubuntu.com/RubyOnRailsStack#preview)
<mathiaz> macd: could you have a look over it ?
<macd> mathiaz, looking now
<mathiaz> macd: in the implentation section, there is the tasksel task section and the documentation section
<mathiaz> macd: the tasksel section is where we can automate everything.
<mathiaz> macd: the documentation is about how to deployed a rail application.
<macd> mathiaz, yeah I wanted to ask about tasksel, is that part of the installer?
<mathiaz> macd: it should boiled down to: where you should put your apps, how to configure your db access and on which host you wanna run it.
<mathiaz> macd: tasksel is used in the installer
<mathiaz> macd: but you can also run afterwards.
<macd> mathiaz, exactly, we should ask the user those 3 things
<mathiaz> soren: they're dummy man pages in debian.
<macd> mathiaz, possibly how many mongrels they want
<mathiaz> soren: because there is some issue with mysql man pages.
<soren> mathiaz: And Debian doesn't have the mysql-doc-5.0 package?
<macd> and then we can just generate the configurations for that ( I assume thats past of what tasksel does)
<mathiaz> soren: nope.
<soren> mathiaz: Alright.
<mathiaz> soren: I'm currently discussing the issue with one of the DD and MySQL documentation team.
<soren> mathiaz: ...so if people install mysql-server-5.0 on Ubuntu they just get no man pages at all?
<mathiaz> soren: yes. They don't get mysql for ex.
<soren> mathiaz: erk.
<mathiaz> soren: mysql-doc-5.0 is a suggestion.
<mathiaz> soren: well. the debian man page for mysql just states that the manual is not free.
<mathiaz> soren: it doesn't give more information about the actual program.
<mathiaz> macd: correct. tasksel is just about installing the framework.
<mathiaz> macd: and making some necessary configuration so that things work out of the box once the apps is deployed.
<mathiaz> macd: what's the reason for having more than one mongrel for an app ?
<macd> mathiaz, some RoR apps have to have more than 1 to run, others just need it for performance
<mathiaz> macd: you mentionned that httpd.conf needs to be edited if the rails app wants to use more than a single mongrel instance. why is this needed in httpd.conf ?
<mathiaz> macd: actually it's apache2.conf in Ubuntu nowadays
<macd> mathiaz, yeah Im not sure why I chose httpd.conf over apache2.conf
<macd> mathiaz, I believe I couldnt make it work by adding the stuff into apache2.conf, but since apache is modular now, we could use that to our advantage
<mathiaz> macd: if some modifications needs to be done in apache2.conf, it means it should go in tasksel
<mathiaz> macd: and to be exact, not in apache2.conf, but in the .load file of rails.
<mathiaz> macd: or something like that.
<macd> mathiaz, When I get all the files together for ivoks, I'll try to see if I can stick the directives in apache2.conf rather than httpd.conf
<soren> macd: /etc/apache2/conf.d probably
<macd>  .load? are you referring to the files living in /etc/apache2/mods-available ?
<mathiaz> macd: hum... I think it would be more intersting if you can figure out which directives are relevant for a vhost and which ones should be applied to the common apache configuration
<mathiaz> macd: yes. but I think soren gave the right answer.
<macd> All the vhost specific configs live in /etc/apache2/sites-available
<mathiaz> macd: yes. That would be up to the sysadmin to modify when deploying a web apps.
<mathiaz> macd: if there are some other directives that are needed to make RoR apps working for every vhost, they should be added at install time.
<macd> mathiaz, I see why I have the proxy_balance stuff in httpd.conf, I use a old apxs module and it loads in httpd.conf, so I just stuck that in there too, but it works in apache2.conf
<mathiaz> macd: ok. It seems that proxy_balance configuration is not something specific to a rail apps or a vhost
<soren> macd: httpd.conf and apache2.conf are completely equivalent. One includes the other.
<soren> macd: It doesn't matter which of those you put something in.
<soren> macd: ...but if a package wants to add stuff to the apache configuration, that's what /etc/apache2/conf.d is for.
<mathiaz> soren: apache2.conf is the suggested file.
<soren> mathiaz: Right.
<mathiaz> soren: httpd.conf is deprecated IIRC
<soren> mathiaz: Sounds right.
<soren> ...but there's no functional difference between the two.
<macd> inside httpd.conf they mention using it specifically to load older and 3rd party modules
<soren> Whatever you can put in one, you can put in the other, and nothing will have changed.
<macd> but yeah, it shouldnt matter which one, it should work either way
<soren> macd: No... httpd.conf is empty by default.
<macd> since apache2.conf has a include directive for httpd.conf
<macd> soren, it isnt on hardy?
<mathiaz> macd: yes. It's there for historical reasons.
<mathiaz> macd: httpd.conf was the default configuration file in Debian for a while.
<mathiaz> macd: Debian moved to apache2.conf, which is the same as upstream.
<soren> macd: Yes, it is.
<macd> wth, why does mine have something in it :/
<macd> nvm, I know.... yeah it is blank on hardy, gutsy has some commented stuff in it
<soren> macd: You put it there or some app you installed did. If the latter, please file a bug against it.
<macd> soren, it should be present, just empty correct?
<soren> macd: Yes.
<soren> macd: I'm quite sure it's the same on gutys.
<soren> gutsy, even.
<soren> Yup.
<soren> It is.
<macd> http://pastie.caboo.se/120942  thats what I have on a fresh gutsy install
<soren> I find that quite hard to belive. I've just grepped the entire source code for "This is here for backwards compatability reasons" and there's no such thing anywhere.
<soren> Same for feisty.
 * macd has no idea where it came from then
<soren> macd: Dapper looked that way, it seems.
<macd> I thought my gutsy was fresh, but it may be an upgrade from dapper, that would explain the file at the least
<soren> edgy, too.
<soren> Feisty and onwards: empty.
<mathiaz> macd: which mpm should be used in the apache2+mod_proxy configuration ?
<macd> Looks like its time for me to stuff my face, I'll get the rest of the specifics regarding which config files need to be touched and how and stick it on the wiki
<macd> mathiaz, perchild
<macd> err
<macd> my mistake, worker
<mathiaz> macd: right.
<macd> forgot something, mathiaz are you subscribed to the wiki page, or do you want me to shoot you a email when the other info is up?
<mathiaz> macd: I'll subscribe to the wiki page
<appellation> While trying to login to my server from my main computer via ssh, I received a message suggesting that someone may be attempting a man-in-the-middle attack. I have restarted the server. Does anyone have any other suggestions?
<appellation> I think I was also successful in putting the IP behind the firewall temporarily...
<appellation> And Happy Thanksgiving, all.
<somerville32> What is the config file for the firewall?
<somerville32> ie. Where
<appellation> The LAN firewall is actually run via the control panel for a Belkin Wireless Router.
<appellation> Or, rather, it is configured via the control panel, not "run."
<somerville32> appellation, Are you talking to me?
<appellation> somerville32: yeah.
<somerville32> appellation, I'm pretty sure this ubuntu box isn't a Belkin Wireless Router.
<somerville32> :]
<appellation> somerville32: Ha ha. No. The Router has it's own firewall, while I can use to hide behind if the LAN gets compromised. Only one IP address on this LAN can be public, and I can disable that option via the control panel.
<somerville32> I was talking about me, not you :P
<somerville32> I want to know where the config file for the linux firewall is
<appellation> somerville32: The box is a converted iBook, connected to the router, which I'm hoping is fending off the nasties.
 * somerville32 blinks.
<appellation> somerville32: Gotcha. I'm...not sure.
<appellation> Searching...
<somerville32> The man in the middle attack might be because the ip address/domain name you're using is now connecting to another box
<zul> if you re-installed it then the ssh-key might have changed
<appellation> It appears this issue was dealt with on the forums a few weeks ago: http://ubuntuforums.org/showthread.php?p=3675239#post3675239
<appellation> zul: Possible, but I don't think I did.
<zul> well the keys arent matching up so thats why you are getting that error
<appellation> somerville32: Yeah, that occurred to me. It's just that I like to ask the chatrooms when these things come up. I don't really understand the nature of the attack, so I couldn't be sure whether I was covering my bases properly.
<appellation> zul: Yeah. I think it's going to be fine, but I wasn't clear on the procedure for handling it.
<somerville32> zul, Where is the text config file for the firewall?
<zul> somerville32: what firewall?
<somerville32> Isn't there a default one?
<zul> nothing to do with the firewall its the .ssh/known_hosts file get rid of the offending key and you should be ok
<somerville32> ...
<somerville32> Okay, I have a server with firestarter installed
<somerville32> It is blocking VNC at the moment (or I suspect) and I since it is I can't use the nice GUI
<somerville32> I'm looking for the file location of the text config file
<appellation> zul: Cleared the known_hosts on this computer, the one attempting to login to the server over the network. That's the file you're talking about, right?
<zul> yep
<centaur5> Is it possible to connect to the internet via pppoe during a text install?
<somerville32> How do I get vnc4server to run for the main display?
<spike> hi there
<spike> I'm looking at using ubuntu-server to build an AP. has anybody done anything like this before?
<spike> I've got a ralink card that can work in master mode and I've been looking at hostapd but I'm not sure how that fits in
#ubuntu-server 2007-11-23
<fujin_> somerville32: you don't.. use something like x11vnc
<nealmcb> Kamping_Kaiser: looks like gbindadmin is a bind gui admin tool....  of course it suffers from the many x11-on-the-server problems....
<kgoetz> looks like i just learned something then *heh*
<SeanConnery> Hi, is there any documentation on Jeos ?
<Burgundavia> in what sense?
<SeanConnery> Burgundavia, namely, besides providing less packages, how is it useful?
<kgoetz> SeanConnery: its been optomised to run in vmware
<SeanConnery> kgoetz, how?
<Burgundavia> it is a very stripped down version of Ubuntu, designed to build stuff on
<SeanConnery> right
<kgoetz> SeanConnery: i dont know.
<SeanConnery> makes sense
<kgoetz> but the kernel has been recompiled at least
<kgoetz> or thats th impression i got from the anouncements
<nealmcb> SeanConnery: more documentation is in progress
<SeanConnery> nealmcb, is there somewhere I can sign up to get more documentation when it is available?
<nealmcb> it will probably show up at help.ubuntu.com
<SeanConnery> I've been wanting something like this for a while actually
<nealmcb> some discussion is at http://ubuntuforums.org/showthread.php?t=549222&page=4
<nealmcb> including my notes on the very cool in-progress "ubuntu-jeos-builder"
<SeanConnery> nealmcb, sounds like what I've been wanting..
<kgoetz> nealmcb: whats it do?
<SeanConnery> so this ubuntu-jeos-builder lets you build the appliance, I assume
<nealmcb> there are notes on it at the server team wiki - meeting 2 days ago
<nealmcb> yup
<nealmcb> 90 seconds to build a custom vm and start it running (with the right build-time optimizations)
 * kgoetz will have to check his email
<SeanConnery> how can I keep informed of developments :D
<SeanConnery> not sure I can help besides feedback, but...
<nealmcb> join the ubuntu-server email list
<nealmcb> if there is interest we may have a dedicated email list in time
<nealmcb> what do you want to do with it?
<SeanConnery> make an appliance :-D
<nealmcb> web deployment?  local use?
<SeanConnery> its an application, not web
<nealmcb> kvm/qemu?  vmware?
<nealmcb> xen?
<SeanConnery> vmware likely
<SeanConnery> but if I can support xen, that would be good
 * nealmcb like kvm
 * nealmcb likes kvm
<nealmcb> very flexible.  you can snapshot moments in time efficiently and resume them later
<fujin_> OH MY?
<fujin_> AN IDEA STOLEN FROM VMWARE??
<nealmcb> I like free software also
<fujin_> I prefer working, expensive software
<kgoetz> fujin_: huh?
<nealmcb> :-)
<fujin_> kgoetz: </sarcasm>
<nealmcb> but the qemu part also supports so many different architectures
<nealmcb> of course there are lots of tradeoffs and different goals
<SeanConnery> lets not forget that vmware is currently the king in the virtualization space when it comes to market cap/mindshare
<SeanConnery> I hate firefox
<SeanConnery> so nealmcb is the jeos iso just an install CD or is it supposed to be a vmware image
<nealmcb> SeanConnery: it is an install cd for use in any sort of vm
<SeanConnery> ok
<SeanConnery> I'm installing it now
<nealmcb> but without unnecessary hardware support modules
<SeanConnery> I'm afraid
<nealmcb> note that IIRC scsi is not supported
<nealmcb> notes on that are in that forums thread I think
<SeanConnery> does it matter for a VM?
<nealmcb> sure - vmware provides virtual hardware, and the vm needs drivers to use it
<nealmcb> but the ubuntu-jeos-builder was much more flexible, fast and useful for me
<SeanConnery> where is this builder?
<SeanConnery> can I see it?
<nealmcb> see the links in that forums thread
<SeanConnery> ok
<SeanConnery> hmm
<SeanConnery> seems like VMware uses SCSI
<SeanConnery> oh nm, custom vm
<SeanConnery> my cats are in my socks... bastards
<nealmcb> I've heard that - haven't tried it - but I guess it can be changed
<SeanConnery> nealmcb, where do you live?
<nealmcb> boulder.  you?
<SeanConnery> vancouver
<SeanConnery> I was in Aspen this year
<SeanConnery> nice place
<SeanConnery> nealmcb, I see this link: https://code.launchpad.net/~nealmcb/ubuntu-jeos/nealmcb
<SeanConnery> Is that what you meant?
<nealmcb> yeah
<nealmcb> though actually the trunk branch is more up to date now
<nealmcb> and you can get the best code by just browsing that - it is just a single shell script
<SeanConnery> what the heck
<SeanConnery> its a shell script? thats awesome
<nealmcb> simple and powerful
<nealmcb> and still in development.....
<SeanConnery> don't turn it into a configure script! :-)
<nealmcb> a configure script?  for what?
<SeanConnery> you know, ./configure && make && sudo make install
<SeanConnery> the configure scripts are awful
<nealmcb> well, it has that sort of thing in as part of the packaging, but you shouldn't see that
<SeanConnery> ok, I'm gonna run this bad boy
<nealmcb> and so far it is just a single shell script, with some dependencies
<nealmcb> I really recommend the apt cacher in particular
<SeanConnery> http://ubuntuforums.org/showthread.php?p=3731057#post3731057
<SeanConnery> is that what you're using there?
<nealmcb> yup
<nealmcb> it depends on qemu, debootstrap, parted
<nealmcb> (qemu-img in particular)
<SeanConnery> nealmcb, so why does the script need to be run as root?
<nealmcb> good question.  I guess there are a few parts that need it
<SeanConnery> ah, looks like you mount something or the other
<nealmcb> I seem to recall some comments suggesting that may have been hoped to be unnecessary at some point but I forget
<SeanConnery> 21:29:39 Setting target vm to "vmw6"
<SeanConnery> 21:29:39 mkdir: cannot create directory `/home/sohail/src/jeos/ubuntu-jeos-gutsy-i386': File exists
<SeanConnery> 21:29:39 ./ubuntu-jeos-builder: 556: qemu-img: not found
<SeanConnery> 2
<SeanConnery> seems to require qemu even if I'm setting to vmware? /me debugs.
<SeanConnery> <nealmcb> it depends on qemu, debootstrap, parted
<SeanConnery> doh
<SeanConnery> man this is getting a lot of packages...
<nealmcb> SeanConnery: you mean during the building?  that is why apt-cacher is a huge help
<SeanConnery> nealmcb, are those going to be in the final image then?
<nealmcb> it is everything for a minimal install
<SeanConnery> alsa?
<nealmcb> yeah.  it is capable enough to add more packages, etc.  but I think stripping some of that out would make sense for many users
<nealmcb> and you can add arguments to do all that
<SeanConnery> I'd like to say ./ubuntu-jeos-builder --please-build-something-with-networking-and-I-can-login-k-thanx
<nealmcb> sounds like a nice contribution ;-)
<nealmcb> but I agree
<nealmcb> busybox comes to mind, but that would be a radical change
<SeanConnery> sure
<SeanConnery> nealmcb, I think mine failed. Can I paste you the log somewhere so perhaps you know what went wrong?
<nealmcb> sure
<nealmcb> I like dpaste.com
<nealmcb> did you use the trunk branch, or mine?
<SeanConnery> http://www.freefilehosting.net/download/MzkyMjc=
<SeanConnery> nealmcb, I used yours
<nealmcb> hmm - may have been some vmware problems in that one -
<nealmcb> https://code.edge.launchpad.net/~shawarma/ubuntu-jeos/trunk
<SeanConnery> ok, will try that one
<shortcakes> Hi, any idea why ubuntu 7.10 server install (sw raid tool) would not be able to delete existing raid1 devices from a previous suse install?
<shortcakes> it says they are busy, yet they are not mounted
<SeanConnery> hey nealmcb whats this launchjeos script you're using?
<nealmcb> ahh - it is a little hack for qemu - put all the necessary arguments to run qemu.  I guess vmware users would know how to use that vmware description file
<SeanConnery> oh
<SeanConnery> k
<SeanConnery> yes, I do
<nealmcb> but I was thinking it would be nice to be able to tell folks "just run this"
<nealmcb> for any vm system
<nealmcb> but I only know kvm/qemu myself, and only a bit at that....
<nealmcb> advice solicited.....
<SeanConnery> well I figure its up to the user
<nealmcb> soren is the main guy writing it....
<nealmcb> for qemu, you need to know which disk to configure with which image on the command line, and that is a pain without the script helping
<SeanConnery> ah
<SeanConnery> what is probably most user-proof is that the builder script generates the runner script, if possible
<nealmcb> right - that's why I added it
<SeanConnery> with vmware its just as simple as opening the vmx file
<SeanConnery> so, it can't be any more dum dum for me
<nealmcb> shortcakes: the raid gurus may be around more actively in the next 16 hours or so
<shortcakes> ok, ty
<CrummyGummy> Hi all, My server has just filled up with relay-bin files in /var/lib/mysql. This has happened since I moved to Gutsy. What changes were made this time?
 * CrummyGummy points to the last time when the same files were in /var/run....
<CrummyGummy> I'm lying, its the latest mysql upgrade in Feisty...
 * CrummyGummy reaches for more coffee.
<Burgundavia> hmm, openldap 2.4 has just been released
<avatar_> Burgundavia: package it for hardy
<Burgundavia> avatar_: yep, that is going to happen
<avatar_> does it have big advantages over 2.3. ?
<Burgundavia> from what I understand, yes
<avatar_> OpenLDAP 2.4 Change Log
<avatar_> OpenLDAP 2.4.6 Release (10/31) Initial release for "general use"
<avatar_> hmm, the announcement has more information
<kraut> moin
<roving_prole> hello all, is there a utility on US similar to authconfig on RHEL?
<roving_prole> also, what's a good book for Ubuntu server administration?
<roving_prole> I come from RHEL
<DM|> omg hai guyz
<DM|> :P
<DM|> brb
<ivoks> what does authconfig do?
<roving_prole> it's an ncurses util to set up LDAP and Kerberos auth
<roving_prole> all auth, actually
<ivoks> there is auth-client-config
<ivoks> it's not ncurses
<roving_prole> ah, that sounds promising
<ivoks> apt-cache show auth-client-config
<roving_prole> Couldn't find it...
<ivoks> what version of ubuntu is that?
<roving_prole> not sure... how do I determine?
<ivoks> lsb_release -r
<ivoks> like on any other linux distribution
<roving_prole> I always use redhat-version on RHEL, sorry
<roving_prole> it's 7.04
<ivoks> oh.. this tool is in newer version of ubuntu
<roving_prole> ah, ok
<roving_prole> thanks then.  I'll just find and edit all the config files manually, no big deal
<roving_prole> is the Official Ubuntu book good for server stuff?
<ivoks> you are setting up a client or a server?
<roving_prole> a good resource, rather
<roving_prole> server
<ivoks> official book is mostly for a desktop, iirc
<roving_prole> but I have another ubuntu server I was going to set up as a client
<ivoks> we are planing some improvments on that area for 8.04
<ivoks> we'll see if we could implement all planed :)
<roving_prole> yeah, lots to do, I'm sure
<roving_prole> you just get used to one distro, and the transition is bumpy sometimes
<ivoks> problaby bigest change from redhat is 'no /etc/sysconfig' :)
<roving_prole> oh yeah, I've noticed that... now I remember why I was looking for authconfig... there's a file that's updated by authconfig in /etc/sysconfig that tells the system to check kerberos first and then use shadow passwd
<roving_prole> I don't remember the file, but that's what I was looking for on Ubuntu
<ivoks> well, configuration of tools is the same
<ivoks> i've used debian for a long long time
<ivoks> and then went to RHCE exam...
<ivoks> scored 100% :)
<roving_prole> ha,nice
<mathiaz> roving_prole: The Ubuntu Server Guide is a good ressource for starters
<mathiaz> roving_prole: https://help.ubuntu.com/7.04/server/C/ for the version for Feisty (7.04)
<ivoks> mathiaz: hi
<mathiaz> hi ivoks :)
<ivoks> i wanted to ask you something, but now i don't recall what :)
<mathiaz> ivoks: well. I can give an answer then.... 42
<ivoks> :)
<ivoks> yeah...
<ivoks> my plan for email stuff is like this:
<ivoks> install dovecot, and in .postinst check if there is postconf from postfix
<ivoks> if there is, check sasl setting, and if there is none, run postconf to set dovecot
<ivoks> then copy /usr/share/dovecot/dovecot-sasl.conf to /etc/dovecot/dovecot.conf
<ivoks> do you see any problems with that?
<mathiaz> ivoks: hum... how can you be sure that postfix will be installed before dovecot ?
<mathiaz> ivoks: does postconf work if postfix is not running ?
<ivoks> that was the question i wanted to ask you :)
<ivoks> we can pre-depend on postfix...
<ivoks> btw, postconf works while postfix is offline
<mathiaz> ivoks: ok. that's great then (postconf works while postfix is offline)
<mathiaz> ivoks: I'm not sure pre-depends works (I have to look into that)
<ivoks> it does... i used it one year ago
<mathiaz> ivoks: would this break the case where dovecot is installed withouth postfix ?
<ivoks> mathiaz: it could pre depend on postfix | mta?
<ivoks> is there usecase where there is imap/pop service and isn't smtp?
<mathiaz> ivoks: running a cluster of servers serving from an nfs mail spool.
<ivoks> right...
<mathiaz> ivoks: dovecot doesn't depend on an mta now. I don't think it would be well accepted to add that dependency.
<ivoks> ok...
<ivoks> and meta package is not an option?
<mathiaz> ivoks: well - that would be my suggestion.
<mathiaz> ivoks: I'd actually see this in the mail-server tasksel
<ivoks> as a tasksel postinst?
<mathiaz> ivoks: I think the postinst script from the task would be a great place to handle that sort of configuration
<ivoks> right... it's easy for postfix, but we chould do some thing else for dovecot
<maeth> hi, i have to internet connections on my place, i heard that i can do load balancing with a dual wan router, but is there a way to do it with my ubuntu server? , got the 7.04 release
<maeth> sorry two internet connection :P
<maeth> s
<maeth> got 3 ethernet cards, got DHCP3 and internet sharing via firestarter
<ivoks> mathiaz: i think i have a solution for dovecot too...
<mathiaz> ivoks: shoot !
<ivoks> mathiaz: /usr/share/dovecot already has some predefined profiles
<ivoks> mathiaz: for ldap and sql
<ivoks> mathiaz: i'll check what's that all about and integrate sasl.conf into dovecot
<mathiaz> ivoks: is there a how-to/tutorial on what needs to be done ? I'm still confused about what needs to be done exactly.
<ivoks> postdfix needs two lines
<ivoks> dovecot needs more editing since we have to tell it to place auth socket into postfix chroot
<nealmcb> maeth: do you have your own AS?  or do you just want to bind two channels to the same ISP?
<ivoks> and enable it
<ivoks> iirc, 3-4 line changes
<ivoks> in dovecot.conf
<maeth> nealmcb, AS? , ive got two internet cable modems connection, 2 fisical modems...
<nealmcb> do they go to totally separate ISPs?
<nealmcb> different cable companies?
<maeth> nealmcb nop, the same company , but separted bandwith and diferent ips
<nealmcb> as = autonomous system.  if you want to use two different connections, you end up with much much more complicated routing
<nealmcb> and I bet that is true for two connections to the same cable company, but I'm not sure
<maeth> nealmcb, k , but it seems this is not the case? :D
<nealmcb> you'd have to ask the cable company....
<maeth> arrr... :S k...
<nealmcb> or that is my intuition....
<maeth> its easier get a dual wan router isnt?
<nealmcb> do they typically use T1 lines?
<nealmcb> I suspect that in any case you need to work it out with the folks at the other end (cable company)
<maeth> nealmcb, k ... thnx anyway ^_^!
<DM|> So ... dumb question
<DM|> what is a LAMP server?
<ivoks> linux apache mysql php
<DM|> ah i see
<DM|> For an example, what could i use it for?
<ivoks> nothing if you don't know what it is
<DM|> lol yes, im breaking into the server world
<mathiaz> !lamp
<ubotu> LAMP is an acronym for Linux-Apache-MySQL-PHP. However, the term is often used for setups using alternative but different software, such as Perl or Python instead of PHP, and Postgres instead of MySQL. For help with setting up LAMP on Ubuntu, see  https://help.ubuntu.com/community/ApacheMySQLPHP - See also the Server CD installation process (different in Edgy+)
<ivoks> you could use it to create new google :)
<DM|> lol been a long time, whats the command to add a sudo password
<DM|> in server
<DM|> so... how do i shut down ubuntu-server
<DM|> command line
<lamont> postconf doesn't work before postfix is configured (postfix's postinst must run before postconf works
<lamont> mathiaz: ivoks: ^^
<mathiaz> lamont: hum.. Thanks.
<lamont> once it's been configured once, then things tend to be golden
<phaidros> DM|: halt or shutdown -h now
<DM|> says i need root privs
<DM|> when i Sudo it tells me mail error and that im not part of sudoers
<Centaur5> DM|: add yourself to the admin group
<DM|> command line, how would i do that
<Centaur5> DM|: usermod -a -G admin user-name
<DM|> thanks
<Centaur5> no prob
<Centaur5> Could anybody tell me the best way to have 2 eth cards on the same server offer DHCP?  Is there a way to bind interfaces to the DHCP server?
<lamont> Centaur5: see /etc/default/dhcp or so
<lamont>   /etc/default/dhcp3-server  even
<lamont> and then man dhcpd.conf
<Centaur5> That's great, I didn't know about that file.  :)
<lamont> generally, I look at /etc/default/$package, and then /etc/init.d/$package to see what's going on
<h4x0r7h1s> hey, I'
<Centaur5> Yeah, I already have the server DHCP running I've just never setup 2 NIC's to offer them.
<Centaur5> Thanks lamont, that was easy.  :)
<h4x0r7h1s> hey, I'm trying to get Apache mod_jk to hook up to tomcat on a remote host but I'm always getting the error "jk_handler::mod_jk.c (1986): Could not find a worker for worker name=tomcat"
<h4x0r7h1s> this happens usually because worker.list doesn't contain that worker name
<h4x0r7h1s> it does now.
<h4x0r7h1s> the config works on another server, which has apache and tomcat; this server has apache only, pointing to that server's tomcat on 8009 (ajp 1.3 connector) ...?
<h4x0r7h1s> all the docs I'm finding keep talking about a local tomcat install but I don't want that.
<Centaur5> Is it possible to have a mail server with a host name mail.domain.com also be a dns server for a local network for domain.bogus?
<Nafallo> yes?
<Nafallo> why wouldn't it?
<Centaur5> I guess I just don't know how to assign 2 hostnames to a machine.  Just keep adding to /etc/hosts?
#ubuntu-server 2007-11-24
<osmosis> can anyone tell me how to disable the udev feature that renames my eth devices when the mac changes?
<Kamping_Kaiser> osmosis, i dont think you can. you can just remove the record of macs
<osmosis> Kamping_Kaiser: yah, thats what everyone else has been saying too.
<c1|freaky> does someone know of a web addressbook?
<Jaac> Hmm, could i install webmin and ispconfig at the same time?
<Jaac> Does it work together?
<Kamping_Kaiser> dont use webmin on an ubuntu system
<Jaac> Ok good info? Do you perhaps know why?
<Kamping_Kaiser> !webmin
<ubotu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system
<Kamping_Kaiser> i thought the bot had a link :(
<Jaac> Well the text is pretty clear, though webmin, for me, as starting linux user is an easy way of administrating the server
<Jaac> ISPconfig si good, but it just doesnt cover everything i want to administter
<Kamping_Kaiser> dont know anything about ispconfig, sorry
<Jaac> Ok nps, thanks for your help though :)
<Kamping_Kaiser> next ubuntu will include something called ebox. not sure if its in this release
<Jaac> Ok
<Jaac> Maybe a stupid question, but is there a GUI that runs through putty as in ssh?
<Kamping_Kaiser> anything that can be forwarded over SSH
<Kamping_Kaiser> ssh server needs x11 forwarding enabled, the client needs to request it, and the app has to be happy to run over it
<Jaac> Hmm, so any GUI, like KDE and GNome works? or is there on specific one that works over ssh?
<Jaac> I mean though, do they work directly, or do they need another app, like vnc to be adminsterred remotely
<Kamping_Kaiser> you would forward individual applications, not the whole UI
<Jaac> ah k
<Kamping_Kaiser> whole UI you'd use soem sort of VNC
<Jaac> Did you use AWstats for site statistics sometime? All went well, exept the generating of stats, even after running the cron job myself...
<Kamping_Kaiser> no i havent.
<Jaac> Ok, fast R/T there though :)
<Kamping_Kaiser> :)
<ScottK> Jaac: You might look into ebox.  I've not used it, but I know it's planned for Hardy as the webmin like (but works) way of administering an Ubuntu server.
<dthacker> webmin is evil
<ScottK> dthacker: We've established that.
<svschwartz> hi all
<svschwartz> anybody know tools for creating drive images ?
<nealmcb> sommer: which version is http://doc.ubuntu.com/ubuntu/serverguide/C/index.html   and is the gutsy server guide up?  I don't see it in https://help.ubuntu.com/7.10/ ?   ahh - you have to look in "Advanced Topics" - seems unfortunate
<Jaac> Thanks ScottK, i looked into it this afternoon, but im not yet sure if its stable enough to use on 7.10 gutsy, but ill surely look again, it seems as the best alternative at the moment.
<ScottK> That's the conclusion soren came to when he looked in at the alternatives.
<ScottK> The only reason it's not in Gutsy was lack of time to get it packaged.
<Jaac> Hmmm, i shoudl take a look into the default repository's then :)
 * ScottK knows nothing about it specifically, just that it's the one Ubuntu intends to package.
<ScottK> My preferred server management tool is vim.
<Jaac> Hehe, good though, but im just not familiar enough with finding all the conf and log files
<ScottK> Something like ebox is fine, IMO, for getting started, but you should set yourself a goal of understanding things well enough not to need it even if you choose to use it.
<bardyr> Hey, does the ubuntu 7.10 server support VIA x86 cpu's ?
<bardyr> and what is the difference between Jeos and the server edition?, my target machine is a 200mhz, 128mb ram box so what would be best?
<nealmcb> ScottK: yeah - I wonder if ebox could tell you what it has done, or preserve diffs somewhere or even use source control on /etc....
<nealmcb> bardyr: jeos is not for real hardware - just for virtual machines - stripped-down kernel
<bardyr> nealmcb, so there is only support for the virtual hardware that VMware, Virtualbox, etc uses?
<nealmcb> bardyr: yeah - just drivers for the basics
<bardyr> thats smart
<bardyr> did the 7.10 server support VIA x86 CPU's i have tried with the 7.04 server edition but it complains about there is not a matching kernel
<eghjaytee> does anyone in here have any insight with using GFS with ubuntu server 6.06?
#ubuntu-server 2007-11-25
* nealmcb changed the topic of #ubuntu-server to: Ubuntu Server discussion and support || For general (not server specific) support visit #ubuntu || Seriously good guide to asking questions on IRC: http://www.sabi.co.uk/Notes/linuxHelpAsk.html ||  Be patient - the right person to answer your question may not be available now, but it is best to just ask your specific question including relevant information || server guide: https://help.ubuntu.com/7.10/server/C/ || https://wiki.ubuntu.com/Server
* nealmcb changed the topic of #ubuntu-server to: Ubuntu Server discussion and support || For general (not server specific) support visit #ubuntu || Seriously good guide to asking questions on IRC: http://www.sabi.co.uk/Notes/linuxHelpAsk.html ||  Be patient - the right person to answer your question may not be available now, but it's best to just ask your specific question including relevant information || server guide: https://help.ubuntu.com/7.10/server/C/ || https://wiki.ubuntu.com/ServerT
* nealmcb changed the topic of #ubuntu-server to: Ubuntu Server discussion and support || For general (not server specific) support visit #ubuntu || Seriously good guide to asking questions on IRC: http://www.sabi.co.uk/Notes/linuxHelpAsk.html ||  Be patient.  It's best to just ask your specific question including relevant information || server guide: https://help.ubuntu.com/7.10/server/C/ || https://wiki.ubuntu.com/ServerTeam
<bardyr> Hey, im in the process of installing Ubuntu server 7.10, it didnt find a kernel matching my CPU, its a VIA x86 so im installing it without a kernel, how can i install a kernel when its install or under the install process?
<Kamping_Kaiser> ... without a kernel?
<somerville32> ...
<bardyr> the box was running debian etch so a default kernel should work
<Fujitsu> ...
<bardyr> Kamping_Kaiser, yea, if the install program does not find a kernel matching something it does not install a kernel
<Kamping_Kaiser> oooookay.
<somerville32> You need the kernel to boot.
<bardyr> i know
<bardyr> so i was thinking if i could enter a shell and install it afterwards
<bardyr> from the cd
<Fujitsu> What did you do to convince it to let you install without a kernel?
<bardyr> Fujitsu, just selected yes
<bardyr> i also got a CPU vendor unkown error when the cd bootet
<bardyr> but it is a VIA CPU in a Vortex86 mini box
<bardyr> it will be funny to see what my boot options are going to be :D
<bardyr> hmm it seems like neither LILO or GRUB will install without a kernel
<Kamping_Kaiser> funny that
<somerville32> <g>
<bardyr> how can i install a package in the cd shell?
 * nealmcb watches intently, hoping to see a rabbit pulled out of a hat
 * somerville32 pats bardyr on the head... with a shovel.
<bardyr> somerville32, hmm chroot is enough
<bardyr> i love linux shells
<bardyr> victory :D
<bardyr> cd -> shell -> chroot -> bash -> apt-get install linux-image-generic
<bardyr> its probaly the wrong kernel for my single core CPU but it is a kernel
<bardyr> when i did chroot /target how can i chroot back to / ?
<Kamping_Kaiser> ^D
<Kamping_Kaiser> aka, exit the chroot
<bardyr> thanks :)
<Kamping_Kaiser> np
<bardyr> w00t, got a kernel and grub loaded :D
<nealmcb> booted?
<bardyr> yep
<bardyr> doing a boot now, its a slow 200mhz box
<bardyr> hmm what will be the best kernel for this CPU http://pastebin.com/m7b26e609
<bardyr> whats the difference between linux-image-generic and -368 ?
<somerville32> They used to have optimized kernels
<somerville32> but no longer
<Centaur5> If apache was configured to use ssl to serve a cgi script why would firefox pop up a download window for that cgi script rather than run it?
<Kamping_Kaiser> is apache configured handle cgi scripts?
<Kamping_Kaiser> whatever the scripts extention is specifically too?
<Centaur5> Oh, is that another module that should be enabled?
<Centaur5> I've just followed 5 different howtos and hope I'm almost to the end.  :)
<Centaur5> yes, the scriptalias line is in the virtual site file that points to /usr/lib/cgi-bin
<Kamping_Kaiser> you'll need to make sure mod-cgi is loaded. i'm not much use with cgi apart from rough suggestions ;\
<Kamping_Kaiser> i'd advise #apache for better help
<Centaur5> Alright, thanks for the point in the right direction.
<Kamping_Kaiser> good luck
<Centaur5> I'm looking to see if I'm supposed to have a certain login.html file or something else in /var/www
<Kamping_Kaiser> what are you trying to setup?
<Centaur5> chillispot
<Centaur5> Everybody's howtos are different and I'm trying to piece together what exactly I need to do.
<Kamping_Kaiser> the authentication system? *twitch*
<Centaur5> dd-wrt+freeradius+chillispot
<Centaur5> +mysql
<Kamping_Kaiser> *more twitch*
<Centaur5> haha
<Centaur5> I want a more secure wireless signal without the lower throughput because of wpa.
 * Kamping_Kaiser lives in a faraday cage
<Kamping_Kaiser> not as such, but the walls work like that :)
<Centaur5> that works too
<Centaur5> painted the walls with that paint that blocks wireless?
<Kamping_Kaiser> lots of corregated iron.
<Kamping_Kaiser> not sure my walls are structurely sound enough for that paint - 1kg m2 or something :|
<Centaur5> well also by logging to chillispot that won't be stored in somebody's keyring so that computer can't get back on the wireless unless the right user is on it.
<Centaur5> anyway, this is taking much longer than expected.  I better get back to the battle.
<Kamping_Kaiser> gl
<ivoks> you know what we should implement by default?
<ivoks> a fail-safe grub :)
<Nafallo> cluefull admins? ;-)
<ivoks> :)
<hans> Hey, how can i get the server to connect to a wireless network at boot?
<ivoks> heh
<ivoks> now, where are all those people claiming that there's not place for wireless tools on servers :)
<ivoks> hans: you have to edit and set up /etc/network/interfaces
<hans> ivoks: yea just found out about "wireless-mode", "wireless-network", etc
<hans> and it should work now, rebooting :)
<ivoks> there are examples in /usr/share/doc/ifupdown/examples/network-interfaces.gz
<spiekey> hi
<spiekey> whats that timestamp in the syslog?
<spiekey> is it a timestamp?
<spiekey> oh, sorry! I meant dmesg not syslog
<spiekey> [42959878.420000] Foo...
<Nafallo> how was it you could install a task from the command prompt again?
<Nafallo> I'm pretty sure there is something to prefix tasks with to make them aptitude installable
<bardyr> tasks?
<soren> Nafallo: apt-get install taskname^
<Nafallo> soren: aye. figure it out after a while. thought the $CHAR was supposed to be in the beginning first :-)
<soren> Nafallo: Nope :)
<Nafallo> soren: yes, I did.
<Nafallo> soren: :-P
<soren> Nafallo: How did you find out? It's not in the apt-get man page. Odd.
<Nafallo> soren: tasksel uses apt-get :-)
<soren> Nafallo: Indeed it does :)
<Nafallo> :-P
<Nafallo> should be in the man though :-P
<soren> Quite.
<Nafallo> or at least the changelog
<Jaac> Hmm, what could: [140018.890000] Failure registering capabilities with primary security module.
<Jaac> Refer too?
<Jaac> Its from dmesg
<sommer> nealmcb: how's it going?
<sommer> nealmcb: there was some discussion at UDS and afterwords on the doc ML about moving the Server Docs into their own area/package
<sommer> nealmcb: I'm not sure the end result of the discussion, but I believe the Doc Team wanted some solid reasons to make the move.
<sommer> nealmcb: the way things are configured now, the server docs build for each *buntu flavor without having to add extra commands
<nealmcb> sommer: thanks.  I've gotten the bzr branch out and have sketched out an idea for mail.xml.  but I still don't know which version the main google result ( http://doc.ubuntu.com/ubuntu/serverguide/C/index.html   ) actually is....
<sommer> nealmcb: that's actually a very dated version
<nealmcb> yeah - seemed like it....
<nealmcb> very dated, and undated....
<sommer> the "server guide" has been deprecated in favor of integrating the server docs under the Advanced topics section
<hatter> where do i find the buglist for 7.10 server ?
<sommer> hatter: do you mean the 7.10 docs?
<sommer> nealmcb: I also have another patch adding a "Mail Filtering" section to mail.xml... currently being reviewed by lamont and ScottK
<hatter> sommer, i found one naughty bug in 7.10 and have another networking problem with two 7.10 servers that i cant track down, i want to see if others have the problem
<hatter> it appears i made the mistake of deploying 7.10 too early...
<fujin_> heh.
<nealmcb> sommer: my main goal right now is to figure out what I need to do to get my postfix-using-a-smarthost config to do smtp-auth to the smarthost.  and the mail.xml section doesn't distinguish between postfix working as a server, and postfix working as a client
<fujin_> We're still in 7.04 as core here.
<sommer> hatter: https://bugs.launchpad.net/ubuntu/
<soren> hatter: What's the "naugty bug"?
<soren> naughty, even.
<sommer> nealmcb: sounds like a great addition, another idea would be to create a wiki article first (I don't think there is one covering that)
<sommer> nealmcb: then translate the aritcle into DocBook... at least that's the approach I've started doing
<hatter> soren, if a nic is changed, udev remembers the old nic and keeps the driver for it, which then tells you the new nic cant be used, until you go and delete the nics address from 70-persistent-net-rules
<sommer> with a wiki article you can also include instructions for past releases as well
<hatter> the other bug is worse, though i havent found where to point the finger yet,  after a short period of time the network lags for up to a minute then comes good again
<soren> hatter: Where does it tell you this?
<fujin_> hatter: I thought that was an /etc/iftab issue, not udev
<hatter> soren, when you put a different brand nic in the same pci slot,
<soren> fujin_: We ditched iftab back in feisty. Quit living in the past :)
<soren> hatter: Not when. Where?
<fujin_> I'm living in Feisty, because it works.
<fujin_> xD ;)
<hatter> fujin_, i am thinking udev because its a problem with the 70-persistent-net rules
<fujin_> cool
<fujin_> Haven't completed my test-phase of Gutsy. Probably won't roll it out till at least next year.
<soren> hatter: I still haven't seen what the problem is. Could you add a bit of detail?
<hatter> soren, after you replace the nic, then try to install the driver module you get the error as if installing the wrong driver
<hatter> 5 or 6 lines that say the nic cant be found or module cant be loaded something similar (from memory)
<hatter> but then after you manually delete the old nics details from 70-net-persistent-rules it works
<nealmcb> lamont: any chance the postfix dpkg-reconfigure could step up to the task of letting folks configure postfix with a smarthost that requires a password?  are other packages involved?  how might that work?
<soren> hatter: I really need more info than that to have even the slightest chance to look into it :)
<kshah> I'm installing RoR on Ubuntu 7 Server, on "sudo gem install rails -y" an error is returned "SSL is not install on this system", why is SSL a requirement?
<hatter> soren, it is easy to duplicate, just change nics
<soren> hatter: No.
<hatter> soren, what more info could i provide you >
<hatter> ?
<soren> hatter: You could show me the actual error message you get.
<soren> hatter: I've changed nics several dozen times. it works ifne.
<hatter> ok, i have the box here,  i will do it and let you know shorty
<soren> hatter: Please don't think that we accidentally put that stuff into persistent-net-rules.
<soren> hatter: It's quite on purpose.
<sommer> nealmcb: are you looking for configuration steps, or do you already have them and are looking to document them?
<hatter> soren, i understand,  i know its purpose, but currently its not allowing a nic change
<soren> kshah: That's really a question for the ruby developers.
<soren> kshah: You're using gem, which fetches all sorts of stuff that's not from Ubuntu.
<kshah> k
<soren> hatter: Yes, it does.
<soren> hatter: I have done this many times.
<nealmcb> sommer: the former.  I've seen other web pages about it, but am wondering how they relate to ubuntu, and the server guide left me wondering if it was addressing my use-case  (unlikely) or not
<sommer> nealmcb: gotcha, ya it probably doesn't... the current thinking about the guide is to document the most common configuration
<sommer> nealmcb: if you think it needs to be documented I'm up for it
<sommer> or if you have a patch just submit it to the doc list, and I'll review it
<nealmcb> sommer: I thought a smarthost config was pretty common, but I guess in most cases they don't require any auth.  but on my laptop I want to use fastmail as my smarthost,  rather than my cable company, and fastmail (of course) requires auth for relay
<nealmcb> sommer: great.  I'll try to get the facts and steps straight first - thus my query to lamont :-)
<sommer> mmmmm... ya a wiki article may be more appropriate, but it would probably be a good idea include something about smarthosts in the main docs
<hatter> soren, i have replicated the problem
<sommer> nealmcb: cool, just let me know if I can help
<nealmcb> but just for fun I'll send you my little bundle with all its warts and incompletions now
<nealmcb> (my first doc patch) :-)
<sommer> nealmcb: party!
<nealmcb> :-)
<soren> hatter: I need all the info I can get. syslog, dmesg, pci ids of nics..
<soren> hatter: ..which driver they're using.. Everything, really.
<hatter> scenario :  one intel nic.  70-persistent-net-rules shows PCI device (e100). intel card removed. realtek card installed. 70-persistent-net-rules shows PCI device (e100)  with ETH0,  and new detected 9139too) as eth1
<hatter> '8139'
<hatter> make sense ?
<soren> Yes. What's the problem?
<hatter> there is now only one nic.  the system detects it and allocates it as eth1
<soren> Er... That's on purpose.
<soren> Once a name as been assigned to a nic, it keeps it.
<soren> Trust me.. the alternative is worse.
<hatter> so if a nic is removed,  the system decides the removed nic still belongs to eth0  ?
<soren> Yes.
<hatter> seriousy ?
<soren> Yes.
<soren> This is a good thing.
<hatter> how is this a good thing ?
<soren> How is it bad.
<soren> ?
<soren> It's good because your interface names don't change all the time.
<hatter> because if you change nics you have to go into 70-persistent-rules and remove the old one.
<soren> Why?
<hatter> and if you dont know about this, you waste a few hours trying to find out
<soren> No.
<soren> You waste time, because my make false and useless assumptions.
<soren> Say you've got 4 nics.
<soren> you remove eth0.
<soren> What should happen?
<hatter> reference to the old nic should be removed, allowing new nic to get eth0
<soren> Why?
<hatter> if old nic is not there anymore, why should it want eth0 ?
<soren> Why should the new one want eth0?
<hatter> shorewall for instance references nics by eth(?)
<soren> Yes.
<soren> Look..
<soren> NIC's can be connected to a variety of different busses.
<hatter> i must be missing something.  if i remove a nic from a machine, you are saying i should then want my new nic to be eth1 ?
<soren> Several of them support hotplugging.
<soren> At which point should we allow a given nic name to be reused?
<soren> What if 5 seconds after that timeout it detects my old eth0?
<hatter> of course.  if a nic is removed, why should there be reference to a something that isnt there ?
<soren> hatter: Why not?
<soren> hatter: It might show up in a few seconds?
<soren> hatter: And if not, why does it matter that your only nic is called eth1?
<hatter> because of shorewall for one reason
<soren> Heck, I know some people who would probably prefer them to be 1-indexed, but let's not get into that.
<soren> hatter: So because shorewall is broken, we should break it for everyone else?
<soren> hatter: Or should we fix shorewall?
<soren> hmm....
<hatter> so its not reasonable to say the only nic in a system gets eth0 ?
<hatter> i am still missing something.  why would you want something not in your machine to still be referenced ?
<soren> If you install a new system with just one nic, it'll get eth0. If you plug in a new one, it gets eth1. If you remove the first one, the second one keeps eth1.
<soren> if you plug in a third one, it gets eth2. What's the logic in the third added nic gets eth0?
<Centaur5> Sorry to break into this but I recently had to mess with changing a NIC.  If you edit that 70-persistent file and make the new nic manually the same device as the old one won't shorewall just work?
<hatter> sure, and if you remove the first, the second one gets eth1 also
<soren> hatter: Because it might show up again!
<hatter> Centaur5, yes, this is what i am saying
<Centaur5> hatter: I didn't test the server before I left but I just assumed it would just work.  I didn't hear from them so I guess it did.  :)
<soren> hatter: If shorewall can't deal with not having an eth0, shorewall is broken.
<soren> That's no reason for us to break everything else.
<hatter> Centaur5, i am not seeing why the default behaviour is to alocate the next eth() instead of removing reference to a device that isnt there
<soren> hatter: You're not listening.
<soren> hatter: Answer this:
<soren> hatter: When should we free eth0?
<hatter> eth0 should be freed if there are no nics.
<soren> And how do you determine that?
<hatter> or if a nics mac address is changed
<Centaur5> Well windows does the same thing.  If you add a nic then it creates local area connection 1 or higher and if the old one was removed you just don't see regular local area connection anymore.
<soren> hatter: NO!!!!
<soren> hatter: How do you tell if it's the same nic if it's changed its mac?
<soren> hatter: Hwo do you determine if a nic has been removed?
<hatter> but when a new nic is added its detected
<soren> hatter: You might think it's a stupid question, but please answer anyway.
<hatter> probing the pci location i expect
<soren> What if they just haven't been detected yet?
<soren> No.
<soren> You can move nics around in your machine.
<soren> There are also other buses than pci.
<Centaur5> It would have to store information about the card and check it against every slot?
<soren> hatter: Seriously: If you moved two nics around, would you expect them to switch names?
<hatter> soren, i expect the first nic is eth0, or if two are put in, the first device detected is eth0
<soren> hatter: That's the way it is.
<hatter> then if one is removed, the detection happens again, and the first one gets eth0
<soren> hatter: What if the first one is still there, buthasn't been detected yet?
<hatter> isnt the detection happeing anyway ?
<soren> hatter: Have you heard of usb nics?
<hatter> when is nic not detected ?
<soren> hatter: Have you heard of hotpluggable pci?
<soren> hatter: Stuff takes time.
<hatter> soren, no, i havent heard of it
<soren> hatter: Which one?
<hatter> hotpluggable
<hatter> pci
<soren> hatter: hotpluggable pci? It's quite common in mid- to high end servers.
<soren> hatter: surely you're familiar with usb?
<hatter> yes
<hatter> is usb referred to as hotpluggable pci ?
<soren> hatter: So... don't you find it reassuring that a usb nic keeps its name between plugins?
<soren> hatter: No. USB supports hot plugging. So does PCI if you've got the hardware to support it.
<fujin_> ugh
<fujin_> that's cringeworthy
<soren> What is?
<fujin_> hotplug pci, I don't think I'm that brave.
<fujin_> even on servers that support it I don't do it.
<soren> fujin_: I'm not talking about yanking crap out of your home pc. I'm talking about hardware that was meant to do this.
<soren> fujin_: Bah.
<fujin_> I'm not a retard, this is #ubuntu-server
<fujin_> You wouldn't catch me dead running Ubuntu on my home PC, either.
<fujin_> fwiw
<soren> meh
<somerville32> :S
<soren> hatter: So... When should the name be recycled?
<hatter> soren, ok. so the usb example has me thinking.
<soren> hatter: We could for instance wait a minute from when we've started detecting for nics..
<soren> hatter: If it hasn't show up yet, recycle the name.
<soren> hatter: ...but that would mean that the newly added nic can't get a name until after a minute has passed.
<hatter> isnt there some uniquie identifying sequence ?
<soren> hatter: No.
<soren> hatter: Well, there could be, but we really don't want to do that.
<soren> Besides:
<soren> There's *no* point.
<soren> Who gains anything at all from recycling interface names?
<hatter> but if a nic is detected,  then the it is identified for the correct module to be put in
<soren> hatter: Huh?
<hatter> when a nic is installed in a new system, it is detected and the correct module loaded to suit it. (hopefully)
<soren> fujin_: btw.. #ubuntu-server has seen its share of retards. :) check the logs. :)
<soren> hatter: Yes.
<soren> hatter: And?
<fujin_> ergh
<fujin_> sorry :)
<soren> fujin_: If only calling it #ubuntu-server would scare them away.. /me looks to the skies
<soren> :)
<hatter> so if a nic in inserted and its not the same one, and its the only one detected,  why not remove reference to the old one
<fujin_> If only.
 * somerville32 pokes soren with a stick.
<Centaur5> hatter: I know people that have universal docking stations for laptops that link USB ethernet, audio, and such through one port.  I could see that being a problem if the eth name kept changing everytime they went home.
<hatter> Centaur5, and each time it is plugged in to the same device, in which case the reference should stay there
<soren> hatter: There could be many reasons: a) it might be here, just not detected yet (again: how long should we wait, and what should we do about the new nic until then?) or b) it might show up the next time (docking stations are a good example).
<soren> hatter: You're trying to fix a problem that doesn't exist.
<soren> hatter: There is *no* reason why we should recycle those names.
<hatter> soren, Centaur5, ok, I will give these things some good thought.
<Centaur5> hatter: Actually one of the most popular problems people complain about is when they keep taking their laptop home and plugging their printer in and all the sudden they can't print cause the default goes to usb1 with they plugged it into usb2 and it created a copy printer.
<soren> hatter: I honestly wouldn't bother.
<soren> hatter: Unless.
<soren> hatter: If you can give me just *one* use case where it would be useful to have those names recycled.
<soren> hatter: If not, you're trying to solve a problem that does not exist and that's really a waste of time.
<somerville32> (by definition)
<Centaur5> I haven't tried it but has Gutsy fixed the problem of plugging printers into different ports and the jobs not being sent to the right one?
<soren> :)
<soren> Centaur5: Depends on the printer, I think.
<soren> Centaur5: For some, the connection is defined using the serial number of the printer in which case everything works fine.
<Centaur5> I'll have to test that out cause that confuses the crap out of people.  :)
<soren> Centaur5: In other situations this sort of things break *for* *exactly* the same reasons as interface naming.
<hatter> soren, no point wasting time. this is the first time i have experienced this with a distro and it took me little while to realise why the nic wasnt working.
<soren> hatter: IMO *everyone* ought to be doing it our way. :)
<soren> hatter: The world is a better place this way.
<hatter> soren, so this a ubuntu specific concept ?
<soren> hatter: Not sure.
<soren> hatter: I don't think so, though.
<hatter> i dont think it does it on etch
<hatter> but i would have to check to be sure
<Centaur5> unlikely, the machine I had to do it with a month ago was using Debian Etch.
<soren> We get it from udev upstream.
<soren> I don't know if Debian use it, too.
<Centaur5> Since I don't know anything about shorewall I had to quickly google how to make the new NIC use the old eth3 name.
<fujin_> apt-get remove shorewall && profit
<soren> We had a similar problem with mrtg.
<soren> Er.. no.
<fujin_> apt-get remove mrtg && apt-get install cricket
<fujin_> &&profit && done
<soren> That was differnt. I'm confused.
<fujin_> ugh
<fujin_> mrtg makes me cry
<hatter> i still have another issue that is plaguing me that is hard to communicate.  on 2x 7.10 servers with different hardware, the samba share is slowing down to a crawl every little while for a minute or so. what these 2x boxes have in common is : 7.10, vmware-server, hardware is completely different
<hatter> i like shorewall, why dont you like it ?
<fujin_> Because I know how to iptables.
<hatter> fujin_, good reason.  i am lazy, shorewall makes iptables easy
<Centaur5> Wasn't Gutsy supposed to include winmodem support out of the box?
<soren> Centaur5: It does.
<Centaur5> soren: Only on certain chipsets?
<soren> Centaur5: Well... Sure.
<soren> Centaur5: Quite a few, though.
<soren> Centaur5: You need to enable it through the restricted manager thing.
<soren> It's not entirely free.
<Centaur5> soren: I've tried conexant, agere, and smartlink and hylafax doesn't seem to find them.
<soren> We use slmoded
<soren> slmodem, I mean.
<soren> I suppose that's smartlink?
#ubuntu-server 2008-11-17
<w33d5> i have two drives with many of the same files and wanted to use fdupes to remove dupes.  QUESTION i only want to remove files from /media/disk2 and keep the files from /media/disk1      can someone help me with the command?
<Fenix|home> greetings!
<Fenix|home> anyone with suggestions for "buffer i/o error on device sr0" with 8.10?  I'm buring with Nero 8 with multiple ISO's and multiple disks... using ubuntu-server-amd64
<hads> Nero?
<Fenix|home> burning software
<Fenix|home> am trying with another downloaded version from another host, using ImgBurn
<hads> This is Windows software?
<Fenix|home> yes
<hads> Okay, no idea then.
<Fenix|home> my problems look like bug 266951 but I am burning to CD-R
<uvirtbot> Launchpad bug 266951 in linux "Buffer I/O error on device sr0 Logical Block XXXXXX in Intrepid Ibex Alpha 5" [Undecided,New] https://launchpad.net/bugs/266951
<Fenix|home> and this isn't the alpha either
<Fenix|home> ok... download was successful... md5 matched... burn was successful CD verified with image, now let's see if my computer boots it without error
<Fenix|home> ok... now it works
<Fenix|home> ok... problem #2 has reared it's ugly head
<Fenix|home> Grub Error 18
<Fenix|home> hard drives are dmraid
<Fenix|home> 8.10 installed grub
<Fenix|home> array is 74000 MB
<smultron> anyone in here use bacula?
<paul68> hi does someone know a good tutorial to get 3 subnets to communicate with eachother?
<jmarsden> paul68: Plug them each into an interface on a router?
<jmarsden> As it stands your question cannot be answered well... what are you really trying to do?  How will the 3 subnets connect to each other physically?  VPNs?  Cat5 cables?  dialup modems??
<paul68> jmarsden: the layout is going to be like this isp> dlink > server with 2 nics and a linksys switch/accesspoint wifi
<jmarsden> Where are the 3 subnets in this scenario... ?
<paul68> jmarsden: purpose is to let my server act as router and create iptables on there dlink has ip 192.168.0.1 eth has 192.168.0.122 eth1 has 192.168.1.12 and then the linksys switch who has ip 192.168.1.1
<paul68> jmarsden: and then the wifi since all devices are going to get connected to wifi most off the time
<paul68> jmarsden: I was told that it has 3 different subnets then
<jmarsden> OK.  Are you trying to run the linksys in access point mode, or as a router??
<paul68> jmarsden: linksys is running in ap mode
<jmarsden> Then that's two subnets.  192.168.0.0/24 on the dlink/eth0 interface and 192.168.1.0/24 on the eth1/linksys one.
<jmarsden> Where is the third one coming from?
<paul68> jmarsden: thats what people told me yesterday in ubuntu general that I have 3 different subnets so I was surprised to hear that
<paul68> jmarsden: or he was getting tired of helping me
<jmarsden> I'm not sure what network design they set out for you.  ROuting between the two interfaces of your Ubuntu server should be trivial... what's your actual problem?
<jmarsden> How far have you got?
<paul68> jmarsden: the problem is that I can connect to my server from dlink towards eth0 I'm able to ping eth1 and thats where I stranded
<paul68> I can't connect to the internet from a device behind the linksys
<paul68> and I can't ping eth0 when I'm connected to eth1 please note I am at the office and not able to connect to my server
<jmarsden> But you can, from the linksys itself, or from another wired device on that 192.168.1.0/24 subnet?
<paul68> on the linksys I can ping everything that is connected to the same subnet
<jmarsden> It's going to be hard to help troubleshoot this if you don't have remote access to your server .... but it sounds like the default gateway on the linksys is set incorrectly?
<paul68> default gateway is 192.168.1.1
<jmarsden> default gw on the linksys needs to the the IP assigned to eth1, which you said was 192.168.1.12 I think.  BTW, why didn't you open port 22 on the dlink and install openssh-server on the server... so you can get in from work?
<paul68> ok will change that no not possible to connect over ssh since my ISP has blocked everything under port 1024
<jmarsden> One line change to the /etc/ssh/sshd_config file and sshd will run on port 22222 if you want :)
<paul68> jmarsden: and ssh is installed and yes I know
<jmarsden> Anyway, yes, check the default gw on the linksys and set it to be whatever the IP address on the eth1 of the server is, and I think all will be well.
<paul68> jmarsden: didn't sleep over the weekend to try to get this to work and therefore I didn't open the port for ssh
<jmarsden> :) OK
<paul68> jmarsden: ok I'll check that
<paul68> where do you live I live in belgium so If you where able to be here in lets say 12 hours it would be nice to continue this conversation
<paul68> or are you in dreamland at that stage
<jmarsden> I'm in California, USA.  9:52pm here.  I will be at work in 12 hours, but I may be here as jmarsden|work, depends if I am at my desk or out at a client site
<paul68> ok and I need to adapt the routing also I guss
<paul68> guess
<jmarsden> As long as the server has packet forwarding enabled at all, and its default gw is the dlink, it should route between those interfaces just fine, I think.
<paul68> well I will definitly give it a go when I'm at home thanks for your assistance at this point
<jmarsden> No problem
<paul68> but the bright side of my problem is that the new config for my dhcp and bind is functioning correctly so I was happy about that the pregnant wife however didn't like it that I did alsmost a 48 straight to solve this problem
<paul68> trying to solve this problem I ment
<paul68> do I need to adapt the gateway of the eth1 to the one the dlink is using?
<paul68> in the interfaces file
<paul68> jmarsden: can you check my last remarks please thanks
<jmarsden> paul68: default gateway of the server should be the LAN-side IP of the dlink.  You can't really have a "gateway" on a per interface basis.
<paul68> jmarsden: thats for eth0 right
<jmarsden> default gateway is in the routing table, not for one interface or the other... ??
<paul68> jmarsden: ok understood
<jmarsden> You can do netstat -nr and look for the route for 0.0.0.0 to see what it is set to.
<paul68> jmarsden: ok will do that to
<BeeBuu> mkfs -t clu:gfs -p lock_dlm -j 2 /dev/vg00/lv00 get error-->:mkfs.clu:gfs: No such file or directory        how can i fit it?
<Koon> BeeBuu: maybe /usr/sbin/gfs_mkfs -t clu:gfs -p ...
<Koon> (from man mkfs.gfs)
<Koon> see example at the bottom of http://manpages.ubuntu.com/manpages/intrepid/en/man8/mkfs.gfs.html
<BeeBuu> Koon: i can't find any cluster.conf file..... need any command to install?
<Koon> BeeBuu: no clue. I just knew why mkfs -t clu:gfs would fail (mkfs reserves the -t parameter).
<BeeBuu> i just run: apt-get install gfs-tools, anything had i missed?
<kraut> moin
<acbot> https://help.ubuntu.com/8.04/serverguide/C/mail-filtering.html
<acbot> " Add the amavis user to the clamav group in order for Amavisd-new  to have the appropriate access to scan files: "
<acbot> amavis reports erros using this setup, I think it should be " Add the clamav user to the amavis group in order for Amavisd-new  to have the appropriate access to scan files: "
<acbot> thoughts?
<ElDelfin> I'm not sure if this is the right chan for this, but no matter what I try, I can't do a dcc send in xchat.
<ElDelfin> I have firestarter installed, and i've mapped the relevant ports into the router.
<ElDelfin> why is ubuntu stopping me?
<soren> ElDelfin: You could try disabling firestarter and see if that helps.
<soren> That way, you'll know if it's firestarter or something else that's getting in the way.
<Deeps> can try to dcc me if it helps, that will also idenfity what ip and port your client is sending in the dcc send request
<Deeps> often with mirc, the problem is the client sending the machine's lan ip in the dcc send req
<Deeps> or if you're using a bnc, it'll attempt to use the bnc's ip as a source ip for the dcc transfer
<ElDelfin> the reason i downloaded firestarter, is that i could get it to work.
 * ElDelfin has stopped firestarter
<Deeps> 1238.24 [freenode] DCC SEND from ElDelfin [24.236.85.103 port 4990]: obsidian2-2.0.4.tar.bz2 [49kB]
<Deeps> and it's stalled
<ElDelfin> happens every time.
<Deeps> 1239.40 [freenode] DCC can't connect to 24.236.85.103 port 4990
<soren> ElDelfin: I've never heard of a firewall that made *more* stuff get through than without it.
<Deeps> if thats the correct ip, then the problem is a firewalling/networking issue, either your router's firewall/nat gateway isn't configured correctly, or your local machine isn't
<ElDelfin> me either, but i was running out of stuff to try.  if it were a replacement for the default firewall ...
<ElDelfin> i have it set in the filter section of my router, since that allows a port range, instead of a single port, like the virtual server section.  i don't understand networking all that well.
<ElDelfin> if it is my local setup, then its a pretty fresh ubuntu install.  amule works fine.
<soren> ElDelfin: Did you disable ufw?
<ElDelfin> er, i defined it in the firewall section, not the filters section of the router.
<ElDelfin> i don't think so.  what's that?
<soren> Uncomplicated Firewall. It's the default firewall application on Ubuntu.
<ElDelfin> no.  i haven't seen hide nor hair of it thus far.
<ElDelfin> you know how, or should I surf it up?
<soren> sudo ufw disable
<ElDelfin> can i try a send now?
<soren> to me? Probably not.
<soren> I've never used DCC here, so I don't know if it's expected to work.
<ElDelfin> deeps?
<ElDelfin> not to worry.  i can find some1 in xchat.  i hope that's it ...
<ElDelfin> ok, i found it.
<ElDelfin> i had to specify my network IP in the rule in my router.  it wasn't gonna let it through with just a * for the destination IP
<espacious> what is the best metod to make software arry?
<espacious> i have latest ubuntu and 4 sisks to put togeather
<espacious> disks*
<Fenix|work> Greetings
<Fenix|work> can anyone point me to a howto on password-less SSH without using rhosts?
<sommer> Fenix|work: do you want to use ssh-keys?
<Fenix|work> yes... and at the same time I don't want sshd to prompt for credentials
<Deeps> ssh-keygen; ssh-copy-id
<sommer> Fenix|work: https://help.ubuntu.com/8.10/serverguide/C/openssh-server.html
<sommer> has instructions... doesn't have ssh-copy-id though
 * sommer needs to look into ssh-copy-id :)
<Deeps> just takes the pub key and scp's it into .ssh/authorized_keys
<Deeps> and sets suitable perms
<Deeps> might be smart enough to append it if the file already exists too
<Deeps> eitherway, it greatly simplifies the process for someone who's new to ssh keys and doesn't know how to resolve the minor tripups (like perms on the keys)
<Deeps> in effect, lets you simplify the help you give to simply being 'ssh-keygen, ssh-copy-id' ;)
<Fenix|work> do I need to generate a key locally if I already have a key in authorized_keys?
<Deeps> you need your private key locally, and your public key in the authorized_keys file on the remote server
<Fenix|work> Deeps, You're write... I phrased my question wrong
<Fenix|work> Do I need to generate keys on the remote server if I have my local public key in authorized_keys ... to which the answer is no.
<Fenix|work> is there also any way to tell SSHD to not allow password logins
<Deeps> yep
<Deeps> i think it's in the pam.d settings
<Fenix|work> I'd like to have my home linux box on the net, but I don't want someone to hack it by being able to try username/password combos
<Fenix|work> just simply fenix@homebox.myprivate.host and auth with my key
<Deeps> hmm, might be "PasswordAuthentication no" in /etc/ssh/sshd_config
<Fenix|work> I've turned on PubkeyAuthentication yes and AuthorizedKeysFile %h/.ssh/authorized_keys
<yann2> in /etc/ssh/sshd_config turn PasswordAuthentication to no
<yann2> oh I am 5 minutes late :)
<yann2> will read all the log next time ^^
<uvirtbot> New bug: #299078 in nagios3 (main) "package nagios3-common 3.0.2-1ubuntu1 failed to install/upgrade: el subproceso pre-removal script devolvi? el c?digo de salida de error 1" [Undecided,New] https://launchpad.net/bugs/299078
<ndm_design> Hey can someone help me with a new build?
<ndm_design> I kinda just fell into having to build a new Server for work
<ndm_design> and am by all means not a Linux Guru
<ndm_design> I need a board that can run Ubuntu Server Edition as hassle free as possible
<ndm_design> And I need to run a Mirror since it will be server about a Terabyte of Video
<ndm_design> Can I get any suggestions on boards that I wont have a problem with
<zoopster> ndm_design: define board? as in building a server from components?
<ndm_design> http://www.newegg.com/Product/Product.aspx?Item=N82E16813131257
<ndm_design> Was considering this board
<ndm_design> So in short yes...
<zoopster> I have a different version of the P5 that runs well...my thoughts. The Broadcom chips are known for issues with Linux...Ubuntu 8.10 allows it to install with ease
<ndm_design> Well I planned on running 8.10 Server Edition
<zoopster> I do not know about support for the onboard video
<ndm_design> Wow I hadnt looked at the video chipset...
<ndm_design> Thats some crap...
<ndm_design> Well I've got a budget of about $800-$1000
<ndm_design> Like I said I know Hardware I just don't know Linux all that well and need the most compatible out of the box solution possible
<gabbler> hi does anyone know about dns resolution plese
<ndm_design> Seriously noone has any hardware advice?
<gabbler> ndm_design, have you thought about virtual stuff?
<ndm_design> Not really, it just needs to be a run of the mill web server
<ndm_design> It just has to host up a lot of video thus the Raid 1 preference
<gabbler> not raid 5?
<ndm_design> Well Raid 5 would be fine too...
<ndm_design> Better obviously
<gabbler> and what sort of advice are you after (sorry missed the original q)
<ndm_design> Oh well thanks gabbler
<ndm_design> I'm a Designer and just kinda had this fall into my lap
<ndm_design> I know hardware... but I'm no Linux guru
<ndm_design> I'm trying to put together a web server to run Ubuntu 8.10 Server edition
<ndm_design> And would like to get hardware to have the easiest out of the box experience possible
<gabbler> :)
<ndm_design> Like I said I know hardware... I just don't know linux, I've been staring at chipset compatibility for days now
<gabbler> ok isee most hardware these days is fine but if you can get some older stuff (which would be cheaper) all the better
<ndm_design> Well I was wanting to build something socket 775 so I could just get a decent dual core xeon
<ndm_design> and around 4 gigs of ram
<ndm_design> the bigger issue will be the raid
<ndm_design> www.epicktv.com
<ndm_design> if you care to see the site it will be hosting
<gabbler> one sec just looking
<ndm_design> when it's all said and done there will be several terybytes of movies and tv shows hosted
<gabbler> and i ssume you would rather hardware raid thatn software?
<ndm_design> Well... really I just want hassle free, from what I've been reading it doesnt seem to make too much of a diffrence weather you hardware or software raid in linux
<ndm_design> The Bosses expect me to have this thing up and running with the site migrated to the new server in like 2 or 3 days tops
<ndm_design> I'd like to make that a reality
<gabbler> well if software raid is ok, all you need are a couple of disks which you can configure using the install
<gabbler> i would suggest that you get vmware server and have a play with the setup for raid and see if it works as you want
<ndm_design> Yea I mean I'm not terrified of Linux or anything, in fact I love Ubuntu, I just dont want something thats going to stall me for days since I'm a moderate user
<gabbler> here is a good link, a bit old but the ideas still stand
<gabbler> http://advosys.ca/viewpoints/2007/04/setting-up-software-raid-in-ubuntu-server/
<ndm_design> Thanks...
<ndm_design> Any suggestions on a good board or chipset?
<gabbler> personally i use intel most of the time
<ndm_design> You think I'd have any problems with this? http://www.newegg.com/Product/Product.aspx?Item=N82E16813121328
<zoopster> ndm_design: You are looking to high end. You can find a simple board with a nvidia or older intel video, basic ethernet for $100 on newegg with sata and add several drives using software raid (if necessary) and you are golden
<gabbler> well i have had a look on intels website and it does have drivers for linux should you need them which is a good start
<zoopster> Newegg has a number of great barebones boxes that fit the bill
<zoopster> I would avoid VIA chipsets, broadcom ethernet, and ATI graphics, but you cannot go wrong with the mid-tier boxes
<ndm_design> Thanks zoopster, looks like a lot are using broadcom though
<ndm_design> Hey Zoop
<ndm_design> What about XGI Video?
<zoopster> what about xgi video
<ndm_design> Because I like this http://www.newegg.com/Product/Product.aspx?Item=N82E16816110031
<zoopster> btw...broadcom isn't an issue with 8.10, they just don't support open source as well as they should
<zoopster> I use a mac with 8.10 and it works fine with the broadcom chip
<ndm_design> Oh ok cool
<zoopster> if you were going with 8.04 LTS I would not recommend broadcom
<zoopster> well...a search on xgi shows they were bought by ATI, but the linux support in their chips stunk
<zoopster> however if this is a server that may not be an issue since you don't need high end graphics (none if this is a server).
<ndm_design> Man I'm really having a hard time finding a board or barebones solution that doesnt have some sort of quark
<zoopster> so the basic vesa framebuffer will work
<zoopster> welcome to the fragmented world of hardware today
<ndm_design> And I thought drivers could be a bitch in a windows enviroment... boy was I wrong
<zoopster> in linux there is workarounds to it all...for instance with xgi...the vesa driver will work fine
<zoopster> you will only miss 3d support
<zoopster> in windows you don't have a driver you don't have video
<zoopster> period
<zoopster> Linux has FAR better driver support...period
<ndm_design> Didnt look at it like that
<ndm_design> Fair nuff
<Lasivian> hiya
<Lasivian> anyone have a smtp solution to recommend besides postfix?
 * Lasivian is apprently too stupid for postfix
<zoopster> are you having problems with postfix
<zoopster> you have many options...but I would still use postfix as my mta of choice
<ScottK> Lasivian: Postfix can be a little difficult at first.  I highly recommend "The Book of Postfix".  They lay it all out very nicely there.
<Lasivian> the problem is 5 seconds with a simple windows tool did what I could not do in 2 hours with postfix
<Lasivian> O just need a simple smtp relay to one address from a windows program that does not have an smtp password field
<Lasivian> http://www.softstack.com/freesmtp.html <-- that worked, but i'm mad because I wanted to use my ubuntu box instead so i'm not relying on shitty windows solutions
<samuraipenguin> not to pass the buck, but that sounds more like an issue with that app not supporting smtpauth then with postfix -- which should be able to whitelist IPs in mynetworks.
<lamont> telling postfix to allow the windows box to send mail through it should be trivial.
<lamont> OTOH,  turning postfix into an open relay so that an unauthenticated sender can send mail through it is probably not what one wants to do.
<lamont> so restricting to IP is a good answer
<Lasivian> samuraipenguin: I have no disagreement with that conclusion, if I could find a beter raid management tool i'd be happy to use it
<Lasivian> i'm not good enough with ubuntu to put it on my raid server
<Lasivian> lamontL one would think, but when I try to telnet to the ubuntu box and test it I get a relay refusal
<samuraipenguin> Lasivian: did you add the IP to 'mynetworks' in main.cf and restart postfix?
<fht> which package or task do i have to install to get a minimal ubuntu-server when installing with pressed?
<fht> for now i'm using tasksel/first multiselect standard
<fht> but this installs a generic kernel and way too much packages
<fht> even something with openoffice
<lukehasnoname> o_O
<lukehasnoname> what OS are you using? Ubuntu server?
<fht> I want to install an ubuntu-server with the preseed installation method over network
<fht> (8.10)
<lukehasnoname> I thought I had an idea but I don't... be patient and someone more useful may come around.
<greenfly> fht: check out the preseed file that is included on the ubuntu-server cdrom
<greenfly> it has the basic examples of settings you need
<fht> good idea
<fht> thank you greenfly
<greenfly> np
<incidence> http://www.cpni.gov.uk/Docs/Vulnerability_Advisory_SSH.txt <- Any idea how do I prevent this vulnerability? I'm running ubuntu 6.08 lts.
<Celephais> Hi, how can i use logical volume with kvm?
<kees> incidence: we're still waiting to hear from upstream SSH for more details
<Fenix|work> Greetings
<Fenix|work> How do I turn off username and password logins in open ssh?  I just want username/key-pair logins
<hads> /etc/ssh/sshd_config
<Fenix|work> hads, just figured it out
<Fenix|work> turned off all auth methods except for PubkeyAuthentication
<Fenix|work> but me being silly forgot to restart sshd
<uvirtbot> New bug: #297785 in mysql-dfsg-5.0 (main) "package mysql-server-5.0 5.0.51a-3ubuntu5.1 failed to install/upgrade: Unterprozess pre-removal script gab den Fehlerwert 1 zurueck" [Undecided,Incomplete] https://launchpad.net/bugs/297785
<uvirtbot> New bug: #298403 in mysql-dfsg-5.0 (main) "MySQL daemon fails to start after upgrade" [Undecided,Incomplete] https://launchpad.net/bugs/298403
<uvirtbot> New bug: #297405 in mysql-dfsg-5.0 (main) "package mysql-server-5.0 None [modified: /var/lib/dpkg/info/mysql-server-5.0.list] failed to install/upgrade: il sottoprocesso pre-installation script ha restituito un codice di errore 1" [Undecided,Incomplete] https://launchpad.net/bugs/297405
<lukehasnoname> sigh
<ScottK> Anyone looking to get involved with bug fixing, Bug #299185 looks pretty easy.
<uvirtbot> Launchpad bug 299185 in mailscanner "mailscanner 4.68.8 plus clamav 0.94.1" [Undecided,New] https://launchpad.net/bugs/299185
 * ScottK bets sommer could fix it.
<sommer> ScottK: I might have time to look at it this evening, or tomorrow evening
<ScottK> sommer: Great.  Let me know if you need a sponsor.
<Fenix|work> Greets...
<joerlend> I'm following this: https://help.ubuntu.com/8.10/serverguide/C/openldap-server.html
<joerlend> there are obviously some errors in it, cause if you follow the instructions, you don't get the expected results. Under LDAP Authentication, you're asked to issue this command: sudo auth-client-config -a -p lac_ldap, but then you receive this error: Error in updating the file: 'pam_account' not found -- Errors found.  Aborting (no changes made)
<joerlend> any help?
<Kamping_Kaiser> just checking - are you running 8.10? (i cant help, i dont use 8.10)
<joerlend> yes.
<joerlend> but maybe you have better chances of understanding what's wrong?
<joerlend> this is completely new to me.. I've been at it for a _long_ time, reading whatever I can find, but nothing works.
<Kamping_Kaiser> i know a working guide for 8.04, no idea about 8.10 though.
<joerlend> never setup ldap?
<joerlend> or just never in 8.10?
<Kamping_Kaiser> never in 8.10
<joerlend> I suspect that it's not entirely different in 8.10? I've never done it before on any system.
<Kamping_Kaiser> $stuff does change between releases. i'll get you the 8.04 link, see if that helps at all (even just for understanding).
<joerlend> that'd be nice, thanks.
<Deeps> https://help.ubuntu.com/8.04/serverguide/C/openldap-server.html ? heh
<Kamping_Kaiser> http://aj.id.au/wiki/index.php?title=Ldap_Replication - i know this works on 8.04, i used it.
<joerlend> but I'm not doing replication, I'm doing authentication.
<hads> It has changed from Hardy to Intrepid, the cn=config stuff came in.
<Kamping_Kaiser> hads, ah, thats very much outside my scope
<joerlend> I don't know where to begin.
<joerlend> I've tried to setup ldap on ubuntu in several versions. The documentation and helpfiles on ubuntu.com are always wrong, or the packages are buggy. I don't know which.
<joerlend> I must say, at this point, it's really tempting to give up and try another distro instead. Directory services aren't all that uncommon. It should be possible to configurei t.
<Kamping_Kaiser> they are, however, universally a pita
<joerlend> what does that mean?
<Kamping_Kaiser> it means you can try other distros, and i'll bet they are equally unpleasent (depends on your idea of unpleasent though)
<joerlend> well, as long as there is documentation and as long as the software actually works, I'm fine.
<joerlend> I don't mind alot of hard work.
<joerlend> I guess the problem is that everything changes every six months and nobody checks to see that the documentation is still usable?
<Deeps> still to the LTS release
<Deeps> stick*
<Deeps> it's been more than 6 months since the last one was released
<Kamping_Kaiser>  /usr/share/doc/<packagename> is the canonical reference for doco, along with man pages
<Deeps> so the documention should be up to scratch by now
<Deeps> and most of the bugs are ironed out
<Kamping_Kaiser> Deeps, its not like released doco gets updated (well, i've not noticed it happen)
<joerlend> alright, I'll give it another try.
<Kamping_Kaiser> joerlend, its not that no one bothers, its that some things get missed
<joerlend> seems like most things to me.
<joerlend> I don't think I've ever been able to follow the instructions from help.ubuntu.com with success.
<joerlend> but I will try to use hardy as client one more time.
<joerlend> oh, thiese issues have been reported on launchpad. It doesn't work in 8.10, but did work in 8.04
<Deeps> just because it's a linux distro doesn't mean it's not subject to the same rules as all software: new releases will always be buggy
<joerlend> https://bugs.launchpad.net/ubuntu/+source/auth-client-config/+bug/295008
<uvirtbot> Launchpad bug 295008 in auth-client-config "Running "auth-client-config -p lac_ldap" gives error (2)" [Undecided,New]
<joerlend> Deeps, it isn't completely impossible to run some regression testing.
<Kamping_Kaiser> on 12,000 packages?
<Kamping_Kaiser> fwiw, i belive regression testing has been discussed in ubuntuland, no idea what happened to the idea though
<joerlend> I think such things as ldap, nfs, openssh-server, etc should be tested, yes.
<joerlend> it isn't a minor inconvenience if those kinds of services stop functioning after an upgrade.
<Kamping_Kaiser> i'm pretty sure the party line on that one is 'use lts' (but thats just aiui)
<joerlend> well, if nobody wants to use the non-lts versions, isn't it just stupid to make them?
<Kamping_Kaiser> Ubuntus desktop targeted. aiui.
<joerlend> hmm?
<espacious> hello i installed mdadm and made raid1 wit my two identical disks, but when i reboot the machine fstab outputs an error (8)
<espacious> if i press ctrl+d it boots
<frojnd> hello there
<Deeps> joerlend: the non-lts versions are targetted at the desktop
<Deeps> joerlend: that being the primary focus of ubuntu, the desktop
<joerlend> well, but thiese problems would affect both.
<joerlend> and does.
<joerlend> I had to upgrade my desktop to intrepid because I'm very dependent on Evolution, for instance. Most office users will be. It's also in the office that central user management is most common.
<joerlend> connecting ubuntu desktop to Microsofts systems are getting easier and easier, but connecting ubuntu to ubuntu server is more difficult than ever.It's weird.
<joerlend> but I will try one more time, using hardy server and hardy desktop and see if that works. I'm not optimistic though.
<Deeps> you may find you're better off using debian as a server
<Deeps> as that's their primary focus
<joerlend> if this doesn't work, I'll be looking at redhat and suse.
<Deeps> i'd definately recommend debian
<Deeps> over redhat and suse
<Deeps> and if i'm correct in my thinking, suse is to redhat what ubuntu is to debian
<joerlend> does debian have a good solution for directory services and central user management? I think both redhat and suse does.
<hads> I hear they use LDAP
<Deeps> sitting closer to the bleeding edge of software versions than is generally healthy in a server
<joerlend> hads, Microsoft uses LDAP too.
<hads> Okay
<Deeps> joerlend: in terms of maintaining and avoiding general nastiness with regards to recursive dependancies and the like, you're better off with debian
<Deeps> joerlend: plus debian stable means precisely that. old and crusty, but stable
<joerlend> but, as I said, I haven't given up yet. I will give this one last chance using hardy server and hardy desktops.
<joerlend> though I _really_ would like to avoid hardy desktop.
<[Solars]> hay hay
#ubuntu-server 2008-11-18
<[Solars]> has the new version be made public yet?
<eolo999> hi i was fighting with amanda-backup-server... and i lost... can you suggest me an easier backup server solution?
<Deeps> !backup | eolo999
<ubottu> eolo999: There are many ways to back your system up. Here's a few: https://help.ubuntu.com/community/BackupYourSystem , https://help.ubuntu.com/community/DuplicityBackupHowto , https://wiki.ubuntu.com/HomeUserBackup , https://help.ubuntu.com/community/MondoMindi - See also !sbackup and !cloning
<eolo999> Deeps: thx
<eolo999> !sbackup
<ubottu> sbackup is a tool to create complete and/or incremental backups (which can be scheduled to be automatic, and can be done over a network). It is available in !Universe
<[Solars]> is it consider safe to upgrade to 8.10?
<uvirtbot> New bug: #299306 in samba (main) "Permission denied of usershares statfile in Samba 3.0.28a-1ubuntu4.7" [Undecided,New] https://launchpad.net/bugs/299306
<Fenix|home> Greetings
<Fenix|home> How the heck to I change the default locale from POSIX to en_CA.UTF-8 ?
<Fenix|home> the locale already exists.  I added LANG="en_CA.UTF-8" and LANGUAGE="en_CA:en" to /etc/environment... but it keeps coming back as POSIX
<jmarsden> On a server, or on a desktop?  On a Ubuntu desktop you can use the GUI System -> Administration -> Language Support
<jmarsden> You did log out and back in again after editing /etc/environment?
<jlc> anyway to get any type of status while formating a file system during server install, its just kind of sitting at 33% for about an hour or so
<jlc> 8.04.01 server /home 2.3ish TB
<hads> Doesn't soundright
<hads> s/dr/d r/
<jlc> i know it takes awhile but its quiet some time
<jlc> :)
<jlc> if i got to another tty and sign in, tty4 shows i signed in so its reponding
<jlc> I don't remember it taking this long
<jlc> any chance 2.+TB is to big to do on ubuntu server 8.04?
<jlc> i cant possibly think of an option that would do that in the kernel
<jmarsden> jlc: It's possible.  Google for ext3 filesystem limits and see what you get?
<jlc> i had opensuse on here for the last week playing around with it, before that it was running centos
<jlc> but i've been using ubuntu any more on the desktop, thought i might as well use it on my servers so i was starting to roll it out
<jmarsden> And you frequently have single filesystems over 2GB?  fsck must take a little while :-)
<jmarsden> 2TB I mean.
<hads> Hmm good point, 2TB may be the limit for ext3
<jlc> I just have a raid 5 and make /home the whole shebang
<jmarsden> Limit is officially block size dependent per http://en.wikipedia.org/wiki/Ext3#Size_limits
<jmarsden> But is 2TB if your block size is 1kb
<jlc> my wife is a photographer so i backup her data, she is using about 1tb on another server and I back it up to this one, except for right now :)
 * hads hugs JFS
<jmarsden> Maybe make a /home of say 500GB and a /home/wife of the rest?
<jlc> oh
<jlc> lol
<jlc> it just started
<jlc> :)
<jlc> only 1.5 hours of formating
<jmarsden> OK, problem solved :-)
<hads> Interesting
<jlc> lol
<hads> ext3 does things slowly with large filesystems, I didn't know it was that slow at formatting though.
<jlc> i've had other linux and bsd on here so i didn't think it was ext3 or linux specific but possibly something in the kernel
<jlc> you think xfs might be better on here
<jlc> last time i tried jfs it was pretty slow but that was smaller FS and about 5 years ago
<jlc> reason for one large fS was just because its raid 5 and the OS is sitting on a mirror, but if OS goes down, hopefully i could just come back and mount the whole thing
<jlc> install done, 2.4TB is the size of /home
<jlc> is jfs/xfs still being maintained?
<soren> Sure.
<jlc> yeah, looking at jfs change log now
 * soren recommends xfs
<jlc> yeah, its a toss up right now between the two, i was using ext3 but it is slow and i figure now is a good as time as any to try one
<jlc> keep in mind this is a 2.+TB FS
 * soren shrugs
<soren> Shouldn't be a problem for XFS at least.
<jlc> yeah, both seem to do good on large FS from what I'm reading, just cant decide
<soren> I've (not surprisingly) tested it, but it's supposed to handle volumes of up to 16 exabytes. I trust that should suffice for your use case for quite some time.. :)
<jlc> I did have a bad experience with xfs several years ago
<jlc> yeah:)
<soren> Pfft. JFS only handles up to 32 PB volumes.
<soren> :)
<hads> heh
<hads> XFS seems to be more common. I just chose JFS a while back and have stuck with it, haven't had any issues so no reason to change.
<jlc> interesting
<jlc> jfs just took about 2 minutes to format the 2.6TB
<henkjan> where ext3 took a couple of hours to finish?
<jlc> about an 1hour and half
<jlc> i made an small ext3 /boot, 2gb swap, 150gb jfs / and 2.6TB jfs /home
<jlc> other than ufs/zfs its been a long time since I used anything other than ext3 ;)
<hads> fsck is a major difference.
<jlc> btrfs sounds like it will be nice
<kraut> moin
<_ruben> hrm .. ubuntu's (hardy) mail command doesnt allow for attachments to be added using -a, bah
<_ruben> lets see if nail or another variant is available which does allow attachments
<Kamping_Kaiser> is that mailx or mailutils mail?
<_ruben> mailx, but apparently mailutils' behaves the same
<_ruben> im used to nail (which is the mail command on suse)
<henkjan> install mutt ;)
 * Kamping_Kaiser bes supprised
<_ruben> henkjan: i might actually have to resort to smth like that :)
<_ruben> this (backup) script has to run on both suse and ubuntu .. it attaches the logfiles, which doesnt work on ubuntu now :/
<_ruben> apparently mutt can be used as a drop-in replacement for mail/nail, nice
<Kamping_Kaiser> :/
<Kamping_Kaiser> i should learn to use mail, never knew how to do attachments
<_ruben> Kamping_Kaiser: with mailx you cant, with nail and mutt u use -a file
<Kamping_Kaiser> _ruben, bother, now i have to learn mutt :p
<spiekey> Hello!
<spiekey> soren: are you there mate? :)
<soren> spiekey: I am.
<spiekey> soren: have you ever got a "recent" kernel running with xen?
<spiekey> 2.6.24 or above?
<soren> Yes.
 * spiekey thinks soren was the virtuallisation master
<spiekey> soren: is there a howot?
<spiekey> howto?
<soren> Yes, here: "Just do it"
<soren> What's up?
<LoveGuru> Is there any Gud tutorial  for howto setup "mail server" ?
<jlc> what is the difference in dns on server and workstation/desktop installs?
<jlc> I can't ping my server by hostname
<jlc> nsswitch.conf is a bit different
<jlc> server = hosts:          files dns
<spiekey> soren: the patches and stuff is available at xen.org?
<jlc> desktop = hosts:          files mdns4_minimal [NOTFOUND=return] dns mdns4
<andol> LoveGuru: Will these do? https://help.ubuntu.com/8.04/serverguide/C/email-services.html
<henkjan> jlc: you ping $hostname.local ?
<soren> spiekey: I just use the Ubuntu kernels.
<henkjan> jlc: the server has no default avahi installed
<soren> jlc: You can't ping the server from the server?
<jlc> henkjan: yes
<jlc> i can ping server from server but not desktop to server
<jlc> i can ping workstation via hostname from server too
<soren> Accesssing other machines on the network by their hostname without support from DNS requires avahi.
<jlc> avahi-daemon
<jlc> is that what I need on the server
<jlc> or configure it as a dns server
<jlc> https://help.ubuntu.com/8.04/serverguide/C/dns.html
<henkjan> using avahi on local network is imho no problem
<henkjan> but avahi exposes all running services to everyone
<henkjan> maybe you won't install it on a colocated server
<jlc> its just local/home
<soren> avahi will only work on a LAN anyway.
<soren> Installing it on a colocated server won't let you ping it by hostname.
<LoveGuru> andol: thanks sorry i didn't see ur msg
<jlc> ok, so now i can ping hostname.local
<jlc> what is the desktop running that gives the ability to just ping by hostname, minus the .local?
<micheluntu> jlc: I use the "search" line in /etc/resolv.conf ..
<jlc> i checked that, both are the same
<jlc> justin@kainos:~$ ping krutch
<jlc> ping: unknown host krutch
<jlc> krutch.local <- works now that avahi-deamon is installed
<Deeps> could manually update your windows network settings to add the dns suffix .local
<Deeps> not exactly ideal though
<jlc> yeah, and thats not windows ;)
<jlc> kainos is 8.10 desktop
<jlc> krutch is 8.04 server
<Deeps> oh, i thought you were doing something with windows, my bad
<jlc> no worries
<jlc> just cant hit server by hostname alone
<Deeps> you have search local in your resolv.conf?
<micheluntu> dns suffix is used on linux too.. it's the search entry
<jlc> hurm
<jlc> micheluntu: on the server right
<Deeps> on both
<micheluntu> on both
<jlc> it finds the domain name that my router is pushing out
<jlc> search gateway.2wire.net
<jlc> both have the same
<Deeps> add search local above that, see if it makes a difference
<micheluntu> it's passed by dhcp
<micheluntu> you can modify the router to use "local" instead of "ï»¿gateway.2wire.net"
<jlc> yeah, but why do desktop installs work fine
<jlc> freebsd also works
<jlc> seems confusing :)
<jlc> i'll check it out later, its 4:40am and I need to get up around 6-6:30 before my kids so... ;)
<jlc> i shall get some rest
<jlc> thanks for your help
<micheluntu> jlc:  ok see you.. there is domain-name entry in avahi-daemon.conf
<Stonekeeper> hi. As a little experiment I've installed fvwm and slim on a default ubuntu server. On reboot, init shows that slim is attempting to start but it doesn't actually seem to do anything. Any ideas?
<Deeps> look in the logs?
<spiekey> can  i map /dev/mapper/foo to /dev/sg0 somehow?
<zul> mathiaz: when you get a chance can you have a look at the mysql merge, its giving me grief when building it
<mathiaz> zul: sure
<zul> mathiaz: thanks
<uvirtbot> New bug: #299481 in nagios-plugins (universe) "Please merge nagios-plugins 1.4.12-4 (main) from Debian unstable (main)" [Wishlist,In progress] https://launchpad.net/bugs/299481
<zul> Koon: ping I was basically done nagios-plugins, I just have to update the changelog
<Koon> zul: arg :)
<Koon> zul: interested in my debdiff ? I just had to do some sanity tests and check if it closed existing bugs
<zul> Koon: sure
<Koon> zul: attached to the bug
<zul> Koon: thanks
<Koon> zul: note that I still had to validate the check_http segfault is really fixed upstream.
<zul> Koon: kk
<zul> Koon: uploaded
<Koon> zul: yours or mine ? If mine, I hope you fixed the LP:xxxxxx entry :)
<zul> Koon: mine
<Koon> heh -- great :)
<uvirtbot> New bug: #299489 in nut (universe) "[jaunty] /usr/lib/libupsclient1.so is a dangling link" [Medium,New] https://launchpad.net/bugs/299489
<Deeps> wow, thats nuts, centos default install installs portmap, nfs, and has ssh1 enabled out of the box
<dou213> hi guys, my kvm doesn't acknowledge my keyboard on boot, so i can't choose the os from grub
<dou213> any ideas?
<Deeps> remove the kvm, plug in directly?
<dou213> i'm using more than one pc, so i need the kvm
<Deeps> replace the kvm with one that works with your hardware
<dou213> Deeps: do u use kvm? may i ask which firm?
<Deeps> i dont, no
<Deeps> not currently, anyway
<dou213> asked in other channels, seems that kvms from Belkin work just fine
<dou213> mine is Zonet
<dana_good> dou213: how old is the computer that isn't recognizing the KVM keyboard?
<dou213> dana_good: it is old, a pentium 2
<dana_good> dou213: power the server off completely and then start it up with its channel selected on the kvm the whole time, if that doesn't work, its not compatible with that kvm
<dana_good> and probably not compatible with any KVM
<dou213> dana_good: when i reboot, it allows me to enter setup, thus use keyboard to press DEL, only in GRUB it won't work
<soren> How do you connect keyboards to KVM's these days? USB? PS/2? DIN :) ?
<dou213> mine is usb
<dana_good> dou213: that makes no sense, i can't think of any solutions
<soren> dou213: Are you connecting the USB directly to the old machine or are you using a usb->ps/2 adapter?
<dou213> dana_good: i also tried increasing the time of the bootloader to 1 minute, maybe it needs some time to acknowledge the keyboard, nothing!
<dana_good> soren: theres USB and PS/2 kvms as well as weird sun and adb connectors
<dou213> soren: neither nor, i'm connecting the keyboard (usb) to the kvm
<soren> dana_good: Sorry if I was unclear. I meant the garden variety KVM, not the weird old sun types.
<soren> dou213: That's what I meant by "directly to the old machine"..  Have you tried connecting a usb keyboard to it directly?
<dou213> soren: no, 'til today i had a ps/2 keyboard connected...
<soren> dana_good: I'm familiar with the existense of KVM's for PS/2 as well as DIN... I'm just wondering what you get if you just order a KVM switch. What the default is.
<soren> dou213: Try it. Make sure you're barking up the right tree.
<dou213> soren: but it makes no sense, why would it work in bios and not grub?
<soren> dou213: If the machine doesn't like USB at all, it's hardly the kvm's fault.
<soren> dou213: GRUB and the BIOS both work in mysterious ways.
<dou213> soren: lol
<soren> dou213: Sometimes, there's an option in the BIOS to do USB legacy support or something like that.
<soren> But at any rate: Try connecting a usb keyboard directly and see if it flies.
<ElDelfin> does anybody know of any fserves for linux that work?  I just completed looking at about 8 for xchat, and only one worked, and couldn't send a file based on a trigger.  I'm going to install FindBot for IRSSi, and if it doesn't work, that'll be all the scripts I know about on linux.
<dou213> soren: omw
<soren> ElDelfin: I think there were about 7 words in there that I completely understood.
<soren> ElDelfin: fserves?
<Deeps> irc fileserving scripts
<soren> send a file based on a trigger?
<soren> For what?
 * soren is failing at IRC right now, apparantly
<soren> dou213: "omw"?
<Deeps> generally they initiate a dcc chat with the requestor, who can then browse a filesystem and request files
<soren> Oh, "on my way"
<soren> I get it.
<soren> Deeps: Why? What's the benefit over ftp or http or whatever?
<Deeps> http and ftp sites can be found by spiders, fserves generally arent, and thus make them useful for warez
<ElDelfin> unlike ftp, you can request files when a lot of other ppl want files from the servers
<ElDelfin> then, they are in a queue.
<Deeps> and that
 * soren mumbles something about bittorrent
<ElDelfin> with an ftp, you can't queue up yer file and leave.
<soren> Anyhow, ElDelfin, I don't think this is the best channel for that sort of question.
<ElDelfin> bit torrents are gr8, but there are things on IRC that are not on bit torrents.
<soren> If it were me, I would probably ask in one of the channels where such "fserves" hang out.
<ElDelfin> ok.  ubuntu server.  what ubuntu # do i ask ?'s about servers on ubuntu in?
<soren> ElDelfin: Are  you saying that you're going to use your fserve to put things on irc that are already on irc?
<ElDelfin> no.  things that are not already on irc
<Deeps> ElDelfin: suppose you were doing tihs on windows, would you ask in #windows? or would you ask in a channel related to what you're doing?
<soren> ElDelfin: Then I don't understand your argument against bittorrent.
<soren> ElDelfin: You don't want to use bittorrent, because there's stuff on irc that isn't on bittorrent. You use this as an argument for putting more stuff on IRC. I don't get it.
<ElDelfin> it's a fine way to offer, and i may do that too.  i like the content in some irc #'s, and think some might be more appreciated there.
<soren> Ask in one of those channels then.
<ElDelfin> well, perhaps #windows-servers, but then, it might could be more specific yet.  there are more windows users.
<ElDelfin> i don't know of a better ubuntu #, although i'm open to ideas.
<Deeps> i'd imagine a channel that'd be comprised of people interested in active directory, exchange, terminal services, zfs, etc probably wouldn't care too much about your irc service
<Deeps> zfs? lol, dfs.
<soren> ElDelfin: For someone who's open to ideas you certainly seem to ignore them a lot.
<ElDelfin> how so?
<dou213> soren: update: when i connect the keyboard(usb) directly to the server, it also doesn't work in grub.. maybe there is some option in bios which i must change
<soren> ElDelfin: I keep telling you to ask in the channels where users of these fserves hang out.
<soren> dou213: How about that.. :)
<ElDelfin> ok, twice just now.  sorry to keep answering questions and keep talking to you.
<soren> ElDelfin: I'm not trying to be difficult. I'm just pointing out that this channel probably isn't the best place to ask. It's hardly our fault that we're not experts on sharing warez over IRC. We deal with free software here...
<dou213> soren: at least we're one step further... :) but what now?
<dana_good> soren: i think there's a transitional period right now. most KVMs have USB and PS/2 for the console and support both for connecting to servers. the new trend is ethernet based KVM cables, which can convert from basically anything to ethernet.
<soren> dou213: I'd a) go looking for that option in the BIOS and failing that b) go to the nearest hardware store and buy myself a usb->ps/2 connector.
<soren> ElDelfin: I'm not trying to be difficult. I'm just pointing out that this channel probably isn't the best place to ask. It's hardly our fault that we're not experts on sharing warez over IRC. We deal with free software here...
<ElDelfin> btw: soren, you're a real prick.
<soren> Glad I could help.
<dou213> soren: option b) is not valid, for my kvm has no ps/2 compatibility
<soren> I'm not sure how those things actually work.
 * soren wonders what he meant by "sorry to keep answering questions and keep talking to you"
<soren> I have IRC logs going back more than a year. He's been here twice, both times asking questions about sending files over IRC.
 * soren shrugs
<paul687> hi I wan to set up my server as router however when I ping from my dlink towards my eth0 it is working but can't connect to eth1 the same goes if I connect through the linksys how do I solve this
<martyn_> Hi dudes. I have a server with named ansuk.org a sub-domain atlas.ansuk.org.  Currently if people enter www.ansuk.org they go to the main site but have to drop the www to use the atlas sub.  Am I correct in thinking I use a CNAME in the DNS record, to add www.atlas.ansuk.org to atlas.ansuk.org.  Currently anything with www at the front goes to the main site.
<Deeps> ok so....
<Deeps> i've used vmware-mount.pl to mount a virtual disk in a screen session
<Deeps> i've since detached from that screen and attempted to make some changes to the mounted filesystem
<Deeps> the terminal i did that in hung, and when i tried to do an ls -l in a second terminal i had active within that fs, to see if it was doing the changes (chown), just slowly, it hung too
<Deeps> now i cant get another ssh session up
<chanibal> hey, i'm just in the process of upgrading 8.04->8.10 (server edition) and do-release-upgrade hung on * Setting up console font and keymap... - anyone had smth like that?
<Deeps> the box still pings, but i cant ssh in anymore :/
<Deeps> i have 2 stalled ssh sessions
<Deeps> ctrl+c doesn't work, ctrl+z doesn't work, any suggestions?
<NCommander> Deeps, no idea, I've never had an issue doing it over remote, but I'd never upgrade a server unless I was sitting next to it, or someone I know was :-)
<[Solars]> is it consider safe to upgrade from 8.04 to 8.10 now?
<Deeps> urr, you mean chanibal?
<Deeps> NCommander: urr, you mean chanibal?
<NCommander> [Solars], only if you have hugged your backup
<Deeps> NCommander: since i'm not trying to upgrade anything.... :p
<chanibal> Deeps: there's a magic control+/ (or \) that sends some other signal, perhaps that?
<chanibal> (through i have no idea what's the issue :D)
<Deeps> chanibal: ta, ctrl+\ does nothing, ctrl+/ echos ^_ to the screen :(
<chanibal> hm... worked on my urxvt, through on localbox, no ssh
<Deeps> i have a feeling the machine's running out of file descriptors or something
<Deeps> as now a couple of the vms wont let me establish new sessions
<chanibal> there was something to read those, somewhere in /proc
<chanibal> but the limit was very high if i remember correctly
<Deeps> cant get onto the machine, it's in london, i'm in ireland, heh
<chanibal> good thing my problem sits next to me, only doesn't have a monitor
<chanibal> hm... maybe it's because i run do-release-upgrade on a screen?
<Deeps> it's possible
<chanibal> (by screen i mean /bin/screen not monitor or smth)
<Deeps> yep
<chanibal> or, so i'll disconnect from everything i can and reconnect, if the problem persists you'll see me again soon
<chanibal> eh, done a ^C on the font issue and now aptitude works kinda in the background and the whole console is full of python tracebacks and apt errors :/
<Lamo> When setting up a ubuntu web server for development which version is best to install?
<Deeps> chanibal: sounds about normal, safe to ignore most of that
<Deeps> Lamo: the latest, if you want the newest versions
<Lamo> thinking I'll get 8.04
<chanibal> aptitude seems to pick up when the errors started, still some hope...
<Lamo> 8.10 is still giving me random freezing on my desktop
<Deeps> ok then
<chanibal> oh, and having a error in initramfs generation isn't a thing to ignore...
<Deeps> no
<chanibal> ^%#$% ^%#@!
<uvirtbot> chanibal: Error: "%#$%" is not a valid command.
<chanibal> Konfigurowanie console-setup (1.25ubuntu3) ... * Setting up console font and keymap...
<chanibal> broke again
<chanibal> what the hell is that console-setup package anyway
<chanibal> ttys or smth
<chanibal> ?
<Deeps> i do not know, sorry
<chanibal> and just wondering, your /usr/share/aptitude/aptitude-defaults.pl:49 also had errors? someone made the strings in the localisation incorrectly
<chanibal> ok, found the bug
<chanibal> getty was broken
<chanibal> the one on console 1
<chanibal> any idea if the upgrade required a restart?
<chanibal> nvm, will do one anyway, see you
<Deeps> the upgade should require a restart, yeah
<uvirtbot> New bug: #299638 in bind9 (main) "Please sync bind9 1:9.5.0.dfsg.P2-4 (main) from Debian unstable (main)." [Wishlist,Confirmed] https://launchpad.net/bugs/299638
<[Solars]> is it consider safe to upgrade from 8.04 to 8.10 now?
<Deeps> ok, done a hard reboot on the server, still cant ssh in, installed telnetd, that also just connects and then drops
<Deeps> lightttpd works though, as does the vmware httpd + normal logins
<Deeps> any suggestions on something i can run to allow a remote terminal?
<Deeps> nothing appearing in /var/log/(messages|syslog)
<Lamo> After adding a https source to my sources.lst file for mysql I receive the error "E: The method driver /usr/lib/apt/methods/https could not be found." when running apt-get update. does apt not support https? if so why does mysql offer it for ubuntu?
<Lamo> After adding a https source to apt I get the following error'E: The method driver /usr/lib/apt/methods/https could not be found.' Does apt not support https?
<Lamo> sorry for reposting my irc client crashed
<Deeps> it would appear not
<Lamo> weird though cause mysql offers a repo for apt with it
<zoopster> do you have apt-transport-https installed?
<zoopster> it is not installed by default
<Lamo> ah ill check thanks
<Lamo> ah ha
<Lamo> awesome
<Lamo> thanks
<zoopster> Sure.
#ubuntu-server 2008-11-19
<dou213> hi guys, can i use mirc/xchat with ubuntu server?
<Deeps> sure, if you're running X
<Deeps> or want to X forward it
<dou213> Deeps: i'm not using X-server, thus not possible?
<Deeps> wel if you're not running X, how do you think a graphical client is going to be displayed? heh
<Deeps> you can X forward it from the server to your local X server if you wish
<jmedina> dou213: why dont you use a Terminal irc client?
<dou213> jmedina: like? that's what i'm searching for i guess... didn't know how to put it :)
<Deeps> irssi
<Deeps> bitchx
<jmedina> you can login by ssh to the server and start chatting without problem, or you can use screen inside your ssh session, and when you are bored you can detatatch you session, and the next day re use your session
<dou213> Deeps: sry for the inconvenience
<jmedina> I only know irssi
<Deeps> those are the 2 more popular terminal clients
<dou213> ok Deeps and jmedinam thx i'll give it a try..
<dou213> jmedina, sry
<jimmy_> Hello
<espacious> will software raid acheave better speed if i make raid1 betwenn ide1 dev1 - ide2 dev1 or ide1 dev1 - ide1 dev2 (i have total four disks on other two i will setup lvm)
<_ruben> espacious: having 4 pata disks on 2 busses will kill your performance either way .. when just looking at the raid part, splitting the 2 members of the raid over the 2 busses sure is faster (shared busses suck)
<espacious> _ruben glad somthing pointed me out that
<espacious> infact my rebuild is extremly slow but i have raid1 on separate ide
<espacious> fact is i have two separate ride1 one is (ide1-1,ide2-2)
<espacious> other is ide1-2, ide2-1
<espacious> is doing both rebuilds on start it was fast enough now speed dropped to almos 0
<_ruben> well, pata will always remain slow, especially with 2 devices on a single bus, you should buy 2 port ide controller and give each drive its own bus
<espacious> _ruben u got it i use pata not sata i will buy it, i think its a good idea.
<espacious> _ruben can u cca tell me what is the difference in speed on same and on separate ide?
<espacious> another thing can i stop the rebuilding array proces?
<espacious> since i have two running, i want first finish one and than do the second.
<Jeeves_> Hiya!
<henkjan> hey Jeeves_
<henkjan> good to see you here :)
<Jeeves_> :)
<_ruben> espacious: i dont know the exact comand by head, but with mdadm you can stop one of the (re)builds afaik
<_ruben> espacious: theoretically the speed gain is atleast a factor 2
<_ruben> one bus, shared by 2 disks, each disk has 50% .. but there's quite a bit of overhead, so the gain would be even more
<espacious> no realy 50% ?
<espacious> that's sooo much!
<espacious> i will buy the controller.
<_ruben> Jeeves_ returned from the dead ;)
<espacious> _ruben u think i can remove the sdd1 from the array when is still syncing?
<espacious> with the --remove command?
<_ruben> espacious: i think you can, you could stop the array first to be sure
<espacious> ok thanks
<kraut> moin
<Jeeves_> Morning
<ubuntu_> is eBox a recommended tool for server management?
<ropetin> ubuntu_: Recommended is a relative term
<ropetin> I'd say it depends on your experience level, desire to learn, and the type of server you're refering to
<ubuntu_> ropetin, my experience level is intermediate... I'm currently maintaining an office server since I have the most linux experience in the company, but I'm only a part-time administrator.
<ubuntu_> I'm happy to learn what's needed, but preferably if it helps me maintain the server more effectively
<ubuntu_> the server itself is a file/print/backup/network server which I have direct access to
<ubuntu_> currently I maintain the server through a combination of commandline and GUI interfaces
<ropetin> ubuntu_: is it externally accessible or only on your LAN?
<ubuntu_> ropetin, at the moment it's only on the LAN
<ropetin> In which case, no worries, give eBox a go, see if you like it
<ubuntu_> ropetin, can there be difficulties if I'm using eBox and still tweaking the conf files manually?
<ropetin> I only used it one time, a while ago and didn't like it, so I can't say for 100%, but I'd think so, based on the way somethign like that works
<ubuntu_> thanks ropetin, I'll check it out and see if I like it
<ropetin> No worries, good luck
<uvirtbot> New bug: #299843 in open-iscsi (main) "armel build failure (package not yet in the archive)" [Medium,Triaged] https://launchpad.net/bugs/299843
<ubuntu_> is there a good way to backup users and groups (incl. passwords)?
<Omahn_> Shame eBox isn't installable from the standard repos at the moment.
<Deeps> backup the /etc/passwd, /etc/shadow and /etc/group files?
<ubuntu_> Deeps, so if I just restored those files to the new /etc directory, the users will be reinstated?
<Omahn_> ubuntu_: Yes, although you might want to backup their home directories too.
<ubuntu_> Omahn_, yes, that would be part of the plan
<Deeps> ubuntu_: you also might wanna check that the system user uids and gids all match up to what your new system has too
<Deeps> e.g. if you've installed some services that run under their own user, e.g. named, postfix, mysql
<Deeps> better would be to just grab all the real user + group accounts (uid/gid >= 1000) and add them back in
<ubuntu_> Deeps, is there a way to restore users/groups selectively?
<uvirtbot> New bug: #299813 in xine-lib (universe) "armel builds failure (package not yet in the archive)" [High,Invalid] https://launchpad.net/bugs/299813
<espacious> where can i get help with software raid1?
<uvirtbot> New bug: #299866 in tomcat6 (main) "package tomcat6-admin 6.0.18-0ubuntu3 failed to install/upgrade: el subproceso post-installation script devolvi? el c?digo de salida de error 255" [Undecided,New] https://launchpad.net/bugs/299866
<soren> espacious: Here, maybe. Just ask your question.
<espacious> so i have 2x raid1 now it's rebuilding both arrays, and it became slow, almost 0. i want to pause one array or stop one to let first finish one.
<espacious> at start was going ok normal rebuilding speed, then near the end it became very slow i rebooted did again the stuff but same happened = slow performance at the end.
<espacious> also the console is much unresponsive
<espacious> takes ages to make a command
<espacious> take a look at that
<espacious> http://pastebin.com/m66f9ed8c
<espacious> shud i try "mdadm --stop /dev/mdx
<espacious> ?
<soren> Which version of Ubuntu is this?
<espacious> latest server ubuntu
<espacious> 8.10
<soren> anything interesting in dmesg?
<espacious> cat /var/log/dmesg?
<piti> espacious: or just dmesg
<espacious> i got slow respond on console
<espacious> will paste it
<ahasenack> do you have anything else heavily using the disk perhaps?
<espacious> no only two raid's
<espacious> its a new install almost.
<espacious> just added apache and samba and raid.
<espacious> apache is topped also samba
<espacious> stopped*
<espacious> last few lines of dmesg
<espacious> http://pastebin.com/m23b9e410
<espacious> JBD: IO error reading journal superblock ???
<espacious> i think becouse i hard rebooted
<espacious> piti if i mdadm --stop /dev/md1 i get
<espacious> fail to stop array /dev/md1: Device or resource busy
<Omahn_> Presumably because you have something mounted off /dev/md1
<espacious> md1 is lvm
<espacious> should i unmount?
<espacious> the rebuild array is in progres but it's froozen
<Omahn_> If possible yes. I suspect you will also have to make the volume groups inactive.
<espacious> ok will try.
<espacious> disk led is up for hours now, console is very unresponsive.
<espacious> i doubt its a fault disk.
<Omahn_> Sounds like it might be a fault on the controller if you're sure the disk is healthy.
<espacious> worked ok a couple of hours ago
<espacious> so was not mounted
<celephais> Hi, how can i use lvm with kvm?
<espacious> Omahn_ how i make volume groups inactive?
<espacious> umount /dev/fileserver/share ?
<espacious> or lvremove ?
<ahasenack> espacious: vgchange -a n
<espacious> dows what?
<espacious> does*
<espacious> ok found the vgchange man
<espacious> is safe to do that while an array is build?
<soren> espacious: This also doesn't look too good: #
<soren> [   43.821632] attempt to access beyond end of device
<soren> celephais: What do you mean?
<espacious> hmm.
<celephais> soren, how can i install guest system on a logical volume?
<espacious> i wil rebuild lvm as now i dont use entire disks and they are not same size but almost equal.
<celephais> soren, or let a guest access a logical volume
<espacious> celephais im sure u can find some how to's
<espacious> i ran vgchange -a n to see.
<celephais> espacious, with xen yes, but i can't find anything for kvm
<celephais> espacious, and with vmbuilder i can use only files
<soren> celephais: Just like you would install it to any other file or device.
<soren> If you were using a file, you'd: kvm -hda /path/to/some/file.
<soren> If you were using an lv, you'd: kvm -hda /path/to/some/lv. Same.
<celephais> soren, ok, is supported in vmbuilder?
<espacious> root@kgsstore01:~# vgchange -a n
<espacious> File descriptor 5 left open
<espacious> for 5 min now....
<soren> celephais: It's meant to be (it works for me), but i've heard about others who had less luck. The option, you're looking for is --raw.
<celephais> soren, ok I'll try thank you
<espacious> so stuck at vgchange... how can i repair that mess
<espacious> im worried about the disks they are reading/writing now for a couple of houres non stop.
<soren> espacious: What does your partition table look like?
<espacious> sda - sdd
<espacious> a1 c1 raid1 normal ext3
<soren> Ah, no.
<espacious> what?
<soren> 0
<soren> Whoops
<soren> I'd like to see your partition table.
<soren> fdisk -l /dev/sda, for isntance.
<soren> Actually, "sudo fdisk -l /dev/sd?"
<espacious> now i can only wait but it is ...
<espacious> sda1 /
<soren> That's not what I'm looking for.
<espacious> ok will make output of fdisk
<espacious> is the pc dont blow up, it's writing like an animal
<espacious> if*
<espacious> still stuck.
<espacious> shuld i reboot and disct the second disk in the raid?
<espacious> and then rebuild the whole again?
 * soren thinks something is screwed
<soren> ...and I'm suspecting the partition table right now.
<espacious> btw when i runed top it was ok..
<soren> meaning?
<espacious> ok will try to post out that fdisk
<espacious> no proces was 100% cpu
<soren> Ah, no. There wouldn't be.
<soren> All the raid magic is in the kernel (and hence doesn't show up in top).
<espacious> right.
<Omahn_> espacious: Is this a server or a desktop box?
<espacious> server.
<Omahn_> Bummer.
<espacious> u mean the motherboard etc... or the OS version?
<Omahn_> Just the box, if it was just a desktop machine then a reboot might be a worthwhile.
<espacious> its a normal pc its not a server ubuntu is server ver...
<uvirtbot> New bug: #299886 in mysql-dfsg-5.0 (main) "error processing /var/cache/apt/archives/mysql-common_5.0.22-0ubuntu6.06.11_all.deb (--unpack)" [Undecided,New] https://launchpad.net/bugs/299886
<espacious> still at vgchange should i ctrl+c?
<Omahn_> Yeah, it should return immediately.
<Omahn_> Is the filesystem ext3 on the logical volume?
<espacious> all command have delay
<espacious> yes on sda1 and ext3 is also on md1 (lvm)
<Omahn_> Are these disks SATA or SCSI?
<espacious> and both are rebuilded..
<espacious> pata
<ahasenack> espacious: what do you mean when you say "md1 (lvm)"? Is it lvm over raid?
<espacious> two disks in lvm group and in raid1
<Nafallo> md1 is usually raid.
<Nafallo> oh.
<espacious> i messed up sth?
 * Nafallo makes a note to not comment without reading ;-)
<espacious> neither ctrl+c has effect seems
<ahasenack> espacious: so it's raid1 first, and then you created an lvm group using the raid device, that's it?
<ahasenack> espacious: is / a logical volume too?
<espacious> hmm.. i made first lvm on both disks and than put them in vlm group and in raid md1
<Omahn_> espacious: Might be easier if you could give us the output from the following commands, as root.
<Omahn_> pvscan
<Omahn_> vgscan
<Omahn_> lvscan
<Omahn_> mount
<espacious> i know.
<Omahn_> cat /proc/mdstat
<Omahn_> dmesg
 * soren still thinks fdisk -l /dev/hd? is what we want
<Omahn_> Assuming the machine is responsive enough to produce the output :-)
<espacious> waiting if it becomes responsive otherwire i will rebot
<espacious> is not.
<Omahn_> soren: The earlier mdstat pasted was referring to sd?, hence a little confusion when espacious mentioned PATA.
<soren> Omahn_: Why? And what's your point? :)
<soren> Very, very few disks (if any at all) are named hd? nowadays.
<soren> Err...
<soren> I mean, disks on very, very few controllers (if any at all) are name hd? nowadays.
<espacious> Omahn_ they are normal 80 pin pata and are shown as sd**
 * Omahn_ still has many machines with hd? disks.
<soren> I haven't had any for years and years.
 * Omahn_ passes the willy waving award to soren 
<soren> Even my ancient laptop (pre 2000, IIRC) has an sda disk.
<soren> Omahn_: :)
<espacious> my lifebook too.
<espacious> so ctrl+c stuck no nada nothing.
<soren> Switch to another console.
<espacious> local? it won let me axx over lan
<soren> Yes, local.
<espacious> brb
<espacious> huh local console is full of errors!
<espacious> DRDY ERR ata1.00
<espacious> error UNC
<espacious> never seen that
<Omahn_> Doesn't sound good..
<espacious> in fact ata2 not ata 1
<espacious> i see !
<espacious> damn.
<espacious> so what is the procedure?
<espacious> got the remote console..
<espacious> shutdown -r now?
<Omahn_> Might as well.
<espacious> since i presume it wont stop writing
<espacious> what u suggest?
<Omahn_> How have you got to this stage? Was this a RAID1 mirror that experienced a failed disk?
<espacious> no i had raid1 on that i had my os i only created another raid LVM one but i had it before i only changed disks. there is almost no data on that lvm...
<soren> espacious: I'd start over.
<Omahn_> ^^^^
<uvirtbot> Omahn_: Error: "^^^" is not a valid command.
<espacious> how.
<soren> espacious: How what?
<espacious> i think the main disks should be ok. i can maybe just recreate raid and lvm again.
 * soren mumbles some more about a partition table..
<Omahn_> espacious: I would recommend checking those disks before you go any further.
<espacious> what exact output u wanna see fdisk -l ?
<soren> espacious: All of the output from "fdisk -l /dev/sda?"
<soren> Whoops
<soren>  "fdisk -l /dev/sd?" I mean.
<espacious> damn.;D
<soren> What now?
<espacious> i entered the first one.
<espacious> thamn this can take ages.
<espacious> let me try local
<soren> "the first one"?
<soren> Oh, what I wrote first.
<soren> Right, sorry about that.
<soren> It shouldn't take long, though.
<espacious> yes.shouldnt.
<espacious> local console is not usable
<espacious> outputs only errors cant login
<espacious> also i noticed only sdc and sdb are involved in errors so is sth with the lvm disks not the main
<espacious> aha fdisk output.
<espacious> http://pastebin.com/m2baea8a6
<espacious> dont tell much
<Omahn_> Was that the output from fdisk -l /dev/sd?
<espacious> fdisk -l /dev/sda
<Omahn_> Try again with 'fdisk -l /dev/sd?' without the quotes.
<espacious> already in progres
<espacious> ok was a bit faster
<espacious> http://pastebin.com/m55f7e23d
<Omahn_> Ok, now 'cat /proc/mdstat'
<espacious> http://pastebin.com/m49d2a06b
<espacious> read your mind:D
<Omahn_> :-)
<espacious> :D where i screwed up?
<Omahn_> You didn't hot swap any of the disks did you?
<espacious> no.
<espacious> im also preaty sure there were both disks in md1
<espacious> when i booted up.
<Omahn_> If you have lsscsi installed, the output from 'lsscsi' would be useful.
<espacious> ...
<espacious> if i could stop the rebuild somehow would help i think.
<espacious> still no output.
<Omahn_> I think a reboot would be a smart move. Something has gone badly wrong somewhere. It's extremely odd to see two RAID arrays, with different disks, fail like this.
 * Omahn_ still suspects controller
 * Omahn_ has to head off now
<espacious> thanks for helping.
<Omahn_> Didn't really help much, but no problem :-)
<W8TAH> on server 8.06 where do i specify the name servers -- resolve.conf says not to edit it
<Deeps> either in resolv.conf, or as args in /etc/network/interfaces on the network interface
<espacious_> i reboted the server now how can i stop the rebuild that has again started?
<espacious_> for now the console is responsive.
<espacious_> mdadm --stop /dev/md1 dont help
<W8TAH> thanks deeps
<Deeps> dns-nameservers arg in interfaces
<Deeps> see interfaces(5) manpage
<Deeps> i lie, it's not in there lol
<Deeps> (in the manpage, that is)
<espacious_> ok i managed to stop the array
<espacious_> mdadm --manage /dev/md0 --fail /dev/sdb1
<espacious_> what shoul i do now?
<W8TAH> cool
<DrUnKnMuNkY> Hey i'm getting frequent kernel panics that all seem to be indicating that something to do with iptables is causing them. I'm not sure how to investigate further to try to figure out what's causing them though. Any ideas?
<DrUnKnMuNkY> 8.04 with all updates installed
<soren> kernel version?
<DrUnKnMuNkY> 2.6.24-21-server
<mathiaz> soren: question about iscsi merge - why do you start iscsi before networking?
<mathiaz> Koon: what should be done about bug 286828?
<uvirtbot> Launchpad bug 286828 in samba "Access to samba<3.0.26 shares using CIFS is broken on 8.10" [Undecided,Confirmed] https://launchpad.net/bugs/286828
<mathiaz> Koon: it seems that we've found what the problem is. However I stil wonder why the cifs client broke in the first place
<soren> mathiaz: I don't.
<Koon> mathiaz: I wanted to check if dapper was affected
<soren> mathiaz: I start it before S40networking, yes.
<mathiaz> soren: hm - the iscsi init script is started at S25
<Koon> mathiaz: also I'm just not sure saying it's a server-side problem will "solve" the issue for those who can't upgrade (closed NAS boxen)
<Koon> smbfs was apparently ignoring this bug quite well.
<mathiaz> soren: while networking is at S40
<mathiaz> Koon: exactly.
<soren> mathiaz: Yes...
<soren> mathiaz: But the network is brought up before that.
<soren> udev discovers a nic -> it's configured.
<mathiaz> soren: right :D
<Koon> mathiaz: but I also undersand steve french's pov: as upstream he shouldn't consider the bug on his side
<Koon> mathiaz: that leaves us in the middle, and our choice to use CIFS where SMBFS was used before
<mathiaz> soren: even in the case of interfaces setup in bonding?
<soren> mathiaz: No.
<mathiaz> Koon: well... backward compatibility could be taken into account.
<Koon> mathiaz: so my plan was: 1/check if dapper samba server is affected 2/try to see if we can workaround this in CIFS
<soren> mathiaz: but S40 is way too late for something that might be providing your block devices for all your filesystems.
<Koon> mathiaz: I'm just not sure we can achieve 2/ without Steve's help :)
<mathiaz> Koon: dapper is probably affected.
<mathiaz> Koon: I haven't tested though.
<mathiaz> Koon: OTOH hardy is not
<mathiaz> soren: right - could the iscsi block devices be considered as network filesystems?
<mathiaz> soren: it seems that the pre-condition for iscsi to work correctly is to have the network up and running
<soren> No.
<soren> Sorry for being so terse... I'm trying to look after my daughter at the same time, and she's rather unhappy.
<Koon> mathiaz: all the reporters use the 3.0.23-3.0.25 range, and I find it funny noone has reported the bug using dappers' samba server
<mathiaz> soren: ok - we can resume this conversation later
<Koon> that's why I wanted to check (and identify precisely which upstream bug causes this)
<mathiaz> Koon: right. Even if dapper is not affected, I'm still not convinced that we can close to bug with a answer - please upgrade your server
<Koon> mathiaz: I agree with you.
<mathiaz> Koon: it may worth asking steve opinion if adding a workaround this would be possible
<Koon> mathiaz: sure, want me to do it ? I wanted to identify the bug more precisely before I did that.
<mathiaz> Koon: sure. Seems that your plan is good - first try dapper
<mathiaz> Koon: and then get in touch with steve
<mathiaz> Koon: to see if a workaround could be added to the code.
<Koon> yep.
<mathiaz> Koon: awesome - thanks
<soren> mathiaz: Yes, network needs to be up and running for iscsi to work. However, "network being up and running might not mean what you think".
 * soren is bad at placing quotation marks..
<soren> I'll try again:
<soren> "network being up and running" might not mean what you think.
<soren> If you've booted off of iscsi (some BIOS'es support this), the network is up and running even before you boot the kernel.
<soren> So you might not even have to do anything to get it to work.
<soren> mathiaz: S25 is about the right place for open-iscsi. We just need to make sure that bonded interfaces are up at that point as well.
<soren> I proposed a patch for that a long time ago.
<soren> IIRC, I'm still awaiting feedback on it.
<soren> The gist of it:
<soren> Err...
 * soren was looking at the wrong file.
<mathiaz> soren: ok - another solution that debian tried was to use ifup.d script
 * soren doesn't like it
<ahasenack> mandriva had something in fstab specifying that the iscsi mount point used network, so it's mounting would only be attempted later after network was up
<mathiaz> soren: it was reverted later
<ahasenack> _netdev IIRC
 * ahasenack jumped into the middle of the discussion, and now jumps out
<mathiaz> soren: and they mount _netdev filesystems
<soren> ahasenack: Right. I don't like it.
<mathiaz> ahasenack: right - I think that's what debian is doing for now.
<mathiaz> soren: It also seems that the use case of root on iscsi is separate from non-root on iscsi
<soren> mathiaz: IIRC, yes.
<soren> mathiaz: What I changed in ifenslave-2.6 was:
<soren> Instead of the bond0 interface listing its slaves, the slaves would refer to the bond0 interface.
<soren> The if-up.d would check if the bond0 was "complete" and bring it up when all the slaves were available.
<soren> I.e. when udev discovers the last one.
<soren> ...as opposed to S40, which is way too late to be useful.
<mathiaz> soren: ok.
<mathiaz> soren: other question related to iscsi - why is iscsi shutdown at K25?
<mathiaz> soren: that is way before S40umountfs
<soren> mathiaz: That's a bug, I believe.
<mathiaz> soren: ok.
<soren> The road of iscsi zen is paved with mysteries and surprises. Beware.
<mathiaz> soren: right - debian added a new shutdown script
<mathiaz> soren: umountiscsi.sh at K80 in rc6
<mathiaz> soren: that's before S20sensigs
<mathiaz> soren: it seems that iscsi devices should be umounted around the same time as S31umountnfs
<soren> If you can find a way to identify iscsi mounts, that's the rigth place to unmount them probably.
<mathiaz> soren: http://paste.ubuntu.com/74398/
<mathiaz> soren: that's what is used to umount iscsi devices
<soren> mathiaz: At a glance, that seems to at least attempt to do the right thing. Let's try it.
<espacious_> soren i screwed up again or there is sth wrong
<espacious_> i recreated raid and lvm
<espacious_> i saved the sda1 the drive is ok raid was rebuild
<espacious_> but when trying to rebuild raid with lvm
<espacious_> http://pastebin.com/m312628e5
<espacious_> where im making the mistaake now i made also xfs not ext3..is maybe that the disks are not exactli the asme?
<soren> It's hard to say. I don't know what you've done. You're just showing me the result.
<espacious_> i folowed one tutorial now.
<espacious_> but quite as i setuped earlier
<soren> That doesn't help me much :)
<espacious_> i know can u just point me a bit
<espacious_> or tell me what to show u
<soren> espacious_: How did you set it up?
<espacious_> first i make fdisk /dev/sdb and sdc type Raid linux auto
<espacious_> than i added one disk
<espacious_> to the xxx_vg
<espacious_> made xxx_lv
<espacious_> mkfs xfs
<Ju> hello there !
<espacious_> addet the other disk /dev/sdc
<espacious_> an started the array was going ok till reached about 50%
<espacious_> now its again stuck and the console is slow.
<espacious_> but the md0 raid is now ok (system) only the lvm md1 has problems
<Ju> Just updated https://bugs.launchpad.net/ubuntu/+source/libapache-mod-auth-mysql/+bug/150649/comments I'm a bit worry, ie that could be something I've misconfigured, but the "stack smashing detected" is quite bad
<uvirtbot> Launchpad bug 150649 in libapache-mod-auth-mysql "gutsy does not have a working apache+mysql authentication solution" [Undecided,Incomplete]
<espacious_> hey soren http://pastebin.com/m6807ed47
<espacious_> is maybe this related to my bios setup of diks?
<Koon> zul/jdstrand: one of you might be interested in sponsoring my debdiff on bug 291265
<uvirtbot> Launchpad bug 291265 in nagios-plugins "Buffer overflow in check_ntp_peer - Nagios can't check time servers in Intrepid" [Medium,Confirmed] https://launchpad.net/bugs/291265
<zul> jdstrand: would that patch go into security then? or just a regular upload to proposed?
<espacious_> i also get this soren mdadm: metadata format 00.90 unknown, ignored.
<jdstrand> zul: not security relevant
<zul> jdstrand: cool
<zul> Koon: ill take it then ;)
<Koon> don't fight :)
<jdstrand> thanks zul!
<jdstrand> (I'm certainly not fighting him sponsoring that :)
<Koon> zul: i'll do a SRU for intrepid after that.
<zul> Koon: sounds good
<zul> Koon: done
<Koon> zul: cool, thx
<zul> Koon: np
<uvirtbot> New bug: #300033 in openldap (main) "package slapd 2.4.11-0ubuntu6 failed to install/upgrade: subprocess post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/300033
<sommer> mathiaz: doh, was composing a reply to that bug as well
<sommer> :)
<mathiaz> sommer: oh! thanks:)
<sommer> least I had the same conclusion
<mathiaz> sommer: it seems that the end user installed something in /usr/local/
<dana_good> I'm setting up a mailman server (jeOS 8.04) with exim4, apache2, and mailman. I've also installed openssh, screen, and unattended upgrades. the issue i'm having is that the server doesn't recieve mail because SSH is listening on 22 AND 25 for some reason.
<sommer> dana_good: strange... you might check /etc/default/ssh to see if there are any options configured
<dana_good> okay
<dana_good> sommer: i'm not seeing any options configured, i'm running the default SSH install from "aptitude install ssh"
<sommer> mmmm... I'd try stopping ssh using /etc/init.d/ssh stop; then kill any remaining ssh processes and start ssh again
<sommer> that should tell you if there's something going on with sshd
<mathiaz> dana_good: are you sure it's the sshd process that listens on port 25?
<mathiaz> dana_good: you can check that with netstat -anp | grep sshd
<Nafallo> or even netstat -ltnp | grep \:22 :-)
<Nafallo> ehrm. 25
<Nafallo> that one might need root though
<tacone> is it normal being able that everyone is able to read apache's logs on ubuntu while in debian they are readable on by root ?
<sommer> tacone: mine are only readable by root.adm
<Nafallo> -rw-r-----  1 root adm     5182 2008-11-19 14:28 access.log <-- tacone, my server disagrees
<tacone> uhh, adm.
<tacone> ok, makes sense.
<tacone> guess on debian the desktop user is not into adm group, that's why i got that report.
<tacone> thank you very much.
<dana_good> mathiaz and Nafallo netstat says exim4 is listening on 25, but when i telnet to 25 i get the openSSH prompt and it says procol mismatch, when i SSH to port 25, i can log in like it was the ssh port
<Deeps> lol that doesn't sound good
<Lamo> Anyone know of anything that's the equivalent of cpanel but free?
<dana_good> !ebox
<ubottu> ebox is a web-based GUI interface for administering a server. It is designed to work with Ubuntu/Debian style configuration management. See https://help.ubuntu.com/community/eBox
<jgjones> Greetings...
<Lamo> dana_good: ebox is bad, I'm trying webmin right now
<jgjones> I have an Ubuntu server running KVM, and one of the virtual machine is also Ubuntu server running ebox - it's a gateway (testing) but....would there be any reason why the network would be slow
<Deeps> !webmin | Lamo
<ubottu> Lamo: webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system. See !ebox instead.
<Lamo> damn
<Deeps> jgjones: ebox is just a web based front end to aid in configuration of services
<jgjones> let me try to explain - the virtual server (ebox) is DHCP, gateway, and DNS....the phyiscal server have two NIC's) - when I join network...computer get IP just fine...
<jgjones> but it doesn't ping internet at all...
<jgjones> it seem to take a long time to pick up DNS requests
<Deeps> sounds like you dont have ip forwarding or NAT enabled
<Deeps> cat /proc/sys/net/ipv4/ip_forward
<jgjones> and sometime I can't ping the server itself at all despite picking up IP via DHCP...but after a while...ie a minute or so...
<jgjones> everything works just fine.
<Deeps> iptables -nvL; iptables -t nat -nvL
<jgjones> ie after I ping the server, then I can use internet.
<jgjones> Deeps - it's 1
<jgjones> for cat /proc/sys/net/ipv4/ip_forward
<jgjones> there's just a long lag in between picking up IP and being able to go on the internet...sometime I cannot do this until I ping the server.
<jgjones> I don't know if this is something on the server as can't see anything wrong with configuration or if it's related to the fact that it's a KVM virtual machine - ie would being on KVM cause this lag?
<Lamo> what's the command to login as root in Ubuntu? tired of typing my 14 character password every time I want to edit a file.
<Lamo> found it. sudo su
<maw_> cant apt-get differentiate between an upgrade that is just a new feature compared to a security patch?
<maw_> *can
<maw_> I am looking for a way to only apply security patches
<vensign> Lamo you can use sudo -i
<Lamo> vensign: what's the difference? also is there no way to login as root at login. cause when I ssh into my box I have to first login as user then root typing my really long password twice.
<kees> maw_: if you disable the -updates repository, you'll only get security updates.
<kees> maw_: and traditionally, "new features" don't go into -updates, just major bug fixes
<maw_> ah thanks, that is simple enough
<jmedina> Lamo, set a password for the root user
<Lamo> Having problems with ebox, is there no better alternative?
<Ju> Lamo you can set sudo password less , so you type your passwd only once
<jmedina> Lamo why dont you better report your problems and try to fix them
<dana_good> "sudo su -" will log you in as root if you want to
<dana_good> or you can set sudo to remember your password for a longer timeout
<Lamo> ok well I installed ebox on a headless ubuntu server I setup yesterday, and after installing the ebox-network it killed my network. so I removed it to fix my network which I got back. but now I'm having problems reinstalling. ill give an error when I get it.
<Lamo> ok when reinstalling ebox I get http://pastebin.com/d55b37bb1
<jmedina> Lamo there is a ebox log file
<jmedina> Lamo the best place to askt about ebox is in the ebox mailing list
<jmedina> the ebox developers can answer you questions
<jmedina> they always recommend to install the PPA version, not the one in the ubuntu repositories
<Lamo> ok then I just thought you were maybe offering to help.
<Lamo> oh right I should do that too
<jmedina> Lamo I can help you, but I dont have a ebox here
<jmedina> Lamo did you install ebox under a ubuntu server, or with the ebox iso?
<Lamo> under a server
<Lamo> I'm gonna add the ppa repos
<jmedina> https://lists.warp.es/mailman/listinfo/ebox-user
<jmedina> maybe you can find a similar problem in the mailing list archives
<Lamo> jmedina: thanks ill take a look
<Lamo> PPA repos much better :)
<jmedina> Lamo no problems so far?
<Lamo> not yet but I still need to install ebox-network
<dana_good> so my exim4 mail server can send mail, it just cant recieve mail. when i telnet to port 25 i get a protocol mismatch and SSH responds
<jmedina> dana_good: could you showus that message?
<jmedina> for example the output from $ telnet localhost 25
<dana_good> SSH-2.0-OpenSSH_4.7p1 Debian-8ubuntu1.2
<dana_good> Protocol mismatch.
<dana_good> that's from windows, jeOS doesn't have telnet built in
<Deeps> netstat -anp | grep 22
<Deeps> urr, ignore that
<Deeps> netstat -anp | grep 25
<Deeps> even
<Deeps> find whatever's listening on 0.0.0.0:25 or :::25
<dana_good> http://pastebin.ca/1261742
<Deeps> cat /proc/17231/cmdline
<dana_good> same pastebin
<dana_good> http://pastebin.ca/1261747
<dana_good> nevermind, incremented pastebin
<dana_good> haha
<Deeps> /usr/sbin/exim4-bd-q30m
<Deeps> i dunno if that's normal for exim
<dana_good> i have no idea what that even means
<Deeps> oh, no, it probably is, hmm
<Deeps> bizarre
<Deeps> vi /etc/ssh/sshd_config
<Deeps> ensure that there's nothing in there
<Deeps> if you've got local access to the machine, killall -9 sshd
<dana_good> http://pastebin.ca/1261752
<dana_good> i haven't killed ssh
<dana_good> i have local access, but not atm
<Deeps> urr, dunno why you're tailing ssh
<Deeps> last 10 lines of a file bigger than 10 lines doesn't really say much, heh
<Deeps> it's a config file, not a log file
<dana_good> okay hold pls
<dana_good> http://pastebin.ca/1261756
<Deeps> ps ax|grep exim
<Deeps> and netstat -anp|grep exim
<dana_good> 17231 ?        Ss     0:00 /usr/sbin/exim4 -bd -q30m
<dana_good> 29888 pts/1    R+     0:00 grep exim
<jmedina> dana_good: could you please pastebin the output from telnet localhost 25, please?
<dana_good> there's one thing that i'm thinking may be wrong
<Deeps> i'm thinking firewall rules
<Deeps> potentially
<Deeps> one thing makes no sense
<Deeps> < dana_good> so my exim4 mail server can send mail, it just cant recieve mail.
<Deeps> how does it send mail?
<Deeps> where are you sending mail from?
<Deeps> jmedina: scroll up, 21mins ago
<Deeps> although, actually
<Deeps> dana_good: on the machine, nc localhost 25
<dana_good> deeps, jmedina: it was a NAT issue, thanks for your help
<dana_good> jeOS doesn't have telnet built in so i couldn't fix that
<dana_good> typos on routers ftw
<Deeps> :p
<Deeps> good to know i got it right then
<Deeps> dana_good: and yeah, forget telnet, use netcat (nc)
<Deeps> jdstrand: you too, forget telnet, use netcat.
<dana_good> i'll have to try that on one of the shell machines
<dana_good> woah netcat is cool
<XiXaQ> I'm setting up LDAP+NFS for centralized user management and homes. However, it feels wrong. As it is now, I think anyone with knowledge about usernames and uids can access any users home? Just create a user with the right username and uid and you're in?
<uvirtbot> New bug: #300108 in postfix (main) "during postfix installation i am getting "debconf: DbDriver "config": /var/cache/debconf/config.dat is locked by another process"" [Undecided,New] https://launchpad.net/bugs/300108
<espacious> i want to install bugzilla i found the apache.conf for debian bugzilla but how do i enable it/this?
#ubuntu-server 2008-11-20
<espacious> if i only simulate the drive failure with mdadm --fail on reboot it will need to rebuild?
<jtmoney> wow, i just installed 8.10... THANK YOU SO MUCH! the fakeraid support is amazing... so seamless
<jtmoney> thank you
<genii> If I want to be alerted by SMS on ups remianing time or such and already have a working freepbx for instance, what approach should I take?
<genii> Probably hack apcutils or so I suppose
<genii> apcupsd  rather
<jtmoney> maybe i spoke too soon... seems to be stuck at 33% when trying to format my raid-1 set up :(
<jmarsden> If it already logs messages via syslog, you could probably use swatch or some similar logwatcher to email you (to your cellphone) when relevant lines appear in the appropriate log file.  Should avoid any need to hack anything?
<genii> jmarsden: Thing is I pay for emails to my phone but texts are free
<jmarsden> OK.  Strange policy that... so do you have a way to generate SMS msgs on your server already that works with your cell provider?
<genii> jmarsden: Not sure. The asterisk backend can do for instance bridge to POTS from SIP or so
<jmarsden> OK.  So as long as you ahve some command line tool to send SMSes, you can configure either the UPS software (nut or apcupsd etc) ot logwatch to run it when soemthing happens that you care about.
<jmarsden> I know nut can be configured to run arbitrary notifier programs, not so sure about apcupsd.
<genii> I think it can, yes
<jmarsden> Then you just need to find that command line SMS-send tool and you're golden.
<genii> Maybe I'll just have it phone me physically and play back some festvox thing saying "so many minutes of power left" or so...
<jmarsden> :-)
<genii> jmarsden: Thanks for the input
<jmarsden> No problem.
<jtmoney> hey guys, i need some help... i'm trying to use fakeraid with 8.10 server amd64... however, when writing the partition configuration to disk, it always gets stuck at 33%... this is what i get in the console
<jtmoney> partman: warning: 176 blocks unused.
<jtmoney> partman:
<jtmoney> it seems like it's returning an error, it's just not displaying it
<jmarsden> jtmoney: Is there really any benefit on fast 64-bit hardware to using device-specific fakeraid (why not just use software RAID)?
<jtmoney> i guess... i'm only interested in RAID-1 anyways
<jmarsden> https://help.ubuntu.com/8.10/serverguide/C/advanced-installation.html even claims software raid can be better than some fakeraid implementations
<jmarsden> I'd switch to software raid and see how well that works.
<jtmoney> i don't think i have an option :)
<jtmoney> hmm
<jtmoney> well, maybe i should use 8.04 LTS now instead
<jmarsden> Well, you could look for bugs on LP related to your specific fakeraid chip, etc...
<jmarsden> 8.04 LTS doesn't do boot degraded stuff with software RAID though... why go back to an older version, unless you really do need the LTS aspect?
<jtmoney> good point
<jtmoney> actually, i hear the hard drives
<jtmoney> maybe it just takes a while to set up 2 x 1 TB RAID-1
<jtmoney> that leads me to another question... and this is not clarified in the fakeraid howto
<jtmoney> should i configure the raid within the bios?
<jtmoney> or don't configure the raid in the bios and let ubuntu handle it
<jmarsden> I'm not sure, I last tried fakeraid in Linux at least 5 years ago... was unhappy, switched to software RAID and stayed that way, except for "serious" servers with hardware SCSI RAID controllers!
<jmarsden> I suspect the BIOS won't matter, Ubuntu will set it up; but I'm not at all sure of that.
<jtmoney> hmm, it does seem better to do software raid
<jtmoney> what happens if i have a software RAID-1 set up and i were to take one of the hard drives and try to mount it in another machine, would i be able to see all my data?
<[Solars]> no
<jtmoney> but if i were to implement them using fakeraid RAID-1, the drives would act independently, right?
<jtmoney> i.e., there's no RAID-specific data on the drives in RAID-1
<[Solars]> if you using a software raid, the software does the raiding scheme, if you using hardware raid the hardware does it... depending on the raid type, data are all drives
<jtmoney> okay, thanks solars
<kraut> moin
<Jeeves_> morning
<Jeeves_> kraut: you're Karl right?
<kraut> i'm kraut, ok? ;)
<Jeeves_> kraut: Sorry, I'm confused
<kraut> hehe, no problem
<Jeeves_> I'm looking for Karl Goetz
<Jeeves_> He wrote something very curious and I was wondering if he's serious or not
<uvirtbot> New bug: #300221 in samba (main) "Add "Recommends: keyutils" to smbfs" [Undecided,New] https://launchpad.net/bugs/300221
<LoveGuru> there is one log file in log folder. i want to copy all text whatever that file have it. so i can paste it on pastebin how can i do that?
<ropetin> LoveGuru: pastebinit maybe?
<_ruben> Jeeves_: that'd be kgoetz or, crap, his other nick slipped my mind
<_ruben> Kamping_Kaiser == kgoetz
<Jeeves_> _ruben: Ah yes
<_ruben> wow .. bind 9.5 statistics channel feature sure is sweet
<_ruben> spits out xml output over http with a bucketload of info
<Kamping_Kaiser> Jeeves_, you were after me?
<ahasenack> Failed to fetch http://archive.ubuntu.com/ubuntu/pool/main/h/hplip/hpijs_2.7.7+2.7.7.dfsg.1-0ubuntu5.1_i386.deb  Size mismatch (gutsy hpijs update), is this known? Just a bad mirror?
<zul> Koon: hardy isnt affected by the nagios-plugins bug is it?
<Koon> zul: no, the overflow doesn't trigger anything
<zul> Koon: cool just checking
<Koon> zul: it's still wrong, but invisible
<zul> Koon: heh qualitiy
<ScottK> zul: No.  It's kwality.
<ladfnet> I'm having a problem with my network configuration. I'm running two vlans of eth0, and they're configured in /etc/network/interfaces. It boots fine, and both vlans work, but if I do a /etc/init.d/networking restart then the network shuts down. It's a remote server, and I'm configuring over ssh, and I'm running automatic restarts of the server through a cronjob. If I remove the second vlan(not the internet connection) then it works fine, 
<ladfnet> I tried to pipe error to one file, and output to another, but no errors are reported from the networking restart
<ladfnet> any ideas?
<uvirtbot> New bug: #300330 in mysql-dfsg-5.0 (main) "package mysql-server-5.0 None [modified: /var/lib/dpkg/info/mysql-server-5.0.list] failed to install/upgrade: corrupted filesystem tarfile - corrupted package archive" [Undecided,New] https://launchpad.net/bugs/300330
<zul> Koon: ping
<Koon> zul: pong
<zul> I have backported the dfs patch to the intrepid kernel, ill push it today to the kernel guys
<Koon> zul: did you test that it fixes it ?
<zul> Koon: no its from linus' tree so it should be good
<mathiaz> zul: Koon: AFAICT there are two bugs related to cifs
<mathiaz> bug 286828
<uvirtbot> Launchpad bug 286828 in samba "Access to samba<3.0.26 shares using CIFS is broken on 8.10" [Undecided,Confirmed] https://launchpad.net/bugs/286828
<Koon> mathiaz: only two ?
<mathiaz> Koon: hm - ok... Two that I know of wrt to interpid upgrades :)
<zul> mathiaz: that one is a kernel "bug" the other is a libsmbclient one that we already did the SRU for
<mathiaz> Koon: although one of them is related to samba.
<Koon> the other would be... bug 282298 ?
<uvirtbot> Launchpad bug 282298 in samba "[SRU] Intrepid: No Access to NAS (samba<=2.2.x) shares any more" [Undecided,Fix committed] https://launchpad.net/bugs/282298
<mathiaz> zul: right - the one that truncates the last caracated?
<zul> mathiaz: correct
<Koon> that one should be fixed now
<Koon> in jaunty and intrepid-proposed
<mathiaz> soren: kirkland and I worked on iscsi yesterday
<soren> mathiaz: Do tell.
<mathiaz> soren: and we came up with a if-up.d scripts that works
<kirkland> soren: i think we made some nice progress
<soren> mathiaz: An if-up.d script for what?
<mathiaz> soren: basically symlinking the init script in /etc/network/if-up.d/
<mathiaz> soren: and adding support of  if-up.d calls to the init script.
<soren> mathiaz: Ok...
<kirkland> soren: to ensure that the iscsi daemon starts when the networking comes up
<mathiaz> soren: we've also tried to start open-iscsi at S25 and that would not work
<soren> mathiaz: Why?
<mathiaz> soren: the interfaces are not up by then
<soren> mathiaz: Physical interfaces?
<kirkland> soren: it's not deterministic that the interface will be up by then
<mathiaz> soren: at least in our vm system.
<mathiaz> soren: physical in the sense that we've tested in kvm
<soren> mathiaz: I mean: Not bridges or bonded interfaces?
<soren> That sounds like a bug.
<mathiaz> soren: starting open-iscsi in if-up.d makes *sure* that the network interface is running
<soren> *a* network interface.
<mathiaz> soren: I haven't tested bridges and bonded interfaces yet
<mathiaz> soren: true - however you can call iscsiadm with an interface option
<soren> What does that do?
<mathiaz> soren: which *should* select targets that are only accessible via the interface
<soren> interesting.
<mathiaz> soren: since we have the name of the interface in IFACE when called in if-up.d we should be able to tell iscsiadm to only login targets that are setup to use the interface that has been created.
<mathiaz> soren: the other reason for using if-up.d is that _netdev mounts in fstab are mounted by if-up.d/mountnfs
<mathiaz> soren: so if we'd run open-iscsi at S45 (or S25) _netdev mounts in fstab would not be mounted
<soren> ARGH!
<soren> bug 44194
<uvirtbot> Launchpad bug 44194 in netbase "wpasupplicant doesn't start when the network start" [Undecided,Fix released] https://launchpad.net/bugs/44194
<soren> I still think _netdev is a horrible, horrible idea.
<mathiaz> soren: this is why debian has call to mount -a -O _netdev in their open-iscsi init script
<mathiaz> soren: right - so I thought about another option here
<mathiaz> soren: is it possible to teach udev to check fstab UUID when a device is created?
<soren> What do you mean?
<mathiaz> soren: because when the initiator logs into a target, devices are created
<soren> Right.
<mathiaz> soren: once you've logged into a target, you'll have a device in /dev/disk/by-uuid/
<soren> Yes.
<mathiaz> soren: that will be the UUID of the fs
<soren> YEs.
<mathiaz> soren: this UUID is also used in fstab
<soren> Yes.
<soren> :)
<mathiaz> soren: so - could udev scan fstab and do the mount?
 * soren has a hunch that there's a reason why not to do that, but can't remember why..
<mathiaz> soren: I'll ask KeyBuk in #ubuntu-devel
<soren> Maybe it's an ordering thing.
<soren> You don't know for sure that mounting them in the order in which they appear will give the results you want.
<mathiaz> soren: right - so you could end up in situation where /srv/disk1 is a local disk
<soren> Hm?
<mathiaz> soren: and /srv/disk1/iscsi1 is remote isci disk
<soren> Oh.
<mathiaz> soren: but the iscsi target would come up before the local disk is mounted
<soren> Oh, yes, if you only do it to iscsi targets.
<soren> mathiaz, kirkland: Honestly, I don't remember all the details.
<soren> I just remember spending lots and lots of time on this, and came to the conclusion that S25 was the right place to start it.
<soren> Now, siretart broke that, clearly, but that's bug that needs fixing.
<kirkland> soren: hmm, we had no success with it at S25...  the ifup script seems to work far better in all use cases we've tested so far
<soren> kirkland: Exactly..
<soren> kirkland: Like I just said: siretart clearly broke it.
<soren> kirkland: Because *no* interfaces will ever be up at that point.
<Koon> mathiaz: beware of the shutdown order too -- we already have lots of bugs about network file systems being unmounted after network is gone.
<kirkland> Koon: we actually fixed that too, for iscsi
<kirkland> Koon: it was being shutdown in the wrong place, pre-merge
<Koon> kirkland: cool, would the fix also be applicable to other network mounts ?
<kirkland> Koon: now, it's taken down by the umountnfs scripts
<kirkland> Koon: assuming that the fstab entry is tagged with _netdev
<kirkland> soren: can you explain why you hate on _netdev so much?
<soren> Because I think it's the way it would have been done in the 70's.
<soren> Or in Debian.
<soren> ...which -- in this respect -- turns out to be quite similar.
<soren> Don't get me wrong. I love Debian with a passion..
<soren> ..but when it comes to the whole boot process and all that? Sheesh.. Get with the programme!
<soren> I think it's a crude, crude hack to work around the real issue:
<soren> That we're too stupid to get the iscsi devices to pop up in time for the whole mounting thing.
<soren> I think that's:
<soren> a) A much more interesting problem to solve
<soren> and
<soren> b) what will be of most benefit to the users in the end.
<soren> and me.
<soren> :)
<soren> kirkland: ^
<hansin> I was just thinking about the announcement that Canonical/Ubuntu will support the ARMv7 processors in the 9.04 release.  Will the server edition be included with this?  I understand that the server edition comes for the same repos, but I guess I am wondering if the unique parts (like kernel) will be compiled for ARMv7?  Thanks.
<soren> hansin: The server flavour on PC hardware exists because we want a different configuration than on the desktop. If the same makes sense on ARM, we might very well have a separate flavour there as well.
<W8TAH> can someone please point me to a good instructions on installing and using vmware-server on ubuntu server?
<andol> W8TAH: https://help.ubuntu.com/community/VMware/Server
<W8TAH> andol: thank you
<JDStone> are there any limitations with the 64bit version of Ubuntu server?
<JDStone> that I should know about?
<mathiaz> EtienneG: do you have your iscsi testing environment ready?
<EtienneG> mathiaz, yes, I guess
<mathiaz> EtienneG: do you have a setup with more than one interface?
<mathiaz> EtienneG: bonding? bridged?
<EtienneG> mathiaz, if by "environment", you mean a vm running the target and a vm running the initiator
<EtienneG> mathiaz, yes, the iniattor is configured with bonded Ethernet
<mathiaz> EtienneG: great - I'll get a link to a new open-iscsi package
<mathiaz> EtienneG: if you could test it in your environment that would be helpful
<EtienneG> JDStone, none, except possibly that some third-party software and driver may be 32 bits only
<EtienneG> but hopefully, these would not be relevant to you
<EtienneG> mathiaz, 'k, send me the link, I get that done this afternoon ASAP
<JDStone> yeah, that's what I'm thinking
<JDStone> thanks EtienneG that helped
<JDStone> that's all I needed to know
<EtienneG> JDStone, that's really just IME, you may want to ask a second opinion
<EtienneG> JDStone, one annoying bug I had was running hardy 64 bits on VMWare ESX 3.5
<EtienneG> but that was specific to that particular setup
<Faust-C> what is a good app to connect to ftps/sftp/webdavs
<Faust-C> nautilus errors out
<Faust-C> and lftp wont put a folder
<kopo> Hi!
<kopo> Is there any way to configure Alt+F2-F6 buttons in shell?
<Deeps> configure to do what?
<kopo> Normally you can switch between virtual consoles..
<Deeps> yep, thats default behaviour
<kopo> ..but I want to run different programs..
<Deeps> so switch to the different console, login and run the program?
<Faust-C> screen?
<kopo> like F2 for irssi ;) F3 for top
<Faust-C> kopa, screen tabs
<Faust-C> sec
<Deeps> screen tabs would be a better idea, yeah, but no reason why you cant do what you want with multiple consoles
<Deeps> just means logging in first on each console
<hansin> soren: Thanks.  The reason I ask (about ARMv7 server edition) is that a few months ago I saw a talk given by the guy who first cracked the
<Faust-C> kopa, http://www.bsdguides.org/guides/freebsd/misc/screenrc
<hansin> woops.  Linksys NSL
 * Faust-C wrote that
<Deeps> Faust-C: sftp (cli util) will do recursive dirs i believe
<Faust-C> Deeps, ah sweet, i thought so
<kopo> hmm.. what do you think? screen tabs or multiple consoles?
<hansin> NSLU2.  It can run ARM debian.  But I could imagine some really cool ARMv7 based devices for home servers (or even lightweight business servers).
<Deeps> kopo: whichever makes you happier
<Deeps> kopo: i'd use screen personally as it meanas you can ssh in from remote and reattach to the same sessions
<Faust-C> kopa, multiple considers means more reasources
 * Faust-C does the screen dance
<Deeps> your guide is very inconsistent btw faust
<Deeps> well, 'very' is going a bit far
<Deeps> looking at your screenrc, lines 3+4 dont seem to relate to the comment on the line above it
<Faust-C> Deeps, its dated
<Faust-C> thats a old one
<kopo> thanks!
<Faust-C> i dont have my newest one up yet
 * Faust-C will once i have site the way i like it
<Faust-C> Deeps, and btw that is right
<Faust-C> oh crap no its not
<Faust-C> wait no its right
<Faust-C> cause F1 doesnt = F1
<paul68>  I tried through this howto to make my iptables to run when I boot up my system however I don't get any response that its or its not working can someone help me out with this  https://help.ubuntu.com/community/IptablesHowTo#Configuration%20on%20startup
<danielm_mc> ï»¿anyone know how to disable the f1 key from displaying the help menu in a terminal?
<greenfly> danielm_mc: you'd have to go to the gnome keybinding settings probably
<danielm_mc> yaah, i actually just figured it out
<danielm_mc> gotta go to key shortcuts
<danielm_mc> man #ubuntu is about 0 help about 100% of the time unless you're stuck trying to install a mouse
<greenfly> heh
<danielm_mc> yeh sucks, i hate to bother this crowd with dumb questions like that, but whatev
<bluedragonpiper> I am receiving a failed to fetch error (404) in aptitude and not sure how to resolve it when trying to get this file: http://security.ubuntu.com/ubuntu/pool/main/libx/libxml2/libxml2_2.6.31.dfsg-2ubuntu1.2_i386.deb
<bluedragonpiper> I have checked the files at that location and found similar file: libxml2_2.6.31.dfsg-2ubuntu1.3_i386.deb
<greenfly> try to do an aptitude update first
<bluedragonpiper> greenfly: Thanks a million, I read through the apt-get and apt-cache manpages several times assuming aptitude was just a frontend... *smacks forehead
<greenfly> np
<soren> mathiaz, kirkland: Do you need anything else from me on the topic of iscsi tonight?
<kirkland> soren: hmm
<kirkland> soren: well, not really
<kirkland> soren: i'm not sure the approaches you're asking for are doable within a reasonable timeframe at this point
<soren> Define "reasonable timeframe".
<soren> Noone's demanding that this work by alpha 1 :)
<kirkland> soren: well, we've got a package that works ***far*** better than any open-iscsi package that we've ever had in Ubuntu before
<kirkland> soren: we can upload that now, in early jaunty, and incrementally improve the package through the development cycle
<mathiaz> EtienneG: could test the open-iscsi package from http://people.ubuntu.com/~mathiaz/packages/?
<mathiaz> soren: you may wanna have a look at these ^^ too
<mathiaz> soren: the changelog is not up-to-date though,
<kirkland> soren: alternatively, multiple of us can spend several more days/weeks rearchitecting it before we have something that even works
<soren> Look... You asked my advice.
<soren> No need to get all hands up in the air about it.
<soren> And I seriously doubt it would take that much time.
<soren> I'm still quite sure starting iscsi before mountall is the right thing to do.
<soren> What we need to do is to make sure as many cases of networking are functional at that point.
<soren> Most notably bonding, but also bridging.
<soren> It's very much in the spirit of all the other stuff we've changed in the boot process.
<soren> Why did you drop "Exit without error if /sys is not available. Otherwise, it's not possible to use this package as a build-dependency.
<soren> "
<soren> ?
<kirkland> soren: i couldn't agree more with your point: "What we need to do is to make sure as many cases of networking are functional at that point."
<soren> In fact, apart from the homepage thing, why did you drop those the two other changes?
<soren> (I've only looked at the changelog so far)
<kirkland> <mathiaz> soren: the changelog is not up-to-date though,
<soren> I saw that. Did those things not get dropped anyway?
<mathiaz> soren: IIRC they were merged in debian
<soren> If "remove open-iscsi init script on upgrades before hardy" does what I think I remember it does, I find it somewhat hard to believe that it's in Debian now.. :)
<mathiaz> soren: that is something that we can dropped
<mathiaz> soren: the changelog is not up-to-date. But at least that specific code (update-rc.d -f remove open-iscsi) is not useful now
<soren> Why?
<soren> I'm genuinely curious.
<mathiaz> soren: since it would be run if we're upgrading from lt hardy version
<soren> Good point.
<soren> Err...
 * soren goes to check something.
<mathiaz> soren: http://paste.ubuntu.com/74941/
<mathiaz> soren: that's the full code in the postinst
<soren> mathiaz: Are you moving the K??open-iscsi script?
<kirkland> soren: we needed to come after sendsigs
<mathiaz> soren: yop - to after sendsig
<mathiaz> soren: and also after umountnfs
<mathiaz> soren: which takes care of umounting netdev filesystems
<soren> "If  any  files  /etc/rcrunlevel.d/[SK]??name  already exist then update-rc.d does nothing."
<soren> From update-rc.d man page.
<soren> So if someone already has the package installed, they won't get moved unless you remove the existing ones.
<kirkland> soren: so we'll need some postinst special code?
<soren> ...which is why that line of code was tehre.
<kirkland> soren: ah
<mathiaz> soren: oh ok.
<kirkland> a comment of documentation in there would be nice :-)
<mathiaz> soren: so we need to update the package version
 * soren seems to remember saying something about removing code you don't know why is there to begin with... :)
<kirkland> okay okay :-)  we'll add a line explaining what the point of that block is
<soren> What you should do (and what I really should have done, but clearly I was being lazy) is to check if the offending symlink is there and then rename it.
<soren> What I did was effectively throwing away the sysadmin's changes...
<kirkland> fair enough
<kirkland> that way, we'll only touch a symlink that we know the previous package put there
<soren> YEs.
<kirkland> and it'll be self-documenting, clearer what the end goal is
<soren> And just keep your fingers crossed that people didn't move those symlinks in an attempt to fix various things.
<soren> ...which, now that I think about it, might have been why I just forced it.
<kirkland> <kirkland> a comment of documentation in there would be nice :-)
<espacious> hi soren i managed to solve the problem with my raid. the trick was my bios is old and i had to reset it and set it up again (hdd detect issues)
<soren> espacious: What did that matter?
<soren> kirkland: 20:50:37  * soren seems to remember saying something about removing code you don't know why is there to begin with... :)
<espacious> soren the disk was not detected properls or the ata cable was bad plugged.i dont know.
<espacious> fact is now is ok.
<soren> espacious: I'm sorry, but I don't buy that explanation :)
<soren> espacious: I suspect something else was really up that now happened to be fixed when you went through it for the third time.
<soren> ...or something.
<kirkland> soren: agreed :-)
<espacious> soren but! i messed sth up again since i made xfs on the md3 array but it wont mount
<soren> kirkland: This messing about with those symlinks is a good reason why it might be a good idea to not upload a half solution now and changing it later.
<espacious> soren no the ata cable was the trouble it was wrong connected i got ATAPI incompatible message at boot but i didnt saw it. now i repaired that and rabuild went ok
<soren> kirkland, mathiaz: is there anything in particular that makes you want to push this sooner rather than later?
<soren> espacious: Oh, I see.
<soren> espacious: Well, that's good.
<mathiaz> soren: why do you want later?
<kirkland> soren: to establish something to test off of, early in the dev cycle
<soren> mathiaz: 20:55:39 < soren> kirkland: This messing about with those symlinks is a good reason why it might be a good idea to not upload  a half solution now and changing it later.
<soren> It's an extra upgrade case you need to handle in the maintainer scripts.
<espacious> soren so can u throw an eye at my logs to see where is the problem now.
<soren> espacious: I can try.
<espacious> soren u are veri kind.
<espacious> very*
<soren> mathiaz, kirkland: Especially if we all agree that it's not the rigth approach... but I get the feeling this might not be the case after all.
<mathiaz> soren: so if we'd go for later, what should be done to get a correct upload?
<espacious> how's the /smome/some/asds.log| pastebin command ?
<kirkland> soren: mostly, i think, because there's going to be some work required in the installer, which will need to be done earlier in the Jaunty cycle than we started looking at this in Intrepid
<soren> mathiaz, kirkland: Maybe you can tell me? I'd like to hear your version.
<soren> espacious: No idea. I'm a copy/paste monkey myself.
<kirkland> soren: a merge of upstream, plus (at least mostly) better working code is a pre-req to going much further
<espacious> sore ok. will find out not a problem i will post u links in 5 min.
<soren> kirkland: I'm sort of looking for a definition of "better working code".
<kirkland> soren: okay, we've split the whole iscsi problem into 3 parts ....
<soren> kirkland: What are the success criteria, and what's the strategy to get us there?
<mathiaz> soren: the *current* state in interpid/jaunty is that open-iscsi doesn't work
<soren> kirkland: Ok, go on.
<kirkland> soren: 1) root on iscsi, which is a different beast, we're putting that off until later
<soren> mathiaz: I know.
<mathiaz> soren: there is a mismatch between the kernel version and the userspace
<soren> mathiaz: Right.
<mathiaz> soren: so from that point of view, it's better code as it works now
<kirkland> soren: 2) iscsi in the installer, which depends on a working #3, which is ....
<kirkland> soren: 3) other, non-root iscsi filesystems
<kirkland> soren: we're focusing on 3 at the moment
<soren> Ok. So how about just uploading a new set of tools and deal with the integration details later?
<kirkland> soren: now, under that, we have to consider several different forms of networking
<soren> ...thus limiting the amount of upgrade cases to worry about.
<kirkland> soren: but we've determine that we need to go after the lion's share (90%?) of common networking setups
<soren> kirkland: Yes. Which really is an issue separate from iscsi, but we happen to depend on it working properly.
<kirkland> soren: use the default interface, bonded, etc.
<kirkland> soren: and put aside a few of the more esoteric ones, for now
<soren> kirkland: I really don't give a hoot about wpasupplicant here, for instance.
<kirkland> soren: so success criteria ....
<soren> If it happens to work, fine. Bonding is really important, and bridging is rather important.
<soren> IMO, that is.
<kirkland> soren: agreed on that
<kirkland> soren: for (3), having a Jaunty install, with open-iscsi installed
<kirkland> soren: that can run iscsi_discovery
<kirkland> soren: to find, and attach to a target
<kirkland> soren: get its /etc/iscsi configuration written properly
<kirkland> soren: get a workable /etc/fstab entry
<kirkland> soren: and reboot ad nauseum, with the filesystem automounting/auto-umounting cleanly, successfully, reliably
<soren> Sounds good.
<kirkland> soren: and testing that out of some finite list of networking setups
<kirkland> soren: default ethernet, bonded ethernet, bridged seems like a reasonable starting point
<kirkland> soren: vnet's maybe coming later
<soren> vnet's?
<kirkland> soren: and all of the other crazy networking setups we'll handle as they trickle in
<kirkland> soren: vlan, i don't know, whatever someone's going to come up with
<soren> Right, ok.
<kirkland> okay so....
<kirkland> per the success criteria above, mathiaz has a package that's looking pretty good
<kirkland> grant it, we've only tested with default network
<kirkland> but EtienneG has offered to help us with some other scenarios
<kirkland> bonded, for instance
<kirkland> if you wish, i suppose we can test that in a PPA?
<kirkland> would that make you feel better than uploading to Jaunty?
<soren> that's a really good idea.
<soren> Much.
<kirkland> okay, we can do that, gather some data points
<kirkland> heck, blog about it on ubuntu-server
<EtienneG> going to test it in a minute, my intrepid vm is updating right now
<soren> The fewer upgrade cases to worry about, the better. Especially the ones that mess around with rc?.d/* symlinks.
 * kirkland steps off the pulpit
<soren> kirkland: Can you give me the quick 5 points on how mathiaz's package does things now?
<mathiaz> EtienneG: the packages I've put on people.ubuntu.com have been compiled for jaunty
<mathiaz> soren: open-iscsi is started after S40Networking
<mathiaz> soren: open-iscsi init script takes care of mounting the _netdev entries in fstab
 * kirkland will let mathiaz take this one, and fly wingman
<mathiaz> soren: this is what debian is doing for now.
<soren> Yes.
<mathiaz> soren: for the shutdown sequence, open-iscsi is shutdown after umountnfs and sensigs
<mathiaz> *sendsigs*
<mathiaz> soren: umountnfs.sh takes care of umounting netdev filesystems
<mathiaz> soren: and sendsigs won't kill the iscsid daemon
<soren> mathiaz: What if /usr is on iscsi?
<mathiaz> soren: do script run after S32open-iscsi rely on /usr available?
<soren> After S35mountall.sh.
<mathiaz> soren: the next one S40umountfs states that it doesn't rely on /usr
<soren> mathiaz: S40umountfs?
<soren> Where's that?
<mathiaz> soren: /etc/rc6.d/
<mathiaz> soren: and actually you have the same problem if /usr on mounted via nfs
<soren> Er... WE're talking about bootig here?
<soren> booting.
<mathiaz> soren: no - shutdown
<soren> Oh.
<soren> I'm not :)
<soren> no point in worrying about shutting down if we can't boot properly yet :)
<mathiaz> soren: sure - so how is /usr on nfs handled?
<espacious> so soren http://pastebin.com/f3ebe2c3d , http://pastebin.com/fa975495 , http://pastebin.com/f695ade99
<mathiaz> soren: in that case it's S45mountnfs.sh that is takes of mounting /usr from nfs
<EtienneG> mathiaz, damn developer and their bleeding edge stuff!
<soren> mathiaz: Probably not very well anymore.
<soren> mathiaz: That's a poor excuse to break it for iscsi too, though :)
<espacious> soren i think the partitions shoud be Raisd autodetect not LVM or what?
<EtienneG> just curious: are you guys going to go with marking fs on iscsi target with _netdev and delaying mount until all of networking is up?
<mathiaz> EtienneG: yes
<kirkland> EtienneG: right
<EtienneG> mathiaz, now I love you
<soren> please, please, please.... no.
<mathiaz> soren: so how do you wanna handle that then?
<soren> handle what, exactly?
<mathiaz> soren: what EtienneG just said
<soren> Handle marking stuff as netdev and postponing mounting?
<soren> I wouldn't.
<mathiaz> soren: yes - and waiting for S40networking
<soren> I wouldn't.
<mathiaz> soren: before starting any iscsi device
<soren> I wouldn.t
<mathiaz> soren: the other option is to use if-up.d
<soren> *a* other option.
<soren> Possibly a good one.
<mathiaz> soren: if so, we'd have to teach mountnfs.sh to wait for netdev filesystem to come up.
<mathiaz> soren: and we'd also have to come up with a way to make sure that iscsi block device are available before keeping booting
<soren> Yes.
<mathiaz> soren: the use case here being that some application may wanna use the raw block device
<mathiaz> soren: and so we have to make sure that the iscsi block device is there
 * soren is very confused
<mathiaz> soren: AFICT there isn't such a facility for now
<soren> You ask me...
<soren> and I explain at great lenght what I'd do...
<soren> and you decide to do the complete opposite.
<soren> Why do you ask?
<soren> I said, and still believe that marking things in fstab as netdev, postponing mounting until after S40, etc, etc. is exactly how you'd do it 15 years ago.
<soren> We've changed everything else in Ubuntu to happen at discovery time. This has brought us loads of cool stuff.
<mathiaz> soren: ok - so what you suggested to make sure that the iscsi devices pop up in time
<soren> We no longer have to hardcode raid configurations and whatnot... We configure stuff as it pops up and that magically makes everything available when we want to mount it.
<soren> i dont' see why we'd go the complete opposite direction with iscsi.
<mathiaz> soren: ok - so I've got some working code to that integrates with if-up.d
<mathiaz> soren: we get to the point where the iscsi block device are created
<soren> does it involve marking stuff as _netdev?
<soren> In fstab?
<EtienneG> the drawback being that you have to fix each networking use-case piecemeal, and leave people with some esotoric network setup in the cold
<mathiaz> soren: yes - because the mountfs script if ifup.d takes care of mounting netdev devices
<EtienneG> (ie, wpasupplicant, various vpn and stuff)
<soren> EtienneG: Noone said making an operating system was easy.
 * soren sobs
<soren> It's pointless.
<mathiaz> soren: the other option is to teach udev to mount the device
<soren> it's an annoying thing to have to implement in the installer, and if we do the other stuff right, it's not necessary.
<soren> mathiaz: No. The other option is to make sure that the device is there and ready when *everthing* else is mounted.
<soren> Your if-up.d trick might very well do that.
<soren> I'm starting to like the sounds of it.
<Jeeves_> I might have missed half the discussion
<mathiaz> soren: ok - but then how do you make sure that when mountall.sh waits for all the devices to be there?
<Jeeves_> But how is iscsi really different from nfs?
<soren> mathiaz: udevadm settle, probably.
<Jeeves_> (Shut me up if needed)
<soren> Jeeves_: For one thing, you have a regular filesystem on iscsi.
<soren> iscsi provides block devices.
<EtienneG> Jeeves_, iscsi expose block devices, nfs expose file syste,
<soren> nfs is easy to recognise in fstab.
<soren> ...which has allowed for shortcuts earlier.
<EtienneG> basically, iscsi make network block device look like they are local
<soren> mathiaz: Or we could spin waiting for stuff to turn up if we wanted to.
<mathiaz> soren: hm - you may hit race condition, because while isciadm is logging  into the target udev doesn't know that there is device to be settled
<EtienneG> an iscsi target would show up as /dev/sdb, /dev/sdc, etc
<soren> mathiaz: We do for the root filesystem anyway.
<Jeeves_> ah right
<Jeeves_> missed that bit :)
<soren> mathiaz: These are tiny details. I'm sure there's a way to query iscsid asking it if it's about to login somewhere or not.
<mathiaz> soren: well - the list of target to logged in can be retrieved easily
<soren> mathiaz: We can even add a special piece of code that puts a lock file somewhere when we call the initiator thing and remove it when it's done and wait for it to disappear before we go on to mountall.
<EtienneG> mathiaz, in any case, is there still any value in me testing whatever you did today?
<mathiaz> soren: that means sticking another init script in rcS before mountaall
<mathiaz> EtienneG: yes
<mathiaz> EtienneG: I'd like to know what happens when multiple interface are used
<soren> mathiaz: Really? Couldn't we do it in the current open-iscsi script?
<EtienneG> mathiaz, ok, but I will postpone until tomorrow if you do not mind.  Also, could you post the URL again, it is lost in the scrollback :(
<soren> mathiaz: ...which is at S25.
<mathiaz> EtienneG: whathever solution we choose, we'll run in the same issue when iscsiadm tries to connect to a target with multiple interfaces
<kirkland> <mathiaz> EtienneG: could test the open-iscsi package from http://people.ubuntu.com/~mathiaz/packages/?
<EtienneG> thanks
<kirkland> EtienneG: bonded ethernet would be nice if you could test that one
<kirkland> EtienneG: bridged too, if possible
<mathiaz> soren: well - we'd have to refactor the init script completly
<mathiaz> soren: the current init script should be moved to if-up.d
<mathiaz> soren: as it's responsible for starting the iscsid daemon if it's not running
<mathiaz> soren: and then logging  into the target
<soren> mathiaz: Right.
<soren> mathiaz: I don't mind changing things :)
<mathiaz> soren: we'd have to add another init script at S25 that waits for all the iscsi devices to be up
<soren> mathiaz: Especially if those things are things that is involved in booting and we inherited it from Debian.
<EtienneG> kirkland, yeah, I will try to setup a testbed with both
<soren> mathiaz: All the ones that are on their way, yes.
<mathiaz> soren: hm - that should be possible then
<soren> It's very possible. In fact, I doubt it's more than a couple of days work.
 * soren runs for a few minutes
 * kirkland -> goes get a late lunch
<soren> mathiaz, kirkland: So I think we're pretty much on the same page now?
<soren> Plan is: Fix ifenslave-2.6 to configure stuff asap (a.k.a. when the last slave turns up). Put iscsi initiation thing into an if-up.d script. Replace the existing S25open-iscsi with something like "udevadm settle; <something that waits for running iscsi logins to finish>" ?
<soren> EtienneG: Doing it the Debian way might solve a specific problem you have at hand, but it fails in many other ways. It works no matter how obscene your network setup is, but it doesn't work at all for people who need it for /usr, /var or anything else that's expected to be around waaay before S40networking is run.
<soren> EtienneG: I don't think this is a matter of choosing one over the other. This is a matter of fixing this to happen in the order required to make any use case work.
<EtienneG> soren, could be.  In the end, I do not care about the Ubuntu way or the 15-years-ago way of doing it, I just care about getting it to work in a general fashio
<EtienneG> otherwise, it is not fixed, it is just a problem waiting to happen
<EtienneG> if you think your way does it, I am good with it
<soren> Back in the day, there were init scripts for mdadm and lvm. They were run in that order. You had to put your mdadm config into a config file. If you wanted to stack things in more layers than that, or if you wanted mdadm on top of lvm, you lost.
<soren> In fixing that, there were a few cases here and there that failed for a while, but the end result is a *very* flexible system that allows you to stack things in any way you please, because we don't care about the ordering anymore.
<soren> This paradigm started to work its way into networking, when udev started configuring things as they turned up.
<soren> Someone (who shall remain unnamed right now) put in a "fix" that stopped this from happening, effectively bringing back networking to the "one way or the highway" paradigm.
 * soren goes to bed
<RediXe> Using rsync, I can rsync my home directory on my desktop to my server, how can I then pull that home directory off the server and on to my laptop?
<Kamping_Kaiser> sure.
<hads> `rsync server:. .`
<hads> Something along those lines
<dana_good> rsync server /home/redixe
<dana_good> something like that
<hads> That doesn't involve a remote source
<hads> OK, I forgot the -a switch on mine.
<Kamping_Kaiser> rsync -avz --progress $PATHIN server:$PATHOUT
<hads> rsync -Pav server:. .
#ubuntu-server 2008-11-21
<wo0f> how can i get my server to host remote desktop sessions?
<wo0f> like a windows remote desktop-terminal server does
<libervisco> Hi, there seems to be an "admin" group on ubuntu-server which is preventing me from creating an "admin" user that I need for my admin@mydomain email address
<libervisco> Would it be safe to remove that group or is there some way around it?
<wo0f> you could just call the initial user admin?
<libervisco> wo0f, oh.. what do you mean by initial user?
<gh0st> im getting errors like this: http://pastebin.com/m19871e7a.... whats wrong?
<uvirtbot> New bug: #300151 in openssh "ssh slow during logon, when ENTERING INTERACTIVE SESSION" [Undecided,New] https://launchpad.net/bugs/300151
<uvirtbot> New bug: #300615 in mysql-dfsg-5.0 (main) "package mysql-server-5.0 None [modified: /var/lib/dpkg/info/mysql-server-5.0.list] failed to install/upgrade: subprocess pre-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/300615
<nme_> https://help.ubuntu.com/8.10/serverguide/C/samba-ldap.html - not a draft anymore?
<nme_> it still does contain mistakes
<nme_> as an example: ldapadd -x -D cn=admin,cn=config -f /tmp/ldif_output/cn\=config/cn\=schema/cn\=\{12\}misc.ldif
<nme_> missing -W and misc should be replaced with samba
<nme_> btw kerberos configuration is a bit messy too
<soren> nme_: COuld you file a bug about it here: https://bugs.edge.launchpad.net/ubuntu-doc/+filebug ?
<soren> Thanks!
<kraut> moin
<nme_> soren: i will in the spare time, right now im trying to get things work ;) btw. it would be much simpler to allow people to comment entries on docs page - Like it is possible at django online book - take a look at http://www.djangobook.com/en/1.0/chapter06/
<soren> nme_: I've never really liked that sort of thing.
<nme_> so maybe you will consider hiring at RedHat? ;)
<soren> nme_: It makes sense on articles that are expected to be immutable, but for documentation that's expected to be refined all the time, it's just confusing.
<soren> nme_: Eh?
<nme_> as Ubuntu says its is soo comunity oriented distribution - this way of extending documentation would be very natural
<soren> Oh, we're happy to accept comments.
<soren> I just don't think that's the right way to do it.
<nme_> take a look at php docs page - comment resources are great
<soren> See, the problem is this.
<soren> :
<soren> If there's a section that has problems, someone makes a comment to that effect...
<soren> ...then someone makes an attempt to fix it...
<soren> What to do with the comment?
<soren> Remove it?
<soren> But what if the commenter doesn't find his complaints were properly addressed?
<soren> Leave them?
<soren> Well, that's just confusing to anyone who reads them later.
<nme_> give me a sec (im at work, phone..)
<soren> Sure, take your time.
<soren> I'm here all day :)
<soren> nme_: Dear, oh dear, no. The PHP pages are even worse.
<soren> In fact, for the php ones, I think they make the docs worse.
<soren> ..because there's apparantly not enough incentive to fix the docs, because "hey, comment number 97 explains how to do it properly".
<soren> In the case of php, for instance, you can download the docs in various formats, but they don't (and shouldn't) contain the comments...
<soren> ...but without the comments, the docs suck.
<soren> The only right way to go is to fix the docs themselves.
<nme_> there are two options - one guys writes docs - ten testers "do" actual tests... he corrects things... and so 11 guys get paid... on the other side - one guy writes docs - community points mistakes - the other guy interactive'ly administers web page comments - merging them to docs, updating docs, filtering some content... so 2 guys get paid more... not 11.
<soren> ...and comments on page like that makes for a lousy bugtracker.
<soren> Anyone is free to join the documentation team.
<soren> (noone on the documentation team gets paid, by the way, as far as I know)
<soren> Ok, a random example from the django page...
<soren> Someone filed this comment: "I don't understand this section at all. I thought the previous section already was customizing the look and feel of the Django admin index page. Also, I don't see the available applications listed anywhere on the page. What is the URL that you're referring to? "
<soren> how to handle that? It's not like he's proposing an alternate wording.
<soren> He's just dissatisfied with the current content.
<soren> When is it ok to remove such a comment?
<soren> The answeR:
<soren> When the commenter feels his complaints have been addressed. Not sooner nor later.
<soren> ...but how to tell?
<soren> That's why this stuff belongs in a bugtracker.
<soren> Any set of docs that only feels complete with the comments attached to it is broken, IMO.
<soren> The alternative is to leave the comments there indefinitely.
<soren> That's troublesome in two ways:
<soren> If it's attached to a specific paragraph as in the django case, what happens if that paragraph ceases to exist, because the docs are refactored somehow?
<nme_> in such situation when comment does not suggest any changes and only shows dissatisfaction about some paragraph - we still got options - one is to (allowing only registered users to comment) drop his comment sending it back to his mail with an answer, another is to hide this paragraph and open new one with better content
<soren> If the comment has been adressed, but it's still there it's either just noise (since it doesn't add anything that's not currently in the docs) or plain confusing because it makes a fuss about something that's been reworded.
<soren> I don't see a problem with integrating the server guide with the bug tracker. Such as putting links here and there that automatically fill in parts of the bug report and makes that part easier...
<nme_> but the ubuntu's bugtracker is a bit dead...
<soren> ...but using a comment system in place of a bugtracker? I'm sorry, but I think that's a horrible idea.
<soren> nme_: Dead? How so?
<nme_> as I reported 2 weeks ago a problem which concerns casper and kvm, still noone looked at it
<soren> That's a manpower problem.
<soren> It only makes things worse to add *another* system for tracking bugs.
<nme_> after some time I've just placed my suggestion how to solve it, where the problem lies... and it is still, opened...
<soren> nme_: What's the bug number of the casper+kvm thing, by the way?
<soren> nme_: Please appreciate that we have tons and tons of stuff to do.
<soren> nme_: Like, say, answering stuff on IRC.
<nme_> [Bug 296089] [NEW] casper boot=nfs ipconfig: eth0: SIOCGIFINDEX: No such device
<uvirtbot> Launchpad bug 296089 in casper "casper boot=nfs ipconfig: eth0: SIOCGIFINDEX: No such device" [Undecided,New] https://launchpad.net/bugs/296089
<nme_> thats why I'm trying to help :)
<nme_> You see - I've already suggested how to change 11 people working on a issue to 2 people...
<Deeps> foolano: ono any better than timofonica where you are?
<soren> And I've tried to explain why you're wrong.
<soren> The docs aren't written in the way you clearly think they are.
<nme_> and how about maintaining debian packages?
<soren> How about that?
<soren> I don't understand the question?
<nme_> that where the problem of launchpad is
<nme_> some guys are developing a code...
<soren> The problem of launchpad is maintaining debian pakcages?
<nme_> they know whats the best as a default setup...
<nme_> then comes a Debian maintainer and he says "no, in my opinion it will be like this..."
<nme_> and he prepares the package
<nme_> like for instance infamous openssl maintaniner did ;)
<nme_> but then
<nme_> this package is repackaged and called ubuntu one
<nme_> when some guys have a problem he reports it where? at ubuntu launchpad.
<soren> Do you understand what "repackaged" means?
<nme_> where nobody knows anything about it, because given package was prepared by a Debian maintaniner
<soren> Look, this discussion is pointless. It's very obvious that you're not familiar with your development model, and you're making lots of assumptions that are just plain wrong.
<nme_> im not sure - something like sed -i s/Debian/Ubuntu/gc ...
<soren> *sigh*
<soren> Why would we do that?
<soren> The only right thing to do is to report it to the distribution where you got it.
<soren> in fact, if you went on to report a bug in Debian's BTS about a package you got from Ubuntu, you'd better be prepared to handle the consequences. Lots of Debian developers get *very* annoyed by that.
<nme_> I did not want to argue, just wanted to point a few things
<soren> Well, if you just want to say things and not hear the response, I don't see the point.
<nme_> I read Your answers
<soren> Look, if you get a package from Ubuntu and something fails, you should either report it to Ubuntu or be familiar enough with the package itself, its dependencies and all the other relationships it has with other packages, before you just go ahead and assume that it's a problem in the Debian package as well.
<soren> Most users aren't.
<soren> Heck, some developers aren't.
<soren> ...so treating it as an Ubuntu bug first is the right thing to do.
<nme_> ok then
<nme_> so
<soren> ...if we look at it, and can see that it must be a bug in Debian, we forward it to them.
<nme_> when there is a Debian package in Ubuntu distribution
<soren> Often with a fix.
<nme_> and You get a problem
<nme_> and you report it to ubuntu launchpad
<nme_> and You will not get the answer
<soren> Ubuntu is a community effort.
<nme_> (which is probably)
<soren> So is Debian.
<soren> Why is it that you think that failure to keep up with the bug volume is a problem that's unique to Ubuntu?
<nme_> no
<nme_> all I want to tell is that lets say 50% of packages are unmaintained by anyone at Ubuntu side, there are just taken from Debian giving community no possible way to get any support for them
<Koon> huh.
<Koon> nme_: the fact that the packages are in sync with Debian doesn't mean they are unmaintained.
<nme_> nor developers nor maintainers are seers... Ubuntu is growing extremally strong currently... There are a LOT of people... Most of Linux desktops are Ubuntu...
<Deeps> most ubuntu installs are desktops as well
<nme_> as my part job is to administer a student campus network of over 1200 hosts... and if anyone asks about Linux I say Ubuntu.
<nme_> but there are dark sides I already see...
<Deeps> recommend os x, they'll appreciate it ;)
<nme_> os x is illegal at every hardware which is not apple originated.
<Deeps> dark sides
<nme_> I'll explain it in a minute (phone)
<Koon> if by "dark sides" you mean "i submit a bug and noone seems to be looking at it" I'm just not sure you wouldn't find those dark sides anywhere
<soren> nme_: if you have suggestions on how ~100 people (only half of which work full time on Ubuntu) can better keep up with 10000 new bugs reported each month, we'd be happy to hear it.
<soren> Trust me, though: Adding alternate means for "tracking" bugs is not the right approach.
<Koon> soren: maybe his point is that choosing a distro with a higher developer/user ratio might help in getting timely response
<Koon> it doesn't help in getting better packages in general though :)
<nme_> im back. are you familiar with avahi ?
<Deeps> sounds like he needs a much smaller distro with only a handful of users, whom are the developers? ;)
<soren> nme_: Yes.
<nme_> Deeps: speaking about me? speaking about Slackware?
<nme_> soren: do You know that avahi in hardy caused arp flood at some kind of networks?
<nme_> the problem was reported only by Ubuntu users
<soren> nme_: No.
<Deeps> i dont know anything about slackware so i'm certainly not speaking of that
<nme_> it did not happen on any other distribution at the networks I administer
<soren> nme_: I think I'm missing your point.
<nme_> and the problem lasted for above halp a hear
<nme_> half a year
<nme_> how to make life easier for those 100 people? trust the community a bit more ;)
<soren> Can you elaborate?
<nme_> about trust?
<Jeeves_> soren: Create less bugs ;) That way it's easier to keep up. :P
<soren> Jeeves_: Thanks, I'll make a note of that.
<soren> :p
<soren> nme_: Yes.
<Deeps> nme_: by sitting here bitching to the people that actually do track the bugs and help resolve them, you're actually slowing things down more. if you want it to improve, get involved more yourself.
<Jeeves_> mental note: Create better code, will create less bugs
 * Koon tries to fix more bugs than he reports, to be part of the solution ;)
<Jeeves_> Koon: That's a good start :)
<Jeeves_> I'll just try to ignore bugs
<Jeeves_> That should save you guys work too :)
<nme_> Deeps: I explain - Slackware is simple distro. Its very old one, maintained for a long time by one single guy. All he did was preparation of init scripts and making simple package system which are automatically build on default settings which project developer set. Belive me or not, it really works. If someone dislikes default - he rebuilds given package by his own.
<Jeeves_> nme_: Why not join #slackware
<Jeeves_> Or #swaret
<nme_> gee only tried to help
<nme_> suggest few approaches
<nme_> all i see is an anger and hate now
<Jeeves_> nme_: By telling developers to stop developing and trhowing people in the deep
<nme_> I wont bitch to people anymore, sorry
<nme_> Jeeves_: where I said this? who is this developer you mantioned?
<Jeeves_> nme_: Slackware users are people that enjoy screwing around with themselves, enjoying pain and agony fixing a simple box.
<Jeeves_> Ubuntu users like it to 'just work'
<Jeeves_> That needs more development, and thus more bugs
<Deeps> nme_: you can do that in ubuntu too
<nme_> Thats why I suggest it to desktop users
<nme_> y I know
<Jeeves_> nme_: I administer a few hundred Ubuntu servers
<Jeeves_> And we did Slackware before
<Jeeves_> And we're all very happy that slackware doesn't exist anymore :)
<Deeps> nme_: the flipside to the slackware model is that the packages wont conform to any standards, each package will do things differently as each developer will do things differently. ubuntu standardises a number of things aross all packages to make it easier to maintain. bugs occur in the process. and the joys that come with slackware allowing you to rebuild a package in the way you like also exist in ubuntu. apt-get source <package> and you're half way th
<Deeps> nme_: so i dont see your point. slackware does less to make life easy for you and offers feature A. ubuntu does more to make life easy for you and also offers feature A.
<soren> nme_: I still don't understand what you mean about trusting the community.
<Deeps> nme_: you point out that slackware's great because you can fix stuff to work how you want it yourself, yet moan that ubuntu doesn't fix stuff quickly enough for you? and then suggest that slackware's better?
<nme_> there is a point
<nme_> Slackware actually originates from base tar.gz from developers project page
<soren> So does Ubuntu packages..
<soren> but go on.
<nme_> if You got a problem with specific package, you can go to the project developers - not the distro maintainers
<soren> You're free to do that with Ubuntu packages, too. Noone's forcing you to use Launchpad.
<nme_> no. the guys will tell you to compile it as default - then check if a problem exists and then - report it :)
<Deeps> well duh
<nme_> k guys, lets have a break, got a bit work to do :/
<soren> So what you're saying is that most bugs in Ubuntu are because we break things that were perfectly functional when the upstream developers shipped it?
<soren> If that's truly what you believe, I'd advise you to find another distro. I wouldn't use a distro I didn't trust.
<nme_> soren: "So does Ubuntu packages" -> apt-get source iptables
<soren> Yes?
<soren> What does that give you?
<soren> It gives you the original tarball + the code it takes to make it into an Ubuntu package.
<soren> What? You think Slackware just downloads the tarballs and stares at it until it turns into a binary package?
<Koon> I also can testify that upstream prefer a distro with somewhat-unique compile flags than one where... every user uses a different set
<soren> heheh :)
<Jeeves_> soren: No! You type 'pkg_install iptables' or 'swaret install' and than stuff happens, you hope
<Koon> (if you see what I mean)
<Deeps> i think nme_'s point in this case is that iptables comes from the debian package
<nme_> soren: execute this command and see it for yourself
<soren> nme_: Look. I *made* that package. I know what that command does.
<nme_> no
<soren> No??!??
<nme_> im just pointing how many patches it got
<nme_> its not pure iptables
<soren> Yes. TO FIX BUGS!
<soren> What do you think happens? We download the upstream tarball and start looking around for random ways to break it?
<Jeeves_> soren: There are no bugs in upstream packages, Patrick says so!
<Deeps> paddy's always right
<Deeps> http://www.youtube.com/watch?v=9OydvSCGxt0
<Koon> the main difference is that as a "distribution" we feel responsible for the bugs in the software we ship
<Jeeves_> nme_: You're patrick?
<soren> If that's what you think of us, I strongly suggest you find another distro. I wouldn't sleep well at night at all if I thought the people who made my distribution were monkeys on crack who spent all day harvesting bad patches from the internet and applied it to perfectly good packages.
<Deeps> soren: wow, take IT seriously much? lol
<Deeps> i sleep perfectly well knowing my OS is developed by monkeys on crack
<nme_> Jeeves_: good one ;]
 * Deeps <3 winxp
<Jeeves_> nme_: Really, what the **** are you doing in here?
<soren> Jeeves_: Patrick?
<nme_> Patrick J. Volkerding ;)
<nme_> good sense of humor ;)
<Jeeves_> soren: http://en.wikipedia.org/wiki/Patrick_Volkerding
<soren> Ah.
<nme_> Jeeves_: wanted to help
<Jeeves_> nme_: How?
<Koon> Jeeves_: I think he really wants to help
<nme_> i only came to ask why there are no way to put comments on docs (which yesterday were marked as DRAFT)
<nme_> because i did make step by step and found few problems
<Jeeves_> nme_: You mean documentation bugs?
<nme_> y i know that i should put it on launchpad
<Koon> it's just that he has difficulties scaling community processes from small projects to something like Ubuntu
<nme_> as commercial approach
<nme_> there are many ways to get community work at Your profit
<nme_> making less costs, letting you guys earn more
 * Kamping_Kaiser blink
<Kamping_Kaiser> wtf is happening here?
<Kamping_Kaiser> Jeeves_, evening mate
<Jeeves_> Kamping_Kaiser: Hi there!
<Kamping_Kaiser> :)
<Jeeves_> Speaking of proprietary software
 * Kamping_Kaiser worries about the Kamping_Kaiser -> proprietary software mental jump
<Jeeves_> Kamping_Kaiser:
<Jeeves_> Just because Canonical produces proprietary support software doesn't
<Jeeves_> justify other companies doing it (or making it an ok thing to do).
<Jeeves_> What do you mean by that? :)
<Kamping_Kaiser> Jeeves_, it sounded like the argument was 'canonical who own ubuntu do $FOO, so $FOO is ok for others to do' (which i think is a falacy). It may or may not have been relevant to the convo ;)
<Jeeves_> Kamping_Kaiser: My point is that to make (good) money with open source, you need the open source to attrack people, and closed source as an extra to make money
<Jeeves_> Exactly like Canonical does
<Jeeves_> Nothing wrong with it
<Jeeves_> The only thing that's wrong about Landscape, for instance, is that you cannot host the server part yourselve
<Kamping_Kaiser> Jeeves_, thats entirely possible - I dont know if its true, but thats not an argument I can take part in - I dont know enough about such things.
<Jeeves_> It's very much ok that it's closed source, and payware
<Deeps> Jeeves_: you think it's good that there's a tool being used to administer your server that you have no idea how it works?
<Jeeves_> Deeps: I trust Canonical.
<Jeeves_> They create the entire OS the server runs on
<Jeeves_> the only part I'm interested in is easy upgrades
<Deeps> No, they produce a bunch of packages.
<Jeeves_> Deeps: And they patch and compile the whole bunch
<Deeps> Well, it's a bit more than that, but you get my drift
<Jeeves_> So the create is
<Jeeves_> s/s/t
<soren> "To the create is" ?
<soren> What?
<Jeeves_> soren: There isn't a /i!
<soren> "So the create it"? What does that mean?
<Jeeves_> okok
<Jeeves_> +y somewhere :)
<soren> "Soy the create it". Oh, ok.
<Jeeves_> "So they create it."
<soren> :p
<Jeeves_> grmbl
<Kamping_Kaiser> hehe
<Deeps> while it's a great business move for canonical, i think it's terrible that it's closed source. cant praise open source with one hand and then shoot it down with the other
<Jeeves_> Anywho, I do trust Canonical and the Ubuntu community
<Jeeves_> If I didn't, I would be running Gentoo
<Deeps> massively hypocritical
<nme_> not Slackware?
<Jeeves_> Deeps: No it isn't.
<nme_> ;)
<Jeeves_> nme_: No, I don't trust Patrick
<nme_> speaking of Landscape, do You guys know why DELL does not sell Ubuntu Server, saying that it does not work with their SAN arrays?
<Deeps> Jeeves_: NO U
<Jeeves_> nme_: Dell hardware usually doesn't work at all.
<soren> ?!??
<Jeeves_> So they only ship it with Redhat
<Jeeves_> Which also doesn't work :)
<nme_> RHEL or SUSE
<nme_> they told us yesterday.
<soren> What does landscape, Dell and SAN's have to do with one another?
<Jeeves_> soren: leave him alone! :)
<Jeeves_> All these hard questions to answer!
<nme_> to have Landscape access one need to have commercial Ubuntu, right?
<soren> But I want to understand!
<Jeeves_> nme_: There is no commercial Ubuntu
<soren> nme_: I think you can buy it seperately, but let's say "yes" and see where this goes..
<Jeeves_> :P
<nme_> when we buy more hardware, we buy software too that will support the hardware.
<soren> Right, there's no "commercial Ubuntu". There's only one Ubuntu.
<soren> ...but you can buy a support contract, and when/if you do, you get landscape as well.
<nme_> to have complete support we need it for hardware and software
<nme_> ok, now I know :)
<soren> I'm still curious what Dell said.
<soren> Did they say it wouldn't work or that it wasn't supported. That's not the same thing.
<nme_> there were two guys - one was sale oriented, the other - technical oriented, the second one - while chat, when I asked why RH, can't we run Ubuntu? He said that SAN array we will buy requires multipathing which does work on RH and SUSE and it DOES NOT work on Ubuntu because of some problems.
<Jeeves_> nme_: Hmm
<nme_> when we do the deal with Dell I'll run Ubuntu to check and solve it for myself anyway... but it might be possible to do it with IBM. Dont really know how they will react to my suggestion about Ubuntu instead of proposed RH at first shot.
<maswan> nme_: No, but I do know that for sanity and reliability, avoid any storage solution from dell at all cost. :)
<maswan> Or at least have a "make it work or take it back" paragraph in your contract, so you have something to threaten with when it doesn't work
<nme_> maswan: You're serious?
<nme_> we are currently during conversation with IBM and Sun too...
<nme_> but I dont like Sun anymore and they will fail with their offer anyway...
<maswan> nme_: I have several collegues at other sites that have had to go to the contractual "ok, then you'll have to take it back" before they got as far as getting someone that could actually give them some "oh, but you need this and that firmware, etc, etc" to make it work.
<Jeeves_> nme_: I'd go for Sun. :)
<Jeeves_> Dell sucks, bigtime
<nme_> maswan: what other SAN solutions You consider better? we are running Sun storage which works quite good but soon the hardware wont be supported anymore.
<Jeeves_> nme_: Keep on running Sun :)
<Jeeves_> nme_: What kind of stuff do you need?
<Jeeves_> SAS? FC? iScsi?
<nme_> all in one would be the best
<nme_> to have primary servers on FC but still have possibility to connect some server through iscsi
<nme_> Dell says that they got FC and iscsi cards for their array but only one standard can be currently used at the time. You need to choose. They also say that in the future after some upgrade - two will be able to work concurrently
<Jeeves_> nme_: That seems logical
<nme_> what seems logical?
<joerlend> soren, you're a virtualization guy, right? When you make a virtual disk, that's very fast. Any idea how they do that? I mean, an 8GB disk was created in only a few seconds.
<nme_> qemu-img create -f qcow2 sda.qcow2 8G
<nme_> less than a second
<Deeps> joerlend: if it's not allocating the entire diskspace at creation time, then it's gonna be very quick
<joerlend> right. But how does qemu-img do that?
<joerlend> Deeps, again, that's what I want to do. :)
<nme_> qcow2 data format
<joerlend> if you copy that file, then it's still 8GB being copied?
<nme_> joerlend: every app can open a file, seek to +8GB and write file
<nme_> but qcow2 seems a better solution ;)
<joerlend> seek is being used?
<nme_> not in qcow2
<Deeps> joerlend: you want to allocate all the space at creation time?
<joerlend> that is, you could use seek in dd to achieve the same effect?
<joerlend> Deeps, someone wanted to make a large file in order to test something, but in a quick manner.
<nme_> joerlend: exacly
<maswan> nme_: Oh, well, personally I would avoid SANs, in favour of less complexity. :)
<Deeps> joerlend: if you want the file to be empty, then it's relatively easy, if you want the file to have random data to minimize the effect of compression screwing up your tests, different matter
<Deeps> joerlend: or rather, it's still relatively easy, but not quick
<maswan> we have some ibm stuff though, and it kind of works.
<joerlend> Deeps, thanks. :)
<Deeps> if in the case of wanting random data, dd and /dev/[u]random are what you'll be most interested in, i suspect
<joerlend> Deeps, lets say you wanted to create a 50GB file very quickly. What would you do? :)
<soren> joerlend: It's a sparse file.
<joerlend> right.
<Deeps> joerlend: google for some C code that will open a file descriptor, seek +50G and then write the file, or use dd if=/dev/zero
<soren> joerlend: I'd use qemu-img.
<nme_>  dd if=/dev/zero of=file seek=FILESIZE_HERE bs=1 count=0
<Deeps> what nme said
<soren> qemu-img create somefile 50G
<soren> Or kvm-img, but you get the idea.
 * soren runs to get his power supply
<soren> phew... Nick of time.
<joerlend> Deeps, soren: if you'd try to copy that file to another partition, then it would actually copy the filesize of nulldata?
<soren> joerlend: Depends.
<joerlend> on..?
<soren> Stuff.
<soren> :p
<joerlend> hehe
<soren> Probably not.
<Deeps> whatever you're using may realise it's all null data and compress it on the fly, artificially speeding up the transfer process
<joerlend> that was the usecase here. He wanted to test copying speeds with a large file.
<soren> It would probably create another sparse file on the destination partition.
<Deeps> hense why you'd probably want to use a file filled with random data
<soren> Oh. Just do "cp --sparse=never"
<joerlend> thanks! :)
<Deeps> or that
<nme_> soren: you're virtualization guy, have you read any papers about how many virtual machines could work on specified numer of cpu / cores? im interested in some optimal amounts, You work on kvm only?
<soren> Mostly kvm.
<soren> There's no such number. It depends entirely on what the virtual machines are doing.
<nme_> I tried Xen for a while but then I switched to kvm, works pretty good... I love qcow2 :)
<soren> I have a machine that runs 11 vm's.
<joerlend> and even then it's difficult to choose solutions, since it's difficult to find real numbers.
<soren> Those VM's aren't very heavy, so it's not a problem at all.
<hads> You might run 2 you might run 20 on the same hardware.
<soren> In other cases I wouldn't run more than a single virtual machine on a physical machine.
<nme_> I got some ancient "terminal servers" solution here... they work under Windows Server, their load is high. Primarily those servers worked only on physical machines 2x Xeon 2 GHz (one core)... currently placed one of them as a virtual on 2x Xeon Dual 1.86 GHz each, but seems that load is higher... and Im thinking about placing 2 same vm on single hardware dividing clients to those two virtual terminal servers, how you think - how will servers load behave?
<soren> Let me see if I understand correctly..
<soren> You used to have two of these machines, each running on a Xeon 2 GHz?
<nme_> some old xeon single core machines
<soren> Right.
<nme_> now i got spare 2 x Xeon dual core 1.8 GHz
<nme_> running Ubuntu
<soren> Ok.
<hads> $SOME load
<soren> And how many cpus have you assigned to the guests?
<nme_> and Im running there kvm with exact copy of system from physical machine above
<soren> ok.
<nme_> I have 2 cores to VM (physical machine have 4 of them)
<nme_> I gave 2 cores... ^
<soren> Ok. The guest is running Windows?
<nme_> y, Windows 2003 Server
<soren> And it's using both cores?
<nme_> dont know how to check it - currently machine runs DRBD, kvm and 1 vm (this Windows 2003 Server), /proc/interrupts shows every single core is used in same manner...
<soren> The guest.
<soren> not the host.
<nme_> yes
<soren> Err...
<soren> Windows has /proc/interrupts now?
<nme_> it uses 2 cores, I can give it 4 cores
<nme_> naah, speaking about domu
<soren> domU is Xen-speak.
<nme_> or whatever is should be called for kvm
<nme_> how should I call it?
<soren> Guest.
<soren> Or virtual machine.
<nme_> ok
<nme_> Guest uses 2 cores simultanously
<nme_> everything seems to be ok
<nme_> I tried to run it on three cores but guest hanged after aprox 3 minutes
<soren> Ok. I don't know then. If the guest is really using two cores, each running at 1.8 GHz, I would expect that to be faster than one core at 2 GHz, but it seems that every time I make assumptions about Windows...
<soren> ...let's just say that I should really not do that.
<nme_> two one core cpu 2 GHz
<nme_> but thats some old Xeons
<nme_> there is sth like bogomips
<Deeps> so you've gone from dual cpu 2ghz xeons, to single cpu dual core 1.8ghz xeons
<nme_> Deeps: dont know exacly. machine have dual cpu dual core, i gave VM 2 cores.
<nme_> i can run VM on 4 cores
<soren> This is very confusing.
<nme_> or i can run 2 VM on 2 cores
<nme_> :/
<nme_> ok, end of story then ;)
<Deeps> run 1 vm on 4 cores
<Deeps> then you should see a performance increase
<Deeps> right now you've gone from (in very simple terms) 2x2ghz to 2x1.8ghz
<soren> there you go making assumptions about Windows' performance again... Dangerous that is.
<Deeps> in very simple terms, and from what you've demonstrated, there is an obvious performance loss
<soren> No, he's gone from 1x2GHz to 2x1.8GHz... Right?
<Deeps> 1122.51 < nme_> two one core cpu 2 GHz
<Deeps> made me think its 2x2ghz
<nme_> soren: 2x2ghz to 2x1.8
<nme_> soren: Deeps seems to be right
<Deeps> he's not very good at expressing himself
<soren> 11:25:17 < soren> This is very confusing.
<Deeps> in anything, it seems
<soren> nme_: Well, of course that's slower. Why wouldn't it be?
<nme_> I just thought that newer Xeons have better performance because of higher bogomips
<soren> There's a reason they're called *bogo* mips.
<nme_> higher bogomips, lower nm technology
<nme_> hm ;)
<soren> "the number of million times per second a processor can do absolutely nothing."
<nme_> soren: right, but I did use this parameter to select new server for network traffic shaping + filtering machine and it helped me a lot
<soren> Coincidence.
<nme_> soren: does newest virt-manager have possibility to create qcow2?
<nme_> btw if you dont want to talk with me anymore just say it ;)
<soren> nme_: I don't think it does, no.
<nme_> is ubuntu-server able to run vanilla kernel?
<soren> nme_: I think I don't understand the question...
<soren> nme_: Why wouldn't it be?
<zul> Koon: did you try my kernel?
<Koon> zul: yes I did.
<Koon> zul: fixes the issue when using -o nodfs
<Koon> I think that's an acceptable solution, after all the bug is not really on our side, and we provide a way to workaround it
<zul> Koon: sweet ill push that to my git archive today then
<soren> nodfs? What's that?
<Koon> soren: a cifs mount option
<soren> Oh, no dfs. Heheh :)
<Koon> soren: that workarounds a bug in samba 3.0.24 and 3.0.25
<soren> Bug no?
<Koon> bug 286828
<uvirtbot> Launchpad bug 286828 in samba "Access to samba 3.0.24-3.0.25 shares using CIFS is broken on 8.10" [Undecided,Invalid] https://launchpad.net/bugs/286828
<soren> This sounds very much like something I fixed a long, long time ago.
<Koon> it was fixed serverside in 3.0.26
<Koon> but some unlucky souls are stuck with some buggy NAS
<soren> Right. I fixed it clientside, but that might have been in smbfs.
<soren> As I said: Long time ago.
<soren> Koon: Hehe... Funny.
<soren> https://bugs.edge.launchpad.net/ubuntu/+source/samba/+bug/286828/comments/8 <--- That's exactly what I implemented in smbfs.
<uvirtbot> Launchpad bug 286828 in samba "Access to samba 3.0.24-3.0.25 shares using CIFS is broken on 8.10" [Undecided,Invalid]
<uvirtbot> New bug: #300671 in openldap (main) "happend while running do-release-upgrade" [Undecided,New] https://launchpad.net/bugs/300671
<zul> soren: thats why I dont use windows
<axisys> how do I upgrade my ubuntu server to intrepid or sh'd I stick with hardy heron LTS ?
<soren> I'm clearly full of shit. It was something relating to UNIX extensions that I fixed in smbfs.
<soren> axisys: If there was just one answer to that question, we wouldn't be supporting both choices.
<zul> soren: i thought smbfs was from debian
<soren> -v
<zul> soren: sorry still not awake yet
<axisys> soren: i am sorry i did not follow your answer..
<soren> axisys: i don't know you. I don't know your needs. I don't know your systems. I don't know anything. (Feel free to quote me on that last bit)
<axisys> soren: :-)
<soren> axisys: If "hey, should I stick with Hardy or go with Intrepid" only had one answer, why would we offer both options? What would be the point?
<axisys> soren: don't know the point... ok so if I like to upgrade the ubuntu server, how do I go by doing it?
<soren> axisys: Well, do you want to?
<axisys> soren: yes
<soren> Ok. Because, you know, 15 minutes ago you weren't so sure. What changed?
<axisys> soren: dude!
<axisys> in ubuntu client.. it is easy.. using software sources and update manager i can upgrade it.. i have no gui here plus it is at remote site
<soren> axisys: I'm just trying to make sure that it's not something I said that made you think "oh sure, Intrepid's the only way to go".
<soren> axisys: I'm still running Hardy on some of my server. Others are running Intrepid. One is even running Jaunty.
<soren> It depends.
<axisys> soren: i found the answer in google.. thanks a lot
<soren> If you want to run Intrepid, that's fine. 20 minutes ago, you weren't sure, and I'm just trying to help you make sure that you made the right decision. there's no turning back once you've upgraded.
<soren> do-release-upgrade is the magic incantation.
<axisys> soren: it is not in production.. so no biggie..
<soren> It's in update-manager-core from hardy-updates.
<axisys> soren: yep I saw it
<axisys> sudo aptitude install update-manager-core ; sudo do-release-upgrade
<axisys> Checking for a new ubuntu release
<axisys> No new release found
<axisys> too funny
<axisys> we all know that is a lie
<jgjones> it's probably set to looking for next LTS only?
<jgjones> I remember that was the default on my hardy
<axisys> jgjones: how do I change it? i
<jgjones> dunno
<jgjones> I'm still on Hardy :)
<jgjones> I am probably wrong because that was the option I saw on a *desktop* version of Hardy, not server...so I am just assuming here.
<axisys> looks like I have to edit this file first /etc/update-manager/release-upgrades
<axisys> Prompt=lts need to change it to normal
<jgjones> yeah that would be right.
<jgjones> all my servers are LTS versions anyway (dabber and hardy)
<axisys> jgjones: ok.. thanks for the input
<jgjones> no worries, you did most of the work yourself mind you :)
<axisys> jgjones: :-)
<thefish> i have a jeos 8.04 server connected to a kvm with a usb 'cam', i can use the keyboard in bios, and in the grub menu, and during install it worked fine, but when i get a login prompt the keyboard is non-responsive. anyone have any idea what to try?
<thefish> (i had to drop to a terminal at the end of install to install ssh before the final reboot, this was the only way in)
 * Faust-C wonders how to reactivate BT, #ubuntu is useless
<Faust-C> thefish, from ssh do
<Faust-C> X -configure
<thefish> i have no x though
<Faust-C> o
<Faust-C> srry
<Faust-C> was thinking wrong
<Faust-C> hmm
<thefish> :)
<thefish> ye its just a login prompt
<Faust-C> is it usb kb?
<thefish> its a usb "cam", effectively a usb keyboard though yes
<thefish> same cam works fine on a 6.04 server (thats a full server install though, not jeos)
<thefish> so wondering if theres some kernel module that wants loading or something
<thefish> ah usbhid is not in the -virtual kernel conf
<Faust-C> most likely
<uvirtbot> New bug: #300691 in tomcat6 (main) "tomcat6-instance-create should allow to specify ports" [Wishlist,Confirmed] https://launchpad.net/bugs/300691
<_ruben> running the -virtual kernel on bare metal seems a bit odd to me
<uvirtbot> New bug: #300699 in tomcat6 (main) "Provide APR based Apache Tomcat Native library" [Wishlist,New] https://launchpad.net/bugs/300699
<thefish> _ruben: is there another kernel that can be chosen for jeos during install?
<thefish> spose its meant for virtual
<zul> wheee..stupid cifs bug fixed
<sommer> zul: strong work... and you deserve a trip down the slipper slide :)
<zul> sommer: or a trip to california
<sommer> heh, that too
<ScottK> So the first time I read that I misread a tr for the l some how.
<genii> Hi. I have a Q not directly relating to ubuntu but since I think may admins etc here, someone may know. How much money per foot is reasonable to pay for "last mile" of fibre-optic (in US or CDN $)
<genii> If you know a better channel to ask in as well
<Crogge> Hey, anyone here who could help me a second, I have a SIL 3114 Controller in my Server and a RAID 10 configured over the SATA Controller. Now I want to install a dual boot win my windows 2000 advanced server (means I cant delete the raid), lspci detect the card but the install doesnt find the HDD.
<Crogge> Nobody here who use a Server with a S-ATA Controller?
<genii> Crogge: You may have to manually load whatever driver it takes
<Crogge> I searched already in a lot of Forums but I cant find it
<Crogge> The funny thing is that the console detect the partitions
<Crogge> http://croggesserver.se/Images/Untitled%20863.jpg
<Crogge> It took me 2 days to get Windows 2000 Advanced Server running on it after Silicon Image mailed me the 10. driver
<Crogge> Any idea why cat can find it but the install cant?
<genii> Crogge: The driver name is sata_sil , is it loaded?
<genii> Crogge: eg:  lsmod | grep sata_sil                        should produce a result
<awsoonn_> hi all, I'm thinking about thin clients, can ubuntu server serve out windows XP to a thin client?
<sommer> awsoonn_: not sure what you mean?
<awsoonn_> sommer: I wish to have a number of thin clients, some of my users want linux, some wish to have windows
<awsoonn_> Can ubuntu server do this kind of thing?
<sommer> awsoonn_: LTSP can serve linux to thin clients... I don't have any experience with it myself though
<sommer> awsoonn_: I believe edubuntu makes it easy to setup
<awsoonn_> ok, that's what I though. :( Thanks sommer
<sommer> awsoonn_: edubuntu has irc channels I'm sure... you might ask there
<sommer> or wait around here someone may know more :)
<awsoonn_> I'll keep reading for now, hopefull someone might be able to chime in with a solution. :)
<genii> awsoonn_: Yes it can
<awsoonn_> genii, do you happen to have a link wiht some juciy information :)
<awsoonn_> have you ever used it? does it use KVM can it load balance netween servers, what if I have just under a thousand machines that I want to eventual move to thin clients? *excited*
<genii> genii: Not handy. But I have experimented with this and gotten a PXE boot server with choice of ubuntu,win98, and MacOS 7.5
<jmarsden|work> awsoonn_: http://doc.ubuntu.com/edubuntu/edubuntu/handbook/C/server.html
<genii> awsoonn_: Basically anything which you could boot from a cd can be made to run from it
<awsoonn_> but just pure PSE boot means I'm useing the thin client's resources, no?
<awsoonn_> PXE**
<genii> awsoonn_: Yes. You want to actually run the os on server then?
<awsoonn_> I wish to have a sort of KVM/XEN/VMWARE type situation where the desktop is accually decoupled from the thin client.
<awsoonn_> :)
<awsoonn_> is that not what the LTSP is?
<genii> awsoonn_: Yes :) For foreign os on that, not sure.
<jmarsden|work> awsoonn_: Check out http://www.ulteo.com/home/en/news/2008/11/19 also?
<awsoonn_> genii: and that's what I'm hopeing for :)
<genii> awsoonn_: Conceivably you could just run individual apps under wine from the server and then serve THAT, which could get interesting
<awsoonn_> genii, my users would shoot me then fire me.
<awsoonn_> :-p
<genii> Hehe
<jmarsden|work> awsoonn_: For multiple servers/load balancing with LTSP on Edubuntu, see http://doc.ubuntu.com/edubuntu/edubuntu/handbook/C/multiple-server-setup.html
<Crogge> genii> Crogge: eg:  lsmod | grep sata_sil                        should produce a result  -> It does nothing, it just wait for the next cmd
<awsoonn_> jmarsden|work: this ulteo thing is prety cool
<jmarsden|work> Maybe... esp for networks with existing "fat" client PCs on them.  Anyway, read the Edubuntu handbook and the Ulteo docs, and then do a small test installation to try thing out and get a feel for what you really need.
<genii> Crogge: This means that the driver is not loaded for the sata controller which is in your box. So to load it, use: sudo modprobe sata_sil
<genii> Crogge: Try this before attempting any partition manager or so
<Crogge> nothing happen when I type it
<genii> Good
<Crogge> I have the Ubuntu Server Disc in the Drive (Keyweb put it in for me) then I started the setup, choosed install ubuntu and pressed CTRL+ALT+F2
<Crogge> then the console opened and I tried to enter it
<genii> Crogge: When things work properly in command line it doesn't tell you "hey that went well" it just comes back to the next command prompt.
<Crogge> oh ok
<Crogge> I just started 2 weeks ago with Linux Servers to get a basic knowledge, I was happy when my software run good on my Linux VM
<Crogge> Now I wanted to install it on one of my roots
<Crogge> im a bit under pressure thats the reason why I joined this channel
<Crogge> So what should I do after I typed sudo modprobe sata_sil ?
<Crogge> I really get out of ideas what I should do now, if I drop the raid then Windows would be gone too and I have no possibility to reinstall it
<genii> Crogge: At any rate. If you are used to the "hit f6 to install alternate driver disk" part of windows install, doing the:   sudo modprobe sata_sil           is similar
<Crogge> ah nice
<Crogge> so it load the silicon image driver with this command?
<genii> Crogge: The modprobe command just loads whatever driver you name
<genii> Yes
<Crogge> ok thanks
<Crogge> how can I continue the install after I did this?
<genii> Crogge: You used something like alt-f1 or ctrl-alt-f1 ?
<Crogge> ctrl+alt+f2
<Crogge> after it asked for the system language
<genii> Crogge: Server cd?
<Crogge> yes
<Crogge> My ISP gave it me
<Crogge> 64bit Ubuntu Server Edition 8.10
<genii> Crogge: Just cycle through alt-f1 alt-f2 alt-f3 alt-f4   til you find the console which the install is running on. I think f2    one of the consoles also shows all the output so far from the install process, which can be useful to watch sometimes for debugging
<Crogge> ah nice, got it :)
<Crogge> its at the network card part atm
<Crogge> (Skyfury look with me currently on the root with a kvm over ip device
<skyfury> yeh
<genii> Ah, like a PCI Weasel or so?
<Crogge> yes its similiar
<skyfury> i prefer gophers!
<Crogge> our ISP gave it us
<skyfury> a lil buggy to me this thingy
<Crogge> We can use it only for a few hours and hundreds of members wait that the server come back online, thats the problem
<Crogge> yeh a bit
<skyfury> im afraid to control a server install through an java applet :-x
<Crogge> well it work ok so far
<genii> skyfury: Me too
<Crogge> It says again "Installation step failed ... the failing step is: detect disks"
<genii> Hm
<genii> When you look at the stdout console of alt-f4 or so, does it have anything enlightening to report?
<Crogge> ah yes
<Crogge> "Installing dmraid-udeb"
<genii> Don't paste here if any more than a couple lines, use pastebin instead
<Crogge> its one line only
<genii> Crogge: I haven't seen that package before
<genii> !info dmraid-udeb
<Crogge> "no RAID sets and with names: "sil_acabacaachdf-1"
<ubottu> Package dmraid-udeb does not exist in intrepid
<Crogge> it fail there, then the disk-detect errors appear
<Crogge> (When it try to enable dmraid)
<genii> Crogge: Is it a raid1 ?
<Crogge> Raid 10
<Crogge> As I showed on the Screenshot its configured over the hardware controller
<Crogge> one 80GB partition for Windows and the rest has no partition (free for linux)
<genii> Crogge: Yes. When the raid is *really* hardware then you should just see like a regular drive designation like sda or such
<Crogge> Thats the question, if it is a "true" hardware raid
<skyfury> the most are just fakes :(
<genii> Crogge: I haven't dealt with that particular controller before, so no idea
<Crogge> When i task me "Activate Serial ATA RAID devices" and I select "no"
<Crogge> what could go wrong?
<genii> Everything? ;)
<Crogge> Cause Windows saw it as 1HDD
<Crogge> It even worked without driver but made a blue screen after it tried to boot
<Crogge> only with driver it worked afterwards
<genii> Well, if it was only raid1 you could deactivate it wouthout issue, since just forst one would boot. Raid 10 I dunno what might happen
<Crogge> I see
<genii> At any rate I have to go /away a while, this IRC client is on a remote box and will come /back in about an hour
<Crogge> sure, thank you for your help so far
<lmatos> hello there ...
<lmatos> can anyone help me with an hp dl 260 G4 ... not with installation, but with functionallity
<lmatos> the server does not seem to be booting
<lmatos> well ... it is not booting
<lmatos> the power suply led is off
<jmarsden|work> lmatos: Well, the first things to check would be (a) is it plugged in to known good AC power and (b) is the power switch on the power supply turned on?
<lmatos> jmarsden|work, on the power supply?
<lmatos> this power supply does not have one
<jmarsden|work> Isn't there a 0-1 rocker switch on the PSU?  I'm not sure, trying to find the manualfor that server online, seems liek it is an older server model...
<jmarsden|work> OK, then if it is connected to good AC power... you probably need to replace that PSU?
<jmarsden|work> You said HP DL 260 -- HP lists a DL 360 but I see no DL 260 mentioned on their site...?
<jmarsden|work> See http://h20180.www2.hp.com/apps/Nav?h_pagetype=s-001&h_lang=en&h_cc=us&h_product=241644&h_client=S-A-R163-1&h_page=hpcom&lang=en&cc=us
 * ScottK gives kirkland a smack in the head about -v when he builds the package for a merge.
<kirkland> ScottK: got it.
<ScottK> kirkland: No problem.  We all forget that one sometimes.
<kirkland> ScottK: yeah, i had multiple working directories going on that merge
<kirkland> ScottK: ended up uploading the wrong one ... no functional differences.  but i also have a debian bug number for a patch I sent, left that out of the change log too
<ScottK> kirkland: I finally just made it part of my personal workflow to always read .changes before I dput.
<ScottK> I've caught myself on quite a number of mistakes that way.
<kirkland> ScottK: agreed, good plan
 * kirkland will do the same
#ubuntu-server 2008-11-22
<opapo> I configured the ldap server according to: http://www.debuntu.org/ldap-server-and-linux-ldap-clients
<opapo> I configured the client with ldap-auth-client and auth-client-config
<opapo> defaults on the client stuff
<opapo> I use getent passwd but only get local stuff
<opapo> what am I doing wrong
<opapo> The config files for the client are the same as described in https://help.ubuntu.com/community/LDAPClientAuthentication
<jmedina> opapo: what about your /etc/nsswitch.conf
<lmatos> jmarsden|work, sorry ... had to leave ... dl 360 g4 yes
<jmarsden|work> lmatos: Service manual for DL360 G4 is at http://bizsupport.austin.hp.com/bc/docs/support/SupportManual/c00218204/c00218204.pdf
<jmarsden|work> lmatos: http://bizsupport.austin.hp.com/bc/docs/support/SupportManual/c00300504/c00300504.pdf is a troubleshooting guide.
<skyfury> i wanna set up some raid10 with ubuntu 8.10 server - its not detecting my raid devices - controller is onboard Thunder K8SR (S2881) <- i think this is a fake controller (software)... any suggestions?
<bogey-> can someone tell me how to configure mysql to allow a remote connection?
<hads> /etc/mysql/my.cnf
 * zoopster jetlagged
<ladfnet> how come ubuntu does not forget my network settings that are not set in /etc/network/interfaces?
<ladfnet> when i reboot...
<Deeps> you used any tools to configure your network interfaces?
<Deeps> or configured for dhcp, and reaquiring the same dhcp lease from your dhcp server
<ladfnet> there's not dhcp, just static ip's set.
<ladfnet> i use ifconfig to bring up an interface
<ladfnet> and I have two vlans on eth0 as a trunk nic
<ladfnet> the first vlan is set in the interface file, but the second is not.
<ladfnet> when I reboot they are both up.
<ladfnet> The really wierd thing is that if I do a /etc/init.d/networks restart then all network fail. When I reboot everything is working again
<ladfnet> vconfig was used to configure the vlans initially
<ladfnet> I never used any other tools.
 * delcoyote hi
<ladfnet> how come when i reboot, ubuntu does not forget my network settings that are not set in /etc/network/interfaces? I have not used any tools beside ifconfig and vconfig (I have two vlans on a trunk port). No dhcp involved. Any ideas/tip greatly appreciated. (It's server/black box)
<Jeeves_> ladfnet: If you don't config it in the interfaces file
<Jeeves_> it will be gone on reboot
<ladfnet> well it's still there, and I don't know why
<Deeps> lol, bug
<ladfnet> well, it's a real headache. it's a remote server, so configuring the network under these conditions suck
<ropetin> ladfnet: When you reboot are the settings configured via DHCP or statically assigned, if that makes sense?
<ladfnet> static
<ropetin> So your DHCP server doesn't get a request from the server?
<ladfnet> no dhcp at all.
<ladfnet> staticly defined ips
<ropetin> And a follow up question, how does it suck?  I would have thought it would make things easier if working remotely, at least you know what IP it is going to be on.  If you're messing with other network settings remotely, how about you set the server to DHCP, then when you change your DHCP server, this server will come along with it
<ladfnet> i have eth0 as a trunk nic, and two vlans. one vlan is the internet connection which i'm connecting/configuring over, and the other is a vlan I'm trying to get working correctly.
<Deeps> in precisely that way it sucks, lots of extra effort required to fiddle network settings remotely
<ladfnet> when i configure the second vlan in the interfaces file the network crashes, and a cronjob has to save my ass
<Deeps> i normally use a fairly rudimentary dms in a cronjob to force the settings back to a known good config every hour or so
<Deeps> when doing that kinda thing
<ladfnet> when i configure the second vlan with vconfig and ifconfig it works, and ubuntu remembers the settings when i reboot, but it's not defined in the interfaces file
<Deeps> but it is a pita, i agree withcha
<ropetin> Meh, I'm just getting off a night-shift fighting with horrid network issues of my own, so I'm not thinking straight!
<ladfnet> i've spent days on this, and I'm not narrowing my search for why ubuntu remembers something it should not
<ropetin> Have you done something such as grep the file system to see if you can find the settings in some config file somewhere?
<yann2> I've got a problem - I am trying to set ubuntu up on raid 10. However, my server only supports raid1. So i've made to raid1 partition, and a soft raid 0 on top of it.
<yann2> However, with this setup , grub fails to install. Is that normal, how can i work around?
 * yann2 very angry
<yann2> this whole hardware certification process is a pure joke. I'm on my third critical installation issue.
<Kira> My server responds to ping, but SSHd and Apache Httpd have stopped responding to network requests. o.O
<Kira> Is there any way I can still remotely resurrect that server?
<joerlend> I followed the guide at https://help.ubuntu.com/8.04/serverguide/C/openldap-server.html
<joerlend> I'm using LAT (LDAP Administration Tool). I can add users and groups just fine, except that I can't add users to groups, but must add groups to users. How can I fix that?
<joerlend> perhaps there is an error in the example LDIF presented on the wiki?
<joerlend> or something missing?
<r00tintheb0x> joerlend, use webmin
<r00tintheb0x> joerlend, are you trying to bind it to a windows DC?
<joerlend> no.
<joerlend> why would I want to use webmin for this?
<javaDev> I have problems with high usage of CPU by Xorg. Can I count on any help with solving this problem. I think its problem with nvidia drivers and 3d acceleration.
<jmarsden> javaDev: You need proprietary 3D drivers on a *server*?  This is #ubuntu-server... for server use just revert to the 2D open source driver, surely...
<ScottK> Ubuntu Server doesn't include X, so any discussions about X issues are really better done elsewhere.
<javaDev> ok thanks my bad ;)
<DustWolf> How can I force version in apt-get or aptitude?
<Ahmuck> sudo apt-get -f
<DustWolf> attempts to fix broken dependencies
<DustWolf> that isn't it
<DustWolf> obviously
<Deeps> what do you mean 'force version'?
<Deeps> if you want different major releases, they'll be separate packages, e.g. sqlite2, sqlite3
<DustWolf> I have a server that has a 20 meg boot partition because of a bios issue... I wanted to upgrade the kernel only to realize it's too big.. now I want to reinstall the old version
<DustWolf> I have already set up the files from the backup as they should be, but I'd prefer to have apt be happy with it
<Deeps> not sure you can, maybev if you use the original install media as your apt source
<DustWolf> if I can't, how can synaptic do it?
<Deeps> i didnt know it could
<DustWolf> it can
<Deeps> cool!
<Deeps> sounds like you know more than me, and here you are asking me for advice ;)
<DustWolf> *sigh* you're the 3rd person I broke the news to...
<DustWolf> just wish somebody could help me
<Deeps> google knows more than everyone in this channel combined
<DustWolf> note to self: NEVER go upgrading the kernel before a planned shutdown
<DustWolf> google is useless on the issue
<DustWolf> it's the first place I looked
<ScottK> DustWolf: If you've got the .debs, you can install them with dpkg (dpkg -i) and it will happily downgrade them for you.
<DustWolf> I can install the versions as they are since the one that gets upgraded is a virtrual package anyway
<DustWolf> but I don't know if I got them all
<DustWolf> hmm
<DustWolf> *reads dependencies*
<DustWolf> btw, Deeps: packages --> force version
<Deeps> DustWolf: i dont use guis, but ta
<Deeps> DustWolf: well, linux guis, anyway, heh
<DustWolf> I see
<Deeps> i'm glad
<DustWolf> Failed to symbolic-link boot/initrd.img-2.6.22-14-server to initrd.img.
<DustWolf> great
<ScottK> Did you run update-grub?
<DustWolf> I did reinstall of the old kernel
<ScottK> Yes.  After you did that.
<DustWolf> not yet?
<DustWolf> ok deleted old links
<ScottK> I'd do that then.
<DustWolf> seems to be reinstalling fine now
<DustWolf> ok that's that
<DustWolf> the virtrual packages aren't installed
<DustWolf> but hopefully nobody needs them
<ScottK> DustWolf: You really only need those to notice there's a new kernel and get all the required bits updated.  That seems like exactly what you don't want.
<DustWolf> *nod*
<DustWolf> I was just wondering if any other package depends on them
<ScottK> No.  That's all they're for.  If later you try upgrading again, you can do it by just reinstalling the metapackage.
<DustWolf> *nod*
<DustWolf> is there any way to do x forwarding without having x installed and running?
<kirkland> ScottK: hiya, still around?
<kirkland> ScottK: any chance I could trouble you for an upload of the patch attached to https://bugs.edge.launchpad.net/ubuntu/+source/ecryptfs-utils/+bug/301085 ?
<uvirtbot> Launchpad bug 301085 in ecryptfs-utils "broken mount counter" [Undecided,New]
<ScottK> kirkland: I'm just on my way out the door.  Perhaps later tonight if no one else gets it first.
<kirkland> ScottK: thanks
<kirkland> ScottK: i subscribed u-m-s
<joerlend> I have an NX terminalserver running. I'd like to have VoIP between the users, preferably using Ekiga. Is Asterisk the best solution for this, or is there other, simpler services?
<TimR> hey guys
<TimR> can somebody tell me how to get 1000mbps network card to work on my server
<joerlend> "work"?
<TimR> yea
<joerlend> perhaps you should offer a raise.
<TimR> ok
<joerlend> what do you mean "work"?
<jmarsden> TimR: What card, and what does it do now when it doesn't "work"?
<TimR> well i just bought me a gigabyte network card and i am trying to make it work
<TimR> its a linkskey
<TimR> 10/100/1000 pci ethernet adapter
<TimR> and i want 1000 to work on my server
<jmarsden> TimR: So you plugged it into the server, cablied ti to a gigabit switch port, and turned the server on... what does it do or not do now?
<jmarsden> s/cablied/cabled/
<TimR> ok
<joerlend> ok?
<hads> heh
<jmarsden> TimR: It does OK?  Then it is alraedy working??
<jmarsden> TimR: Have you read and understood https://help.ubuntu.com/8.10/serverguide/C/network-configuration.html
<joerlend> hehehe
<BoredBoring> hello
<joerlend> hello.
<BoredBoring> i have a networking problem with the current release of the ubuntu server
<BoredBoring> i manually set up an ethernet devide using ifconfig
<BoredBoring> i create a route for it with route
<BoredBoring> but after a reboot
<BoredBoring> all those settings are gone
<BoredBoring> i have to do all the configuration again
<BoredBoring> :(
<BoredBoring> any ideas?
<BoredBoring> nobody? :(
<joerlend> patience is a virtue.
<BoredBoring> :D
<joerlend> have you configured your /etc/network/interfaces?
<BoredBoring> no
<BoredBoring> i thought that ifconfig would change the configuration permanently?
<joerlend> then you should.
<joerlend> no.
<BoredBoring> so ifconfig only works for one session?
<joerlend> yup.
<BoredBoring> and there is no switch to make have it make permanent changes?
<BoredBoring> -make
<hads> That's not what ifconfig is for.
<joerlend> no, the changes are permanent because you've configured your /etc/network/interfaces and ifconfig is run at every boot.
<BoredBoring> ah
<BoredBoring> i see
<BoredBoring> i will try the configuration of /etc/network/interfaces
<BoredBoring> thX!
#ubuntu-server 2008-11-23
<ScottK> kirkland: Looking at it now.
<ScottK> kirkland: Uploaded.  Thank you for your contributioin to Ubuntu.
<uvirtbot> New bug: #301104 in mysql-dfsg-5.0 (main) "mysql-server-5.0.postinst causes seg fault" [Undecided,New] https://launchpad.net/bugs/301104
<kirkland> ScottK: :-D  cheers
<MatBoy> does someone know anything about advetisements in /etc/motd ?
<jmarsden> MatBoy: Read http://www.sabi.co.uk/Notes/linuxHelpAsk.html and avoid "Does someone..." ?  What is your real question?
<MatBoy> jmarsden: I just heard from someone about such an advertisement in /etc/modt
<jmarsden> That's not a question... what are you trying to do or to fix or ...?
<MatBoy> it goes about canonball (or how I type it) ads
<MrWGW> specifically
<MatBoy> jmarsden: they guy wants it removed :)
<MrWGW> it was alleged by someone in #nexenta
<MrWGW> that Ubuntu Server, if you do a dpkg-update, IIRC
<MrWGW> will replace, every hour, /etc/motd, with a plug for Landscape
<Deeps> urrr, lol
<MatBoy> Deeps: no fun at all ;)
<jmarsden> MatBoy: You can edit the file /etc/motd yourself to remove anything in there.  I'd be very surprised if anyt official package from Ubuntu would mess with it.
<jmarsden> MatBoy: Dowe know which package or packages "someone" thinks does this?
<ScottK> kirkland: ^^^ I'm not a big fan of the advert for landscape myself.
<MatBoy> jmarsden: ask MrWGW he came up with it in different channel and I thought, I will ask :)
<MrWGW> indeed
<jmarsden> MrWGW: OK... do we know which package is doing this?
<MrWGW> actually it was dotwaffle in #nexenta who levied the allegation
<MrWGW> they're saying its update-motd
<jmarsden> This appears to be related to bug 268447
<uvirtbot> Launchpad bug 268447 in landscape-client "MOTD should not point to https://landscape.canonical.com if you are not a customer" [Undecided,New] https://launchpad.net/bugs/268447
<MrWGW> ok good, so its a bug
<MrWGW> whew
<Kira> Telnet is not installed/enabled by default on Ubuntu Hardy server, right?
<MrWGW> because if you were doing this deliberately I would be pissed
<jmarsden> Read the bug, Mark Shuttleworth thinks it is OK, from what I read.  And BTW I am not Canonical, so the "you" is misdirected  :-)
<MrWGW> ahh so its not a bug?
<MrWGW> woo
<jmarsden> MrWGW: Looks like if you remove the landscape-client package you will solve the "problem".  DO you need/use landscape-client?
<MrWGW> oh I don't even use Ubuntu Server, I was just curious if this was actually the case
<jmarsden> OK, then read all about it in bug 268447 -- end of thread.
<uvirtbot> Launchpad bug 268447 in landscape-client "MOTD should not point to https://landscape.canonical.com if you are not a customer" [Undecided,New] https://launchpad.net/bugs/268447
<MrWGW> hep
<MrWGW> yep
<MrWGW> rather
<jmarsden> MrWGW: I just added a comment to that bug describing one way to remove the ad.
<kirkland> jmarsden: MrWGW: ScottK: sudo apt-get remove landscape-common
<jmarsden> kirkland: That prevents me from getting the stats in motd; I prefer my way of removing the ad, see comment added to bug 268447
<uvirtbot> Launchpad bug 268447 in landscape-client "MOTD should not point to https://landscape.canonical.com if you are not a customer" [Undecided,New] https://launchpad.net/bugs/268447
<ScottK> kirkland: Sure.  If it's appropriate for Canonical to advertise their proprietary offerings, then it's appropriate for others too.  I'd rather we don't head down that path, but if we do, we do.
 * Kamping_Kaiser didnt notice adverts in motd as part of the landscape discussion ;)
 * Kamping_Kaiser wonders if his posts were moderated through
 * Kamping_Kaiser goes to find out what happened to that thread - not seen it recently
<Kamping_Kaiser> heh. i killed it
<Kamping_Kaiser> :S'
<Sausage> My server has 3 IP addresses, and I want to use something other than the default for opening a new connection under one user or process, can someone help me?
<ropetin> Sausage: I'm not sure how much help I can give, but...  Are they all on the same subnet or different ones?
<Sausage> Different ones
<Sausage> 64.79.197.221, 67.223.236.193 and 209.59.207.58
<Sausage> I want to use one to connect a friend to an IRC server using his domain instead of mine.
<ropetin> Cool, that helps.  Will any other user or process ever need to connect to the IP(s) that you want to connect to?
<Sausage> Well I made him change his domains to use 67.223.236.193 instead, so yes.
<ropetin> Hmm, I was going to suggest setting a static route for the destination IP going through the specific device
<ropetin> But I guess that won't work
<Sausage> If it's possible to change all connections from his account to that IP it would be awesome :(
<ropetin> Would an IRC Bouncer helP?
<Sausage> I'm using an IRC bouncer.
<Sausage> Right now he's using the same one I'm on though.
<Sausage> So he's Wolfdog!sausage@tehsausage.com for now
<ropetin> And you'd rather he show as @somethingelse?
<Sausage> Pretty much.
<ropetin> See, I KNEW I wouldn't be much help!
<Sausage> XD
<Sausage> Still waiting for the DNS changes to kick in though, so it doesn't matter how long I take.
<ropetin> :D
<Deeps> Sausage: muh and psybnc both allow you to specify an outbound ip
<Sausage> Really? I wonder if znc does then.
<Sausage> I just dropped psyBNC for being screwy with openvpn (and being hard to set up =[)
<Deeps> sbnc does as well i believe
<Sausage> Do you know how they actually do it? bind() before connect() or something?
<Sausage> Well, that doesn't make sense XD
<Deeps> no idea, you're in luck though, they're all open source
<Sausage> But something like that.
 * Sausage gets the psybnc source
<ropetin> Yeah, I just checked, psyBNC seems to allow you to set different vHosts for different users
<Sausage> Anyway, looks like znc has no option for that :x
<Sausage> I might have to switch back to psyBNC if there's no way.
<Sausage> I need to fix mysql too, that's failing since I rebooted XD
<Sausage> 081123  4:57:30 [ERROR] mysqld: Can't create/write to file '/var/run/mysqld/mysqld.pid' (Errcode: 2)
 * Sausage investigates
<Sausage> Directory disappeared, oh well XD
<ropetin> It's not your day, is it Sausage?
<ropetin>  :D
<Sausage> Meh, not so bad
<Sausage> I upgraded my VPS, double RAM, bandwidth etc.
<ropetin> Which provider?
<Sausage> vpslink
<Sausage> http://tehsausage.com/bc.txt
<Sausage> I don't think I'll be hitting any of those limits any time soon
<Sausage> VHost - This is a list of allowed vhosts. It is used by the webadmin module for users to select one. (Set different vhosts in "Settings" on your Webadmin-Interface first - one per line - to make them appear in users configs afterwards)
<Sausage> That's in the znc docs, might be able to after all.
<Sausage> w00t
<Sausage> Wolfdog (wolfdog@daIRC-411416E4.net) has joined #eohax
<Sausage> It's cloaked but I can tell what that is :P
<ropetin> :D
<MrWGW> very good stuff re: that advert
<bugfixes> hello all
<jmarsden> MrWGW: Yes. Now you (or whoever it was really had the issue on their server) have multiple ways to get rid of the ad :)
<uvirtbot> New bug: #301211 in dhcp3 (main) "fail to install/upgrade" [Undecided,New] https://launchpad.net/bugs/301211
<AnRkey> my imap server is set to use tls, how can i turn this off? I am using postfix, dovecot-imap, promail, and fetchmail
<AnRkey> procmail soz
<AnRkey> ok never mind, found it. in /etc/dovecot/dovecot.conf i changed disable_plaintext_auth = yes to no
<Santolina> hello ... I am a complete newbie ... I have a Ubuntu server with no graphical environment, and for some reason a couple of hours ago the images folder content (several subfolders with hundreds of jpegs) has DISSAPEARED ... the rest seems to be OK (Apache conf, PHP scripts and MySQL tables) ... any clues of which log files should I check in order to know if somebody has hacked my server?
<Santolina> how can I see if somebody has run a rm command recently?
<Santolina> which log files should I check in order to know if somebody has hacked my server?
<joerlend> if someone has broken your password by brute force, then you'll probably see lots of entries in auth.log
<joerlend> however, if someone has taken advantage of a hole in a service, then it might not be possible to see it.
<joerlend> if the rm command required root access, then you can see it in auth log too, as all sudo commands are logged. If it didn't, I don't think it's really possible, though you could inspect their history.
<Santolina> so my first check should be auth.log?  where is it stored?
<Santolina> is there any way a folder content can be deleted for any reason ... and the rest of the disk not?  I have no idea ... a full disk?? this is very strange since I was not logged in when it happened, I just detected it when accessing the web server from home
<Deeps> logs for most applications and services can be found in /var/log
<Santolina> the only explanation I can see is that somebody deliberately deleted the images folder
<joerlend> to delete that folder, would you need to use sudo before the rm command? If so, it will have been logged.
<Santolina> no ... I have entered a command to let root login
<Deeps> all sudo commands get logged by default!?
<joerlend> yes.
<Santolina> I don't remember the command, I was tired of typing sudo at any time
<Deeps> where?
<joerlend> auth.log
<Deeps> oh i seee
<Santolina> how can I restore the original situation ... forcing me to type sudo before deleting /var/www/images/  ?
<Santolina> right now, I can log in as root
<Santolina> but at the beginning I could not ... I needed to login as myname and then type sudo before deleting folders outside /home/myname
<Deeps> unforuntately, if you have been hacked, the only really safe course of action would be to wipe and start again
<Santolina> are there any known holes in Apache2 letting somehow delete folders remotely?
<Deeps> the problem wont be in apache, it'll more likely be in your php application
<Deeps> (if the attack vector used was via web)
<Deeps> poorly coded php websites lead to easy exploits
<Santolina> you mean showing PHP errors ?
<Santolina> I have set error messages to none
<Deeps> well, for starters, you've mentioned php and mysql, have you protected your code against sql injection attacks?
<Santolina> you mean escaping ' and " ?
<Deeps> there's a bit more to it than that, but that's a good start
<Santolina> where can I read about problems that could arise this way?
<Deeps> google
<Santolina> ok thanks
<Santolina> a lto
<Santolina> a lot  ;)
<Santolina> but ... I supose this way you can run malicious SQL queries ... but is there a way to delete folders by sql injection?
<wazon> hi
<wazon> could someone tell me how to put my old mail in a dovecot server?
<wazon> I've tried creating ".old", but it doesn't appear in squirrelmail
<uvirtbot> New bug: #298893 in samba (main) "winbind 3.0.28a-1ubuntu4.7 won't install/start" [Undecided,Invalid] https://launchpad.net/bugs/298893
<Rob123> anyone here with any webmin experience?
<Rob123> I've installed Webmin on a VPS and and now trying to figure out how to create a CSR for an SSL certificate (not sure if I need Virtualmin for this?)
<Rob123> hello?
<uvirtbot> New bug: #301301 in mysql-dfsg-5.0 (main) "package mysql-server-5.0 5.0.51a-3ubuntu5.4 failed to install/upgrade: subprocess post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/301301
<mindframe-> is there another way to create a virtual IP address besides creating a virtual interface?
<mindframe-> this situation is causing issues with bandwidth monitoring
<mindframe-> since kernel doesnt really create statistics on the virtual interfaces
<marshall> hey guay
<marshall> *guys
<marshall> i've installed apache, php and mysql in my LAMP installation. I also installed phpMyAdmin and Its not allowing me to login as a normal user or as root. it keeps saying access denied for user
<marshall> why can't i login to phpMyAdmin?
#ubuntu-server 2009-11-16
<Doorman352> I've heard several recomendations that if I want to explore Ubuntu Server with a GUI, I should just start with the Desktop version instead. It the "server" will reside on a network without direct access to the internet, is there any real reason I should use Ubuntu Server over Desktop?
<twb> Doorman352: ubuntu server and ubuntu desktop only differ in the set of packages installed by default, and the set of packages "cached" on the install medium.
<twb> In particular, the server has different compile-time options for the kernel.
<Doorman352> OK, so if I wanted to setup and indefinite "sandbox" using desktop as long as I dont put out on the net I shouldn't expect any issues?
<twb> There is no reason you could not install either "flavour" and then turn it into the other flavour with a few well-placed aptitude calls.
<Doorman352> I didn't find a comparison between the kernals, etc... just trying to get experience playing with it and breaking it...
<Doorman352> and of course fixing it..
<twb> There is a package that will deliberately break your system in different ways so that you can try finding and fixing the problem
<twb> I can't remember the package's name...
<Doorman352> I've lost most of my command line skills, been a long time since DOS, and unfortunately Ive become a visual person so its easier for me to navigate with the gui.......
<ScottK> twb: In Karmic the i386 kernel is no longer different.
<twb> ScottK: no -server variant?
<Doorman352> Not sure I really need help breaking it....seem to have that down. :)
<ScottK> Not on i386
<ScottK> You get pushed to generic on upgrade
<Doorman352> I settled on 9.04 server for now.....
<twb> ScottK: what was the rationale?  Simply that there were no options that needed to be different?
<ScottK> Dunno
<Doorman352> Cool, I have 3 elderly servers dedicated to my "learning" LINUX so I'll just load desktop for now and see what I can do...... anything toward my final goal of not having Microsoft servers anymore...
<twb> I'm amazed that anyone ever had a Microsoft server.
<twb> Xenix, maybe, or TS as a thin client-type arrangement...
<twb> Doorman352: note that headless servers can still display GUI apps on remote Unix systems, because X11 is network-transparent
<twb> Doorman352: so even if you need a GUI, you don't need to install Xorg on your server -- just the X apps you need.
<twb> However #ubuntu-server (unsurprisingly) encourages people to learn to administer servers from the command line.
<ScottK> Doorman352: If it's just for play/learning you won't notice the difference between the generic and server kernels.
<twb> Is there a channel for libvirt/virt-manager?
<twb> Never mind.  I was gonna ask if it would supported LXC, but apparently it already does: "libvirt supports: Xen, QEMU, KVM, LXC, OpenVZ, User Mode Linux, VirtualBox, VMware ESX and GSX" (http://libvirt.org/)
<mdeslaur> anyone see zul? he's MIA...
<ScottK> Oh my, Canadians lost in Texas....
<mdeslaur> ScottK: I don't think he made it to TX...
<ScottK> Oh.
 * ScottK is still on the plane ride there.
<mdeslaur> ScottK: you have irc on the plane??
<ScottK> mdeslaur: Yes.  It was a pleasant suprise.
<mdeslaur> wow, cool!
<ScottK> More fun than a movie and about the same price.
<ajmitch> more useful, too
<twb> They didn't confiscate all your worldly possessions before allowing you to fly?
<ScottK> Nope.
<ScottK> This is a domestic flight for me.
<twb> I thought .us did that even for domestic flights
<ScottK> Not quite as much.
<twb> Also, doesn't .us have a decent rail network?  Or is that only set up for freight, rather than passengers?
<ScottK> Depends on where you are.
<ScottK> Up and down the east and parts of the west coast, it's great.
<twb> The Europeans seem to take trains everywhere.
<ScottK> Well the US is big.
<ScottK> If I was going to take the train, I'd have had to leave yesterday or maybe Friday
<twb> Fair enough
<ScottK> I did take the train to UDS Boston.
<twb> Apparently .us is 9,826,675 km^2 and .au (where I am) is 7,617,930 km^2.
<twb> But our rail infrastructure is abysmal, I think mainly because by the time whitey turned up here, the automobile was in vogue.
<ScottK> I doubt cross country train trips are popular in .au either
<twb> ScottK: well, nobody wants to go to the west coast of .au in the first place ;-)
<ajmitch> probably because there's not really a lot there to see
<twb> strip mines
<ScottK> Well when I was in the Navy, I always heard Perth was a great liberty port.
<ScottK> Never made it there though
<twb> ScottK: what does "liberty" mean in this context?
<ScottK> Time to shut down for landing.  See you all later.
<ScottK> twb: Pulling into port and having a break from being at sea.
<ajmitch> one of the running jokes for LCA is the proposal to have LCA in broome
<ScottK> It was mostly single guys that highly approved of it for some reason.
<Blank__> Hi, I've just upgraded my server to karmic and there appears to have been an issue with md... it drops to a busybox shell after claiming that /dev/md0 doesn't exist
<Blank__> i've managed to enable /dev/md0 by running mdadm --assemble --scan, however i can't run update-initramfs as suggested in this bug: https://bugs.launchpad.net/ubuntu/+bug/128313
<uvirtbot> Launchpad bug 128313 in ubuntu "/dev/md0 does not exist. Dropping to a shell." [Undecided,Invalid]
<Blank__> The only way I can see of solving it is by booting from cd, which will be irritating for me... perhaps i should stop whinging and just get to it and see what happens
<Blank__> i've tried running update-initramfs -k all -c -t
<Blank__> it rebuilds them all, but still no change; my server's not a happy koala
<twb> Blank__: why doesn't update-initramfs -u -k all work?
<twb> Blank__: do you get any output from that command?  If so, please pastebin it.
<pmatulis> Blank__: what kind of machine is this?
<Blank__> twb: i can only run update-initramfs from the livecd in recovery mode
<soren> kirkland: pong
<Blank__> it has no problem building them
<Blank__> pmatulis, it's just a celeron 2.4ghz...
<pmatulis> Blank__: any onboard raid?
<pmatulis> Blank__: sounds like there may be some fakeraid there
<Blank__> this has only happened with the new kernel, if i attempt booting with 2.6.28-11 there's a lot of broken stuff but md0 works
<Blank__> yeah it's software raid, pmatulis
<pmatulis> Blank__: but is there any fakeraid onboard?
<Blank__> i fear the array isn't being assembled with the new (karmic) kernel
<Blank__> nope, it's entirely software based
<twb> software raid isn't fakeraid
<pmatulis> Blank__: yes or no, is there a fakeraid chip on your motherboard?
<Blank__> pmatulis, no
<twb> software raid is md raid.  fakeraid happens beneath md's visibility, but it uses the CPU instead of a co-processor to perform the RAID operations.
<pmatulis> Blank__: ok then
<Blank__> to tell the truth it's a raid1 array of two 40GB IDE drives x_x
<pmatulis> Blank__: b/c i had a very similar problem and it was b/c some previous fakeraid config was on the drives, karmic seemed to take offense or get confused
<twb> It would be unusual to find a modern motherboard *without* a sata fakeraid controller on it, but you can usually disable that controller in the BIOS and set it to "just a bunch of disks, please".
<Blank__> i'm wondering if purging mdadm and reinstalling it would work
<twb> Blank__: very unlikely
<Blank__> twb, this motherboard is probably from about 2004, and lacks any SATA whatsoever
<twb> Blank__: if mdadm -A --scan works, and /etc/mdadm.conf contains reasonable entries for all your md devices, then rebuilding the initramfs should be sufficient to make it work again.
<twb> Blank__: that is, unless you have fucked with the default settings -- for example, telling mdadm to only assemble what it needs, rather than all devices it can find.
<Blank__> i don't understand why it works fine with my old jaunty kernel but not with karmic's stock kernel
<Blank__> nah twb, running mdadm --assemble --scan works fine
<pmatulis> Blank__: when you installed did you get prompted something like "raid detected, do you want to activate these devcies"?
<Blank__> and i haven't touched the mdadm settings
<twb> Blank__: you may also wish to piss about in /etc/fstab in case it has changed from UUID to LABEL or to a device file.
<pmatulis> Blank__: actually, scratch that, you said this was an upgrade
<Blank__> i upgraded from jaunty to karmic without the cd, and it never made any mention of raid detection, pmatulis
<Blank__> yeah
<Blank__> i'll have a look in fstab, twb
<Blank__> err, what's the command to list UUIDs, again?
<twb> vol_id or ls /dev/disk/by-uuid -l
<Blank__> can't see anything wrong with fstab, twb
<Blank__> besides, if it works alright with the old kernel, surely there must be something specific to the new one that's screwing up
<twb> Blank__: sorry, so it all still works with the old kernel?
<twb> Blank__: this is news to me: I thought *all* your kernels were screwed
<Blank__> i can basically boot into the old kernel, however due to broken dependencies i can't really do anything, plus /dev/md0 is claiming it's read only
<twb> Blank__: maybe your problem is simply that your array is degraded?
<Blank__> with 2.6.31-whatever it is, it gets up to mounting the root folder, then waits for a while, then drops to busybox claiming /dev/md0 doesn't exist, and it's right, ls /dev/md* says not found
<twb> Blank__: add bootdegraded=yes to your boot prompt
<Blank__> ok, hang on
<twb> Also check /proc/mdstat and /var/log/* when you are dumped into the busybox
<Blank__> twb, add it to the kernel arguments?
<twb> Yes
<Blank__> hasn't changed
<Blank__> cat /proc/mdstat shows no unused devices
<Blank__> lemme check logs
<Blank__> ah... there's no log folder
<Blank__> presumably because rootfs is mounted to /
<uvirtbot> New bug: #483381 in samba (main) "package samba-common 2:3.4.0-3ubuntu5.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/483381
<Blank__> twb, i've just realised the new kernel shipped with karmic is a -generic instead of -server?!
<Blank__> seems the box didn't upgrade correctly, i've just run apt-get dist-upgrade and its come up with 158MB worth of packages
<pmatulis> Blank__: were you using a 32bit kernel in jaunty?
<twb> 11:34 <ScottK> twb: In Karmic the i386 kernel is no longer different.
<twb> (afk again)
<pmatulis> right, there is no 32bit server kernel in karmic
<Blank__> yeah
<Blank__> well it's all working now
<Blank__> after running dist-upgrade and sorting out a few more dependencies, the generic-pae kernel is working for me
<Blank__> although it's hardly ideal considering i've only got 768MB ram on that machine, it'll do
<xperia2> hello to all ! i am searching information how to configure bind9 on my ubuntu server with options like this "allow-recursion" "allow-query"  "allow-cache-query"
<xperia2> till yet i have used in my router configuration the opendns servers for webbrowsing but some experts told me by reconfigure my bind9 server i dont need anymore the opendns server or even my isp dns servers.
<xperia2> It is called somehow recursive querys i believe.
<xperia2> What i dont want for sure is some bind9 cashing dns server that still depend on my isp dns server or only a dns server that can handle two domains and forward then the rest to the isp dns server!
<xperia2> Can bind9 really be used as a replacement for the isp dns servers or even the open dns servers ?
<Guest57963> xperia2: Yes, it really can.
<jmarsden> xperia2: Yes, bind9 will work as a real DNS server, not just a caching one, if you ask it to.
<xperia2> woow. i am searchin since yesterday for information how to achieve this but cant find anything that point me in this direction
<xperia2> the wikipage of ubuntu dont has also anything in this direction https://help.ubuntu.com/community/BIND9ServerHowto
<xperia2> do you know some howtos about this ?
<jmarsden> Not really, I just have been using bind for DNS since about 1994 :)  What problem are you having with it?
<xperia2> i need it to configure it :-) at the moment it works great to resolve my domains
<xperia2> as a authoritive dns server
<jmarsden> OK.  Maybe if you pastebin your current named.conf I can see what is missing?
<xperia2> okay give me just a moment
<xperia2> jmarsden: http://paste-bin.com/view/bf0c8463
<jmarsden> Looks fine.  Lines 11 to 15 should be allowing it to resolve other domains also.
<jmarsden> If you do    dig @1.2.3.4  yahoo.com    # where 1.2.3.4 is your server's Ip address... what happens?
<xperia2> hmmm but when i ssh to the ubuntu server and execute there this here "dig @192.168.1.90 yahoo.com" i get
<xperia2> $ dig @192.168.1.90 yahoo.com
<xperia2> ; <<>> DiG 9.5.0-P2 <<>> @192.168.1.90 yahoo.com
<xperia2> ; (1 server found)
<xperia2> ;; global options:  printcmd
<xperia2> ;; connection timed out; no servers could be reached
<xperia2> 192.168.1.90 is the local ip of my ubuntu server
<xperia2> should i use the static wan ip number instead ?
<jmarsden> OK... your server is not really listening on 192.168.1.90 perhaps?  On the server itself (once SSHed to it and at a shell prompt) using its local IP should be fine.
<jmarsden> Does   dig @192.168.1.90 yourdomain.com      work fine?
<jmarsden> where yourdomain.com is whatever your domain name that it is supposed to be authoritative for is.
<xperia2> strange if i do this here "dig @80.254.182.249 yahoo.com" it works !
<xperia2> 80.254.182.249 is my static ip adress to the server
<jmarsden> OK... now you need to describe your network configuratioj a little, this sounds more like a network issue than a DNS server config issue at this point.
<jmarsden> What does    ifconfig eth0 |grep "inet addr"     return when run on the server?
<xperia2> jmarsden: yes resolving my domain name on my server with "dig @192.168.1.90 wificom.ch" works !
<xperia2> only all other domains dont work !
<xperia2> ifconfig eth0 |grep "inet addr"
<xperia2>           inet addr:192.168.1.90  Bcast:192.168.1.255  Mask:255.255.255.0
<jmarsden> OK... maybe it *is* a DNS config thing.  Can you pastebin me your named.conf.local and named.conf.options files, please?
<xperia2> why can i resolve my own domain with dig @192.168.1.90 wificom.ch but other domains like google.com dont work like this
<xperia2> dig @192.168.1.90 google.com
<xperia2> jmarsden: wait
<jmarsden> That's what we are trying to find out :)  Either the DNS server is configured not to recurse to look up other domains, or something is blocking the DNS traffic somewhere.
<xperia2> hmmm now it works for some reason but it take too long sometime !
<jmarsden> Can you pastebin me your named.conf.local and named.conf.options files, please?
<xperia2> jmarsden: it works allways on the second try. the first try fails !
<xperia2>  the second worksdig @192.168.1.90 nzz.ch
<xperia2> ; <<>> DiG 9.5.0-P2 <<>> @192.168.1.90 nzz.ch
<xperia2> ; (1 server found)
<xperia2> ;; global options:  printcmd
<xperia2> ;; connection timed out; no servers could be reached
<xperia2> the second try however works !
<xperia2>  dig @192.168.1.90 nzz.ch
<xperia2> ; <<>> DiG 9.5.0-P2 <<>> @192.168.1.90 nzz.ch
<xperia2> ; (1 server found)
<xperia2> so dig @192.168.1.90 yahoo.com and dig @192.168.1.90 google.com works now too !
<xperia2> jmarsden: give me just a moment
<xperia2> http://paste-bin.com/view/1651ba03
<jmarsden> The "second try" thing is a little odd... sounds like something is timing out, but the second time it uses locally cached results from the first try and so works... let me look...
<xperia2> http://paste-bin.com/view/fd3210f0
<uvirtbot> New bug: #483408 in samba (main) "package samba-common 2:3.4.0-3ubuntu5.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1.  Disconnected shared mouse/keyboard while updating.  Lost both. Update samba interupted." [Undecided,New] https://launchpad.net/bugs/483408
<xperia2> yeah it looks like a timing out problem
<jmarsden> xperia2: AHA!  you are forwarding via your ISPs DNS servers, it seems.  Comment out lines 15, 16 and 17 of the named.conf.options file, restart bind9, and retest.
<jmarsden> BTW, that isn't the Ubuntu default.. you must have edited that yourself, right?
<xperia2> jmarsden: yes i have edited it! btw. the ip number is the static ip number of my dns server
<xperia2> that is writen in the forward section
<jmarsden> xperia2: You are forwarding to yourself?  That's ... not a sane thing to do :)
<jmarsden> Anyway, just comment that out, restart bind9 and retest
<xperia2> yeah :-) okay will do that !
<uvirtbot> New bug: #483410 in drbd8 (universe) "package drbd8-source 2:8.3.3-0ubuntu1 failed to install/upgrade: " [Undecided,New] https://launchpad.net/bugs/483410
<xperia2> jmarsden: will reboot the bind9 server now
<jmarsden> Just restart bind9... no need to reboot the machine.
<xperia2> sudo ./bind9 restart
<xperia2> it takes heavy long till it stop the bind9 service
<xperia2> but now it restarted it !
<xperia2> sorry it needed to be sudo /etc/init.d/bind9 restart
<jmarsden> Maybe that "forward to itself" confused it? :)    Yes, that should be fine.
<jmarsden> Now dig @192.168.1.90 yahoo.com
<xperia2> yeahhh it works flawless ! woow
<jmarsden> So you broke it yourself by editing the named.conf.options file :)  Anyway, there you go, fixed now :)
<xperia2> awesome thanks for your expertise really !
<xperia2> that is pure joy ha ha ha !
<xperia2> need now to reconfigure my router to point to my lan dns server and i am independent !
<xperia2> yaaahhhhooo :-)
<jmarsden> :)
<twb> xperia2: independent, eh?  You're using mesh networking?
<xperia2> independent of my isp dns server or open dns server or other dns server
<xperia2> if i am not wrong all callups of my domains in the webbrowser will be not anymore sended to the isp dns server or other dns server instead it will be all handled in my lan network
<xperia2> this is ofcourse only right if i am working inside the lan
<xperia2> or better behind my router that point now to my local dns server
<xperia2> need to reboot see you all next time. thanks and bye !
<ksoviero> Is anyone on here a php developer?
<ksoviero> let me rephrase, does anyone on here know php well?  I have an idea for a project, but I want to know if it can be done using php?
<ksoviero> ok, anybody know of any php specific irc channels?
<majuk> Hey guys, can anyone tell me how to specify multiple forwarder DNS servers in /etc/bind/named.conf.options?
<cemc> majuk: forwarders { ip1; ip2; ipN; };
<majuk> cemc! Thanks man.
<majuk> Wasn't sure if it was separate lines or comma delimited.
<cemc> majuk: you can put them on separate lines, just make sure they end in ;
<majuk> cemc! Yea. I wish it wasn't so, my bind server isn't cooperating with me and I thought that had something to do with it, but I had done it correctly.
<majuk> So. Kittens.
<netritious> Hi, how do I find out the exact MB for partition / ?
<netritious> df -h returns 9.3 GB, but I need to know MB
<majuk> netritious! Next time, try the man page. df -B mb /
<netritious> majuk: ty..I did, but I didn't understand what B meant exactly
<majuk> netritious! If at first you don't succeed... ;) You're welcome, none the less.
<netritious> majuk: :D
<freeflying> hi guys
<freeflying> I'm using karmic to set up eucalyptus
<freeflying> after controller and node were installed, can't add node with ecua_conf
<freeflying> it show ssh public key missing
<freeflying> but actually, I can ssh login automatically with user eucalyptus
<freeflying> any hints dudes?
<simplexio> freeflying: not that i know, but sounds like you need to have computer public ssh key there, not users
<freeflying> simplexio: eucalyptus
<freeflying> simplexio: this user was created and ssh key was created eithere
<bigbrovar> .
<RoyK> ,
<zash> ;
<RoyK> :Ã¾
<incorrect> can anyone suggest a virtual host provider in japan?
<ghostlines> can virt-manager make snapshots of vm's too?
<chimp_> I'm trying to load balance accross adapters. I've looked at multiple solutions but none really fit. The spec is a program that will spit out http post commands containing ~50kb  which need to be sent round robin style. The program will be sending this to a seperate box so wont have access to the routing table itself
<chimp_> A few solutions i've looked at include providing internal ip addresses in the separate box that convert to the external ip address but each ip address maps to a seperate iface. This lacks elegance as it then hardcodes the box to a certain ip
<KurtKraut> chimp_, I belive many people will have a hard time to understand your scenario. If you receive very few proposals, I recommend you to try to draw this as an image scheme.
<chimp_> KurtKraut: Is there a website equivalent of pastebin that I could draw quickly in?
<KurtKraut> chimp_, I was thinking in something like http://live.gnome.org/Dia
<\sh> chimp_, load balancing accross adapters with different providers or one provider and loadbalancing a la portchannel? (or bond-mode 2)
<KurtKraut> chimp_, it is packaged for ubuntu.
<\sh> chimp_, something like this? http://www.sourcecode.de/content/network-setup-freaks-me-out
<chimp_> \sh: Different providers, bond mode would not work, and the issue is most things tend to have per packet load balancing, i need something per http post
<\sh> chimp_, ugh
<chimp_> I've already played around with bonding on same network stuff and it works great in a round robin style packet per device, but it fails if you want to send a whole request per device
<chimp_> \sh: Yup ugh indeed. Which is why i've started looking at 'bodging' it
<\sh> chimp_, ipvs a solution?
<chimp_> Not looked at ipvs yet, cheers for the name
<uvirtbot> New bug: #483577 in php5 (main) "ftruncate on a flock'ed file makes the php go crazy and create huge file (and use all disc space)" [Undecided,New] https://launchpad.net/bugs/483577
<acalvo> hi
<acalvo> is zend optimizer bundle with some php package?
<acalvo> or is separated to the zend-framework packages?
<\sh> acalvo, no zend-optimizer in ubuntu
<acalvo> so I'll install it by hand
<KiLVaiDeN> âª hello
<uvirtbot> New bug: #477148 in bind9 (main) "bind9 upgrade" [Low,Incomplete] https://launchpad.net/bugs/477148
<cruser126> U},H6qX_/Y5qTÂ 5P33T>yY1+F'yM-+S4qU2wb
<chimp_> I've tried to create a coherent thread on the forums explaining what I was talking about before: http://ubuntuforums.org/showthread.php?p=8327424#post8327424
<\sh> chimp_, can you put the png somewhere else? don't wanna create an forum account
<\sh> or use my lp account
<Fenix|work> Greetings and salutations.
<Fenix|work> Which syslog daemon does Intrepid use?
<foolano> chimp_: what about using iptables to mark each connection and send them to different routing tables?
<chimp_> \sh: Sure, but its a really pathetic image
<chimp_> foolano: I'm looking at doing that but how do I mark each connection such that i know each connection is a separate http post
<foolano> chimp_: if your client is not using some kind of keep-alive stuff to send packets through the same connection you could match NEW packets, I believe
<chimp_> http://82.29.106.44/load_balance.png
<chimp_> Unforunately it is using keep alive, but I could alter it not in order to make balancing work properly
<foolano> chimp_: i guess that without the keep alive thing you can easily tell apart new connections from established connections
<chimp_> foolano: I have no idea how to create a rule that would mark new connections to an iface
<chimp_> foolano: Such that it's round robin/balanced
<foolano> chimp_: have you ever done load balancing with iptables + iproute2?
<chimp_> Yes, but i've never given consideration to new connections
<chimp_> I'll need to read the docs some more :)
<foolano> chimp_: it's the same principle
<foolano> you just need to mark packets and send them through the table route you need
<foolano> route table*
<chimp_> foolano: Cheers, I'll start reading
<acalvo> does anyone uses cppunit + scons? I'm looking for a tutorial to start working with them
<baffle> Uhh, how is one supposed to configure multipathing i karmic? scsi_id in /lib/udev/ does not support the "-g -u -s" options like it used to?
<uvirtbot> New bug: #424653 in dbconfig-common (universe) "I cant desintall phpmyadmin completle the database" [Undecided,New] https://launchpad.net/bugs/424653
<Fenix|work> any Karmic rsyslogd 4 people available for a question?  I seem to be having problems with allowed hosts.  UDP syslog traffic from remote hosts are being discarded.  I have $AllowedSender UDP, 172.16.0.0/16 in my own conf file...
<Fenix|work> ... what could I be doing wrong?
<Fenix|work> (that conf file is in /etc/rsyslog.d/
<baffle> Found the solution: getuid_callout          "/lib/udev/scsi_id -g -u -ppre-spc3-83 -d /dev/%n"
<Fenix|work> Anyone with suggestions for rsyslog with $AllowedSender UDP, 172.16.0.0/16 but having UDP messages from disallowed host discarded messages show up in my syslog log?
<Fenix|work> hey zul
<RoAkSoAx> ttx, has the Cluster Stack session been scheduled?
<ttx> RoAkSoAx: yes, it should
<Digby> Hi, I have just installed Ubuntu Server for the first time. I have a 2 x Vista PCs and this Ubuntu Server using the same Billion BiPAC 7300GA router. All workstations can access the internet the 2 vista pcs can see each other BUT my Ubuntu Server is invisible to the PCs and Vice Versa. Also the router did not recognise the DHCP server of the router when I installed Ubuntu so I had to manually give it an IP address. Does anyone ha
<RoAkSoAx> ttx, It does not appear in the schedule though! Where can I find out when it is?
<ttx> RoAkSoAx: errr
<ttx> RoAkSoAx: it's not in the list of schedul-able sessions
<ttx> RoAkSoAx: let me see
<RoAkSoAx> ttx, ok :)
<ttx> RoAkSoAx: strange
<ttx> RoAkSoAx: it should be in the list, but it isn't
<RoAkSoAx> ttx, that's weird
<RoAkSoAx> :S
<ttx> RoAkSoAx: will you be in the first server track session ? We can ask about it
<RoAkSoAx> ttx, the puppet =etckeeper integration session?
<ttx> yes
<RoAkSoAx> ttx, yeah will be there
<ttx> ok
<uvirtbot> New bug: #483634 in eucalyptus (main) "master can't receive info from node" [Undecided,New] https://launchpad.net/bugs/483634
<Digby> quit
<kane[uds]> morning
<uvirtbot> New bug: #483657 in dhcp3 (main) "interface-mtu kills my network connection" [Undecided,New] https://launchpad.net/bugs/483657
<\sh> bug #483657 sounds more like a misconfiguration of provider regarding interface-mtu
<uvirtbot> Launchpad bug 483657 in dhcp3 "interface-mtu kills my network connection" [Undecided,New] https://launchpad.net/bugs/483657
<ScottK> ttx: I'd like to get https://blueprints.launchpad.net/ubuntu/+spec/server-lucid-more-mail-integration scheduled.  m!dz said you were the one to talk to.
<ttx> ScottK: A track lead must first "approve" it for UDS-L.
<ttx> ScottK: then it's in the scheduling system and I can help you
<ScottK> mdz:  ^^^ Would you please approve?
<mdz> ScottK, accepted, and added ttx to the list of people who can do that now
<ScottK> mdz: Thanks.
<ttx> ScottK: looking into it now
<eix> with the 2.6.27-15 kernel update my server is no more booting, I get a file not found error. I have digged the problem and by specifying the correct path (it needed /boot before the kernel and initrd filenames) i get an initramfs because of partition not found (it is specified with uuid). then I  specified root=auto and I got an /init syntax error at line 190 or something like that (with...
<eix> ...kernel panic). will the 8.10 rescue disk fix this issue? please help me :(
<eix> *initramfs prompt
<ttx> ScottK: it's not available for schedule in the summit system yet. I propose Wed 17:00.
<eix> any ideas?
<zoopster> eix: you can boot the 8.10 disk, mount the filesystem, and fix it, but the question is why did this happen? The update "SHOULD" not have fubar'd your installation
<eix> zoopster: I have no idea why this happened..
<zoopster> eix: so I suspect you have other issues - you cannot boot an older kernel?
<eix> zoopster: the older -14 kernel says the same init syntax error
<eix> zoopster: what could cause such init error? perhaps root=auto is failing to identify a root partition?
<eix> zoopster: or perhaps an hard disk failure of the root partition?
<eix> the server has a SATA disk and an IDE disk, boot partition is on the IDE disk while root partition is on the SATA disk
<eix> however this has always worked in previous updates
<eix> and I am sure no human intervention was done
<zoopster> eix: not sure what is on line 190, but root=auto does not sound right - that should point to where the the kernel is found
<eix> zoopster: yes but I read somewhere that it was supported
<zoopster> eix: great, but if line 190 is that line and you get a syntax error then it's incorrect - I have never seen it listed that way...I have always seen root=(hd0,0) or something similar
<zoopster> eix: sorry...that's root (hd0,0) no equals sign...my mistake
<eix> zoopster: mistake: I am talking about the root kernel parameter
<eix> zoopster: not the GRUB one
<eix> zoopster: the default is kernel /boot/vmlinuz-2.6.27-15-server root=uuid=... etc
<eix> zoopster: and it always worked
<eix> zoopster: but now I had to specify root=auto because the uuid is not recognized (it fails saying that time has elapsed and root device did not connect)
<eix> zoopster: and because I don't recall the partition, so I thought auto would work
<eix> root partition should be /dev/hda3 or /dev/sda3, but given that it changed so much over time..I typed auto
<eix> (recent kernels should use /dev/sda3 if I recall correctly, however if it fails at seeing the uuid it is probably because that partition is somewhat broken)
<eix> just to spice up things the BIOS cannot boot any USB stick, and RIP linux cds (both grub legacy and grub2) and system rescue cds don't boot
<eix> the only booting CD is an ubuntu 2 cd
<eix> now I am asking to try an ubuntu 8.10 cd
<zoopster> eix: why not just run update-grub and see if that detects and fixes your menu.lst
<eix> run update-grub from what?
<baffle> Is there any documentation on setting up CLVM/clustering on Karmic? Should I use corosync? Is dlm in use? Does anyone really use clustering? :-)
<zoopster> eix: cli
<eix> zoopster: i cannot boot anything on this machine because cdroms dont work and USB sticks do neither
<zoopster> eix: so you cannot even get to grub to manually run commands?
<eix> yes I can get to grub
<eix> ah you mean update-grub from grub command line?
<eix> I'll give that a try in 10 minutes
<zoopster> eix: so if your menu is hoarked but the kernel/initrd is good then just manually boot it and fix the menu
<eix> zoopster: how can I if I get the init error?
<zoopster> eix: once booted run update-grub to fix it for good
<eix> zoopster: i can't because i get kernel panic (see my first post)
<zoopster> eix: ok, my bad, I was making assumptions based on the information provided
<eix> zoopster: ok - np
<zoopster> eix: sounds like 1) you cannot boot from an alternative method and 2) you cannot boot what exists on your machine so you are pretty much hoarked.
<eix> yes..
<eix> i will have to ask to put the hard disk on another machine
<ttx> ScottK, mdz: done. It is not appearing in the server track color, but otherwise it's alright
<eix> somebody here?
<eix> zoopster?
<eix> I am now booting with root=/dev/sda3 and I get:
<eix> mounting /root/dev on /dev/.static/dev failed - no such file or directory
<eix> mounting sys on /root/sys failed - no such file or directory
<eix> these two very nice errors..
<eix> and also:
<eix> mounting /proc on /root/proc - no such file or directory
<eix> maybe it's not /dev/sda3 and it is /dev/hda3 or something?
<zoopster> eix: could be any partition...depends on how you set it up
<eix> zoopster: yes but who recalls
<eix> zoopster: I found (thanks to the tab autocompletion key) that my root partition is (hd1,0)
<eix> shall I use /dev/sda1 or /dev/sdb1 ?
<eix> I mean for the kernel root= parameter
<eix> with /dev/sda1 it is miserably failing with same errors
<eix> I'll now try with /dev/sdb1
<eix> is it possible that it wants me to use /dev/hda1?
<Tohuw> regex question: I have a directory with files similar to this: foo, bar, foobar.old.1234, bar.old.1234, foobar.1234. I want to mv only the files containing "old". What's the proper expression?
<zoopster> eix: hd1,0 is the 2nd disk, first partition
<eix> zoopster: yep
<eix> sdb1 worked
<zoopster> eix: ok good
<eix> zoopster: but I'll create a "live partition" for troubles like this
<Tohuw> nvm, resolved: *.old.* is the pattern most specific to what I want
<eix> oh sh*t. what is this error 15?
<eix> i got it after using grub-install
<soren> zul: https://bugs.edge.launchpad.net/ubuntu/+source/bridge-utils/+bug/483161
<uvirtbot> Launchpad bug 483161 in bridge-utils "package bridge-utils  not installed  failed to install/upgrade: Ð¿Ð¾Ð´Ð¿ÑÐ¾ÑÐµÑÑ ÑÑÑÐ°Ð½Ð¾Ð²Ð»ÐµÐ½ ÑÑÐµÐ½Ð°ÑÐ¸Ð¹ post-installation Ð²Ð¾Ð·Ð²ÑÐ°ÑÐ¸Ð» ÐºÐ¾Ð´ Ð¾ÑÐ¸Ð±ÐºÐ¸ 1" [Undecided,Invalid]
<soren> zul: Clearly, /something/ is wrong.
<soren> zul: It may not be bridge-utils, but just invalidating it will remove it from everyone's radar, and it'll never get fixed.
<soren> zul: Perhaps you should open a debconf task instead.
<zul> soren: done
<soren> zul: ta
<addisonj> okay, running into an odd problem, connecting from OSX to a server, and trying to get X to forward, it works from other computers, but not from this OSX box
<addisonj> something to do with display issues that i don't understand?
<addisonj> this is the error i get "nodename nor servname provided, or not known"
<addisonj> /tmp/launch-jtkBSZ/: unknown host. (nodename nor servname provided, or not known)
<addisonj> SLAM-GUI.py: cannot connect to X server localhost:11.0
<KiLVaiDeN> hello guys, I've followed the ubuntu server installation guide, everything works fine exept that i can't access to my smtp from an outside network ( from localhost i can send email through it ), any suggestions ? what should I check ? I installed bind, postfix, dovecot
<lamont> KiLVaiDeN: does netstat -an | grep LISTEN show something listening on port 25
<KiLVaiDeN> lamont, yes : tcp6       0      0 :::25                   :::*                    LISTEN
<lamont> it's quite possible that your ISP is blocking port 25..
<lamont> can you connect to that IP from inside your network?
<lamont> that is, from some other host ther?
<KiLVaiDeN> it's my own box, there is no firewall yet installed on it to block ports
<KiLVaiDeN> somehow u are right though : with telnet on port 25 from outside i can't access, but from localhost on the machine it works properly
<KiLVaiDeN> though it can't be the isp since i'm the owned of the machine and i configured it just now
<lamont> port 25 is frequently blocked by ISPs.  most notably inbound to port 25
<KiLVaiDeN> where can i change the listenning port for the smtp ?
<KiLVaiDeN> ok i found it i'm going to test
<KiLVaiDeN> it works, you were right lamont thank you :) i thought that since it's my box i could configure any port i wanted...
<KiLVaiDeN> well i can but isp seems to block it :/
<KiLVaiDeN> now i'm on my way for spf configuration...... do you have a good tutorial for that, according to bind, postfix and dovecot ?
<KiLVaiDeN> found it too : https://help.ubuntu.com/community/Postfix/SPF
<KiLVaiDeN> thank lamont :)
<stefg> Hi, i have a hotswap harddisk here that (stupidly) gets assigned /dev/sda although it's SATA Port (as seen by the BIOS) is #5. Writing a udev rule isn't a good solution, because it's not always the same disk which gets plugged in by that hotswap frame.  If i plug it in after boot it gets assigned sde (which is quite logical) but if it's plugged in at boot time it gets /dev/sda. Having...
<stefg> ...googled for some time now i'm out of ideas how to prevent /any/ disk in that hotswap frame from ever becoming /dev/sda?
<stefg> bte that'S jaunty
<Fenix|work> Greetings and salutations
<Fenix|work> does /etc/rsyslog.d/50-default.conf get overwritten with updates, or is this file pretty much static?
<Fenix|work> Any rsyslog implementers here for karmic?  I'm wondering what RSYSLOG_TraditionalFileFormat is
<metalf8801> Does anyone know anything about WMS (warehouse management systems)? I would like to set up for a class I'm taking but I'm not sure if there is any free WMS  or a demo that I can set up myself I've taken a look at MyWMS but I'm not sure how to even install it
<ricdanger> hi there
<metalf8801> hi
<billybigrigger> anyone here use wireshark? apparently i have no interfaces i can capture on
<billybigrigger> i'm trying to do a filter on port 443 to see if my ssl tunnel for my newsgroup is working
<ricdanger> billybigrigger: sudo?
<ricdanger> zOMFG! 9.10 boots really really fast !
<erik78se1> Can anyone tell me how to boot ubuntu in "interactive" mode, so that I get to choose which services that are started ? RedHat has the "Press I" thingy...
<ricdanger> erik78se1: just setup the services with update-rc.d
<erik78se1> But the problem is that my server goes into a error-state at boot time, after some services are started. I want to skip those.
<ricdanger> select the recovery option on grub
<erik78se1> ricdanger: tried that. No difference
<ricdanger> what are the services?
<erik78se1> winbind
<erik78se1> I susspenct.
<erik78se1> suspect
<ricdanger> are you sure they boot on recovery mode?
<erik78se1> Well, I'm not sure that winbind is the problem. But if I could boot the services one at the time, I will find out which service causes this error.
<ricdanger> AFAIK, there is no way other than booting from the CD
<ricdanger> or recovery mode
<erik78se1> ok
<ksoviero> Do you think it would be use full to have a "server-restricted-extras" package in the repos?  For things like zip, unzip, etc...
<uvirtbot> New bug: #483897 in munin (universe) "Wrong STACK check with custom colors" [Undecided,New] https://launchpad.net/bugs/483897
<jakobks> ls: error while loading shared libraries: librt.so.1: cannot open shared object file: No such file or directory
<jakobks> howto fix it, anyone can help me?
<zash> jakobks: http://packages.ubuntu.com/search?searchon=contents&keywords=librt.so.1&mode=exactfilename&suite=karmic&arch=any
<zash> jakobks: broken libc?
<jakobks> ingen ide, det totalt underligt
<jakobks> den skriver fejlen nÃ¥r jeg laver en site command til ftp serveren i mit ubuntu
#ubuntu-server 2009-11-17
<jakobks> sorry
<jakobks> its verly fucked, its says that error when i try to make a site command to my ftp server
<uvirtbot> New bug: #483907 in samba (main) "package samba-common-bin 2:3.4.0-3ubuntu5.1 failed to install/upgrade: problemas de dependÃªncia - deixando desconfigurado" [Undecided,New] https://launchpad.net/bugs/483907
<xperia> hello people. this question is maybe asked allready a few times but why i cant create a mysql table with this command here
<xperia> "sudo mysqladmin -uroot create gallery2
<xperia> mysqladmin: connect to server at 'localhost' failed
<xperia> error: 'Access denied for user 'root'@'localhost' (using password: NO)'
<xperia> do i need really to setup first a password for mysql before i can use it ?
<xperia> hmmm i catn even setup the password for the user root !
<xperia> mysqladmin -u root password ********
<xperia> mysqladmin: connect to server at 'localhost' failed
<xperia> error: 'Access denied for user 'root'@'localhost' (using password: NO)'
<zash> duno about mysqlamin, but you run `mysql -u root -p******`
<qman__> xperia, you set the root password when you install mysql
<zroysch> hello
<zroysch> i'm trying to install rubyripper on ubuntu server. its giving me an error when i try and configure without gtk
<zroysch> http://pastebin.ca/1674233
<xperia> qman: till yet i didnt used mysql nor i touched it !
<zroysch> since i dont have a gui
<xperia> so the password was not set til yet !
<qman__> xperia, it's part of the install process, when you install mysql, it asks you to put in a password
<qman__> that is the mysql root password
<xperia> hmmmm in this case i cant remember it anymore
<qman__> xperia, a 'sudo dpkg-reconfigure mysql-server' should do it, I think
<xperia> ahh okay will try !
<xperia> qman_: for some reason "sudo dpkg-reconfigure mysql-server" wont work !
<qman__> zroysch, I don't know enough about that package, but it looks to me like you need another option to disable the GTK part
<qman__> xperia, try 'sudo dpkg-reconfigure mysql-server-5.0'
<qman__> xperia, if that doesn't work, this is the manual way: http://ubuntu.flowconsult.at/en/mysql-set-change-reset-root-password/
<xperia> qman_: that works great ! was able to change my lost password !
<zroysch> qman__: yea i tried using ./configure --disable-gtk2 --enable-cli
<zroysch> seem to get the exact same result
<uvirtbot> New bug: #483928 in openssh (main) "ssh-keyscan(1) exits prematurely on some non-fatal errors" [Undecided,New] https://launchpad.net/bugs/483928
<uvirtbot> New bug: #484004 in vsftpd (main) "package vsftpd 2.2.0-1ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/484004
<sqrrl> I've got a question. I'm trying to setup a virtualhost. Everything appears to be setup correctly but something isn't working properly. When I try to view my domain through a browser it timesout. When I run dig from my home computer everything appears to be setup properly. Anyone have any clue what might be going on here?
<sqrrl> I'm not much of a server admin
<macrocosm> Is it logical to use ubuntus built in virtualization in the Amazon cloud?  I'm thinking id like to separate my database and mail servers from my main web server.  I will have a large instance with a high availability setup so I don't see any reason why resources would be a problem.
<macrocosm> Im thinking it may save me some money over creating separate instances for each?
<macrocosm> Seems to make sense to me but I was wondering if there were any big reasons not to that I have missed in my research.
<billybigrigger> anyone here familiar with creating certificates?
<twb> !anyone
<ubottu> A large amount of the first questions asked in this channel start with "Does anyone/anybody..."  Why not ask your next question (the real one) and find out?
<billybigrigger> i'm trying to follow the server guide, and trying to create a non-passphrase key for my internet deamons, apache, postfix, etc
<twb> billybigrigger: go on
<billybigrigger> well i can't seem to create a key without a passphrase
<billybigrigger> i could sit here and hit enter all night when it asks for one
<twb> Don't you just hit Return?
<billybigrigger> ya, and then it asks for a passphrase again
<billybigrigger> and again...
<billybigrigger> and again...
<billybigrigger> you get the idea :P
<twb> I haven't made an ssl keypair in a while, but I thought it was just like making a passphraseless ssh keypair.
<jmarsden> billybigrigger: I just followed the instructions for creating a self-signed cert in https://help.ubuntu.com/9.04/serverguide/C/certificates-and-security.html and they worked fine here.
<jmarsden> billybigrigger: Note that those instructions *do* need to you use a real passphrase at some points in the process, even to create an insecure key.
<dayo> in /etc/dhcp3/dhcpd.conf can next-server be the IP of the local machine, if that's where tftp is going to be installed?
<_ruben> dayo: cant think of a reason why it wouldnt work .. unless "local machine" is the client in this context ;)
<dayo> _ruben: no, local is not the client. it's the dhcp server for a subnet
<GammelSokk> mine \ NoPE
<maxagaz> how to run an application on a distant machine from ssh ?
<maxagaz> an application like firefox
<maxagaz> i need to run it so that it appears on the remote computer's screen
<zash> maxagaz: ssh -X firefox --something
<zash> maxagaz: ssh remotehost -X firefox --something
<maxagaz> --something ?
<zash> maxagaz: i remember something about firefox needing some option or it will start a local instance somehow
<maxagaz> --display=DISPLAY ?
<maxagaz> but how to list the display i can use ?
<zash> no, that's automagicaly handled by ssh
<zash> with a env var
<maxagaz> I tried to ssh on the machine and then "firefox --display :0.0", but it doesn't work
<zash> maxagaz: firefox "does some funky x11 signaling to maintain one instance" according to google
<maxagaz> there's no instance of firefox on my machine
<zash> ssh -N -X remotehost firefox -no-remote
<zash> try that
<zash> or
<zash> skip -N
<zash> -N = don't execute remote command ...
<zash> was confusing stuff with setting upp ssh-proxies
<maxagaz> it doesn't work
<maxagaz> let's try with gcalctool
<maxagaz> how to run it on the display of the distant machine ?
<zash> wait
<zash> hm
<zash> ssh remotehost
<zash> DISPLAY=:0.0 someprogram
<zash> if you want to run on that computers host
<zash> i thougt you wanted x11-forwarding to your local screen
<maxagaz> i tried this: DISPLAY=:0.0 gcalctool
<maxagaz> but it didn't work
<maxagaz> it didn't appear on the remote computer's screen
<zash> can you run echo $DISPLAY in a terminal directly on the remote?
<maxagaz> zash, nothing is echoed
<zash> as in
<zash> not over ssh
<zash> but can you ssh -X remote gcalctool
<maxagaz> yes I can
<zash> is it the same user that owns the x session on remote?
<RoyK> yes
<maxagaz> yes
<alvin> If you want DISPLAY=... to work, you need to run X without '-nolisten tcp' (default settings)
<acalvo> anyone using gnawrl?
<majuk> Hey guys, I'm really sucking wind trying to set up my bind server. digs on the domain result in SERVFAIL, so clearly something in my zone config is incorrect. Here it is. Feel free to mock me. http://dpaste.org/VKZn/
<Jeeves_>  // in a bind zone?
<Jeeves_> Comments start with ;
<acalvo> majuk: there is an utility to check the zones
<acalvo> can't remember the name now
<acalvo> but google probably will
<Jeeves_>  /var/log/daemon.log is usually filled with debugging too
<_ruben> soa looks incomplete as well
<_ruben> not sure if that matters tho
<Jeeves_> _ruben: No
<Jeeves_> I mean. Why?
<Jeeves_> :)
<_ruben> wouldnt know how pedantic bind/dns is about (certain) records :)
<majuk> Jeeves_! You nailed it, bind was complaining about one of my comments. gg checking the correct logs.
<_ruben> but daemon.log would be my first bet as well
<majuk> Nov 17 05:45:39 tlpserv named[2285]: /etc/bind/zones/thelearningpad.com.db:1: unknown RR type 'replace'
<majuk> ><
<majuk> _ruben! ...and now it's complaining that my SOA record is incomplete. lol
<majuk> Jeeves_! _ruben! Thanks for the guiding, I'm making some headway on this thing now. Really appreciate it.
<Jeeves_> yw
 * zash still unshure if high or low swappiness is best for a server with 192M ram
<alvin> Will there be an ubuntu-server 9.10.1 ?
<KurtKraut> alvin, no. Why do you expect that?
<alvin> Well, most bugs I encountered with this release are related to booting. so, I expected a new version.
<alvin> Also JeOS (linux-virtual) is missing modules and there are still boot problems. A fresh cd with most of these things fixed would be a relief.
<_ruben> network boot/install ftw
<alvin> Never tried it, except in Debian (long time ago). Does it use NFS? Because NFS  in Karmic is just a horrible experience.
<_ruben> i use pxe + local http mirror for installations
<alvin> Sometimes I wonder wether Windows file sharing (samba) is getting more attention than NFS.
<alvin> ah, http
<alvin> network install would fix some things, but I'm especially annoyed at bug #461133, bug #351307 and bug #446031
<uvirtbot> Launchpad bug 461133 in mountall "karmic: nfs shares are not mounted at boot" [Medium,Incomplete] https://launchpad.net/bugs/461133
<uvirtbot> Launchpad bug 351307 in libvirt "Libvirt NFS mount on boot." [Low,Incomplete] https://launchpad.net/bugs/351307
<uvirtbot> Launchpad bug 446031 in ifupdown "statically configured network interface does not come up at boot" [High,Confirmed] https://launchpad.net/bugs/446031
<alvin> The current cd also suffers from bug #462961. I do all installs with separate /boot, so the result of fresh installs wasn't nice...
<uvirtbot> Launchpad bug 462961 in grub2 "auto-resize install renders previous system with separate /boot unbootable" [Medium,Fix released] https://launchpad.net/bugs/462961
<\sh> alvin, did you check the fix in bug #446031
<uvirtbot> Launchpad bug 446031 in ifupdown "statically configured network interface does not come up at boot" [High,Confirmed] https://launchpad.net/bugs/446031
<\sh> alvin, or if you can not build your own ifupdown package, try this: http://www.sourcecode.de/content/fun-upstart
<alvin> \sh: Not yet. The machines suffering from this are currently used in production. I can probably free another machine and test.
<alvin> \sh: I switched them to DHCP for the time being.
<alvin> \sh: Thanks for the link. I'll try it that way.
<\sh> alvin, it could be, that you encounter other problems during bootime, because of time some upstart timing problems
<\sh> alvin, if so please file bugs and fill it with as much info as you can without disclosing some company secrets :)
<alvin> \sh: Oh, I already did. I'm not sure about bug #351307. The bug was reported before karmic, but I'm only experiencing it after the upgrade to karmic. (probably) due to timing problems, libvirt does not succeed in mounting netfs storage pools, so virtual machines fail to start. I also noticed this weekend that it was no longer possible to use NFS for storing qcow2 images, but I didn't check that on another setup.
<uvirtbot> Launchpad bug 351307 in libvirt "Libvirt NFS mount on boot." [Low,Incomplete] https://launchpad.net/bugs/351307
<alvin> (I'm glad we don't have a lot of company secrets, except for some perl scripts. We use ubuntu for XDMCP and reading and writing huge amounts of xml files. At least the karmic kvm servers no longer crash when a guest was doing that (best burn-in test ever). But now there are those NFS problems.)
<heath|work> what is the command to view a partitions UUID?
<alvin> ...and the test succeeds. (virtual Jaunty on NFS share. Works on Jaunty kvm and on Karmic kvm. The image was raw.)
<alvin> heath@work: blkid
<heath|work> thanks
<heath|work> alvin: we run all of our virts on NFS
<alvin> heath|work: Do you use raw images or qcow2?
<heath|work> ah qcow2
<alvin> No, that's good to know. Here (@work) the test succeeds, but at home, I have a similar setup and it didn't work. As soon as I copy the qcow2 image to the NFS share, I can no longer boot. Do you use nfs4? Is it an Ubuntu server?
<heath|work> it is an ubuntu jaunty server with nfs4
<alvin> Good, similar to what I use at home. Weird. I wonder how to debug something like that. There are no errors. It just stops after checking the disk.
<heath|work> the virt stops?
<alvin> I see nothing more in the console. Just the first disk checks.
<heath|work> What does your exports file look like?
<alvin> After that, all is idle. I copied the image back (created it locally too, because the installer couldn't create partitions) and everything works. Have to use it locally now.
<alvin> /srv/libvirt    192.168.1.0/24(rw,async,no_subtree_check)
<alvin> at work (where it works) it's actually zfs on solaris that does the sharing. That line is where it doesn't work. idmap etc,.. is ok though.
<heath|work> what is your kvm machine? Is that ubuntu as well?
<alvin> Yes, karmic
<heath|work> I'm logging in to double check my exports
<alvin> As storage pool, I used 'directory', because netfs doesn't work. (libvirt can't mount nfs at boot) But that probably doesn't make any difference. libvirt also does not use nfs4, but nfs3.
<heath|work> alvin: I have: /mnt/systems	192.168.1.0/24(rw,sync,no_subtree_check,no_root_squash)
<alvin> heath|work: Well, I'll adapt my system and do some tests now. Let's see if that works.
<heath|work> alvin: for the mount in /etc/fstab: 192.168.1.240:/mnt/systems /mnt/systems nfs rw,hard,intr 0 0
<heath|work> alvin: I have also been experimenting with dropping the network to see how the virts will handle the loss. So far it's transparent. They just keep running on the virt server and when the connection comes back up they are good to go. I haven't experienced any data corruption or anything yet.
<heath|work> I was looking into glusterFS and may start to migrate over to it in the future for redundency
<alvin> heath|work: I did that once by accident... Was very surprised to see that it actually worked.
<alvin> heath|work: My collegue does not believe in automatic failover and such :-) We use 2 servers and mirror the images weekly. They don't change much. All data is on a SAN  (ZFS +NFS) that is mirrored too. The images on NFS are for testing only.
<alvin> So far, I did not succeed in live migration too. There is some documentation missing about that.
<heath|work> alvin: me neither
<heath|work> I have the same computers with the same share and same bridge setup... still no idce
<heath|work> dice **
<alvin> heath|work: Thanks for the tips, but I used them all (sync, no_root_sqauash, other fstab options) to no avail. There was a difference when trying nfs instead of nfs4. On nfs4, the network of the virtual guest can start (I can ping it. No ssh) Using nfs, that didn't even work.
<alvin> There is something weird here. I'm going to search for some documentation about kvm on nfs. Maybe there is a method to see what is actually happening during boot.
<heath|work> alvin: sorry it's being such a pain. Are you using a gigabit?
<alvin> heath|work: Thank you, but I can live with locally shared storage there. It's only a home server. At work it works. I only want to find out why. I'm using gigabit. I will now convert the qcow2 image to raw to see if the result is different.
<alvin> (The image contains my kolab mailserver, so having it on my RAID5 fileserver would of course be nicer than on a local disk.)
<alecmuffett> Hi All.  Question: is it possible to host a repository on an (essentially) static website, eg: by creating all the files and directories and rsync-ing it an actual webserver on the Net?  All the "create a repository" documentation I have seen talks about installing CGI and poking Apache, which I would love to do but my hosting provider makes hard.
<alvin> omg! I found it. kvm is running as libvirtd, and the GID of libvirtd does not exists on the NFS server...
<alvin> So, another problem arises. The server has the group 'lpadmin' with GID 109, and the client has GID 109 for libvirtd. How does one solve things like that? (without LDAP or Kerberos) Just a nudge in the right direction is good for me.
<foolano> is there any system rescue cd based on ubuntu like systemrescuecd?
<mushroomblue> has anyone ever successfully connected an Ubuntu machine to an OS X 10.6 server running OpenDirectory?
<heath|work> alvin: you are running ldap at home and your gids are conflicting?
<alvin> heath|work: I'm not using ldap. Just system users and groups, and the gids are conflicting.
<alvin> heath|work: In the future, I want to use ldap
<alvin> Now, I see that the lpadmin group has no files on disk, so it's probably easiest to just change the gid and create a libvirtd group with the same gid as on the client.
<heath|work> oh... lp sorry, my eyes are playing with me
<heath|work> that's your cups group
<alvin> yes
<heath|work> I don't think it would be a problem to change it.
<Fenix|work> Greetings and salutations!
<alvin> Greetings too :-)
<Fenix|work> Can anyone tell me how to avoid log duplication with rsyslog on karmic?  I've configured rsyslog as a central logging server and get both remote and local logs in /var/log and in the location I set up for remote logs.
<alvin> Well heath|work, thanks for all the assistance. I changed the lpadmin group and added libvirtd. Works flawlessly.
<alvin> Meanwhile, I found out why live migration does not work: it's probably bug #462000
<uvirtbot> Launchpad bug 462000 in libvirt "apparmor disallows qemu+tcp:// connections" [Low,Fix committed] https://launchpad.net/bugs/462000
<orudie> whats a good way to set up FTP for one of my customers ?
<heath|work> bah... appamor at it again
<Fenix|work> Would it be considered a 'bug' that rsyslog is configured to log to /dev/xconsole when X isn't installed by default on ubuntu server?
<heath|work> orudie: https://help.ubuntu.com/9.10/serverguide/C/ftp-server.html
<heath|work> alvin: glad that fixed it
<heath|work> damn gid's
<Fenix|work> heath|work, you running karmic server?
<alvin> yes, I want to use LDAP, but I hate to learn it first.
<heath|work> I'm probably running at least one of each since hardy
<Fenix|work> alvin, that's half the fun...
<Fenix|work> heath|work, you have an untouched copy of /etc/rsyslog.conf ?
<heath|work> alvin: virtualmin is a good start. It will get you up and running then you can learn the commands
<heath|work> it requires hardy though
<alvin> Fenix|work: Certainly! But I will not do this on servers I need on a daily basis.
<Fenix|work> I've modded the crap out of mine to get dynamic directory creation working, and I didn't think to make a copy of the base.  I'd like to file some rsyslog 'bugs'
<alvin> I can run a virtual hardy :-)
<heath|work> Fenix|work: I'll paste my desktop one if that's ok
<Fenix|work> heath|work, that would be fantastic.
<Fenix|work> before I file these bugs, could I run them by the channel to ask for bug-worthiness?  If they fail the sniff test here, I won't post 'em on launchpad
<heath|work> Fenix|work: http://ubuntu.pastebin.com/d5fc303a7
<alvin> virtualmin looks like a big system
<heath|work> alvin: it is, but one thing they have right: You can still manually config all the files and it will just read them
<heath|work> most of those systems use custom crap, virtualmin uses the actual system files
<heath|work> It's great... I love it
<Fenix|work> heath|work, fantastic, thanks.
<alvin> heath|work: Now, THAT is a good feature! I'm often wary about such tools for that reason
<Fenix|work> would you guys consider a it a bug that rsyslog on server wants to log to /dev/xconsole out of the box?
<heath|work> Fenix|work: np
<Fenix|work> (considering that X is required to use xconsole)
<heath|work> lol... Fenix|work that does sound strange
<Fenix|work> ok, just checking my sanity
<Fenix|work> the other bug I'm going to file has to do with file/directory ownership and permissions.  The base rsyslog config doesn't allow for the creation of dynamic directories because the perms are a little messed up
<uvirtbot> New bug: #483110 in samba (main) "package samba-common 2:3.4.0-3ubuntu5.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,Won't fix] https://launchpad.net/bugs/483110
<alvin> Fenix|work: Good luck with filing the bugs. I will profit from that in the near future :-) (rsyslog is on the menu). I'm going home now.
<Fenix|work> alvin, thanks
<Mosx> hi I've configured ssl for apache - but where do i put content ? - there is a public_html folder - do I need to create private_html as well ?
<ivoks> private web pages are in ~/public_html
<ivoks> generaly, apache looks in /var/www/
<Mosx> I mean ssl , rather than user location
<Mosx> apache is looking in /var/www/
<Mosx> I'm using virtual hosts - so I have aDovumentRoot /srv/www/sitename/public_html/
<Reepicheep> Mosx: generally https and http web content are handled the same by the server ..  you can put the content where ever you like.. just make sure that the virtualhost in your instance points at the correct "DocumentRoot"
<Mosx> oh, I see I need <VirtualHost 192.168.1.2:443>
<Reepicheep> "public_html" is not related to whether it is server over SSL or not .. it's just a directory
<Reepicheep> yeah.. that's it..  443 = https = SSL
<Mosx> sure, ok, so I have two entries in the VirtualHost file for each site...
<Mosx> if I make the Document root the same then presumably the site can be viewed either over ssl or plain http ??
<Reepicheep> yeah.. that's how that works
<Mosx> ok, so if i do that....and then I also want to secure another certain directory for the same site... ?
<Mosx> you follow ?
<Reepicheep> Mosx: basicly everything with in one virtualhost (SSL or not) needs to be with in one "DocumentRoot" ..
<Reepicheep> you can use Aliases to link to other directories from within one virtualhost though
<Mosx> ah...ok, I don't know about them
<lezz> anyone have experience getting exim running on ubuntu on ec2?
<Mosx> ok, I don't get it, over http i see my content, over https i get sent to the 'It works!'
<Mosx> I've used the same DocumentRoot setting in each virtual host
<Reepicheep> lezz: what is your exim issue?  it probably doesn't matter that it is on ec2 or not
<moparisthebest> I'm having a problem with dnsmasq
<moparisthebest> I specify addresses like this, for example:
<moparisthebest> address=/mediacenter/192.168.1.20
<moparisthebest> but a lookup for 'mediacenter' fails, where a lookup for 'mediacenter.' succeeds
<SockPants> hey all
<diffra> Hello
<SockPants> i'm wondering what's the easiest way to transfer files to and from a ubuntu server running in virtualbox with only the command line
<diffra> scp
<diffra> easy + secure!
<SockPants> is it on by default?
<diffra> scp /path/to/localfile user@remotehost:/remote/path/
<diffra> you have to enable ssh on the remote host
<SockPants> if i installed openssh is it enabled on ubuntu server?
<SockPants> it seems to be
<SockPants> lets see
<SockPants> it says permission denied on the local file
<SockPants> nvm, it was the remote path that was bad
<SockPants> i think it works :D
<SockPants> this is great
<SockPants> and scp is installed by default on mac os x afaik, because it works
<rcaskey> hey all, should I bridge from wmaster0 -> eth0 or wlan0-> eth0? I'm having trouble finding info on wmaster0
<uvirtbot> New bug: #290680 in kvm (universe) "Partial display corruption when booting intrepid amd64 dvd iso in kvm" [Low,Fix released] https://launchpad.net/bugs/290680
<uvirtbot> New bug: #360825 in kvm (universe) "kvm 0.84 doesn't create three drives in the guest" [Medium,Fix released] https://launchpad.net/bugs/360825
<ppine> Hello, is just installed ubuntu server (karmic) with only ssh, what is the best way now to start setting up an email server ?
<epinky> ppine: decide which MTA you want to setup?
<jfluhmann> ppine, you might also check out -  mail-server from tasksel.  You could do an apt-get install mail-server^ -s to see what it would install
<jfluhmann> ppine, http://www.ubuntu.com/products/whatisubuntu/serveredition/features/mailserver
<Bookman> Why would my password all of a sudden not be accepted by my smtp server?  It works just fine on their web based interface so I know their servers are working fine.
<Daviey> nxvl: i stab you.
<jpds> Daviey: ...
<Daviey> that was supposed to be a pm
<diffra> smtp auth is probably misconfigured, bookman
<diffra> they probably allow from the webmail servers regardless of password
<diffra> which is why that works
<jpds> Daviey: Well, we know not to mess with you: http://tinyurl.com/yaxzazj
<Daviey> heh
<uvirtbot> New bug: #484458 in excalibur-logkit (main) "excalibur-logkit shouldn't build-depend on libjboss-j2ee-java" [Medium,Triaged] https://launchpad.net/bugs/484458
<davidboy1> How would I set up a cron job to run at a specific time?
<kane_> davidboy1: google's your friend here: http://clickmojo.com/code/cron-tutorial.html
<davidboy1> kane_: Thanks
<twisted_steel> is there any way to determine the default list of packages that are supposed to be pulled in during a ubuntu server install?
<twisted_steel> the main reason I was asking was to see if openoffice is supposed to be installed by default
<twisted_steel> could someone check on their system? I'm trying to determine if this is by design or a problem with the netboot installer setup
<zul> open office is not installed by default on ubuntu-server
<Infomomo> hey guys, having trouble changing resolution on ubuntu-server 9.10
<twisted_steel> weird ... it was pulled in on mine along with X, Java, etc
<Infomomo> anyone has the tutorial
<twisted_steel> maybe I screwed up the netboot install, though there didn't seem to be too many options to deviate
<Infomomo> twisted_steel: ok
<twisted_steel> Infomomo: sorry, I wasn't referring to your issue
<Infomomo> twisted_steel: ok bro
<Bo7> Do I need a firewall?
<smcquay> good evening. I'm trying to stand up and connect to a Eucalyptus VM. It stands up, but denies my public key. Things are rather vanilla on my setup, but I've set up ssh keys for root between the CC and NC. Could this have gotten in the way of things?
#ubuntu-server 2009-11-18
<Bo7> nvm Q. gsh
<uvirtbot> New bug: #484562 in libvirt (main) "apparmor prevents libvirt-vnc certificate from being read" [Undecided,New] https://launchpad.net/bugs/484562
<ejat> hi
<ejat> error: failed to connect to the hypervisor
<ejat> in hardy
<ejat> i enabled the backport
<Doorman352> Anybody use Kaspersky Enterprise?
<twb> Doorman352: isn't that a Windows thing?
<twb> !anybody
<ubottu> A large amount of the first questions asked in this channel start with "Does anyone/anybody..."  Why not ask your next question (the real one) and find out?
<Doorman352> Kaspersky is for everyone, since Im adding Ubuntu servers I wanted to know if anyone has used it on linux.
<uvirtbot> New bug: #484594 in mysql-dfsg-5.0 (main) "mysql not woking" [Undecided,New] https://launchpad.net/bugs/484594
<twb> Since I don't have any Windows desktops, I don't bother with virus scanning.
<twb> See also: http://linuxmafia.com/~rick/faq/index.php?page=virus
<twb> I have seen widespread use of clamav for when you are providing, say, a Unix fileserver to a bunch of Windows desktops.
<twb> For security of the server itself, you want to look at "intrusion detection" systems, rather than virus scanners.
<Doorman352> Kaspersky runs on windows, Linux, etc so I figured I use it.
<Bo7> Hi everyone!
<ejat> virtual machine not booting from cdrom / iso ..
<ejat> anyone can help me ?
<ejat> the console came up .. but didnt booting the cdrom / iso
<twb> ejat: what virtualization technology?
<ejat> kvm
<twb> Don't you just pass -boot d ?
<ejat> im using the virtual machine manager
<twb> I'm not familiar with virt-manager, sorry
<twb> AFAIK the backend needs you to specify what to boot from BEFORE starting the VM
<twb> And it defaults to the hard disks
<ejat> ic
<ball> I'm struggling to find the .torrent file for Ubuntu Server (amd64, iso)
<ball> Aha!  Found it.
<ball> Completely not where it should have been though.
<Bo7> So I was reading about UncomplicatedFirewall and got a bit confused about this: http://paste.ubuntu.com/321252
<Bo7> you guys know which page is correct, or if I got it wrong?
<twb> Bo7: I can't answer your question, but I can teach you how to find out
<twb> Bo7: first, put your ufw config back to however you found it.
<twb> Bo7: then, run "iptables-save" and pastebin the output
<billybigrigger> can someone help me out with mx records?
<bogeyd6> yes billybigrigger
<bogeyd6> !ask | billybigrigger
<ubottu> billybigrigger: Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-)
<billybigrigger> ok, last time i setup my mailserver all the mail was to thefrozencanuck.ca, and this was my MX record
<Bo7> twb, oh the firewall works allright for me,  I was just curious about what the default state of ufw was, the documentation says different things.
<billybigrigger> now i want to be able to setup my mail clients to point to mail.thefrozencanuck.ca, and not the "sally" i had setup as a hostname
<bogeyd6> so you are looking for
<billybigrigger> so do i create a new AHOST for mail.thefrozencanuck.ca
<billybigrigger> and then just make my MX record for mail.thefrozencanuck.ca?
<bogeyd6> you create an A record for the mail.thefrozencanuk.co and the MX record changes to mail.thefrozencanuck.ca
<billybigrigger> right on
<bogeyd6> mail.thefrozencanuk.ca A ip.addy
<bogeyd6> heh
<bogeyd6> mail.thefrozencanuk.ca.
<bogeyd6> thefrozencanuk.ca. IN MX 10 mail.thefrozencanuk.ca
<bogeyd6> replace 10 with whatever priority system you want to use
<bogeyd6> i keep forgettting to type the trailing .
<billybigrigger> ok, now how do i confirm this is all setup?
<billybigrigger> i need to use the dig command or something here?
<bogeyd6> billybigrigger give it like 10 minutes and then check www.nwtools.com
<bogeyd6> billybigrigger or http://www.mxtoolbox.com/
<bogeyd6> billybigrigger you can also use "host -t MX thefrozencanuck.ca
<billybigrigger> billybigrigger@cabo:/etc/default$ host -t MX thefrozencanuck.ca
<billybigrigger> thefrozencanuck.ca mail is handled by 10 mail.thefrozencanuck.ca.
<billybigrigger> :)
<bogeyd6> :PPPP
<bogeyd6> billybigrigger im just saying that you should also set an A record for just plain old thefrozencanuck.ca
<billybigrigger> i have one
<billybigrigger> Host  	Points To  	TTL  	Actions
<billybigrigger> 	@ 	68.146.139.247 	1/2 Hour
<billybigrigger> @ = thefrozencanuck.ca
<billybigrigger> quick poll, what do you prefer Maildir or mbox?
<billybigrigger> i have always setup Maildir, not too familiar with mbox, and was going to try it on this setup
<billybigrigger> should i try out mbox or stick with Maildir?
<billybigrigger> bogeyd6, ?
<bogeyd6> billybigrigger i have no preference
<bogeyd6> ive had a few scotches so im in and out
<billybigrigger> of conciousness?
<bogeyd6> !dovecot | billybigrigger
<ubottu> billybigrigger: IMAP and POP are protocols for fetching email. The officially-supported server in Ubuntu is Dovecot (packages "dovecot-imapd" for IMAP, and "dovecot-pop3d" for POP) - See also !MailServer for information on the SMTP protocol
<billybigrigger> yeah i have postfix and dovecot installed
<billybigrigger> but obviously not configured
<bogeyd6> i prefer using ZCS personally, i dont use dovecot, but dovecot is the official maildir package in ubuntu server
<billybigrigger> jesus i hate evolution
<bogeyd6> oh im watching Lock n Load with r leee ermey :)
<billybigrigger> lock n load
<billybigrigger> don't think i've seen it
<bogeyd6> if you like military stuff it is highly recommended
<billybigrigger> oh yeah
<billybigrigger> who's in it?
<bogeyd6> r lee ermey
<billybigrigger> what year did it come out? 1990?
<bogeyd6> 2009
<bogeyd6> tv series
<billybigrigger> oh its a tv series
<bogeyd6> all of your stuff resolves but your www, blog, and smtp isnt responding
<billybigrigger> smtp is handled by my ispo
<billybigrigger> isp
<billybigrigger> have to use shawmail.cg.shawcable.net as a relay for my outgoing mail
<billybigrigger> isp blocks port 25 on me :(
<bogeyd6> ok cool
<billybigrigger> www. and blog. don't respond?
<billybigrigger> oh
<billybigrigger> duh, haha have not setup apache yet
<bogeyd6> :P
<billybigrigger> i have a full complete server setup, mail/ftp/web/mysql all that jazz already
<billybigrigger> but its on a 40GB virtual hard disk
<bogeyd6> time to put some work in
<billybigrigger> so i decided i'd start fresh and do it on a dynamic hdd
<billybigrigger> im bored and have nothing to do for a few days :) so i don't mind starting over
<bogeyd6> i prefer to use VMware to run any server
<billybigrigger> whats the difference between vmware or vbox?
<bogeyd6> hosted on a san
<billybigrigger> thought they were both pretty much the same
<bogeyd6> stability and compatibility. vmware being the superior, vbox being simpler
<twb> billybigrigger: a few letters
<twb> Ubuntu recommends KVM for full virtualization.
<bogeyd6> !kvm | billybigrigger
<ubottu> billybigrigger: kvm is the preferred virtualization approach in Ubuntu. For more information see https://help.ubuntu.com/community/KVM
<twb> Thaks.
<bogeyd6> :)
<twb> (Gah!  More coffee!)
<bogeyd6> i still like vmware
<twb> I have had countless bad experiences with VMware, and VMware 2's move of putting everything inside tomcat didn't impress me favourably.
<twb> I daresay VMware is more attractive if you're running Windows guests in a Windows host.
<twb> Likewise I suspect both VMware and Virtualbox are more attractive if you're wanting to run virtual machines on your overspecced laptop (rather than on a server in the rack), and you want AIGLX and USB and such to work.
<billybigrigger> hmm hmm
<billybigrigger> can't connect to mail.thefrozencanuck.ca
<twb> As for me, qemu's features like -kernel/-initrd/-append and its raster-less tty emulation (i.e. -curses or PTYs) are killer features.
<billybigrigger> in either thunderbird or evo...
<twb> billybigrigger: you should try netcat/socat first, since that'll tell you if there's anything there at all.
<billybigrigger> nmap shows 143 and 993 are open, and router is routing 143 and 993 to 192.168.1.111 which is correct....
<twb> "nc mail.thefrozencanuck.ca submission" or whatever
<billybigrigger> billybigrigger@cabo:/etc/default$ nc mail.thefrozencanuck.ca submission
<billybigrigger> mail.thefrozencanuck.ca [68.146.139.247] 587 (submission) : Connection refused
<twb> billybigrigger: I'm assuming you're actualy using submission for SMTP/SSL
<twb> You seem to be talking about imap2 and imaps
 * billybigrigger needs to look over postfix config
<billybigrigger> setup postfix last night and dovecot today...so its not too fresh in my memory
<billybigrigger> i haven't done anything for smtp
<twb> billybigrigger: so you'd change "submission" to "imaps" or "993" then
<twb> Not that it matters, since you indicated that nmap can see them.
<uvirtbot> New bug: #484621 in samba (main) "The Samba 'panic action' script, /usr/share/samba/panic-action, was called for PID 5886 (/usr/sbin/smbd)" [Undecided,New] https://launchpad.net/bugs/484621
<ESEDU> How do I know is dns server working properly, or are my configurations right
<ESEDU> How do I know that DNS is working properly
<_ruben> uhh .. you ask the dns server a question and see if you get the right result?
<_ruben> and "working properly" is about as vague as it can get
<GammalSokk> mine \ NoPE
<twb> _ruben: "how many roads must a man walk down?"
<ESEDU> _ruben: I configured in named.conf zone for our school network "ele.local" and made a zone file "db.ele". Now what should some up anywhere to make me sure that I have actually configured a master server for the network "ele.local"
<ESEDU> some=come
<ESEDU> _ruben: its my thesis see, and i have to proof that I have now done a mster server for ele.local, so how do i know, i think ive done all the work, but wheres the trophy
<ESEDU> u no
<_ruben> ESEDU: assuming you have added some (bogus) records (for example: bogus.ele.local) to the db.ele zonefile and the ip address of the nameserver is 1.2.3.4, do: host bogus.ele.local. 1.2.3.4
<ESEDU> _ruben: and what should I see
<_ruben> the ip address you specified in the zonefile
<ESEDU> _ruben: the address for the NS record?
<ESEDU> in the zone file
<_ruben> ESEDU: do you know how dns works?
<ESEDU> somewhat
<_ruben> lets start by putting your named.conf and db.ele on a pastebin
<ESEDU> now pastebins are a totally diffrent thing
<ESEDU> never heard
<_ruben> !pastebin
<ubottu> pastebin is a service to post multiple-lined texts so you don't flood the channel. Ubuntu pastebin is at  http://paste.ubuntu.com | To post !screenshots use http://tinyurl.com/imagebin | !pastebinit to paste directly from  command line | Make sure you give us the URL for your paste - see also the channel topic
<ESEDU> u want me to give pictures
<ESEDU> im so confused!
<_ruben> forget about the screenshot part, the important part was: "pastebin is a service to post multiple-lined texts so you don't flood the channel. Ubuntu pastebin is at  http://paste.ubuntu.com" ... you copy/paste the contents of a file to that site so others can see/read it
<ESEDU> _ruben: ok i put part of named.conf there.
<alvin_> ESEDU: I'm no expert on DNS, but I've configured some easy servers (dnsmasq). Just a warning because you are using ele.local. The .local extension is used by Avahi! (http://avahi.org/wiki/AvahiAndUnicastDotLocal)
<alvin> This can screw domain lookups if you are using avahi
<ESEDU> _ruben: did u check out the pastebin
<_ruben> ESEDU: no, because you didnt give us the url of your post
<atomic_1> you need to paste named.conf.local & named.conf.options too
<atomic_1> in whole
<ESEDU> _ruben:http://paste.ubuntu.com/321349/
<atomic_1> can't really see just from a named.conf snippet
<xperia2> hello to all. i have a litlle a non specific ubuntu server question. need to register a .com domain name. can anybody say me what is the best registerer for that ? who has good experience with .com domains. thanks in advance for reply
<ESEDU>  atomic_1: see whay
<ESEDU> t
<xperia2> ESEDU: i see that you have a bind9 specific question. what exectly do you want to have ?
<atomic_1> you can also try #bind, but those guys are brutal :)
<xperia2> yes i can confirm it :-)
<ESEDU> xperia2: A master server for ele.local network
<ESEDU> _ruben: http://paste.ubuntu.com/321357/
<_ruben> snippet looks ok, your choice of filenames is uhm.. odd
<_ruben> zonefile looks ok too
<_ruben> host server.ele.local. 1.2.3.4 should return 10.130.140.241 (assuming your dns server is 1.2.3.4)
<_ruben> on the box itself you could use 127.0.0.1
<tangentcollision> how would I get php with my apache installation?
<twb> tangentcollision: install it
<tangentcollision> well, of course, how did I not see the blatantly obvious before?
<tangentcollision> what package would I have to install
<tangentcollision> that's more of what I was asking
<tangentcollision> twb: if you answer that question, I'll forgive you for being a jackass
<twb> I don't remember offhand.
<xperia2> tangentcollision: in the wiki page of ubuntu is all described https://help.ubuntu.com/9.10/serverguide/C/php5.html
<twb> apt-cache search apache.*php
<twb> That finds libapache2-mod-php5
<xperia2> https://help.ubuntu.com/9.10/serverguide/C/index.html
<tangentcollision> you are quite forgiven good (sir/madame)
<tangentcollision> oh crap, I forgot, ubuntu upgraded in the past year, hasn't it
<tangentcollision> apt-get upgrade
<tangentcollision> oops
<_ruben> ubuntu "upgrades" twice a year
<ESEDU> _ruben: http://paste.ubuntu.com/321371/
<tangentcollision> I forget this
<tangentcollision> anyways, I'm going to upgrade, good evening to all
<Montjoie> hello i have a karmic server which has many udev --daemon and /lib/udev/watershed sh -c /sbin/lvm vgscan; /sbin/lvm vgchange -a y that appears
<Montjoie> i saw similar bugs in bugzilla but there are too old for be for karmic
<Montjoie> any idea ?
<ESEDU> http://paste.ubuntu.com/321371/
<ESEDU> does that look right?
<ESEDU> for a reverse zone file
<_ruben> yup
<ESEDU> _ruben: how do I know that they work for sure then?
<atomic_1> ESEDU: you can use the rndc command, check syslog
<atomic_1> and dig offcourse
<atomic_1> i like to setup separate log channels for query and named
<atomic_1> you can do this by using logging in named.conf
<atomic_1> keeps things clean
<atomic_1> to test, add some entries by hand in the zones, reload them
<atomic_1> and check forward and reverse lookup from another machine
<Montjoie> i solved my problem with a dpkg-reconfigure udev, thanks for your help
<eason> Hi all, could some gurus give me tips about setting PXE installer server for Ubuntu 9.10 desktop?
<_ruben> eason: got any more specific questions? been a while since i set up my pxe environment (only using it for servers install currently though)
<ESEDU> atomi c_1: ok, hypothetically lets say ive done this, now how am i reassured?
<tangentcollision> odd, I didn't need to restart my server after apt-get upgrade
<tangentcollision> is that normal?
<eason> Ruben: I have installed Dhcp, tftp, Nfs, apache on server side,  and copied linux kernel and initrd in tftpboot. Client can boot from lan to choose install menu. But client is not able to install Ubuntu desktop from lan
<_ruben> tangentcollision: yes, as only kernel upgrades require reboots generally
<eason> in client side, it always yield that can't find mirro
<ESEDU> _ruben: would it make any difference that the network allready has a main server
<_ruben> eason: (where) do you specify the mirror?
<eason> How can I configure to use my web server as mirro?
<_ruben> by selecting it during the installation process?
<_ruben> bbiab .. lunchtime
<eason> Can I set it in preseed file as I hope it can be installed automatically?
<X-Seti> hello
<X-Seti> I have an odd problem, but i am sure you have heard this before, I have had my server attached all this week, I have ubuntu-server 9.10
<X-Seti> attacked.. oops
<X-Seti> I am not sure how there doing, it besides the box shutting down, or totally locking up
<X-Seti> reading on google, i get the idea that its the ftp server their going after.
<alvin> X-Seti: So, the attack was successful?
<X-Seti> yeah, 3 times now, same time every day
<X-Seti> i only noticed this today
<alvin> What ftp server are you using?
<X-Seti> proftpd
<alvin> Is it anonymous?
<X-Seti> no, just normal user and passworded accounts
<X-Seti> i took off anon stuff
<alvin> Are they doing a dictionary attack? (guessing passwords)
<alvin> If not, it must be a vulnerability. Also, ftp passwords are easy to sniff.
<X-Seti> not sure, i have bounce attacked in the logs, and what ever server is running, like they scanned anything that is running and tried their luck
<X-Seti> well i cant really shut down the ftp server, change the passwords, they came onto the ircd i have running on there, and tried to send me a file too, which suggested that ftp wasnt all that successful
<alvin> Automated attacks are normal. (This pc is currently under attack (ssh). The cracker tries to guess the password for 'root')
<X-Seti> killing the server is a first, crashing it and making it usless till i reboot is another
<alvin> That's weird, yes.
<X-Seti> i use modified hardware, i wanted to go the eco way, the box itself uses 70watt, total
<alvin> Im must admit that I'm not familiar with proftpd.
<alvin> atom?
<_ruben> eason: yeah, mirror can be preseeded just fine
<X-Seti> old modded laptop with everything removed, even the screen
<X-Seti> i took the motherboard out and put it in a desktop case.
<X-Seti> i removed everything that used power, added more usb ports for the back of the case, and its but fine for 6 years now
<X-Seti> till now
<alvin> X-Seti: Now, that is a cool idea :-)
<X-Seti> saved me alot of money hosting sites
<eason> ruben: could you tell what is directory structure of mirror server?
<X-Seti> i noticed that ubuntu 9.10 is heavier, 8.04 wasnt so resource depanding..
<_ruben> eason: you shouldnt have to worry about that, assuming you're using a "supported" method of creating a local mirror, im using debmirror myself currently, but i might just switch to a full rsync someday
<eason> as installer always yield can't find mirror, maybe some thing wrong in my mirror server
<_ruben> eason: check your access logs to see what its failing on
<eason> I just copied Ubuntu desktop cd into web directory
<alvin> X-Seti: My slowest machine currently running karmic server is an atom. No speed problems, except when you use Qemu (no VT, so that's entirely normal)
<alvin> But back to your crashes. I have no idea. Did you check /var/log/auth.log
<X-Seti> i run 2 apache servers, tomcat, ircd (custom unrealircd), proftpd, sshd, gother and thats it
<X-Seti> i never got email to work
<X-Seti> but then, when i had email running on my older server (Amiga4000t) all i got was spam)
<alvin> That's not only ftp. Do you know how they got in?
<X-Seti> not sure, i could install firestarter
<alvin> !firestarter
<ubottu> Ubuntu, like any other linux  distribution, has firewall capabilities built-in. The firewall is managed using the 'ufw' command (see https://help.ubuntu.com/community/Uncomplicated_Firewall_ufw), or 'iptables' (https://help.ubuntu.com/community/IptablesHowTo). GUI applications such as Firestarter/Gufw (Gnome) or Guarddog (KDE) also exist
<X-Seti> if these unknowns happen, does ubuntu log them anywhere
<_ruben> eason: ah, that probably wouldnt work indeed, not sure how/if a cd can be turned into a webmirror
<alvin> Hmm, that's a gui application. No need to install X. The damage is already done, so I would check existing logs
<alvin> Yes, /var/log/auth.log is for security
<X-Seti> i do have gnome running on there, i was working on porting an old amiga app to ubunut
<X-Seti> lets have a look at that
<X-Seti> holly hell
<X-Seti> i have a dir full of stuff
<alvin> Your log dir? Or do you mean a rather large auth.log?
<X-Seti> the log dir is packed, but i am looking at auth.log now
<X-Seti> same ip has been hammering root for days
<X-Seti> none stop, even now
<eason> Ruben: could you show me the directory structure of your mirror?
<X-Seti> pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=2031691$
<X-Seti> Nov 15 07:55:19 events sshd[15070]: Failed password for invalid user tester from 203.169.139.171 port 52470 ssh2
<X-Seti> thats weird
<X-Seti> i have a 1gig log file
<alvin> X-Seti: block it :-) I actually don't know how to do that. I'll look it up. If I'm not mistaken, there is a script for ssh to do stuff like that automatically.
<alvin> lol, maybe the log file crashed your server? :-) Is the disk full?
<X-Seti> checking
<X-Seti> now i have a 1tb drive on there
<X-Seti> it would be hard to full that :)
<X-Seti> from what i can see, that got password the router firewall
<X-Seti> there port scanning everything beyond that, hitting the server i had and this comp
<alvin> A short search tells me to use /etc/hosts.deny if you want to manually block ip ranges
<X-Seti> looking at all the ip addresses, thats alot of blocking
<alvin> In my experience, a default ubuntu (without firewall) doesn't crash under those circumstances. (ssh active)
<X-Seti> ive never had any problems till, now, panic when my server crashed, i couldnt log in or connect to any services
<dei> My Server is not available via the Internet at its Hostname, NS1.LOYALRELIABLE.COM
<dei> It is available by IP
<dei> ; <<>> DiG 9.6.1-P1 <<>> @173.11.38.195 any loyalreliable.com
<dei> ;; ANSWER SECTION:
<dei> loyalreliable.com.      86400   IN      MX      10 mail.loyalreliable.com.
<dei> loyalreliable.com.      86400   IN      SOA     ns1.loyalreliable.com. loyalreliable.com. 0 10800 3600 604800 3600
<dei> loyalreliable.com.      86400   IN      A       173.11.38.195
<dei> loyalreliable.com.      86400   IN      NS      ns1.loyalreliable.com.
<dei> loyalreliable.com.      86400   IN      NS      ns5.loyalreliable.com.
<dei> ;; ADDITIONAL SECTION:
<dei> ns1.loyalreliable.com.  86400   IN      A       173.11.38.195
<dei> mail.loyalreliable.com. 86400   IN      A       173.11.38.196
<dei> ;; SERVER: 173.11.38.195#53(173.11.38.195)
<_ruben> http://paste.ubuntu.com/321462/
<X-Seti> 5 days worth, 5 ips
<X-Seti> so it started 5 days ago
<dei> hm?
<dei> 5 days worth?
<X-Seti> someone is hacking my server
<dei> oh
<_ruben> fail2ban is nice 'n simple method to "protect" yourself again bruteforce attacks (non-distributed ones)
<eason> Ruben: now my client installer can find my mirror server, but yield 'The installer failed to download a file from the server', any tips for solving it?
<_ruben> eason: check the access logs of your server, it probably requires a file that isnt avail on the cd, or in a different place
<roytech> hi can anyone help probably a simple problem (learner)
<roytech> im getting an error unable to resolve host  "name of server"
<X-Seti> what service are you running
<epinky> roytech: resolv.conf configured ?
<alvin> roytech: when do you see this error?
<X-Seti> apache?
<eason> Ruben: I have checked the apache's error log file, nothing been shown there
<_ruben> the installer log might show some hints too (virtual console 4 has that log)
<bogeyd6> epinky opensuse prefers people use the yast2 tool to configure network settings
<bogeyd6> !pastebin @ dei
<ubottu> Sorry, I don't know anything about pastebin @ dei
<bogeyd6> wrong channel
<bogeyd6> im an idiot
<epinky> bogeyd6: excuse me?
<dei> no problem
<dei> thank you
<dei> i figured our my problem :)
<bogeyd6> dei did you have to use the hostname tool at your registrar?
<dei> i made a dumb mistake on my firewall...
<dei> and that was blocking everything
<dei> i just did not suspect such a simple change to cause this problem :)
<bogeyd6> kk
<bogeyd6> thats why i prefer firewall appliances
<roytech> when just making any change to svr just after sudo
<eason> Ruben: thank you very much, I found it
<spirits-sight> I need help, I have setup LAMP for Ubuntu 9.10 setup 2 vitalhosting by name and when going to one of the domain it does not give me any thing?  in the /etc/hosts file I have "000.000.000.000 hostname-server.abc.org hostname-server" where 000.000.000.000 is the real IP address
<epinky> spirits-sight: you mean VirtualHost?
<spirits-sight> yes :-) epinky
<epinky> spirits-sight:000.000.000.000 is another machine?
<spirits-sight> I am using linode and it says to put the public IP address where the 000.000.000.000 is
<spirits-sight> epinky: this is the line above that one 127.0.0.1       localhost.localdomain  localhost
<epinky> spirits-sight: 000.000.000.000 is another machine?
<spirits-sight> I don't think so, its the linode that was assigned it linode.com
<epinky> spirits-sight: /etc/nsswitch.conf checked?
<spirits-sight> one sec
<spirits-sight> epinky: what should I be looking for, I don't see any thing in there that says domain
<spirits-sight> hosts:          files dns
<spirits-sight> networks:       files
<epinky> files dns means check hosts first, if not found ther go to dns, it's ok then ...
<spirits-sight> OK so I understood that then :-)
<spirits-sight> when I go to the domain.org in brower it says "Oops! This link appears to be broken."
<epinky> spirits-sight: try using nslookup with some external server, to check resolution
<epinky> spirits-sight: I mean resolution of your server :)
<spirits-sight> so in my destop term do mslookup domain.org
<spirits-sight> it gave good respone it gave the ip address, so how do I know its from the server
<epinky> i think it should be equal to 000.000.000.000.000
<spirits-sight> Server:		192.168.1.1
<spirits-sight> Address:	192.168.1.1#53
<spirits-sight> Non-authoritative answer:
<spirits-sight> Name:	domain.org
<spirits-sight> Address: 00.000.000.000
<spirits-sight> sorry for the mulite lines
<epinky> spirits-sight: use pastebin , do you have a DNS server local?, i'd like to check Authorative-Answer
<spirits-sight> no its hosted with linode.com
<spirits-sight> I am using godaddy which point to the linode nameserver and then doing DNS control with linode
<epinky> spirits-sight: can you reach the server using IP?
<eix> hi there. I am running Ubuntu8.10 32bit on an "AMD Athlon(tm) 64 Processor 3500+", which is a K8 64bit processor. should i upgrade to a 64bit linux distro? will I pull all of my hair off for this?
<spirits-sight> epinky: ok when I use nslookup ip address it give me ip.in-addr.arpa name = xxxxx-xxx.members.linode.com the ip address is backwards and where xxxxx-xxx is the linode marker I think
<epinky> spirits-sight: ok, can you reach the server using IP(public)?
<spirits-sight> ok, when using just IP address it gives me oops again, but I also am not telling it any vitiualhost site, how do I pass that along with the ip address of it know which one
<epinky> that public IP address is already configured on your VPS, right?
<spirits-sight> I believe so
<epinky> spirits-sight: can you  ping that ip?
<spirits-sight> Yes
<epinky> spirits-sight: to administer your VPS you use SSH?
<spirits-sight> correct
<epinky> spirits-sight: you've installed LAMP on your VPS  or are you using DNS Manager to redirect to some local server?
<spirits-sight> I have installed LAMP on the VPS using this guide http://library.linode.com/lamp-guides/ubuntu-9.10-karmic/
<spirits-sight> I skipped over the area that says Configure for IP-based Virtual Hosting
<epinky> ok, on your SSH session to VPS, check if apache2 is up with netstat
<dip> Hi all. I'm newbie in cloud computing. I've configured mico-cloud using eucalyptus and running two instances in it. I would like to know how one can install some packages in running instance *persistently* so that I can use that package upon reboot. Any help ?
<spirits-sight> epinky: OK I don't see the service apache2 there how ever I have a number of time say to reload it it say it did, is this different?
<epinky> spirits-sight: reload is different from restart
<spirits-sight> I have done restart also but will do again
<epinky> spirits-sight: netstat has to indicate that port 80 is LISTENING
<spirits-sight> /etc/init.d/apache2 restart is what I have run one sec see if see port 80 is LISTENING
<spirits-sight> ok I don't see that either, that strange
<epinky> spirits-sight: then check on your logs, there could be some error
<spirits-sight> ok I did a restart and still not see any thing
<epinky> spirits-sight: check your logs
<spirits-sight> ok under etc/logs right
<epinky> spirits-sight: /var/log/...
<spirits-sight> yep yep :-( forgot type var not etc
<roytech> when ever i try to do any restarting of say samba i get unable to resolve host "name of server"
<spirits-sight> which log apache2 has nothing in it
<spirits-sight> epinky: ^^
<epinky> spirits-sight: error.log and access.log I guess
<spirits-sight> epinky: in error.log it says unable to open log three times
<spirits-sight> epinky: in access.log there is nothing
<epinky> spirits-sight: "unable to open" or "unable to open log"?
<epinky> spirits-sight: use "more"
<spirits-sight> it says "Unable to open logs"  I am using nano to open them
<roytech> hi can any one help with this?
<epinky> spirits-sight: use "more"
<spirits-sight> epinky:  also other_vhosts_access.log has nothing in it
<roytech> when ever i try restart samba i get unable to resolve host "name of server"
<spirits-sight> epinky:  http://pastebin.com/d7b08e3c1
<spirits-sight> epinky: all the others are empty
<spirits-sight> epinky: this is what it gave me for netstat http://pastebin.com/d65780373
<epinky> spirits-sight: type "locate ports.conf"
<spirits-sight> -bash: locate: command not found
<epinky> spirits-sight: type "find /etc/apache2 -name ports.conf"
<spirits-sight> ok found it its in /etc/apache2/ports.conf
<RoyK> yes...
<epinky> sudo nano /etc/apache2/ports.conf
<spirits-sight> epinky: done
<epinky> is there a line like "Listen XXX.XXX.XXX.XXX:80" ?
<RoyK> yes
<RoyK> well, there should be
<RoyK> or Listen 80
<RoyK> without the IP
<spirits-sight> epinky: yes it says
<spirits-sight> NameVirtualHost *:80
<spirits-sight> Listen 80
<epinky> spirits-sight: try changing to "Listen 127.0.0.1:80", save,  and restart to see if it opens 80
<jester7> can anyone tell me where karmic's syslog server resides?
<jester7> previously, it was /sbin/syslogd
<spirits-sight> epinky: it did not change the netstat
<epinky> spirits-sight: try changing to "Listen 127.0.0.1:8080", save,  and restart to see if it opens 8080
<spirits-sight> epinky: brb
<spirits-sight> ok
<spirits-sight> epinky: nothing changed again, netstat
<spirits-sight> brb
<epinky> spirits-sight: "Listen your.linode.ip.address:80" also change "NameVirtualHost your.linode.ip.address:80" , save and restart, netstat a t the end
<spirits-sight> epinky: it gave me some errors
<epinky> spirits-sight: cat /proc/sys/fs/file-max
<spirits-sight> 34992 epinky
<spirits-sight> http://pastebin.com/d4a4d5275
<spirits-sight> epinky: ^^^
<epinky> spirits-sight: change "NameVirtualHost your.linode.ip.address:8080", to check use "/usr/sbin/apache2ctl restart" and post results
<spirits-sight> http://pastebin.com/d6b2eb25
<spirits-sight> I changed listen and name... to linode ip:8080
<spirits-sight> will u be on later then evening USA Est time
<epinky> spirits-sight: it says trying to start, did it finish?
<spirits-sight> no
<epinky> don't you have prompt then?
<spirits-sight> I have prompt
<epinky> netstat -an?
<spirits-sight> just try again same issue
<spirits-sight> its listening to mysql and otehr stuff but not apache2
<epinky> maybe you'll need to change ulimit on /etc/init.d/apache2, not sure, however "Unable to open logs"  is your error and the reason why apache2 does not start :(
<spirits-sight> OK I have to leave,  if any other stuff please PM me try when get home
<spirits-sight> ok thank
<epinky> spirits-sight: good luck and bye
<spirits-sight> thanks alot for the help
<epinky> spirits-sight: you're welcome
<selinuxium> hi all any EC2 users about? I am just getting started using the command line tools... Wondering if I should install eucalyptus... Also how to bundle a instance...  Cheer
<selinuxium> s
<_ruben> ugh .. i really needa set me up a distcc environment .. compiling a kernel just takes to long
<_ruben> s/to/too/
<rip> hello
<aubre> Good morning
<uvirtbot> New bug: #484807 in qemu-kvm (main) "module blacklisting not respected" [Undecided,New] https://launchpad.net/bugs/484807
<_ruben> bah .. lvm breaks when backporting a karmic/jaunty kernel to hardy .. guess im doing something wrong :/
<ivoks> maybe you need to backport lvm userspace?
<maswan> Hm. So, with theew new fancy upstart init job scripts, how do I prevent a service from starting automatically at boot?
<epinky> maswan: rcconf?
<maswan> ooh, never heard of it
<maswan> "It is a TUI(Text User Interface) frontend to the update-rc.d command." doesn't sound very useful though
<acalvo> maswan: why not? it means you can manage all your services at the different run levels
<epinky> "how do I prevent a service from starting automatically at boot?" doesn't sound very difficult though
<maswan> As far as I can tell, there are no rc?.d/*-links to delete, for say portmap
<acalvo> I've a VM with a virtual hard disk, and I want to make it bigger. So far so easy, but since the partition are made with LVM, is it difficult to expand the logical volumes? is it safer? is as easy as running the lvextend command?
<alvin> If I'm not mistaken, There are no runlevels anymore
<ScottK> ttx: Can we move https://blueprints.launchpad.net/ubuntu/+spec/server-lucid-more-mail-integration from the last session today to tomorrow or Friday?  There's another session that I absolutely have to attend at that time.
<Fenix|work> Greetings and salutations
<maswan> So I'm not sure what use update-rc.d or any interface to that will be for those services that don't use that legacy interface
<alvin> acalvo: yes, it's that easy. You need to to 2 things. Want an example?
<acalvo> alvin: yes, thank you
<alvin> Suppose you have vg0/opt . t is 1G and you want to make it 2:
<alvin> $ sudo lvextend -L 2G vg0/opt
<alvin> $ sudo resize2fs /dev/vg0/opt
<acalvo> alvin: ok, fine
<acalvo> I guess for ext4 there is a similar utility
<Fenix|work> Any admins here familiar with rsyslog?  I'm having a logging duplication issue after applying templates for remote hosts.
<alvin> acalvo: this works perfectly for ext4
<ttx> ScottK: we can
<ScottK> ttx: Thanks.
<acalvo> alvin: thank you so much then
<maswan> epinky: That's what I thought, except all the documentation and help thingies I could find is just for the "legacy" sysv init stuff...
<ttx> ScottK: tomorrow 10am ?
<ScottK> ttx: Checking
<ScottK> ttx: Yes, please.
<ttx> ScottK: done
<Fenix|work> Which filesystem is best for logs?
<ttx> ivoks: ^
<ScottK> Thank you.
<_ruben> i tend to store /var/log on an ext3 partition with noatime
<epinky> Fenix|work: NILFS :)
<Fenix|work> epinky, meh, don't need continuous snapshotting
<maswan> devnullfs? :)
 * Fenix|work sighs
<epinky> Fenix|work: sorry, it was a joke, "logs for your logs" :D
 * Fenix|work wondered why he never changed his syslog rules to log to /dev/nul
<Fenix|work> err /dev/null
<Fenix|work> epinky, I thought it was funny actually :)
<Fenix|work> I understand though that NILFS is pretty good with solid state drives
<Fenix|work> at least that's what linux-mag told me a few months ago
<Fenix|work> or I could be dreaming it.
<Fenix|work> anyway ...
<Fenix|work> between reiser and ext, which would handle system logs better?
<epinky> Fenix|work: my two cents on ReiserFS , BUT it's only an opinion
<Fenix|work> I'm leaning towards reiserfs myself...
<Fenix|work> ... just internally debating 3 or 4
<Fenix|work> ... but I somehow find myself drifting my thoughts to inventor and wondering how his new life is coming along.
<acalvo> Fenix|work: why not the new ext4?
<Jeeves_> Fenix|work: What he said ^^^ :)
<Fenix|work> I have no problem with ext4... I just don't want a lost+found folder
<Fenix|work> my drive is already formatted ext4
<Fenix|work> and it's nice to know I can create 16TiB files :)
<acalvo> Fenix|work: so afraid of l+f?
<Fenix|work> not afraid no... I'm just a freak I guess who doesn't like something for the sake of something to be there... create the folder when you actually have files that are lost and found...
<Fenix|work> but I have a drive for logging and there will be a folder for every device on my network logging to it... then there is lost+found
<acalvo> I think that folder has been there since older versions
<Fenix|work> acalvo, and hence why I moved to resierfs :)
<Fenix|work> I keep my boot as ext2 though, for all you old-timers :)
<acalvo> well, I guess is a matter of taste
<acalvo> I like the new ext4
<acalvo> I've played with reiser4 (in the gentoo old-times)
<Fenix|work> gentoo still around, or have they compiled themselves to oblivion yet?
 * Fenix|work laughs... used to be an ArchTester
<acalvo> I'm curious, is not critical to have one device to log all your network systems? what happen if someone gets inside? or if you lose connectivity?
<Fenix|work> I still have the tag in my whois.
<acalvo> well, I know is still around, but I don't want a 24h installation
<acalvo> moreover, I haven't seen a new release since the main progammer left (in 2006 I think)
<Fenix|work> acalvo, I'll have two syslog servers as a central repository for all logs, and all machines are still going to log to themselves if something happened to both central servers.
<Fenix|work> I just want a single point to browse all logs from all devices
<Fenix|work> throw in some utils to send out email alerts on warnings and up, and some utils to parse through the logs... and it'll make life easier
<acalvo> what do you suggest? (it seems pretty interesting)
<Fenix|work> manually searching over 150 devices is a pain in the ass
<Fenix|work> acalvo, I just started this project... I decided to use Karmic as the base because of the switch to rsyslogd from sysklogd
<Fenix|work> I'm going to try logging to files first and see how that works out...
<netrat> i'm using postfix with cyrus and an sasl database for users. is there a way to extract a list of users for local_recipient_maps from the sasldb?
<Fenix|work> on the other box I'm going to experiment with logging to MySQL
<Fenix|work> netrat, and hello to you as well.
<Fenix|work> acalvo, I'm not sure on what I'm going to use for the actual log interface... whether it'll be Splunk, or PHPLogCon
<netrat> Fenix|work, hello
<acalvo> Fenix|work: I'm using nagios + cacti
<acalvo> and I was planning to use splunk in a centralized syslog system
<acalvo> Fenix|work: did you try SNMP?
<Fenix|work> acalvo, right now I'm leaning nagios + splunk + rove.  rove for the mobile aspect
<Fenix|work> acalvo, not yet.  although rsyslogd has a facility for outputting SNMP traps
<acalvo> most of the network systems already have SNMP into it
<acalvo> and it's pretty easy to set them up
<acalvo> and to catch it all with nagios
<Fenix|work> acalvo, yeah, I still want a central location for all logs, specifically for auditing purposes...
<Fenix|work> SOx sucks.
<acalvo> well, if you need any advise about SNMP, or examples to control routers,printers,etc... drop around and ask :)
<Fenix|work> acalvo, send me a PM and tell me the pros and cons...
<Fenix|work> don't want to bore everyone else with off topic ;)
<axisys> how do I find out why scripts under cron.daily is not running ?
<axisys> anacron is not running.. doh!
<axisys> /usr/sbin/anacron is present.. interesting
<axisys> is NOT present i meant
<axisys> just installed it
<axisys> wait.. i am reading it wrong.. anacron is not needed .. so how come cron.daily's scripts did not run ? which log would tell me why cron.daily's script not running
<uvirtbot> New bug: #484426 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.37-1ubuntu5 failed to install/upgrade: subprocess installed post-installation script returned error exit status 127" [Low,Incomplete] https://launchpad.net/bugs/484426
<uvirtbot> New bug: #484051 in ubuntu "package samba 2:3.2.3-1ubuntu3.6 failed to install/upgrade: subprocess post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/484051
<smcquay> i'm trying to use a eucalyptus insta-cloud. i followed the instructions on the Ubuntu site, but when I try to connect to the virtual machine, my keys get denied. Has any one run into this issue, and how does one fix/diagnose it?
<smcquay> yeah, it's very odd. it takes much longer than I'd suspect trying to connect, and then just doesn't connect. I've searched online for eucalyptus and the error I see (Permission denied (publickey)), but to no avail. is there a way to have an image that doesn't require ssh keys?
<ahasenack> 2.4.18-0ubuntu1 is hanging at 100% cpu in karmic when I try to add data to a database defined in cn=config, has anybody seen this recently?
<ahasenack> 64bits
<ahasenack> it just sits in pid 16635] futex(0x7ff5f8a57c48, FUTEX_WAIT_PRIVATE, 2, NULL
<ahasenack> 16594 openldap  20   0  187m 8500 4128 S  185  0.2   2:52.14 slapd
<baffle> Hmm, I think Ubuntu should have compiled clvm against corosync instead of cman.
<Fenix|work> I've a question.  How do I go about making an image of my server configuration so in the event of a catastrophy I can re-apply that image to the same hardware and have the system up and running as if nothing ever were to have happened... without the need to reinstall and reconfigure everything?
<Fenix|work> Hmm... server configuration is a little ambiguous... I mean the entire server
<djveer> If I am setting up a small web server for a client using Ubuntu server... what are some things I should take into consideration to provide as much uptime as cheaply as possible. Any suggestions?
<djveer> OBviously i've thought of mirrrored drives, back up to an off site location to tape.. etc
<uvirtbot> New bug: #484944 in bacula (universe) "package bacula-director-mysql 2.4.4-1ubuntu9 failed to install/upgrade: Unterprozess installiertes post-installation-Skript gab den Fehlerwert 1 zurÃ¼ck" [Undecided,New] https://launchpad.net/bugs/484944
<Fenix|work> How do I go about creating a bootable recovery CD/DVD of my server install?
<GammalSokk> mine \ NoPE
<Fenix|work> Anyone have a how-to to create an apt mirror for local use?
<guntbert> Fenix|work: have a look at apt-mirror
<Fenix|work> guntbert, ok, thanks.
<guntbert> Fenix|work: there also is good tutorial - but I cannot remember where - sorry
<Fenix|work> I will search for it.
<Fenix|work> guntbert, you use nagios?
<guntbert> Fenix|work: no
<Fenix|work> bummer...
<guntbert> Fenix|work: the tutorial I used: http://www.howtoforge.com/local_debian_ubuntu_mirror
<Fenix|work> that's the one I'm looking at now.
<Fenix|work> thanks :)
<Fenix|work> guntbert, how big is the repo?
<guntbert> Fenix|work: not sure, I don't have the disk with me right now - several 10GB I'd say
<Fenix|work> can you mirror multiple releases?
<Fenix|work> or multiple arches?
<guntbert> Fenix|work: yes and yes
<Fenix|work> sweet and sweeter.
<cyphermox> guntbert, Fenix|work, last time I looked into it it was something of the 20G for a "quick and dirty mirror", where you get just the release stuff, and more like 200G or so for "everything"
<cyphermox> not sure if this was per arch, but I guess (hope) not :)
<Fenix|work> 20GB isn't too bad.
<Fenix|work> most likely it would be per arch...
<guntbert> cyphermox: I didn't count the src repos, but they do come only once :)
<cyphermox> yeah :)
<cyphermox> per arch, I don't know. It seems steep, even though there is a lot of stuff
<Fenix|work> well, gcc for i686 and gcc for amd64 are two different beasts :)
<cyphermox> note that these were numbers from the page about mirroring ubuntu...
<Fenix|work> cyphermox, out of curiousity... do you use nagios?
<Fenix|work> I'm debating about using a source install vs a package install
<cyphermox> Fenix|work, no, i don't use nagios. The fact that it was text-based configs, changed manually, or having to install additional packages with weird deps annoyed me
<cyphermox> http://www.ubuntu.com/getubuntu/mirror/2
<Fenix|work> it appears nagios' quick-start guide suggests install from source
<Fenix|work> so, that is what i'll do.
<cyphermox> nagios from source gives you very much up-to-date stuff. on the other hand, installing it from a package might be more convenient
<Fenix|work> cyphermox, until an update that could potentially break my config :)
<Fenix|work> pros and cons
<Fenix|work> packages vs. source
 * Fenix|work sighs
<ninjah>       -  Since a packet is assigned to a FEC when it enters the network,
<ninjah>          the ingress router may use, in determining the assignment, any
<ninjah>          information it has about the packet, even if that information
<ninjah>          cannot be gleaned from the network layer header.  For example,
<ninjah>          packets arriving on different ports may be assigned to
<ninjah>          different FECs.  Conventional forwarding, on the other hand,
<ninjah>          can only consider information which travels with the packet in
<ninjah>          the packet header.
<ninjah> Whoops! wrong irc room
<uvirtbot> New bug: #485026 in openldap (main) "[karmic] slapd hangs at 100% cpu and is unkillable" [Undecided,New] https://launchpad.net/bugs/485026
<occy> Hey guys... anyone here ever used cgiirc?  I'm trying to get it set up on my Ubuntu server.  I have the irc server already up and going
<occy> I did apt-get install cgiirc
<occy> and have googled trying to find some sort of howto... but :/  (and I've read the docs) but am still confused
<occy> Better question.  Where can I find the Ubuntu cgiirc documentation?
<mjeanson> For UDS folks, Community server team dinner tonight. Let's meet in the lobby by 6:30PM. Everyone welcome.
<Daviey> grr.. i think i'm double booked.
<Wallace> Can anybody recommend a VPN server to use?  Clients will be ubuntu, and windoze.
<ahe> Wallace: http://openvpn.net/ ?
<ahe> didn't have to setup a VPN but if i had to i would go with openvpn
<Wallace> so better than pptpd, or any of the other options available?
<Reepicheep> Wallace: I use both pptpd and openvpn.. pptp is great for simplicity.. it integrates natively with many clients including linux and ubuntu.. but
<Reepicheep> when security is a concern I reach for openvpn.. I like the fact that it is based on SSL
<Reepicheep> s/linux and ubuntu/linux and windows/ ^^
<mjeanson> Community Server Team dinner postponned to 7:15PM in the lobby.
#ubuntu-server 2009-11-19
 * RoAkSoAx slaps mjeanson :)
<bogeyd6> !iscsi
<ubottu> Sorry, I don't know anything about iscsi
<flaccid> i followed the mail filtering guide, however the only headers in mail i get are X-IronPort-Anti-Spam-Filtered: true and X-IronPort-Anti-Spam-Result: ApwEAIYsBEuWZcx//2dsb2JhbACBTZAutimHVIhyhDsE
<flaccid> what have  i missed here ?
<flaccid> its going through amavis but amavis doesn't seem to be doing spamassassin
<lukehasnoname> Has anyone else tried using virtual machine manager to remotely create a new VM on a server?
<lukehasnoname> I can't choose the installation media
<lukehasnoname> There's a bug filed on Debian from May (http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=512253) with a dirty workaround that lowers the usefulness of ths application
<uvirtbot> Debian bug 512253 in virt-manager "virt-manager: Can't choose ISO-image (remote connection, ssh)" [Wishlist,Open]
<lukehasnoname> That it is filed as wishlist upsets me.
<ScottK> If upstream doesn't support the functionality, Wishlist is probably appropriate for Debian.  Is there an upstream bug?
<xperia2> hello to all ! i am trying to configure postfix for recieving emails on my ubuntu server that has a full web and dns server allready running for my local hosted webdomain.
<xperia2> now the strange thing is after looking in the log of postfix i belevie i can allready receive mails from some strange peoples at gmail!
<xperia2> http://paste-bin.com/view/94980615
<xperia2> is this allready really possible or is this just spam ? i never told anybody till yet any mail or domain adress for the server !
<ScottK> xperia2: That's someone trying to see if they can deliver to you (for spamming purposes).
<ScottK> There's no evidence in that log snippet that you actually accepted the mail.
<ScottK> It is normal for this to start within 15 minutes of a new server going online.
<xperia2> SkottK: hmmm i see also some strange relay output in the logs. i am using allready in postfix the relay possibilty from my isp to send mails
<xperia2> from my web server. give me just a second to paste this
<xperia2> http://paste-bin.com/view/e1333509
<djveer> hey guys, if ufw just a front end for managing iptables?
<djveer> *is
<xperia2> my mail relay is "mail.bluewin.ch". strange to see this in the logs still !
<xperia2> could it be that my mail server is used as a spam machine. it forward something or not ?
<xperia2> Nov 18 15:28:28 stromer postfix/smtpd[12360]: > 118-167-128-32.dynamic.hinet.net[118.167.128.32]: 250 2.1.0 Ok
<xperia2> Nov 18 15:28:29 stromer postfix/smtpd[12360]: < 118-167-128-32.dynamic.hinet.net[118.167.128.32]: RCPT TO: <s2288@mail2000.com.tw>
<xperia2> ScottK: it looks like other people have the same problem with the same mail adresses !
<xperia2> http://ubuntuforums.org/showthread.php?t=952517
<ScottK> xperia2: Not suprising.
<xperia2> ScottK: should i worry about this or is this just normal as other have it too ?
<ScottK> xperia2: You also have your logs at a non-standard (higher) level of logging detail.  This isn't needed and actually makes the logs harder to read.
<ScottK> xperia2: Assuming that's all there is, it's not a problem.
<xperia2> aah okay nice to know that !
<xperia2> ScottK: have found a ruleset for blocking this. it looks like this is very comonn especially the mail adress "s2288@mail2000.com.tw"
<xperia2> about 40% of the messages are directed to this mail adress.
<xperia2> http://www.hobgoblinconsulting.com/remote/smreport.200812.html#grunty.schelin.orgrule
<xperia2> looking now at the ubuntu wiki help page for finding a good config example for my postfix server.
<ScottK> The only 'harm' it's doing in using some of your bandwidth and CPU.  If that's not an immediate concern, I'd concentrate on other things.
<xperia2> yeah at the moment i will concentrate on configuring postfix for receiving mails for my domains and subdomains that run on my ubuntu server but for later i will block this for sure as i dont have only a home server with a normal home conection ! thanks for he clarification still
<xperia2> as i have only a home server with a normal home conection ! thanks for he clarification still
<twb> Is xperia2 operating an open relay? ;-)
<ScottK> twb: No
<xperia2> a open relay ? never heared. i have configured postfix to be able to send from my webpages sms messages to my cell phone. i needed for this to use the relay function in postfix as direct sending was blacklisted.
<ScottK> That's a relay probe, no sign it was accepted.
<twb> OK, I obviously wasn't paying enough attention.
<xperia2> i am using this for controll porposes when somebody register on the page as a exmaple to know directly over my cell phone that something has happened.
<ScottK> xperia2: Open relay means you will send mail from anyone to anywhere without checking
<ScottK> There's no sign in the logs you've shown that is happening.
<xperia2> ahh something full open in this case. btw. have found a very good wiki tutorial for my purpose ! exactly that was i searched !
<xperia2> big compliments to the person that has writen this
<xperia2> https://help.ubuntu.com/community/PostfixCompleteVirtualMailSystemHowto
<ScottK> xperia2: Also look in the Ubuntu Server guide for your release.
<ScottK> xperia2: Which Ubuntu version are you running?
<xperia2> dont slap me now but it is a old version ubuntu-interpid! nee to upgrade it but i fear however that the upgrade proccess will brake all my settings.
<xperia2> will buy however in the next two months a new ubuntu dell laptop
<xperia2> and will install then the newest version of ubuntu on the hardware that was replaced
<lucascastro> had someone already used ipp2p on ubuntu ?
<ScottK> xperia2: You can run whatever version you want, but generally server upgrades are very safe.
<ScottK> The reason I asked was to point you at the correct documentation for the release you are running.
<spirits-sight> what is the command for installing LAMP server from a desktop install
<xperia2> had some bad experince allready with upgarding ubuntu-desktop on my laptop so before i upgrade the server now i want to have a backup machine fr the server if it breaks i can swith the machine and the server still will work as expected.
<ScottK> xperia2: Have a look through this: https://help.ubuntu.com/8.10/serverguide/C/email-services.html - There are many Postfix how to's on the wiki part of help.ubuntu.com, but many of them are obsolete
<ScottK> xperia2: I can understand the caution.
<xperia2> great thanks !
<ScottK> I would suggest use the server guide I just linked you as far as can
<xperia2> ScottK: one thing what can be say is that the upgrade process urges some people to buy ubuntu machines from dell with server support too :-))
<ScottK> xperia2: I've upgraded servers starting from Dapper to Karmic and have only ever had one go really badly and in that case I was trying something and I knew it was risky.
<spirits-sight> when doing tasksel it has option for basic ubuntu server <-- what is this exactly, I know what LAMP is but do I want this other thing or not?
<cleary_> hi
<xperia2> SkottK: i give you right that upgrading of ubuntu-server should be absolutly no problem . the thing is that i have changed to mucht ubuntu specific things as a noob and at the upgrade proccess this will cause exactly problems. as you have said for people with knoweledge and know what they do no problem but for me i prefer to have a backup machine solution :-)
<cleary_> I'm looking for a reference on migrating sys v init scripts to upstart, but not coming up with anything particularly useful
<cleary_> has anyone done this? Can you recommend any doco?
<spirits-sight> does anyone know what exacly is basic ubuntu server under the tasksel cmd
<Nafallo> cleary_: checked http://upstart.ubuntu.com/ ?
<xperia2> cleary_: as i know you have also the possibility to install mail server and dns server and such on
<cleary_> Nafallo: yeah, just plugged through the faq and wiki without coming up with anything concrete
<xperia2> the basci server is just apache, mysql, php and such on without mail or dns stuff
<cleary_> Nafallo: it seems to be more a focus on development of upstart as opposed to the use of upstart
<cleary_> xperia2: I'm not sure that you've understood my question (or you meant to address someone else?)
<xperia2> i would say basic server == lampp
<cleary_> xperia2: you meant to highlight spirits-sight then I think
<djveer> Dang. I've accidently removed the access to sudo from my user on this ubuntu server test VM
<xperia2> oh yes sorry cleary !
<djveer> if I can't sudo and root is disabled, how can I gain my groups back
<qman__> djveer, boot in recovery mode, drop to root prompt, and re-add your user
<qman__> to sudoers
<djveer> dumb question qman__, recovery mode is accessed off the boot cd?
<qman__> djveer, no, press escape while grub is loading
<qman__> arrow down to your latest kernel with (recovery mode) at the end
<qman__> the system will boot, then give you a menu
<qman__> choose root shell
<djveer> qman__, thanks! you the man
<djveer> (or woman) no offense
<djveer> lol
<djveer> bah... gotta restart the machine manually.. can't rebot because i'm not in the sudoers file
<djveer> lol
<djveer> >,<
<cleary_> Nafallo: never mind, I'm just going through the README.debian.gz in the upstart package now, seems I may have been too hasty
<qman__> djveer, if you're local, press ctrl alt del
<qman__> it'll go into reboot
<spirits-sight> OK, I don't see apache showing up in netstat after doing the tasksel for LAMP
<djveer> hehe it's just a testing VM... I just hit the 'ol power button on it
<spirits-sight> I did a reboot just make sure every thing was started right
<xperia2> spirits-sight: are you able to restart apache "sudo /etc/inti.d/apache2 restart"
<xperia2> or to start it also ?
<spirits-sight> it works based on it goes to the website when doing the domain or ip address it gives it works page :-)  any how now I need get name vitualhosting working
<spirits-sight> xperia2 you able ot help with this, I redid the system as when doing it yesterday would NOT work doing the way the guide told me to do it
<xperia2> great. virtual hosting isnt hard. what is the problem
<xperia2> yes virtual hosting isnt very good described in the wiki. i am using a non standard way for this.
<xperia2> have edited the file "/etc/apache2/sites-available/default" directly and restarted apache2 and it works with no problems for me !
<spirits-sight> xperia2: sorry mind was wondering.  OK I am trying to setup all the DNS stuff first make sure its all setup correctly
<spirits-sight> I am using linode as the provider of my VPS
<spirits-sight> for my A / AAAA record I am not sure hwat I should be puting any ideas I have two domain setup as master in the DNS manager I click on one and setting it up
<xperia2> dont understand now. did you installed the basic server or did you installed a full server with dns mail and so on ?
<xperia2> i assume you have installed a full server and need now to configure bund on your ubuntu server
<xperia2> sorry bind not bund
<spirits-sight> I am sure I need to do alot I am learning :-)
<spirits-sight> Yes I installed the full LAMP and basic ubuntu server from tasksel
<xperia2> ahh okay. i have registered a domain and then used for the domain dns entry this line here "ns.mydomain.com"
<xperia2> this dns entry point then to your server with the static ip which you have also to provide ! i assume you have this allready done
<spirits-sight> yes godaddy is pointing to the nsX.linode.com nameservers
<xperia2> ahh okay then you need just this here
<xperia2> File: named.conf.local
<xperia2> zone "mydomain.com" {
<xperia2>         type master;
<xperia2>         file "/etc/bind/db.mydomain.com";
<xperia2> };
<xperia2> and the file here that you need to create it
<xperia2> File: db.mydomain.com
<xperia2> $TTL    3600
<xperia2> @       IN      SOA     ns.wificom.ch. root.wificom.ch. (
<xperia2>                          2009111332     ; Serial
<xperia2>                          604800         ; Refresh
<xperia2>                           86400         ; Retry
<xperia2>                         2419200         ; Expire
<xperia2>                          604800 )       ; Negative Cache TTL
<xperia2> @       IN      NS      ns.mydomain.com.
<xperia2> @       IN      A       x.x.x.x
<xperia2> ns      IN      A       x.x.x.x
<xperia2> box     IN      A       x.x.x.x
<xperia2> www     IN      CNAME   mydomain.com.
<xperia2> subdomain  IN      A       x.x.x.x
<xperia2> www.subdomain      IN      CNAME   @
<xperia2> thanks goes to the irc ubuntu-server user mostly called lamont as he helped me a lot with this.
<xperia2> ahh sorry replace wificom.ch with mydomain.com
<xperia2> after this restart bind "sudo /etc/init.d/bind9 restart" (make sure you change allways the serial number at every change) and you should be able to resolve your domain names
<xperia2> like dig mydomain.com @x.x.x.x
<spirits-sight> wow
<spirits-sight> that was alot
<spirits-sight> one moment or few :-)
<xperia2> its okay :-)
<spirits-sight> what does this "hostname -F /etc/hostname" do?
<spirits-sight> does it say to the system to look for the hostname in the /etc/hostname file
<xperia2> cant say ! not that dns expert :-)
<xperia2> can you resolve the domain on your server ?
<spirits-sight> 127.0.0.1       localhost.localdomain  localhost
<spirits-sight> 12.34.56.78   hostname.domain.org hostname
<spirits-sight> is the above correct or is it need fixing?
<spirits-sight> making sure all the rest of the stuff is setup correct before doing any other changes :-)
<jmarsden> spirits-sight: Looks reasonable to me.  BTW, hostname -F /etc/hostname   means "set the hostname to be whatever is in the file /etc/hostname"
<spirits-sight> ok that what I throught and said above :-) yeah I understand a little more then yesterday :-)
<spirits-sight> jmarsden: so I don't change localdomain to my abc.org domain correct?
<jmarsden> Correct.  In the 127.0.0.1 line, leave it as it is.
<spirits-sight> thanks, ok just created the dir for the two domains also created the two available files /domain1.org and /domain2.org  /etc/apache2/sites-available/
<spirits-sight> correct?
<xperia2> does resolving of the domain works now ?
<spirits-sight> know in a minnut I believe it should :-)
<xperia2> test it with "dig mydomain.com @x.x.x.x" on your server
<xperia2> x.x.x.x is your static ip number to the server
<spirits-sight> well I just entered the domain into the brower and it point me to the server unlike yesterday, and its pointing to the correct directy as if it was still pointing to default it would show It Works! again but its not , instead its show the index dir for the domain
<xperia2> well in this case you need now just to make vhosting working and all is done.
<xperia2> can you post the two files for whosting
<spirits-sight> vhosting working its working, I just put in the direcory for the domain and then refresh brower and it shows what I did :-)
<xperia2> so everything is then okay :-)
<spirits-sight> yes yes, using the guide, yesterday I think what happen is that ubuntu did not install the basic ubuntu server stuff, then the guide had me do each item apache2 mysql php but today I used the tasksel do it for me and it seem to be working the way it should be
<spirits-sight> this is the guide I used >>> http://library.linode.com/lamp-guides/ubuntu-9.10-karmic/
<flaccid> so can anyone help me with amavisd-new and spamassassin. i'm trying to verify that the spam scan is occuring
<flaccid> i see no headers
<twb> flaccid: easiest way to check is to see if your CPU and memory are fully utilized :-/
<flaccid> hehe they are not, then again its a low vol server
<twb> Actually I think I'm grumbling about clamav
<ScottK> twb: What's to grumble about clamav?
<twb> ScottK: I was grumbling about its resource consumption
<ScottK> Ah, right, well scanning stuff is resource intensive.  No real way around that.
<twb> I don't actually deal with clamav, I just notice that half the servers I ssh into spend most of their CPU time running clamav
<twb> ScottK: yeah, I know
<ScottK> Probably the other half running SpamAssassin.
<twb> So strictly I'm grumbling because those customers have Windows machines and thus want AV scanning
<ScottK> Well clamav is not just for Windows anymore.
<ScottK> It also has anti-phishing stuff too and that's a cross-platform threat.
<twb> Shrug
<spirits-sight> OK, this is strange, why would a number of CNAMES point to the right place and one not? it seems to be pointing to the default for apache
<spirits-sight> see it at mail.snecdeaf.org but docs.snecdeaf.org works fine setup the same
<spirits-sight> they both should be pointing to ghs.google.com but the mail.snecdeaf.org which is pointed to google seems to be still point to the default apache screen
<spirits-sight> never mind it works now
<clusty> how can i pipe stdin and stderr to TEE ?
<twb> clusty: in bash4, it's &| tee ...
<twb> If you're still using bash 3 (or sh), it's 2>&1 | tee ...
<twb> Note that this will unify the streams
<clusty> using actually mac :D
<clusty> no clue bash version
<clusty> thanks
<clusty> that was it
<twb> Ubuntu behaves identically on mac and whitebox hardware.
<clusty> thought so
<jmarsden> clusty: echo $BASH_VERSION   # will tell you what version of bash you are running
<clusty> 3.2.48
<clusty> jmarsden: what is the latest?
<twb> Let's ask uscan
<clusty> more like: what version does ubuntu use?
<twb> packages.ubuntu.com/bash, then
<twb> Can't say "dpkg: -l bash" in here
<twb> http://sv.gnu.org/projects/bash, too
<clusty> karmic switched to 4.05
<clusty> jaunty: 3.2.5
<clusty> there is one thing that annoys the hell out of me un Unixes: params are more rigid
<clusty> rm <file> -rf assumes -rf is another file name
<clusty> only rm -rf <file> works
<twb> That's a GNUism, just so's you know
<clusty> twb: meaning?
<twb> I dunno what you mean by "un" unixes
<clusty> i mean solaris and mac
<twb> AFAIK SUS 2004 doesn't require "rm foo -rf" to act like "rm -rf foo".
<clusty> what i used so far currently
<clusty> what is SUS?
<twb> http://www.opengroup.org/onlinepubs/9699919799/
<twb> Sorry, the latest release was 2008, not 2004
<clusty> so linux is not compliant to this standard?
<twb> clusty: it's not certified.
<clusty> anyways. i do not care much about standards myself
<twb> But the problem you're having is that GNU coreutils implements MORE features than it is required to.
<twb> So when you use a non-GNU userland, the extensions you are used to aren't there.
<twb> These are thus called "gnuisms"
<clusty> just need to pay attention to test my scripts properly
<twb> Writing truly portable scripts is impossible.
<clusty> what about the bash smart completion thing?
<twb> That is a bashism
<clusty> that is also missing under my unixes
<jmarsden> clusty: So compile and install bash on the other unixes :)
<twb> Perhaps because your default shell is tcsh?
<clusty> twb: it is bash
<twb> In OS X 10.3 or 10.4, Apple switches to bash as the default shell.
<twb> *switched
<clusty> under solaris some ppl are using zsh
<clusty> rather than bash
<twb> That's because they're so used to posix non-conformity, that yet another non-posix sh doesn't faze them
<clusty> lool
<clusty> yeah
<clusty> :D
<clusty> having a small messed up char problem:
<clusty> svn: Can't convert string from 'UTF-8' to native encoding:
<clusty> svn: Bruker_full/QSW.net/Basics/BQImages/Drivers/bou?\195?\169e.ico
<clusty> they are french accented names
<clusty> any clue what is the solution?
<twb> clusty: the problem is that the other guy is using ISO 8859-1 or something.
<clusty> twb: how do i fix it?
<clusty> mac also seems to accept it just fine
<acalvo> is there any way to manipulate the size of a LVM if it is mounted under /?
<twb> Force everyone to adopt UTF-8?
<twb> acalvo: sure
<acalvo> do I need to unmount previously the partition?
<twb> acalvo: you can grow filesystems while they're online
<twb> acalvo: you can't online shrink
<acalvo> and reduce?
<acalvo> oh...
<twb> acalvo: at least, for ext3.  Other filesystems are different.
<clusty> twb: i could in theory fix the file myself. how do I change the name encoding from ISO to UTF?
<twb> clusty: you go back in time and fix the other guy's OS or /etc/profile
<twb> Before he makes the file
<twb> clusty: pastebin the output of "locale"
<clusty> twb: http://pastie.org/705606
<twb> clusty: OK, it's your fault
<twb> LANG should be something like en_US.utf8
<clusty> it always is :D
<clusty> how do i fix it?
<twb> aptitude install language-pack-en-us or something
<twb> I don't remember the exact Ubuntu way
<clusty> any nasty side effects from this?
<simplexio>  LANG="en_US.UTF-8"
<clusty>  sudo apt-get install language-pack-en
<twb> The ubuntu desktop installer will automatically install language packs based on where you tell it you are
<twb> The server one doesn't do this, I think, which I found a bit strange
<clusty> twb: my locale has not changed from C
<twb> clusty: you need to log out and log in again
<twb> If you are logging in remotely, that will also affect things
<clusty> did
<clusty> ssh-ed again
<twb> clusty: are you running screen or similar?
<clusty> twb: i have a bunch of VNC's running
<clusty> do i have to kill those also?
<twb> I mean, when you close ssh and ssh in again, are you reconnecting to an existing screen session?
<twb> Or are you getting a completely new shell?
<clusty> twb: no
<clusty> completely new shell
<clusty> new putthy
<clusty> putty
<twb> You're sshing from putty?
<clusty> yes
<twb> OK, I don't know if that's supposed to work.
<twb> Confirm that "locale -a" lists the en_* locales
<clusty> twb: does
<twb> On Debian the place to look would be /etc/profile, but on Ubuntu I think it is /etc/environment
<clusty> http://pastie.org/705617
<twb> Or maybe I'm confused?
<clusty> PATH="/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/usr/games"
<clusty> LANG="en_US.UTF-8"
<twb> clusty: that's in /etc/environment?
<clusty> contents of /etc/environment
<clusty> i suck
<clusty> i had LANG=C in bashrc
<clusty> now locale is fine
<twb> And this is why you don't put things in .bashrc and similar without knowing what they do
<clusty> twb: i had a reason to put it there
<clusty> i never put random stuff
<clusty> solved my issue, thanks
<switchgrl> hi can i build an ubuntuserver in a vertual machine?
<clusty> switchgrl: sure you can
<clusty> by build you mean install ?
<switchgrl> yes
<switchgrl> i just want to get used to the system and how it works
<clusty> what virtual machine system do you use?
<clusty> virtualBox?
<clusty> or vmware ?
<switchgrl> oh i am on a duelcore intel
<switchgrl> virtualbox
<switchgrl> i found a tutorial
<clusty> perfect :D
<switchgrl> http://www.sitepoint.com/blogs/2009/10/27/build-your-own-dev-server-with-virtualbox/
<switchgrl> thanks
<switchgrl> i was searching at the same time as asking - do that sometimes
<clusty> switchgrl: this is very complicated
<clusty> for no reason....
<clusty> switchgrl: what OS do you run?
<clusty> windows?
 * switchgrl looks insulted
<clusty> mac?
<switchgrl> no
<switchgrl> no
<switchgrl> ubuntu
<switchgrl> i run every version of ubuntu there has ever been
<switchgrl> not server though
<switchgrl> want to run a mail server
<clusty> switchgrl: anyways...
<FireCrotch> Mail servers are not fun to set up
<clusty> install virtual box from the ubuntu repository
<clusty> and use the GUI for it
<clusty> trivial and straight forward
<clusty> anyways the differences between desktop and server are not that great:
<clusty> different kernelk
<clusty> and different choice of base packages
<switchgrl> clusty, i was joking about being insulted
<clusty> can convert one into anothjer in a jiffy
<clusty> figured a much
<FireCrotch> clusty: You're forgetting the one difference that may be most important to someone who's never run ubuntu-server before
<clusty> no X? :D
<FireCrotch> :D
<clusty> just command line ?
<simplexio> which is only real way to run server
<clusty> well i cannot image sime1 installing a mail server from GUI only
<simplexio> whixh isnt X server :)
<FireCrotch> clusty: Some day.
<simplexio> if using alot gedit is considered GUI then its doable
<FireCrotch> Some day it will be doable in the ubuntu world, just like the Windows world
<FireCrotch> Long story short, it's a project that I want to set up, basically
<switchgrl> are there any 36bit servers?
<flaccid> wtf
<FireCrotch> flaccid: what are we "wtf"ing at?
<flaccid> well if you want a gui frontend for configuration thats pretty easy stuff
<flaccid> it was a wtf in general from above
<atomic_1> lol, this qualifies for bash.org
<switchgrl> lol
<flaccid> i find that shell scripts can do everything in this area. a gui frontend can just pass variable values to the shell script
<switchgrl> yay i made it to bash.org
<FireCrotch> Not necessarily something to be proud of
<flaccid> who me or switchgrl  ?
<FireCrotch> switchgrl
<flaccid> hehe
<FireCrotch> flaccid: what I envision is a ubuntu system that provides the ease of administration of Windows SBS
<flaccid> good luck, ubuntu doesn't care
<flaccid> they have other objectives. there is no reason to tie down your project or vision to a single immature distro..
<FireCrotch> flaccid: I've talked to a few others who were interested in working on the project
<flaccid> what problems are you trying to solve specifically ?
<flaccid> thing is you could work on the project. good luck ubuntu wanting it.
<FireCrotch> Specifically, my goal is to help to close bug #1
<flaccid> oh
<uvirtbot> FireCrotch: Error: Could not parse data returned by Launchpad: The read operation timed out
<flaccid> i hope that was sarcasm
<FireCrotch> flaccid: No sarcasm.
<flaccid> please understand that the mainstream doesn't buy goodness, it buys marketing
<flaccid> but still my question remains
<FireCrotch> flaccid: You have to have something to market first.
<flaccid> you have not cited a specific problem to solve
<flaccid> linux has been trying marketing for years with a big fail
<FireCrotch> flaccid: because Linux doesn't have anything marketable. Ease of use/administration is marketable.
<flaccid> i tend to disagree
<twb> Are you guys actually trying to solve a problem, or are you just trolling one another?
<flaccid> it feels like the latter
<twb> Because if it's the latter you might want to move to /msg or -overflow
<FireCrotch> I have no trolling intentions
<flaccid> is there something i can help you with, FireCrotch  ?
<flaccid> you nick is familiar, like i've talked to you much before
<acalvo> didn't manage to extend the LVM partition
<acalvo> just because it's the root
<FireCrotch> flaccid: I usually stick to -offtopic
<twb> acalvo: lvextend --size +4G /dev/example/root && resize2fs /dev/example/root
<acalvo> and to extend it I've to move all the partitions
<acalvo> it says it does not have enough extents
<twb> acalvo: please pastebin the output of "pvs"
<flaccid> FireCrotch: ah i remember you from #kubuntu
<acalvo> can't pastebin, that machine does not have internet
<acalvo> but it prints
<twb> acalvo: just transcribe the PFree and PSize values
<acalvo> /dev/sda1 test lvm2 a- 4,75G 8,00M
<twb> OK.
<FireCrotch> flaccid: Ah yes, I used to hang out there too :)
<flaccid> and i used to help you there
<flaccid> if you recall
<switchgrl> does the ubuntu cloud thing give me the ability to add my netbook to connect autmatically to the server and use my connection from the cafe down the road without having to set up a VCN?
<flaccid> switchgrl:  define 'to the server' please
<flaccid> what kind of connection etc.
<FireCrotch> flaccid: I do recall that, yes :)  I guess you thought you got rid of me, huh?
<switchgrl> umm brows the net from the cafe or train securely
<switchgrl> or safly
<switchgrl> safely*
<flaccid> FireCrotch: negative. i got rid of kubuntu.
<flaccid> what is a VCN ?
<flaccid> anyway connection is not cloud specific. ssh is encrypted
<FireCrotch> I think switchgrl means a VPN :)
<FireCrotch> flaccid: I'm sad to hear that. Kubuntu is awesome :)
<flaccid> yeah, switchgrl ssh is encrypted, you don't need a VPN
<flaccid> FireCrotch: what a pity the people that run it arnet
<switchgrl> ssh = code
<flaccid> ssh != code
<switchgrl> i hate code i cant understand it easy cus to understand it you have to read- i cant read much
<flaccid> switchgrl: what is your objective ?
<FireCrotch> flaccid: I avoid anything kubuntu-specific, really.
<FireCrotch> except of course, I use it
<flaccid> FireCrotch: i went to mac for desktop
<switchgrl> to ensure my email and other files are secure, to enusure i am able to flawlessly accsess my files no matter where they are (with my wb book)
<FireCrotch> flaccid: To each their own.  I've found kde4.2 to work quite nicely for my day to day needs
<switchgrl> and yeah i mean vertual private network
<flaccid> switchgrl: 1. use SMTPS and IMAPS, 2. use fuse ssh
<flaccid> FireCrotch: kde is a DE not a linux distro. don't compare.
<FireCrotch> flaccid: I'm well aware of the difference between the two. What I mean is that I've found the latest release of Kubuntu (with kde 4.2) to be quite nice
<twb> acalvo: your LVM is fully utilized -- you cannot extend it without creating another PV.
<acalvo> twb: that's what I've tought
<flaccid> FireCrotch: sure, but thats KDE and I run that with freebsd
<FireCrotch> I never did care much for FreeBSD back when I tried it out.  That was forever ago though.
<flaccid> its as old as linux
<switchgrl> i tried to get freebsd to runx-org that was erm "fun"
<switchgrl> i was looking for somthing more dynamic - not as restrictive as ssh or fuse flaccid
<twb> switchgrl: what does that even MEAN?
<switchgrl> well if i go to the cafe down the road there ip changes - its dynamic
<simplexio> something what works like magic, i assume
<simplexio> switchgrl: yeah. on reconenct sshfs and you have file
<switchgrl> it means also i have to go to the cafe i use in london i want it to connect to the internet and just work
<twb> switchgrl: for remote access to files?
<simplexio> or use vpn + nfs / samba , which can be configured to survive conenction reset
<flaccid> 1. freebsd runs xorg fine if thats what you are meaning 2. anything secure is um restrictive. im not sure what dynamic is mean to mean here but a secure tunnel is required of some sort
<switchgrl> i want TOTAL flexability
<twb> simplexio: you either need a VPN, or AFS.
<FireCrotch> switchgrl: as long as the address of the machine where you actually store your files doesn't change, there would be no problem
<simplexio> offcourse you need to have public ip addrs
<flaccid> you do realise that an ip address doesn't really have anything to do with encryption
<twb> NFS and CIFS aren't safe to run over the public internet.
<flaccid> switchgrl: total flexibility = a vpn.
<switchgrl> yes but so that it syncs with my server so my files are synced etc and that way i can avoid data loss if it were to get stolen
<simplexio> twb: have you experince from afs ? if y, is it "better" than nfs for small office use
<flaccid> switchgrl: 1. openvpn 2. rsync. 3. done.
<twb> simplexio: afs isn't worth the effort for a small office
<simplexio> switchgrl: in that case read about rsync . if you want to have teo copies allways
<twb> simplexio: I looked at it for a secure network, but I ran out of budget and went with NFSv3 :-(
<twb> simplexio: hcoop runs it, and they seem to like it
<simplexio> twb: nfs is very good if it works, i had some strange problems with it, but i tried to get it to max speed
<flaccid> so dynamic dns on the client with a low TTL switchgrl and then connect between the two points however you want.
<simplexio> twb: afs seemed that it need alot work to get right
<twb> simplexio: yep
<X-Seti> Servers still up, nice, I guess what ever happen, didnt feel like hacking me today
<X-Seti> or fail2ban worked :D
<twb> fail2ban blows
<twb> -m recent
<_ruben> how is -m recent gonna see traffic is legit or not?
<twb> Of course, the REAL solution is to disable password auth, and to restrict connections to a whitelist of user@host tuples.
<alvin> From the ubuntu-server documentation on LDAP: 'The installation process will prompt you for the LDAP directory admin password and confirmation'.
<alvin> Problem is: it didn't and $ sudo dpkg-reconfigure slapd doesn't either.
<twb> _ruben: it doesn't distinguish between attackers and legitimate users, if the legitimate users need more than N attempts to connect.
<alvin> Ah, this is apparently bug #447099. Well, how do I report wrong documentation in the Ubuntu Server Guide?
<uvirtbot> Launchpad bug 447099 in openldap "No password set on install of slapd-2.4.18-0ubuntu1" [Undecided,Invalid] https://launchpad.net/bugs/447099
<alvin> Can I just post that in the bug report?
<twb> alvin: you can put anything in a bug report.
<alvin> twb: Yes, but is it the right place to talk about documentation errors?
<twb> I'm not sure.
<twb> The ubuntu server guide probably has a package within the archive -- if so, you'd report the bug against that package.
<twb> wiki.ubuntu.com is probably a different matter, but I don't know.
<_ruben> damn .. make-kpkg of 2.6.31.6 took 2.5 hrs (vm with 4 vcpus and 8gigs of ram)
<alvin> It's the official server guide. I'll just ask in the bug. If it needs to be linked to that package, someone with more experience can do it.
<twb> _ruben: how many binaries did it make?!
<twb> alvin: yeah -- worst case is that someone will reassign the bug
<_ruben> hmm .. the .deb is 366MB .. that cant be good :p
<twb> _ruben: isn't make-kpkg deprecated anyway?
<twb> Some new thing with initials like "dkms" or "dkipo" or something
<twb> I wasn't listening because rolling my own kernels is such a waste of time
<_ruben> dkms is for modules .. and i did go for the new style first, but that resulted in "broken" kernels (lvm not working on boot) .. so i thought i'd give make-kpkg a go
<twb> _ruben: I presume there's a reason you can't use stock kernels?
<_ruben> yeah .. some minor performance patches related to (iscsi-)scst
<_ruben> bah .. guess there's some sort of problem with hardy and recent kernels .. this kernels seems to be having troubles with lvm as well
<twb> Oh, you're trying to deploy a .30 on hardy?
<twb> I wouldn't be surprised if there's a kernel vs. userspace conflict doing that
<_ruben> lets try a mainline build
<twb> You know, stuff like "we decided not to support hal anymore"
<twb> _ruben: I'm curious; are you actually using SCSI disks in your iSCSI deployment?
<twb> I haven't dealt with that space, but I would've assume AoE or nbd
<_ruben> twb: but sata and sas
<_ruben> s/but/both/
<twb> Heh.  "The AoE specification is 12 pages^[1] compared with iSCSI's 257 pages^[2]."
<_ruben> nice :p
<twb> The only plus in iscsi's favour appears to be its ability to be routed (i.e. go between networks)
<_ruben> hmm .. guess i'll either have to run with a stock hardy kernel, or use jaunty for instance on this san
<_ruben> eeew .. you really dont what that
<_ruben> 1gig switched network is as far as you should stretch it :)
<_ruben> hmm .. mainline build of 2.6.31.6 has the same lvm problem :/
<flaccid> gtg
<alvin> _ruben: What lvm problem? I have encountered lots of those in the past, but lvm on jaunty and karmic looks good. What are you trying to do?
<twb> alvin: first, he's on hardy
<_ruben> alvin: run a recent kernel on hardy :)
<twb> _ruben: what is the LVM issue, precisely?
<_ruben> the initramfs not finding the lvm
<_ruben> it finds the disks .. then waits a while for the lvm to appear, but doesnt show up
<_ruben> bbiab .. lunch
<twb> _ruben: what is root= set to in the bootloader?
<alvin> _ruben: Do you use a separate /boot ?
<_ruben> alvin: yeah
<j^> hi, https://help.ubuntu.com/9.10/serverguide/C/jeos-and-vmbuilder.html mentions one should copy the templates to VMBuilder/plugins/libvirt/templates/ how are they used though?
<switchgrl> i'm not running a web server do i need DNS or LAMP
<switchgrl> ?
<_ruben> switchgrl: how would we know what you need?
<switchgrl> _what are they?
<_ruben> DNS = Domain Name System = protocol used to translate between hostnames and ip addresses ... LAMP = Linux+Apache+MySQL=PHP = complete webserver stack
<switchgrl> ok so no
<alvin> _ruben: If you are using a separate /boot, maybe this is your problem: bug #462961. It's in the release notes.
<uvirtbot> Launchpad bug 462961 in grub2 "auto-resize install renders previous system with separate /boot unbootable" [Medium,Fix released] https://launchpad.net/bugs/462961
<alvin> j^: The example in the server guide is for using bridged networking. It is adviseable to copy it, in order to have good network settings.
<alvin> ruben_: Ah, you're on hardy. That bug does not apply there.
<j^> alvin, yes, but it does not explain how to use the copied version
<alvin> j^: Let me see. I thought it did.
<_ruben> alvin: nor did i use auto-resize :)
<alvin> _ruben: Oh, but the bug also happens on fresh installes. The description isn't entirely correct.
<alvin> _ruben: (I didn't read the release notes and all upgrades and fresh installs had trouble booting.
<alvin> j^: You're right. It doesn't say how to use it. Maybe you just need to have VMBuilder/plugins/libvirt/templates/libvirtxml.tmpl in your working directory.
<j^> that did not work
<j^> also tried adding --template with some parts of the paths
<alvin> Otherwise, try --templates=VMBuilder/plugins/libvirt/templates/libvirtxml.tmpl
<alvin> well, --templates=VMBuilder/plugins/libvirt/templates
<j^>   --templates=DIR       Prepend DIR to template search path.
<j^> tried that, still used /etc
<alvin> j^: Yes, that.
<alvin> hmm
<j^> might have to add . to the path
<alvin> In some old documentation, I used -c vmbuilder.cfg. That vmbuilder.cfg file contained templates = DIR
<alvin> I noticed the default template in /etc/vmbuilder/libvirt/ now uses bridging (The ubuntu server guide has the wrong information here). Only, it doesn't work. Your virtual machine will end up with <source network='virb%'> or something.
<j^> alvin, yes, but i need another setup so i still need to modify the templates, can also modify in /etc just wanted to follow the guide
<alvin> j^: So, is --templates=DIR working for you?
<j^> no
<alvin> Not good
<alvin> ok, there already were some bugs about missing ldap documentation. That's good.
<pipedream> [6~
<heath_> Hello, I am running some virts but have a ufw running. How do I get traffic to be allowed to go to the virts, but not my server
<Jeeves_> heath_: ebtables?
<heath_> I have tried ufw allow to 192.168.2.40 port 10000
<Jeeves_> heath_: Or aren't you using bridge networking?
<heath_> Is it not possible with ufw commands?
<heath_> Jeeves_, I am using bridge networking
<Jeeves_> heath_: On which interfaces are you applying ufw?
<heath_> I'm not sure how to just apply it to a single interface. Right now it is applied to all of them I guess. I can't establish a connection to any address unless I disable ufw
<gamla_kossan> hi people
<gamla_kossan> I'm trying to install ubuntu as a guest on my kvm host
<gamla_kossan> but after installation and reboot I get "Boot failed, not a bootable disk"
<gamla_kossan> anyone have a clue what's up?
<Jeeves_> gamla_kossan: How are you creating the vm?
<gamla_kossan> with virt-manager
<gamla_kossan> (on a rhel host)
<heath_> what's the boot dev set to?
<gamla_kossan> hard disk
<gamla_kossan> (well, virtual disk)
<heath_> should I be specifying br0 in the rules? or the eth?
<heath_> gamla_kossan, qcow2 formats?
<Jeeves_> heath_: I'm not sure..
<gamla_kossan> heath_: huh?
<heath_> gamla_kossan, your virt disk format
<gamla_kossan> oh, how do I check that?
<heath_> gamla_kossan, I am unfamiliar with rhel, but the xml file ubuntu generates that defines your machines are in /etc/libvirt/qemu/<name of host>.xml
<gamla_kossan> right
<heath_> and I am not sure where your images are being stores
<heath_> stored**
<gamla_kossan> hmm, but this is a kvm host, not qemu
<alvin> gamla_kossan: Try $ file /var/lib/libvirt/images/*
<gamla_kossan> root@flanders:/var/lib/libvirt/images# file poochie2.img
<gamla_kossan> poochie2.img: data
<gamla_kossan> =)
<alvin> Just 'data'? That's weird. I expected qcow2 or raw
<heath_> for anyone how cares... you have to enable DEFAULT_FORWARD_POLICY="ACCEPT" in /etc/default/ufw to allow your virts to receive traffic
<heath_> birdged virts anyway
<nijaba> ivoks: https://bugs.launchpad.net/ubuntu/+source/initramfs-tools/+bug/328550
<uvirtbot> Launchpad bug 328550 in initramfs-tools "qla2xxx takes ~one minute to initialize per device" [High,Fix released]
<nijaba> ivoks: worth a read )
<ivoks> and comment ;)
<nijaba> ivoks: keepalived?
<ivoks> yes, that's one
<ivoks> nijaba: i was reading the bug report and wasn't concentrated on the discussion :/
<nijaba> ivoks: looks like it is main already anyway
<ivoks> it is
<ivoks> but i'm not sure it's on CD
<Doonz> Hey does anyone here have any experience wiht setting up a server with LSI Megaraid 8308ELP raid cards in it?
<ivoks> Having a different policy for server kernel, imho, is the right approach. There will, most probably, be other issues. And I'm sure we could fine tune server and desktop with different sysctl setup.
<nijaba> ivoks: yep. and it sounds like the kernel team is now aware of that, as well as the qa team, so it is progressing
<Dream-Ubu> hello, im looking into making my first server :) i have end user experiance of ubuntu and im woundering if anyone can answer a few questions ^^
<epinky> !ask | Dream-Ubu
<Dream-Ubu> i know
<Dream-Ubu> dont ask to ask
<ubott2> Dream-Ubu: Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-)
<Dream-Ubu> i said it to see if people where alive
<Dream-Ubu> right - how do i set an internal static ip, and find the ip address so i can access it on an external network
<Dream-Ubu> erm, what else was there, what utility would i neeed to manage the server becuase it would have no GUI
<epinky> Dream-Ubu: you mean some kind of DNAT?
<Dream-Ubu> if i had a 5 drive set up how would i stop it using the OS drive as storage
<Dream-Ubu> DNAT?
<Dream-Ubu> !DNAT
<ubottu> Sorry, I don't know anything about DNAT
<Dream-Ubu> ah ok
<Dream-Ubu> erm, well a static IP address that i can give a domain to
<epinky> Dream-Ubu: your 5 drives are on RAID or LVM?, if yes, use apropiate commands to dettach it, if not cleaning fstab, powering down and remove it physically  should suffice.
<Dream-Ubu> well the 4 storage drives would be in RAID
<Dream-Ubu> probs raid 1 - all sata on a raid card witch makes it easier
<kaushal> hi
<kaushal> is this the right channel to discuss about automated ubuntu installation using kickstart ?
<jcastro_> nope
<jcastro_> one sec
<jcastro_> https://wiki.ubuntu.com/UDS-L/RemoteParticipation
<jcastro_> kaushal: ^^
<kaushal> jcastro_, bit confused
<kaushal> i have issues while performing kickstart ubuntu installation
<kaushal> i dont see anything in that wiki link
<jcastro_> kaushal: OH
<jcastro_> I thought you wanted to participate in the server track at our developer summit
<kaushal> nope
<jcastro_> yes, you're in the right place
<arthurjohnson> Okay, damnit, this is pissing me off to no end
<kaushal> let me pastebin it
<arthurjohnson> how do I get Grub to boot automatically.
<arthurjohnson> I power cycled a machine hard, locked up, and grub didn't boot automatically.
<arthurjohnson> Ubuntu 9.10
<nijaba> kaushal: http://www.ubuntu.com/products/whitepapers
<nijaba> kaushal: I have written a wp on the subject that should help you and is published at the above url
<kaushal> nijaba, great
<kaushal> http://paste.ubuntu.com/322522/
<arthurjohnson> What the hell is up with this: if recordfail = 1 timeout -1?!?!?
<arthurjohnson> I certainly hope that isn't the case with servers
<arthurjohnson> Sometimes you have to power cycle a machine, for whatever reason, and your server isn't going to boot if you do.
<JJman> what should my ownership be so that i can upload files to my web directory?  i keep getting permission denied when i tried to upload files or overright files via sftp.
<JJman> i've got files in web dir set to root.www-data
<JJman> i've added users to the www-data group but still those users get permission denied when trying to upload files
<epinky> JJman: 770 on /var/www ?
<JJman> 766 looks like
<kaushal> nijaba, any clue ?
<JJman> epinky:  sorry no its set to 755
<arthurjohnson> Fixed grub2.  Found where to comment them out from here:  http://ubuntuforums.org/showthread.php?t=1195275
<arthurjohnson> It would have been bad to power cycle this server remotely, and have it stop on the grub menu.
<epinky> JJman: sudo chmod -R 755 /var/www
<epinky> JJman: sudo chmod -R 775 /var/www, sry
<JJman> still doesn't  let me upload files to /var/www
<kaushal> jcastro_,  http://paste.ubuntu.com/322522/
<JJman> /var/www is owned by root.root
<JJman> shouldn't it be in the www-data group?  root.www-data for /var/www
<epinky> chown -R root:www-data /var/www
<epinky> sudo chown -R root:www-data /var/www
<JJman> but is that right?
<JJman> i assume the www-data group should be able to access /var/www
<JJman> woot ok that lets me upload now.
<JJman> thx
<epinky> :) , you're welcome
<epinky> JJman: one more thing, maybe you should take a look at Sticky bit and Jail concepts, good luck
<JJman> never heard of.  can u direct me to some info
<epinky> JJman: just google for them :) , there's a plenty of info about that
<JJman> k'
<spirits-sight> Wondering right now the way my server is setup it has a user called root (I don't even do the sudo) its the way linode has it to start the person running the linode has to change stuff, well I would like to have both domain be only allowed to access their own directoris, how can I do this?
<Dream-Ubu> hm, epinky would it help if i said what use i want it for and then you tell me what the best route would be?
<spirits-sight> hi epinky, how are you? I got it all working I did a reinstall and then did the guide a little different and now it appears to be working
<kaushal> nijaba, checking in again for my query ?
<nijaba> kaushal: your query?
<kaushal> http://paste.ubuntu.com/322522/
<Doonz> Hey does anyone here have any experience wiht setting up a server with LSI Megaraid 8308ELP raid cards in it?
<nijaba> kaushal: you would have to create your own iso, or base your install on the dvd
<kaushal> ok
<kaushal> nijaba, any other workaround for that particular issue ?
<nijaba> kaushal: do a network install instead of a cd install
<kaushal> I believe you are not clear with my issue ?
<kaushal> I am using automated installation over http method
<nijaba> kaushal: you did write "The CD ISO image do not have universe repository :-(  Is there a way to handle this situation?" in pastebin, so I am a bit confused
<kaushal> ah ok
<nijaba> kaushal: in a network install, nothing should prevent you from install package coming from universe
<nijaba> kaushal: just make sure you are mirroring universe
<nijaba> kaushal: I have a section about this in my wp
<kaushal> ok
<epinky> Dream-Ubu: that's right
<kaushal> nijaba, how can i populate http://archive.ubuntu.com/ubuntu/pool/multiverse/ in my pxe server ?
<kaushal> and also http://archive.ubuntu.com/ubuntu/pool/universe/ in my pxe server ?
<kaushal> I have created using the CD image
<kaushal> I mean how can i mirror universe and multiverse repository into my pxe server ?
<Dream-Ubu> right im back, ok use for this server would be a basic storage and website (passworded access to storage) its only an atom PC so it cant be too overloaded
<epinky> Dream-Ubu: ok, and ...
<Dream-Ubu> basicly a personal cloud
<Dream-Ubu> just need to know what the best set up for 4 harddrives and how to stop it accessing the OS drive
<Dream-Ubu> that, and static IP
<Dream-Ubu> stop is access the os drive n using it for storage
<epinky> Dream-Ubu: can you explain better that "access the os drive" ?
<Dream-Ubu> ok, i want to close off the OS(operating system) drive so it wont use it to store data, i want it to use the 4 drives
<Dream-Ubu> make sense?
<Dream-Ubu> like, if i was in a box, i dont want anything except me in it, im the os, i want frogs in box 1 and eggs in box 2 and so on, i dont want anything with me ^^
 * Dream-Ubu removes last comment
<epinky> mmmm, then /var should go on a partition on the other 4 disk array, you'll have to separate /var and mount OS drive where all system stuff like /etc  and configuration things as read only
<Dream-Ubu> ok
<Dream-Ubu> quick question, is it more hastle than its worth?
<epinky> Dream-Ubu: it's worth but for NAS I'll use other type of software :) (maybe FreeNAS), but it's just my opinion :D
<Dream-Ubu> its not for network, its for external connections also
<Dream-Ubu> if i wanted network i'd plug a external hdd into my bthomehub
<Dream-Ubu> nas*
<Dream-Ubu> thats why i want a static IP to give a domain to :P
<epinky> Dream-Ubu: you can always use some Ubuntu router box to redirect (DNAT) to your local infrastructure :)
<Dream-Ubu> erm, confused now :)
<Dream-Ubu> long day today so far
<Dream-Ubu> by the way, hello :)
<epinky> EHLO Dream-Ubu
<Dream-Ubu> ok, this will make it easier for me ^^ and, this is the only bad bit to my idea, its going to be a wifid server
<Dream-Ubu> i dont want to trail a wire upto the attick
<Dream-Ubu> so, the motherboard is intel littlefalls2, (atom 330) 2gb ram - 4x250gb harddrives connected to a PCI card
<Dream-Ubu> optional raid if i want it
<epinky> Dream-Ubu: you can use CPL, using electrical network :) , it's better wired that wireless
<Dream-Ubu> yeah, i didnt spend 3 days convincing my dad to make this house wireless to only go n put a wire in
<Dream-Ubu> benafit is, it'll have a dedicated wifi network as we have 2, perfect for testing i can access it externaly
<Doonz> Hey does anyone here have any experience wiht setting up a server with LSI Megaraid 8308ELP raid cards in it?
<epinky> Doonz: afaik there's only one driver for MegaSAS and it's for debian, maybe if you'd try
<Doonz> epinky: now i would only need the driver if i was going to install ubuntu onto the raid array correct?
<epinky> Doonz: yes, that's it, but as I told you I don't know of any driver for your 8308ELP. There's only one for SAS and it's for Debian
<Doonz> ok so if i was running the os portion of my install off of a 250gb drive and then had 2 raid cards. i should be able to see the raid arrays in ubuntu to mount correct?
<epinky> Doonz: mmm, raid cards it's hardware-RAID, then you need drivers, if it was software-RAID Ubuntu will make just fine
<Doonz> hmm thats strange ubuntu wouldnt just support the card
<copprtop99> Good day. I am using ubuntu server 8.04LT and am looking for a way to have install NOT use UUIDS during installation. Any ideas?
<copprtop99> I am using... (did that get cut off?)
<copprtop99> 8.04LT and am looking for a way to have install NOT use UUIDS during installation. Any ideas?
<LilJohn> hello
<LilJohn> are there any firewall gurus out there?
<LilJohn> preferably ufw gurus
<LilJohn> i need some help setting up ip masquerading for pptpd vpn
<Dream-Ubu> how do i make an server with a user system? like you would have had in your school?
<Dream-Ubu> username, password and a set space
<bventura> Dream: install ubuntu server, set up a static IP or hostname and then install ssh, and add user accounts
<bventura> (install an ssh server, I should have said)
<LilJohn> are there any ufw gurus out there that can help me setup ip masquerading for vpn?
<jdstrand> LilJohn: I suggest reading http://manpages.ubuntu.com/manpages/karmic/en/man8/ufw-framework.8.html
<Dream-Ubu> bventura - would it (if i make it right) allow me to log in from another internet connection?
<LilJohn_> dream: yes it would
<Dream-Ubu> woo! brill :P
<Dream-Ubu> dont know why i want to try it - erm - how would i make a passworded private cloud? thats linked to a domain name
<uvirtbot> New bug: #484617 in backuppc (main) "package backuppc 3.1.0-6ubuntu4 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Low,Incomplete] https://launchpad.net/bugs/484617
<LilJohn_> jdstrand: thanks i have tried i have tried something similar to that but it sitll didnt work, i'll try it again
<LilJohn_> couls any one explain to me how the 10.0.0.0/8 notation works?
<epinky> LilJohn_: that's CIDR notation, it means netmask 255.0.0.0
<LilJohn_> ah ok so 10.0.0.0/24 means 255.255.255.0?
<epinky> LilJohn_: yep, that's it :)
<LilJohn_> ok that helps
<LilJohn_> ohhhh sweet
<LilJohn_> that got it
<LilJohn_> it was a stupid subnet issue
<LilJohn_> thanks all who helped
<bventura> Dream-Ubu: sorry i was having lunch, if you're still there, yes you can access your server from another location on the internet, but you need to configure that on the network that the server is on.  YOu'll have to port-forward the ssh port (22) from your router (if you have one) to the server
<bventura> this is a major security hole tho, make sure to use good password, VPN is better way to go
<Dream-Ubu> thanks - i cant make up my mind what i want to make at the moment
<bventura> as for the cloud, you can set up on ubuntu but it's a lot to get into, better check the ubuntu server guide
<bventura> hehee
<bventura> try installing openVPN for secure access, also try setting up DNS and a mail server, that'll keep you busy for a while
<Dream-Ubu> thats something for me to do his week end
<bventura> nice
<Dream-Ubu> if my tutor gives me my fricked HDD back >_<
<bventura> hey another really cool project is virtualization if your CPU support it, very fun to use virtualization for a testing/learning enironment
<Dream-Ubu> well, its an atom, i highly doupt it will :P
<smcquay> I just installed a Eucalyptus cloud controller, with a handful of node controllers, and, following along here: https://help.ubuntu.com/community/UEC/CDInstall, it fails on step 4: register nodes. Is there a known issue with the karmic server images?
<Dream-Ubu> smcwuay was that aimed to me?
<smcquay> Dream-Ubu: no, it was just a general question. I just downloaded, burned, and installed the image on a few nodes on my system, and it fails to add the NC to the CC. I'm not sure that it's a Eucalyptus question since it seems as though something went wrong on the server image instal
<Dream-Ubu> oh i thaught it was a statement not a question >_< didnt read the "?"
<Dream-Ubu> and i read it as there is not "is there"
<smcquay> No, i was wondering if anyone else was stuck at that point.
<smcquay> also, it asks me a question about the NIC setup after it tells me to eject the cd and reboot. very suspect.
<kane_> anyone seen chuck around? trying to find him but no luck :(
<Fenix|work> Greetings and salutations.  I'd like to create a mount point to /var/log on a really big disk, but am unsure of how this will affect logging on startup.  Will boot logs be in the mounted /var/log, or in the directory /var/log on the boot disk?
<Dream-Ubu> !openVPN
<ubottu> OpenVPN is a vpn technology in Ubuntu, sudo apt-get install openvpn and then see http://openvpn.net/ and see the documentation "HOWTO" noting you have already installed it. ;-) It rocks!
<Dream-Ubu> virtual private nameserver :P?
<Dream-Ubu> aaah
<Dream-Ubu> nice ^^ prestalled openvpn
<epinky> Fenix|work: only /var/log ? modify fstab and you're done
<Fenix|work> epinky, so then boot logs will be on the mounted disk then.
<epinky> Fenix|work: yep, don't forget to move your old logs, and remove that directory from "boot disk"
<Fenix|work> Umm, isn't that directory needed for the new disk to mount to?
<epinky> Fenix|work: yes but it has to be on your big disk(as a mount point on /etc/fstab)
<bventura> raid ?: are there drawbacks to installing an entire linux system on a RAID1 mirror?  should the system be on a 3rd non-RAID drive, and only the data (/home, /var) on the RAID?  will the system perform better if only the data is on RAID1 and the rest of system on non-RAID1
<epinky> bventura: if you have a third drive then just use RAID 5
<bventura> i'll try it, i've been practicing on virtual machines hehee.. gearing up to buy the real hardware
<bventura> the reason I ask is that I am replacing 2 servers that were set up like that, 3 disks, 1 system disk and 2 raid1 with data,, and I want to understand why it was set up like that
<bventura> predecessor at work did it and i'm not sure why
<bventura> so far i'm really impressed with md and LVM seems like really cool stuff very easy
<Doorman352> bventura: Keep in mind that raid 5 and the like are suceptible to controller failures and then the data is very difficult to recover...... so raid still requires regular backups.
<bventura> right - i've got backuppc on the case
<Doorman352> I learned this the hard way......
<bventura> ouch
<Doorman352> Wife is speaking to me again.
<bventura> hehee
<epinky> backups saved in geographically different locations is also adviced :)
<bventura_> epinky, i want to set that up but not sure how, the data is too big to copy over internet
<bventura_> external drive?  tape?
<Doorman352> her mobo did raid 5, so I did it thinking it's bullet proof. Mobo died, and the data on the drives as well..... Abit wouldn't even answer my e-mails for compatible replacement controller.....
<bventura_> yikes
<Doorman352> now we do raid 1, and multiple sets........
<bventura_> do you put the whole system on the raid1, or just the data?
<simplexio> thats why i have gone to software raid in cheap setups, if you dont have money to get 2 or more real raid controller when setupping box, you should do software raid
<Doorman352> I sould tell you I'm new to Ubuntu, but I usually place everything I value on the RAID 1 set, and go with single drives for info like and OS, etc that I backup and store elsewhere.
<bventura_> ok
<bventura_> yeah that's how i've been planning on setting up but i'm not really sure why, just because the old server set up that way
<Doorman352> I used to think I was smarter, now I know my limits...... or so my wife tells me ;)
<bventura_> hehee
<simplexio> how much basic server setuo takes from hd with bzip ? 100M, 200M. its fast and easyt o replace if disk dies, but some production data is allways impossible to replace
<bventura_> awful quiet in here... anyone working on any fun projects?
<ziesemer> Any experts on FreeRADIUS here?
<ivoks> experts is a big word
<qman__> I'm having a little trouble with iptables...specifying multiple ports in a rule via "--dport 80,443" is not working, while doing something like "--dport 80:443" is
<ziesemer> I'd like to use FreeRADIUS for wireless authentication.  Trying to figure out if there is a way to associate the user accounts with the system user accounts.  I.E., if I disable their system account, their wireless access is also disabled.
<qman__> is there some other syntax, or something I need to enable to get comma separated port numbers working?
<ivoks> ziesemer: hardly
<ziesemer> qman__:  I've just always had to run seperate ports as 2 different rules.
<ivoks> http://freeradius.org/pam_radius_auth/
<qman__> that syntax is _supposed_ to work, but isn't
<qman__> my dilemma is that I need a not rule
<qman__> otherwise I'd just use two rules
<ivoks> ups... no, that's not it
<ivoks> ziesemer: you can set up freeradius to use PAM for auth
<ivoks> ziesemer: and if you lock an account (passwd -l account), it won't be able to authenticate
<ivoks> problem is that your wifi client must send cleartext password to freeradius
<ivoks> you do understand why is that?
<qman__> another problem, my server is not executing my .bashrc on login
<qman__> but running '/bin/bash' does it
<ziesemer> Yes.  Hope to use certificates there, but that's a different issue.
<qman__> bash is most definitely my shell
<ivoks> Auth-Type pam {
<ivoks>                 pam
<ivoks>         }
<ivoks> anyway, i'm off
<ziesemer> Using PAM, FreeRADIUS would then use the same authentication as the server - whether that be /etc/passwd or LDAP?
<ivoks> take care
<ziesemer> thx
<ivoks> ziesemer: should be right, yes
<ivoks> you could also make pam to use both shadow and ldap
<ivoks> s/pam/freeradius/
<ivoks> or even pam, passwd and ldap :D
<ziesemer> Thanks.  Gives me something to start with!
<ivoks> look at 'authenticate' in configs
<ivoks> bye all
<ziesemer> qman__, I don't see the comma-separated syntax in the man for iptables.
<ziesemer> I'd just set my default policies to DENY, then my allow as 2 different rules.
<qman__> this isn't actually for a firewall
<qman__> it's for bandwidth shaping
<qman__> my front end firewall is all set
<qman__> I want to throttle everything that isn't web traffic to one speed
<qman__> and throttle web traffic to another speed
<qman__> though I suppose reordering the rules should work
#ubuntu-server 2009-11-20
<qman__> ah, got it all working
<qman__> turns out the main problem I was having was a typo in my root qdisc
<qman__> had handle 1: instead of handle 1:0
<qman__> mucked everything up
<glauber> hi guys. I have 2 servers and a shared sas storage. I'd like to create a cluster between both servers to have some VMs and put its disk in the sas storage using a clustered FS. Should I use ubuntu+Xen+ ... ? Does UEC apply to my case? (I'm new to cluster stuff, sorry if I'm doing conceptual mistakes).
<smcquay> Does UEC work?
<smcquay> I've had horrible luck trying to install a private cloud. Currently stuck on step 4 of 7 on the UEC CDInstall instructions. It fails trying to discover nodes with some pythonic error that yields very little on google. Does anyone know what to do for this error: Failed to resolve service 'x07' of type '_eucalyptus._tcp' in domain 'local': Timeout reached ??
<glauber> smcquay, I guess UEC is not for my case. just 2 xen dom0 in a cluster would solve my case, I guess
<smcquay> glauber: that sounds reasonable
<glauber> smcquay I was trying debian, but I could not get ocfs to work..
<oh_noes> I put dir,syncdir in my / mount options in /etc/fstab ... is this enough to turn off Write Caching on the root partition?
<oh_noes> I still get "Assuming Drive Write Cache" when 8.04.3 boots.
<maxagaz> hi
<maxagaz> how to change the home folder path ?
<maxagaz> for a given user
<oh_noes> vi /etc/passwd
<maxagaz> ok, it has to be done manually
<maxagaz> some people think ftp should die, but what can replace it ?
<owh> ssh
<twb> maxagaz: SFTP (for rw) and HTTP (for ro)
<maxagaz> owh, ssh looks too dangerous
<owh> maxagaz: Too dangerous for what?
<maxagaz> owh, to dangerous to give someone rw access to one directory only
<maxagaz> owh, but i probably don't understand it enough
<maxagaz> owh, is possible to restrain the access to one directory ?
<maxagaz> and its subdirs
<twb> maxagaz: ssh receives far more security scrutiny than a typical FTP daemon
<owh> maxagaz: That statement makes no sense. ssh is a mechanism to transport information across the Internet in an encrypted fashion. SFTP uses ssh to transport FTP commands across the net. You don't need to give shell access to a user.
<twb> maxagaz: locking it down is very well understood, because openssh is widely used
<twb> And as owh says, you can hand out SFTP access without giving full shell access.
<maxagaz> twb, interesting, i didn't know that...
<xperia2> hello to all. i am having trouble installing the newest postfixadmin from sourceforge.
<xperia2> get downloaded it with
<xperia2> sudo wget http://downloads.sourceforge.net/project/postfixadmin/postfixadmin/postfixadmin_2.3_all.deb?use_mirror=garr
<xperia2> and wanted to install it with
<xperia2> dpkg -i postfixadmin_2.3_all.deb
<xperia2> bit it stop with the error message
<xperia2> dpkg: Error ....
<xperia2> anybody know how to install the newest postfixadmin ?
<owh> xperia2: Is this package specific to your version of Ubuntu?
<xperia2> it is not a specific version for ubuntu. i am following this wiki help article here
<xperia2> https://help.ubuntu.com/community/PostfixCompleteVirtualMailSystemHowto#Enhanced%20Mail%20Services
<xperia2> that advice me to do this
<xperia2> normally it should work as written in the wiki page
<xperia2> too pitiy that this package is not in the ubuntu repositorys. it would be great to have this in the reps for upgrading later the system full
<owh> Have you lodged a packaging request for it?
<twb> xperia2: installing third-party packages is very strongly discouraged.
<xperia2> never heared about this how to do it ! do you have a link or similar ?
<twb> Because they are not subject to the same quality control as official Ubuntu packages.
<xperia2> twb: i understand but from my side of view this package should be in the repositority as it is very helpfull
<xperia2> the only possibility at the moment to use it is installing it as external package
<twb> xperia2: the alternative would be to learn how to manage postfix directly.
<twb> But as owh says, you can also file a Request for Package bug.
<qman__> xperia2, that tutorial refers to a version that is considerably out of date
<owh> xperia2: You could download the source and compile it from source, but since you didn't tell us what the actual error is, there is little we can do from here. As twb says, it's strongly discouraged to install external software - to the point where we probably won't give you actual support.
<qman__> did you check universe/multiverse to see if it's been packaged?
<twb> http://hpaste.org/fastcgi/hpaste.fcgi/view?id=12449#a12449
<twb> Not nearly as bad as webmin's third-party .deb, but it's still clear that they don't really know what they're doing.
<twb> qman__: I did; it hasn't.  It's a PHP/MySQL web app for managing postfix/main.cf, so it's hardly surprising that nobody wants to package it.
<qman__> ah
<xperia2> well postfix looks really very helpfull especially when it comes to mysql backed postfix solution.
<xperia2> http://postfixadmin.sourceforge.net/
<xperia2> have installed now the older version as i need it.
<xperia2> will look to create a package request for this application if nobody till yet has created
<xperia2> first however i need to update the wiki page as the version is heavy outdated
<twb> I have hosts with heterogeneous disk sizes.
<twb> I wish to lvextend /dev/mapper/foo-bar on all these hosts, to use up all remaining PFree
<twb> Can I specify --size in terms of pfree?
<twb> Ah, --extents 100%FREE
<maxagaz> twb, how to make restriction with ssh so that a user can only browse its folder ?
<twb> maxagaz: talk to #openssh
<maxagaz> twb, ok
<twb> maxagaz: it should mostly be covered by the sshd_config manpage
<xperia2> okay gug is now allso filled up at launchpad !
<xperia2> https://bugs.launchpad.net/ubuntu/+bug/485645
<uvirtbot> Launchpad bug 485645 in ubuntu "[needs-packaging] postfixadmin" [Undecided,New]
<xperia2> :-)
<spirits-sight> OK, I have two user account I would like them to control the directory that are connect to their domain, how would I do this?
<qman__> I can't get my traffic shaping to work right--upload throttling is working, but download throttling isn't. Here's my script: http://pastebin.com/m42db8842
<qman__> output of tc show commands indicate no packets are being sent to the 1:10 class
<maxagaz> how to allow a user to browse only his folder ?
<twb> maxagaz: in what?
<maxagaz> twb, in his home folder
<twb> maxagaz: I mean, in what service?
<maxagaz> twb, i'm still on my ssh problem, but it seems it's not a ssh problem
<twb> maxagaz: in SFTP, then?  Or full ssh?
<twb> maxagaz: did you ask the #openssh people about it?
<maxagaz> twb, i just want to allow this user to scp or ssh to his folder but I don't want him to see anything else
<twb> So you *do* want to allow full SSH, not just SFTP
<maxagaz> twb, i don't really understand sftp
<maxagaz> twb, do i have to install something else than openssh-server to do sftp ?
<twb> openssh-server includes sftp
<maxagaz> twb, actually i need someone to send some files on my server regularly, that's all
<maxagaz> so, sftp looks the good solution if it allows this only
<twb> maxagaz: do you need normal ssh to work, too?
<maxagaz> no
<twb> That is, does any user (including yourself) need to ssh into the box?
<maxagaz> not those users
<maxagaz> i need to ssh into the box
<twb> OK
<maxagaz> but some users (all belonging to the same group) can only send files to the server
<qman__> I tackled that situation by creating a jail for those users with jailkit
<twb> You need to write a Match block in your sshd_config, which has ForceCommand internal-sftp and ChrootDirectory /srv/pub or /home/fred or similar
<maxagaz> I put them in: /opt/my_special_users/
<twb> qman__: openssh-server handles the jailing internally -- and best of all, requires no libraries or anything inside the chroot
<maxagaz> i mean their home folder
<qman__> nice
<twb> qman__: apparently this is a relatively recent development in openssh-server
<qman__> yeah, it certainly didn't exist when I was addressing it
<qman__> hence the somewhat complex jailkit setup
<qman__> ah
<qman__> it was added circa april 2008
<qman__> last time I did it was in 2007
<maxagaz> twb, i'm in the sshd_config file, can you please teach me how to do this for the group ? i'm not sure to understand...
<twb> maxagaz: you want (at the bottom of the file) something like (untested): Match User fred \n ForceCommand internal-sftp \n ChrootDirectory /srv/pub
<twb> qman__: if your sshd_config mentions internal-sftp, you should have it.
<maxagaz> twb, what if I want to do it with two users ? Just add another block ? Nothing tells ssh when the block ends ?
<twb> As sshd_config says, the match block ends at the end of the file, or at the start of a new Match block
<twb> It looks like you can say "Match User alice, bob" or something, but I haven't checked.
<twb> Obviously you will test this before placing it in production...
<kaushal> hi
<kaushal> i get Nov 19 22:55:22 host0104 kernel: [19938.001554] program smartctl is using a deprecated SCSI ioctl, please convert it to SG_IO
<kaushal> Nov 19 22:55:22 host0104 kernel: [19938.002814] 3w-9xxx: scsi0: ERROR: (0x03:0x0101): Invalid command opcode:opcode=0x80.
<kaushal> on ubuntu hardy server
<kaushal> Any clue ?
<twb> kaushal: safe to ignore, I think
<qman__> kaushal, if you're not experiencing any problems, the errors are safe to ignore
<qman__> make sure that smartctl is doing what you want
<kaushal> ok
<kaushal> but the system is unstable
<kaushal> qman__: how do i use smartctl to fix the above issue ?
<qman__> the first error is regarding smartctl; if smartctl is working properly, it can be safely ignored
<qman__> the second is likely an error with the configuration or drivers of your 3-ware RAID controller, or the hardware is failing
<qman__> the thing about the second error is, if everything works, it can be ignored
<qman__> but if there's a problem, it might point you in the right direction
<twb> Oh sorry, I only looked at the first message
<kaushal> smartctl -a -d ata /dev/sda
<kaushal> Smartctl: Device Read Identity Failed (not an ATA/ATAPI device)
<qman__> that one's pretty self explanatory, /dev/sda is not an ata device, you need a different -d option
<qman__> usually omitting the -d option will let it autodetect the correct one
<qman__> but it doesn't always work, check the manual for the other options
<twb> -d ata is for SATA drives
<twb> But since you're using 3-ware, you probably need something vendor-specific like -d 3ware
<kaushal> 03:03.0 RAID bus controller: 3ware Inc 9xxx-series SATA-RAID
<twb> kaushal: the error means smartd CAN'T talk SATA to the drives in your hardware raid
<kaushal> bit confused here
<maxagaz> twb, thanks a lot
<kaushal> what needs to be done exactly to sort out this issue ?
<twb> kaushal: read the smartd manpage?
<kaushal> yeah
<twb> Find out which -d you need
<twb> 18:07 <twb> But since you're using 3-ware, you probably need something vendor-specific like -d 3ware
<kaushal> Device: AMCC     9500S-4LP  DISK  Version: 2.08
<kaushal> please try adding '-d 3ware,N'
<kaushal> you may also need to change device to /dev/twaN or /dev/tweN
<kaushal> when i run smartctl -a -d scsi /dev/sda
<twb> kaushal: and did you try that?
<kaushal> smartctl -a -d 3ware,0 /dev/sda
<kaushal> WARNING - NO DEVICE FOUND ON 3WARE CONTROLLER (disk 0)
<twb> I'm not familiar with 3ware, so the only other thing I can suggest is you contact your hardware vendor and ask them.
<kaushal> twb: so i have to use smartctl to fix the issue? am i understanding you correctly ?
<qman__> kaushal, you haven't said what the issue is
<kaushal> the issue is the machine gets freezed and becomes unstable
<twb> kaushal: well, nothing you do in smartctl will fix that
<qman__> yeah
<twb> smartctl/smartd just reports hardware errors in your disks
<kaushal> understood
<kaushal> Thanks
<qman__> since you have another error regarding your 3ware controller, that's one thing that could be causing the problem
<kaushal> so i have to run the smartctl to look for hardware errors on my disk
<qman__> check for driver conflicts, misconfiguration, or hardware failure
<magatz> Hi all i've got a question/problem using ecryptfs with dovect maildir on my home (encrypted filesuystem)
<twb> I hate hardware raid for that reason
<magatz> specifically, everything works correctly when i am logged via ssh into the server
<magatz> but i log-off maildrop doesn't uses may ~/Maildir but the /var/mail maildir
<magatz> i think the problem comes from the home encrypted filesystem that is not mounted when i logoff from the server
<qman__> that's correct
<magatz> any hint?
<qman__> it can't access ~/Maildir when it's encrypted and not mounted
<qman__> however, I don't know what you need to do to work around that
<qman__> probably set it up to store your mail in a temporary folder while logged off, then move it when you log on
<magatz> ok, but how can i keep it mounted when i'm logging off
<qman__> or something like that
<magatz> already works this way, but it's a pain in a multi-user environment....
<magatz> I'd like to keep the home filesystem always mounted
<qman__> that's outside my knowledge and a quick google isn't helping, sorry
<magatz> thanks anyway :)
<maxagaz> twb, where is the doc you were referring about for the Match block ?
<twb> maxagaz: man sshd_config
<maxagaz> twb, thanks
<kaushal> qman__: shall i pastebin the observation ?
<dayo> how do i lock the account of a user on an nfs server? i'm using openldap to authenticate them.
<kaushal> twb: shall i pastebin the observation ?
<maxagaz> twb, it seems i can't do it on hardy => http://www.debian-administration.org/articles/590
<maxagaz> twb, how should i update openssh-server on a production machine ?
<twb> maxagaz: unless it's in hardy-backports, you shoudln't
<maxagaz> Unbuntu-Package search looks to be down...
<maxagaz> twb, unfortunately, it's not... 1:4.7p1-8ubuntu1
<twb> Since 4.7 doesn't have this feature, you'll have to make a chroot environment and run a second ssh daemon in there -- super sucky
<twb> So it might be reasonable to add intrepid entries to your sources.list and write some pins into apt.conf, though that's a bit of a hassle
<a_ok> Ubuntu 8.04 hans after saying Activating Swap [OK], No messages in log and not telling what it is doing. Any idea whats going on here?
<twb> I'd say it's hanging immediately after activating swap.
<a_ok> twb: it seems that activating swap is the last action of S35mountall.sh i doubt it hangs there
<twb> a_ok: so what is the next script after that?
<maxagaz> how to sort by size with ls ?
<\sh> maxagaz, man ls ; ls -S
<a_ok> S36mountall-bootclean.sh
<a_ok> twb: I think this might be the problem script
<twb> a_ok: so put set -x at the top of it and try again
<twb> a_ok: be sure to boot without usplash, if you have that installed
<a_ok> twb: well its a production server so not reboting it anytime soon what does set -x do btw?
<twb> It turns on tracing
<a_ok> twb: are there servers using usplash?
<twb> a_ok: stupid ones, yes
<twb> There are lots of stupid people in this channel, so I have to check
<twb> Even my boss makes me put gnome on servers, "because customers are used to Microsoft TS and SBS, which has a local display"
<a_ok> twb: wtf you should fire your boss
<a_ok> unless your run it for thinclient stuff
<twb> Why would it matter if the server serves thinclients?
<a_ok> does it not need to run X with gnome libs etc?
<twb> Oh, right.  It needs it installed, but not running on the server.
<Gorlist> Morning, quick question
<Gorlist> I restarted fail2ban
<Gorlist> but it failed because the .sock was still present
<Gorlist> so I removed the /var/run/fail2ban directory and now getting "
<Gorlist> start-stop-daemon: Unable to set gid to 0 (Operation not permitted)" when I try to restart
<twb> Gorlist: you're not running it as root
<Gorlist> just launch under sudo?
<Gorlist> right its running, thanks
<twb> http://kevin.vanzonneveld.net/techblog/article/block_brute_force_attacks_with_iptables/
<twb> -m recent is more elegant than that userspace fail2ban crap
<Gorlist> right, will read through it
<Gorlist> thanks
<twb> Better, of course, is to remove password-based authentication from ssh
<twb> That article isn't really up with best practices, but it's the least worst I could find on short notice.  Check up with #netfilter if you decide to go with iptables
<Gorlist> its not ssh
<Gorlist> im having problems with ftp and mail
<twb> It should work for other services, too
<Gorlist> will take a look, use to use denyhosts but decided to try fail2ban this time around
<twb> Of course, FTP is a stupid protocol and requires an extra bit of magic -- but SFTP (rw) or HTTP (ro) is a better idea anyway
<Jeeves_> Who should I bother about the -virtual kernel config?
<twb> Is there an #ubuntu-kernel?
<twb> Jeeves_: plan B is launchpad
<Jeeves_> twb: I'm trying #ubuntu-virt now, but they all seem to be asleep :)
<magatz> hi, any suggestion on how turn-off encrypted home directory, on 9.10?
<magatz> this feature is giving me a lot of problem with nfs and dovecot
 * twb boggles
<twb> It's on by default?
<magatz> i've installed it on 9.04 and after upgrade to 9.10 stilll there
<magatz> yes in on by default
<twb> Good grief
<twb> I'm glad I stick to LTS
<twb> (And Debian, for my own stuff ;-)
<Jeeves_> It's not on by default, afaik?
<maswan> I got asked a question about it, I don't remember which was the default choice though..
<twb> maswan: ah, so it probably isn't the default
<teddymills> 9.10 server with sshd..is like 5 to 7 seconds from grub to login
<magatz> found! here the link: http://ubuntu-ky.ubuntuforums.org/showthread.php?t=1134121
<\sh> maswan, the default is "no"...
<\sh> maswan, btw...didn't you had some strange syslog entries like diskio.c: don't know how to handle 9 request somehow?
<\sh> (HP + SmartArrray)
<maswan> https://bugs.launchpad.net/ubuntu/+source/linux/+bug/413070
<uvirtbot> Launchpad bug 413070 in linux "karmic cciss: error messages on working device" [Undecided,New]
<\sh> hmmm...since jaunty I have now the message I pasted above...I wonder what that is
<\sh> and karmic does it still
<maswan> Ah, seems to be a different one then. I haven't seen that.
<incorrect> i am building some http cache servers using varnish, I am debating about not creating any swap
<incorrect> there used to be a performance hit if you built a system with no cache
<incorrect> err swap
<a_ok> incorrect: well I ran my linux box for years without swap and no performance issues at all, do note that when you run out of memory linux locks up instandly (way faster that is) compared to when you have a swap file
<incorrect> there used to be issues with not having swap
<incorrect> a box locking up is ok
<a_ok> no its not lol
<a_ok> incorrect: was it ubuntu speciffic?
<incorrect> maybe kernel 2.2 days
<a_ok> ow thats way back. linux memorymanagement is quite different now
<incorrect> i just wanted to ask
<dvrcoder> hi, question: after update my console is not 80x25 anymore. how do i get this back?
<a_ok> dvrcoder: frame buffer?
<dvrcoder> a_ok: i set vga=normal in menu.lst
<dvrcoder> (and i'm still using the old grub)
<dvrcoder> ah, i obviously did it wrong :D
<epinky> dvrcoder: check the table here http://crunchbang.org/archives/2007/10/10/changing-bootup-and-console-screen-resolutions/
<dvrcoder> epinky: thx
<a_ok> dvrcoder: nothing to do with grup furtunately kernel params
<qman__> no VGA line should make it 80x25, 640x480 makes it 80x30
<qman__> I prefer 80x30, more lines, just as readable
<a_ok> I prefere higher resolutions logfiles tend to have longer lines
<qman__> well, I do too, but for my one box I actually have the console up with, I prefer the low res so I can read it without my glasses
<a_ok> qman__: yeah it does depend on what monitor you have lol
<qman__> all the other ones I just ssh from this desktop
<dvrcoder> well right now it's at about 60 lines. i don't know, i just like good old 80x25 on the console (since i have the same over ssh)
<qman__> dvrcoder, well, you can set the vga mode in the kopt= line, then run 'sudo update-grub' to apply it
<qman__> that's for grub 1, no idea about grub 2
<qman__> I also generally remove the 'quiet splash' from it too
<qman__> that way when something goes wrong you can actually see what it is
<qman__> but that's just personal preference
<qman__> a_ok, it's a 17" CRT, plenty big enough, I just have very poor vision without my glasses ;)
<a_ok> qman__: didn't know you had to do an update-grub when you adjust menu.lst
<epinky> dvrcoder: try with "vga=ask" ?
<twb> vga=normal is 80x25
<twb> For grub2, you want to edit /etc/default/grub, particularly on x86-like systems to disable as fb there as it tells you to
<qman__> a_ok, you don't if you just modify the actual boot lines, but in ubuntu, the proper way is to modify the kopt= line in the top section, then run update-grub
<qman__> that also makes it stick for kernel updates and such
<a_ok> hmm good to know, I'm more of a manual man myself that is probalby why I still have gentoo at home. Since ubuntu failed me once with an upgrade I never trusted it
<twb> Personally, I prefer video=vesafb:1600x1200-32
<twb> (Or uvesafb for widescreens, but that's a huge pain in the arse.)
<dvrcoder> re
<dvrcoder> btw, can i just unselect the pae kernel in aptitude if i don't need it?
<twb> I don't see why not
<Adrian1> Hello. Can you please help me install ebox ?
<epinky> Adrian1: ebox server?
<Adrian1> Ebox..... https://help.ubuntu.com/9.04/serverguide/C/ebox.html
<Adrian1> That how to doesn't work.
<uvirtbot> New bug: #485766 in lm-sensors (main) "lack of support for Fintek F71889F" [Undecided,New] https://launchpad.net/bugs/485766
<epinky> Adrian1: I don't use ebox, but what Ubuntu version are you using?
<Adrian1> 8.01
<Adrian1> Or smth like that.
<Adrian1> 8.10
<Adrian1> invoke-rc.d: initscript ebox, action "apache" failed.
<epinky> if it's 8.10 then bad news
<epinky> Adrian: https://bugs.launchpad.net/ubuntu/+source/ebox/+bug/255368
<uvirtbot> Launchpad bug 255368 in ebox "ebox: Depends: libapache-authcookie-perl but it is not installable " [Undecided,Fix released]
<Adrian1> Well... I installed it, let's see if it works.
<Adrian1> Aaaa noap.
<twb> wasn't ebox totally broken in 8.04 and/or 8.10?
<twb> I remember someone saying that in here, though obviously I stay the hell away from web UIs
<epinky> twb: you're right, it tells that here https://help.ubuntu.com/community/eBox
<\sh> twb, /me is always saying that
<dvr> is there an irc channel with openldap support?
<epinky> dvr: #openldap ?
<dvr> epinky: oh cool, there really is :D
<uvirtbot> New bug: #485807 in qemu-kvm (main) "XP guest installs but gives BSoD on reboot unless in safe mode" [Undecided,New] https://launchpad.net/bugs/485807
<uvirtbot> New bug: #485820 in mysql-dfsg-5.0 (main) "deca" [Undecided,New] https://launchpad.net/bugs/485820
<a_ok> what is the goal of /etc/init.d/bootclean
<a_ok>  ?
<a_ok> I thought that tmp could just be emptied instead of dicected and cleaned
<uvirtbot> New bug: #485873 in logwatch (universe) "logwatch should report apparmor events" [Undecided,New] https://launchpad.net/bugs/485873
<incorrect> is it possible to force a pxe install to always prompt for manual network config
<uvirtbot> New bug: #485799 in postfix (main) "package postfix (not installed) failed to install/upgrade: sub-processo novo script pre-installation retornou estado de sa?da de erro 1" [Undecided,New] https://launchpad.net/bugs/485799
<KurtKraut> Should I rely more on BIOS fan control or should I set up fancontrol daemon on Ubuntu?
<LanceHaig_wrk> Key
<LanceHaig_wrk> I am wondering if there is a patch and config management tool for multiple ubuntu servers?
<kaushal> hi
<LanceHaig_wrk> I have 100 that need to be managed and I can't seem tot find anything by searching the net
<mushroomblue> so, when configuring a server to authenticate to LDAP, I disabled all other methods of authentication. I was able to auth as an LDAP user. after reboot, it's not authenticating, and not accepting system users. is there another way to log into this machine, other than chroot?
<kaushal> anyone closing following my issue on ubuntu-server mailing list ?
<mushroomblue> cos I'm 2000 miles away, and I don't want to lead a monkey through a chroot. especially because I'
<mushroomblue> 'm not sure what partition it is, etc.
<kaushal> about 3w-9xxx: scsi0: ERROR
<mushroomblue> nevermind. I forgot single user mode was an option.
<kaushal> checking in again for my query ?
<cyphermox> kaushal, running memtest86 for a couple of hours should tell you whether your memory is good for that server.
<kaushal> cyphermox, so its sure shot a memory issue ?
<kaushal> I mean sympton
<cyphermox> kaushal, it's a common cause of lockups.
<kaushal> ok
<kaushal> can memtest86 run on 64bit architecture
<kaushal> ?
<cyphermox> kaushal, you should check whether there are other errors in syslog, and perhaps post them up on in the mailing list thread, for the benefit of everyone in the thread
<cyphermox> i think so, yes
<kaushal> cyphermox, i have done it already
<cyphermox> nothing other than the errors for 3w-9xxx?
<kaushal> yeah
<cyphermox> kaushal, or even including an excerpt of your syslog from say, that error message, up until the time you get a freeze, that could help.
<kaushal> ok
<unique> why is my mail server rejecting all the emails telling them "Relaying denied [RCPT_TO]" im using sendmail and courier-imap
<ivoks> kaushal: yes :)
<teddymills> can i add mdadm to an existing single drive ubuntu-8041-server?
<jerrcs> Hi guys.. I downloaded the ubuntu server iso ages ago, burned it on a cd.. now it's corrupt.. but it still boots.. just some files are missing.. anyway to do a netinstall from that same disc?
<aberhow> ok, so i just installed, and the only package i choose on install was the openbsd ssh server
<aberhow> on boot at the console the server starts
<aberhow> then it restarts
<aberhow> what's the deal?
<KurtKraut> aberhow, the server is restarting by itself?
<aberhow> yup, on boot it is
<aberhow> or it seems that way
<ziesemer> Anything mentioned in the log files?
<aberhow> not other than the server is listening
<aberhow> then a few seconds later after the restart it says the server is listening again
<aberhow> on 22
<ziesemer> Is it not listening on :22 the first time?  If not, it sounds like it might be restarting to rebind to a new network interface.
<aberhow> that could be it, the computer is set to dhcp
<aberhow> i would thit it would have its ip by then though
<ziesemer> dhclient should show up in your logs, too.  Should be easy enough to check.
<ziesemer> OK, I think I have OpenLDAP all setup and working, as well as basic FreeRADIUS.  Now the part I don't exactly understand:  How are client certificates associated with a user account - or are they even?
<ivoks> ziesemer: i might say lots of nonsense cause i haven't slept for quite a while
<ziesemer> I know the feeling.  :-)
<ziesemer> So basically, I'm sure I could get FreeRADIUS to allow authentication using the same user/pass combinations as for local access, etc.
<ziesemer> Client -> user/pass -> FreeRADIUS -> OpenLDAP
<ivoks> ok
<ziesemer> I'd like to use certificates instead.  Client -> X509 cert -> FreeRADIUS -> OpenLDAP
<ivoks> never played with that :/
<ziesemer> Under Microsoft AD, for example, the public keys for any issued certs are stored with the user's entry in AD (LDAP).  If it doesn't exist there or if the user isn't active, login denied.
<ziesemer> Seems that FreeRADIUS will work the same.  If the public key isn't in the CA or is revoked, access denied.
<ziesemer> I was just wondering if it still ties into user authentication when moving from user/pass to certificates.
<ziesemer> All I can seem to find online is a reference to the "named client" in the WPA_HOWTO at http://wiki.freeradius.org/WPA_HOWTO .
<ziesemer> So I guess I'll just have to test, but an hoping / assuming that the cn (common name) passed in the certificate is still used to check against the username.  (Is account still enabled, etc.?)
<ivoks> http://www.howtoforge.com/wifi-authentication-accounting-with-freeradius-on-centos5
<ivoks> something like that...?
<ivoks> this is for sure something to test and explore
<ivoks> i never tried it
<ziesemer> I'll experiment and post back.
<ivoks> a write up would be great
<ziesemer> Will probably end up becoming a blog entry at blogger.ziesemer.com .
<ivoks> great
<ziesemer> Thanks!  Get some sleep!!
<epinky> ziesemer: http://zone.ni.com/cms/images/devzone/tut/8021X.png
<ivoks> note that freeradius is built without openssl in ubuntu and debian
<ivoks> at least last time i checked :)
<ziesemer> epinky:  OK.  I'm looking at the image, and don't see how it applies.
<ziesemer> If I'm authenticating with a certificate rather than a user/pass, (how) does FreeRADIUS determine and authorize the username, beyond just validating that the client certificate is valid?
<ivoks> right
<ivoks>                 --without-openssl \
<ivoks>                 --without-rlm_eap_tls \
<ivoks>                 --without-rlm_eap_ttls \
<ivoks> :)
<epinky> ziesemer: http://www.interlinknetworks.com/whitepapers/Intro_802_1X_for_Wireless_LAN_clip_image002.jpg
<ziesemer> epinky: Another good image, but I'm not seeing the relevance to the question. (?)
<epinky> ziesemer: then sry, I can't help you :(
<ziesemer> k, thx
<ziesemer> http://freeradius.org/doc/EAPTLS.pdf may be my answer.  Didn't find it before due to it being a PDF.  It shows a log file of a user authenticating with a certificate.  It appears to pull the username out of the certificate.  I'd guess from the common name (cn) field.  Will have to test later.
<Mike_lifeguard> Hi, how can I stop pam_motd in libpam-modules from changing my /etc/motd?
<epinky> Mike_lifeguard: look for /etc/pam.d/ssh look for a line "session optional pam_motd.so" and comment it out
<axisys> i have two ethernet ports on my server .. how do I do network load balance and failover ? right now i am using only one ethernet port ..
<Mike_lifeguard> epinky: /etc/pam.d/ssh doesn't exist
<ziesemer> axisys - what are you connected to in terms of a network switch?
<ziesemer> Ideally, you'd just trunk to a compatible network switch, which would handle both load balancing and failover.
<Mike_lifeguard> ah, there is login ... let's see if that's it
<axisys> ziesemer: i am connected to a switch .. i think cat 5500 .. let me double check
<ziesemer> Otherwise, you could set a 2nd IP on the 2nd port, and use DNS balancing to hand out alternating IPs for each request to a given hostname.
<Mike_lifeguard> epinky: That line appears in /etc/pam.d/login -- however the description is that it "prints the motd upon successful login" (I still want to show the motd, I just want pam_motd to stop changing it from what I've set.
<axisys> ziesemer: cisco cat 4000
<ziesemer> That doesn't mean much to me, except that it is a Cisco Catalyst, which I'm sure supports just about everything.  :-)
<axisys> ziesemer: how do I do the DNS balancing ?
<ziesemer> Given that you have a supporting switch, I'd just use that instead.
<ziesemer> I just did a quick Google search.  It's a little dated (for 6.10), but still appears applicable:  http://www.howtoforge.com/network_bonding_ubuntu_6.10
<epinky> Mike_lifeguard: "session  optional  pam_motd.so  motd=/etc/motd"
<axisys> ziesemer: thanks.. i want to do the bonding instead.. since i have to depend on network guys for my config ..
<ziesemer> Even better:  https://wiki.ubuntu.com/LinkAggregation
<axisys> ziesemer: thanks a lot :-)
<axisys> ziesemer: i did not know what to google search... i only used IPMP and dladm on solaris
<Mike_lifeguard> epinky: That seems to have no effect :\
<axisys> ziesemer: Prerequisite: Ethtool support in the base drivers for retrieving the speed of each slave
<axisys> ziesemer: how do I know my card supports that ^ ?
<epinky> Mike_lifeguard: then PAM is not changing your motd
<axisys> ziesemer: i see ethtool gets me the speed .. so i guess i am good w/ prereqa
<axisys> prereqs*
<axisys> how do I make sure /var/log/messages file is readable by hobbit always.. i think some rotate job reverts it.. whats the recommended way to make the change so hobbit can read messages file ?
<axisys> do I have to add hobbit to adm group ?
<ivoks> yep
<ivoks> note that that will give it access to all logs
<Mike_lifeguard> epinky: Do you know of anything else that would be doing it?
<ivoks> read-only
<axisys> ivoks: hmm.. that gives hobbit too much privilege.. i guess i need to ask hobbit guys on how to make changes in the app so hobbit can read the file using sudo instead
<ivoks> why?
<ivoks> it can only read logs
<ivoks> that's not perfect, for sure...
<axisys> so adm group has no other priv than just reading logs ?
<ivoks> right
<axisys> ivoks: oh ok.. then its fine.. its simpler than anything else.. i guess
<axisys> adduser hobbit adm will add the hobbit as part of adm group.. but will it remove its assosication w/ other group with that command ?
<Mike_lifeguard> Is there a list of the groups what what privileges they confer? Some are quite cryptic :\
<ivoks> no
<axisys> let me read the man
<ivoks> it just adds it to the group
<axisys> ivoks: oh! u r fast .. thanks
<ivoks> each user can be a member of multiple groups
<epinky> Mike_lifeguard: not really, sry :(
<axisys> ivoks: yep.. i just dont remember the command to do it throuh cli..
<ivoks> adduser user group
<axisys> ivoks: i can from solaris env.. that's why
<ivoks> :)
<axisys> s/can/came/
<Mike_lifeguard> epinky: oh well. thanks for the help anyways
<epinky> ivoks: just use usermod -G <group> <youruser>
<ivoks> or that
<ivoks> adduser username group is faster :p
<axisys> epinky: like in solaris
<aberhow> make sure you use -a too in that usermod command so it appends the groups
<aberhow> usermode -a -G adm hobbit
#ubuntu-server 2009-11-21
<git__> hi
<Dream-Ubu> is server usb install compatable? :/ becuase my desktop wont take it
<Dream-Ubu> :/ unless the startup disc creator is missing something off]
<ninjah> how do I change run levels in 9.10?
<Mike_lifeguard> ninjah: man telinit, IIRC
<ninjah> Mike_lifeguard: I found the new file. /etc/init/rc-sysinit.conf
<Mike_lifeguard> right-o
<Bookman> I am having a problem with a computer accessing the internet via a proxy connection to a machine running dansguardian.
<Bookman> All I get is "openfire http binding service" as a response whenever I try to access a website via Firefox.  If I set the connection to direct connection to the internet all is fine.
<ycy> http://tutzone.net/wp-content/uploads/2009/10/essential-softwares/vlc.png which movie is this?
<Bookman> The connection was wired.  The wireless for a bit and now I have taken it back to wired and this is when the problem started.
<uvirtbot> New bug: #486128 in euca2ools (main) "euca2ools: Requires more environment variables than EC2 AMI tools" [Undecided,New] https://launchpad.net/bugs/486128
<Bookman> how do I unbind a port?
<ninjah> Bookman: Stop using it
<Bookman> ninjah: I tried that
<ninjah> What port and what do you have it "bound" too?
<Bookman> I get the following when trying to start dansguardian:  Error binding server socket: [8080] (Address already in use) Exiting with error
<ninjah> Something is using port 8080
<ninjah> find out what that is and kill it
<Bookman> I tried finding out what the process was with netstat -a
<Bookman> Can't seem to find it listed
<ninjah> hmm...
<ninjah> what do you have running on the system
<Bookman> I had openfire running but stopped it
<Bookman> I am at a loss.  Apparently nothing is using that port, and yet dansguardian say it is.
<ninjah> Bookman: Check /etc/services
<ninjah> you might have to add it to the list
<HellMind> I got a ubuntu 8.03 tls, runing the openvz kernel, I've installed an ftp server on a guest, but when I connect from internet, the servers DIES
<HellMind> what can be?
<HellMind> I tried proftpd and pure-ftpd
<HellMind> I tried 2 differnt ports
<HellMind> How a ftp client can HANG the server :X
<HellMind> maybe is the firewall
<HellMind> I use ufw
<HellMind> and I hate it
<HellMind> maybe the portforward rule is doing the damage
<HellMind> I dont see any logs about it :(
<HellMind> and my server is on a datacenter :(
<HellMind> trow ideas
<jmarsden> Turn off ufw and retest -- if it was ufw you will then know it was ufw.  Then you can look at the ufw rules and find out exactly what part of them was responsible.
<HellMind> I tell them to reboot the server
<HellMind> and it happens again
<HellMind> now is the 3rd time
<HellMind> so they will ignore me now :(
<HellMind> so when it comes online
<HellMind> I should ufw disable
<HellMind> and try to connect again to the ftp?
<HellMind> where are the setting of ufw, where it stores the allow or deny?
<HellMind> I found where to put the nat rules but the input filter ones no
<HellMind> I dont understand why ubuntu-server accept that damn firewall
<HellMind> here is :S /var/lib/ufw/user[6].rules
<jmarsden> Also look in /etc/ufw/
<jmarsden> But what makes you think it is ufw that is causing the issue?  Did you have an ssh session to the server open and tailing relevant log files as things happened?
<jmarsden> ufw is just a front end for iptables, no more and no less.
<HellMind> I think is ufw because I added a port forward rule to connect to the ftp server
<HellMind> I looked on syslog and nothing is writed
<HellMind> its  a very hard hang
<jmarsden> The server is at a datacenter, so not behind a home firewall box... so why would you need a port forward to access FTP?
<HellMind> Maybe is a kernel panic
<HellMind> the firewall is the ubuntu-server
<jmarsden> Then for sure no "port forward" is needed.
<HellMind> because im runing openvz
<HellMind> so i got guest
<HellMind> that need nat
<HellMind> I only got 1 ip
<jmarsden> One IP is enough for FTP service with no "port forwarding".
<HellMind> do you understand there are server virtual computer runing on the ubuntu server?
<HellMind> several
<HellMind> one of that virtual machine needs a ftp server
<jmarsden> You have one IP per several openvz virtual hosts?  Not one per VM?  At a datacenter?  Seems slightly odd, but OK...
<HellMind> yes :) its cheaper that way :(
<jmarsden> Earlier, you said you are running openvz and have one IP.  I assumed one IP for that once instance of openvz...
<HellMind> haha you wish
<jmarsden> I'm pretty sure you can get one IP on one VM at Linode for cheap, $20/month I think it is for their lowest end VM.
<HellMind> I will ask for that
<HellMind> but first how the server can hang
<jmarsden> I don't know... but openvz is not full virftualization...
<jmarsden> They don't even give you a console where you can do your own reboots of your own openvz virtual machine?
<HellMind> no, because is a home made server
<HellMind> it doesnt got kvm
<HellMind> or something to cut the power
<HellMind> im planning build something to do that :(
<HellMind> but the question here is, how an ftp can tilt a linux box
<HellMind> a ftp connection
<HellMind> its like magic :(
<HellMind> whos fault :( ubuntu?
<HellMind> me
<HellMind> openvz?
<HellMind> fwd?
<crohakon> I like magic
<HellMind> I dont
<HellMind> magic is when you dont know the trick :(
<jmarsden> Why would you choose to use/pay for a homemade server in a datacenter so cheap that it has no KVM or serial console access to machines colocated there??  Seems... like you are just asking for trouble :)  FTP didn't hang the box, just one openvz instance, from your description.
<HellMind> A home made server cost cheaper
<HellMind> I got access to the datacenter
<HellMind> but its far
<HellMind> I dont like to travel to there
<HellMind> why openvz?
<HellMind> it hangs when I try to connect it
<HellMind> i will go to the datacenter :(
<HellMind> I must learn who is the saint claus this time
<HellMind> i will see you there.
<jongbergs> hi, im planning to set up an ubuntu server, which ubuntu version should i got into? the stable one..
<jongbergs> hi, im planning to set up an ubuntu server, which ubuntu version should i go into? the stable one..
<jmarsden> jongbergs: Normally, yes, use LTS releases for servers, so 8.04.3 LTS is the current LTS release.  However, you are less than six months from 10.04 at this point, so you could use Karmic 9.10 now, since you'll (presumably?) be updating within a couple of months of 10.04 coming out.  Your call: the standard advice is to use the LTS release for servers.
<jongbergs> jmarsden: thank you so much for the suggestion, i'll consider 8.04 LTS to be used as our server OS
<jmarsden> jongbergs: No problem.
<uvirtbot> New bug: #486187 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 (not installed) failed to install/upgrade: Ð¿Ð¾Ð´Ð¿ÑÐ¾ÑÐµÑÑ ÑÑÑÐ°Ð½Ð¾Ð²Ð»ÐµÐ½ ÑÑÐµÐ½Ð°ÑÐ¸Ð¹ post-installation Ð²Ð¾Ð·Ð²ÑÐ°ÑÐ¸Ð» ÐºÐ¾Ð´ Ð¾ÑÐ¸Ð±ÐºÐ¸ 1" [Undecided,New] https://launchpad.net/bugs/486187
<HellMind> im back
<HellMind> it was a kernel panic :(
<kaushal> hi
<alex88> morning,i have a xen vps with ubuntu 9.04, so no grub etc.. is there a special mode to upgrade it instead of using dist-upgrade?
<alkisg> I ssh'ed to my server, tried to copy a big file to another server via nfs, and then my ssh connection broke. Now when I log on I can see the copy process but I can't kill it, not even with kill -9. I can't even reboot the server remotely. Any ideas?
<alex88> someone can help me to forward a port with iptables?
<Boohbah> iptables -t nat -A PREROUTING -p tcp -i eth0 -d xxx.xxx.xxx.xxx --dport 8888 -j DNAT --to 192.168.0.2:80
<Boohbah> iptables -A FORWARD -p tcp -i eth0 -d 192.168.0.2 --dport 80 -j ACCEPT
<alex88> Boohbah: thanks i'll try
<alex88> Boohbah: i can substitute the second line just adding port 80 to apf rules right?
<Boohbah> i dunno
<alex88> btw, it works, thanks Boohbah, have a nice day
<crespo> Hi everybody
<crespo> how can i Flush one IPsec tunnel?.. I have established 5 tunnels to different n/ws
<crespo> i want to flush one of them
<crespo> can i use racoonctl?
<crespo> "racoonctl fs isakmp" will flush all tunnels... i dont want tat
<crespo> NickServ cresp
<crespo> my bad hehe
<crespo> any advise?
<ernstp> I've started from a livecd and want to resize a dm-crypt partition
<ernstp> how do I access/start/initiate the crypt device?
<fakhir> ello everyone. so i run a server out of my home with ubuntu server and my problem is that mail servers that i sent mail to with php mail() reject my emails "Your access to this mail system has been rejected due to the sending MTA's poor reputation."
<fakhir> any solutions?
<epinky> fakhir: use a relay like google?
<fakhir> how would that work? is there a tutorial somewhere? i dont know much about the technical workings of mail servers
<guntbert> fakhir: then plase don't run a public one!!!
<fakhir> a public what?
<fakhir> i have very little interest in mail servers. i run several websites and i just need to be able to send out account recovery emails with PHP
<guntbert> fakhir: *don't run a public mail server (one connected to the internet) if you don't know what you are doing!!!
<qman__> fakhir, then all you need is an internet site configuration, but you should prevent incoming mail (and requests to send mail) at the firewall
<epinky> fakhir: If you don't know much about technical workings of mail servers, most of the time it'll end like spam server :), what's the MTA you're using? (Postfix, Exim, qmail, Sendmail)
<qman__> otherwise you're going to be in spam trouble
<fakhir> postfix
<qman__> also, if you're hosting sites for other people, make sure you keep an eye on them, make sure their sites are not being used for spam
<qman__> once you get blacklisted for spam it's really tough to get un-blacklisted
<fakhir> i am not
<fakhir> i suspect the reason i am unable to send emails is because this server is on a residential internet connection
<qman__> yes, that would be it
<fakhir> i gather the right solution would be some sort of relay but i do not know where to start
<qman__> my ISP does the same thing, it's to prevent spam
<qman__> what I did was set it up to send through a gmail account
<qman__> to do it you start with internet site configuration, let me see if I can find the tutorial for it
<epinky> fakhir: this can give you an idea of using a relay dont' follow yum parts :) http://www.wormly.com/blog/2008/11/05/relay-gmail-google-smtp-postfix/
<fakhir> i use godaddy for my email host. it would be great if i could use that
<fakhir> epinky, yeah that looks like it could help me :) thanks
<epinky> fakhir: you're welcome
<ruben23>  hi how can i share screen...on ssh on a single server login
<ruben23> with 2 ssh user on same account user
<billybigrigger> anyone here familiar with setting up a socks server?
<billybigrigger> i want to have a friend connect through my server, and then be able to login to my usenet account so it looks like both of us are coming from the same IP address
<billybigrigger> as we share the account and multiple connections from different ip's are not allowed
<billybigrigger> basically setup a proxy server, correct?
<billybigrigger> also i'm having problems with my networking on my server...
<billybigrigger> ifconfig shows eth0 is up with an ip address of 192.168.1.111, as defined in my /etc/network/interfaces
<billybigrigger> yet i can't ping google.com
<billybigrigger> yet i can ping inside the local network
<epinky> billybigrigger: you mean TCP forwarding?
<billybigrigger> here is a copy of my interfaces http://pastebin.ca/1681550
<darkpixel> When I plug in a USB device, how can I find out where it creates it's /dev/whatever file?  I used to plug in my UPS and get /dev/usbHID0.  I checked syslog, dmesg, and lsusb but find nothing.
<billybigrigger> i think nntp (newsgroups) is udp isn't it?
<billybigrigger> darkpixel, /var/log/messages or dmesg should show you when a device is plugged in
<billybigrigger> darkpixel, you can try tail -f /var/log/messages and then plug it in and watch that terminal for changes
<darkpixel> billybigrigger: All I get in messages is that a device was plugged in and what configuration option was selected, but nothing about the /dev file.
<darkpixel> billybigrigger: Nevermind.  I think I have a bigger problem.  Plugging in a USB GPS shows me clearly that it's ttyUSB0, but plugging in my smartcard reader that worked under 9.04 gives me nothing.  Bah!
<darkpixel> *facepalm* Forgot to install libasedrive-usb.
<jmarsden> billybigrigger: NNTP uses TCP at port 119 by default.
<jmarsden> billybigrigger: Why doesn't your friend just ssh to your server and use SSH's port forwarding to access NNTP through it -- should be less work that setting up socks ?
<benedikt> what spam filter would you use for a small single domain email server
<benedikt> im using SA, ClamAV, pyzor, dcc and MailScanner for a 20 domian mailfilter server at work, but it seems a little overkill for a small private server
<epinky> benedikt: SpamAssassin? SpamFighter?
<ScottK> benedikt: What MTA are you using?
<benedikt> ScottK: Postfix
#ubuntu-server 2009-11-22
<ScottK> benedikt: Then the first thing I'd suggest is to drop mailscanner.  Ubuntu generally supports Postfix plus amavisd-new with clamav and spamassassin.
<ScottK> That and a good RBL set should do pretty well.
<billybigrigger> jmarsden, yeah he's knew with ubuntu, so i'll have to write a script than he can launch from gnome-panel that will do all the work for him :)
<benedikt> ScottK: why would you drop Mailscanner.. I think its excellent (and MailWatch keep the other (windows)-guy off complaining)
<ScottK> benedikt: Because it's design modifies Postfix queue files directly.  This an internal Postfix interface and using it is a very poor software design practice and in the past has been known to cause mail to get lost.
<billybigrigger> jmarsden, first of all have to figure out why my networking isn't working
<billybigrigger> outside of the lan
<jmarsden> billybigrigger: Can you ping your router (default gateway?)  Is there a default route pointing to it?
<benedikt> ScottK: i didnt know what, but that makes a good point.
<billybigrigger> yes
<billybigrigger> i can ping the router
<billybigrigger> and i get an ip address as i specified in my interfaces 192.168.1.111
<billybigrigger> <billybigrigger> here is a copy of my interfaces http://pastebin.ca/1681550
<ScottK> benedikt: You can look in the archives of postfix-users for lots of examples.
<ScottK> Also the setup I suggest is well documented in the Ubuntu Server Guide.
<jmarsden> billybigrigger: Does netstat -rn | grep ^0    # show you a sane-looking default route to your router?
<billybigrigger> 0.0.0.0         192.168.1.1     0.0.0.0         UG        0 0          0 eth0
<billybigrigger> not all that familiar with netstat just yet :P
<jmarsden> Looks fine.  But if you ping 4.2.2.1 it fails?
<billybigrigger> 1.1 is the router
<benedikt> ScottK: this system has been running for 6 months (scannign 3 thousand ham mails per day) and so far everything has gone fine, and on two 4-5 year old desktop computers also. And i already found it in the server guide.
<billybigrigger> 64 bytes from 4.2.2.1: icmp_seq=1 ttl=56 time=235 ms
<ScottK> benedikt: With mailscanner?
<billybigrigger> 0% packet loss
<benedikt> ScottK: yep
<jmarsden> billybigrigger: So it is working fine.
<billybigrigger> looks good jmarsden
<jmarsden> So... what is NOt working?
<ScottK> benedikt: Please give me the link in the server guide?
<billybigrigger> ping billybigrigger@sally:~$ ping google.com
<billybigrigger> ping: unknown host google.com
<benedikt> ScottK: i just checked the wikipedia article for Mailscanner, it sort of looks like an advertisement
<jmarsden> billybigrigger: Ah, that is not a network issue, that is a DNS issue!
<benedikt> ScottK: Oh, i think you misunderstood me. Mailscanner is nowhere to be foudn in the serverguide.
<ScottK> benedikt: It's probably written by mailscanner pepole.
<ScottK> benedikt: OK.  Good.
<billybigrigger> this computer is fine :)
<benedikt> ScottK: not in the wiki either
<billybigrigger> jmarsden, i'm running that server via vbox
<jmarsden> billybigrigger: What does /etc/resolv.conf have in it?
<billybigrigger> nothing
<ScottK> It's the kind of thing that's mostly OK, but since it's an internal interface, if it changes, then Mailscanner breaks without warning.
<billybigrigger> i thought resolv.conf was handled by NM?
<jmarsden> So why would expect name resolution to be working?
<benedikt> ScottK: do you know of a web interface for monitoring what happens with the setup in the Server guide? I have a windows sysadmin boss to satisfy if i propose a change
<jmarsden> billybigrigger: Either run a local DNS server on the Ubuntu server, or point it at one elsewhere.
<ScottK> benedikt: ebox is the usual recommendation here, but I don't know how well their mail module works (since I don't use any of this stuff).
<jmarsden> DNS is not magic, someone has to provide your server with DNS :)
<ScottK> benedikt: Even if the boss is on Windows, he can still use ssh.
<billybigrigger> jmarsden, no i copied my resolv.conf from my working machine
<billybigrigger> jmarsden, thanks, i don't know how that file became empty, as it was working a few days ago
<billybigrigger> all is good :)
<benedikt> ScottK: windows people usually dont like reading logs. i have been housetraining him on stuff like that however..
<ScottK> Heh.  OK.
<benedikt> billybigrigger: what happens if you run "nslookup ubuntu.com 4.2.2.1"
<billybigrigger> benedikt, what am i looking for
<benedikt> ScottK: just read (quickly) over the setup in the server guide -- seems like a great solution (captian obvious)
<benedikt> billybigrigger: if it returns the ip address for ubuntu.com
<billybigrigger> it outputs some info :)
<ScottK> benedikt: Great.
<billybigrigger> Name:	ubuntu.com
<billybigrigger> Address: 91.189.94.156
<jmarsden> billybigrigger: So it worked.  You should be all set :)
<benedikt> billybigrigger: does it say 91.189.94.156? then you just need a dns server, no routing issues.
<billybigrigger> ya no, i got it working, i copied my dns entries from resolv.conf from my working machine, to the non-working machine
<benedikt> ah, great.
<billybigrigger> yeah thats what i said, all was good, thanks :)
<benedikt> also, i use my own dns server for resolving. i dont like that my isp could dns poision something.
<jmarsden> benedikt: Your ISP could transparently edit the DNS packets they return to you and poison them that way, too :)
<jmarsden> If you can't trust your ISP you'd better use DNSSEC :)
<benedikt> jmarsden: i have no reason yet not to trust them though..
<benedikt> jmarsden: but they did dns poision a icelandic 4chan alike website when some people started complaining
<jmarsden> Well, "i dont like that my isp could dns poision something" does not sound all that trusting :)  I'm just poiting out that if your ISP is evil, running your own DNS server will not prevent them from doing evil things to your DNS traffic -- just makes it a bit more work for them to do so.
<benedikt> My reasing is that if they did something evil, they wouldn't go that extra mile to get to the users running own dns servers and such.
<benedikt> ..also their dns servers tend to be a bit slow.
<benedikt> Why is the server guide suggesting using spf checking? Afaik not many people use it, not even gmail seems to have a spf record.
<ScottK> benedikt: I didn't add it, although I think it's a good idea.
<ScottK> They do actually have one.
<ScottK> gmail.com.              300     IN      TXT     "v=spf1 redirect=_spf.google.com"
<benedikt> i see it now.. was looking for a spf record, not a txt record. my bad.
<ScottK> There is a type SPF, but virtually no one uses it.
<benedikt> and the txt for _spf.google.com is massive
<ScottK> Yeah.  Apparently Google has a few servers.
<benedikt> but it doesnt list ipv6.. strikes me as quite odd.
<billybigrigger> nothing about a proxy server on the server guide eh...
<billybigrigger> anyone have a link to a good guide?
<marks256> [non software question] how would one go about making a custom 1u server? I'm confused on CPU cooling. A normal cooler won't work, so how would one get around that?
<KurtKraut> marks256, there are specific small-sized coolers for 1U servers.
<marks256> KurtKraut, Oh ok. Thanks :)
<jmarsden> marks256: See http://www.frostytech.com/top5_lowprofile_heatsinks.cfm for some examples
<marks256> jmarsden, those only go down to 1.5u by the looks of it
<KurtKraut> marks256, building a 1U server in a DIY way is quite hard and even impossible depending on what country you are.
<marks256> KurtKraut, i'm in the US
<KurtKraut> marks256, oh, so you can even DIY an atomic bomb, don't mind.
<jmarsden> marks: OK, try something like http://www.pcconnection.com/IPA/Shop/Product/Detail.htm?sku=8880006&SourceID=k232270  -- more generally, use Google :)
<marks256> KurtKraut, :p
<marks256> jmarsden, sweet thanks. i'll look for some low profile coolers then :)
<uvirtbot> New bug: #486495 in openldap (main) "package slapd 2.4.15-1ubuntu3 failed to install/upgrade: subprocess pre-removal script returned error exit status 2" [Undecided,New] https://launchpad.net/bugs/486495
<lamont> ScottK: I just noticed yet more SPF blocked mail that shouldn't have been...
<ScottK> lamont: What's the scenario?
<lamont> mind you, that's because there's an email addr I manage that is an alias for user@msn.com, so anytime they get email from @msn.com, they don't.
<ScottK> The SPF record for msn.com does not describe itself as a complete list of authorized sources for msn.com mail, so SMTP time rejection based only on SPF would be "Not the best way to do it".
<lamont> but then, that's the specific use-case that the SPF author decided no one should use.
<lamont> yeah - I think it's more msn muppetry than just spf could explain
<ScottK> My view is that anyone still using Hotmail, MSN, etc. have decided they don't really care about receiving mail.
<lamont> heh
<ScottK> Also some other data I have access to does tell me that msn.com mail that doesn't pass SPF is almost certainly not something you want in your inbox.  Not the the stuff that passes is so great.
<lamont> well, this was mail from @msn.com -> info@foo.com (virt map to) -> msn.com, rejected by msn.com
<JanC> IME all the big "free" email providers lose mail from time to time and sometimes have large internal delays  ;)
<ScottK> JanC: Hotmail and company are 'special' in this regard.
<JanC> I have more issues with gmail currently (because more people use it maybe)
<JanC> I don't even answer to complaints from people not receiving their forum membership confirmation mail anymore, unless they didn't post to the forum within 3 days  ;)
<JanC> but I also have complaints from people using gmail (and only gmail) who don't receive some mails from ubuntu lists
<ScottK> lamont: Any idea why senderbase would think eth0.yttrium.canonical.com sends mail? http://www.senderbase.org/senderbase_queries/detaildomain?search_string=canonical.com
<ScottK> I'm sort of guessing it either doesn't or isn't supposed to.
<ScottK> JanC: Where do the confirmation mails come from?
<JanC> ScottK: the forum confirmation mails come from my VPS (that also runs the forum)
<JanC> also, it's perfectly acceptable for mail to not be instant messaging, it's just that people don't understand that  ;-)
<JanC> at least they do the delays internally; microsoft loves (or loved?) to "throttle" at their incoming servers, which isn't always funny for providers...
<ScottK> Yahoo.com.
<ScottK> ... also is aggressive about throttling new IPs
<lamont> ScottK: that's the millbank offiuce
<Liberty> I'm looking for help on my new server Web server works and I can call directory through ssh.. but I cant  log in remotly from my ubuntu destop machine
<Wallace> what app should I use to retrieve email from my isp (for e.g. via pop3) and dump it into the local system?
<Sam-I-Am> fetchmail
<Liberty> I have just installed karmic server. I can get sftp through ssh I can get on with firefox but I can't get remote terminal to work
<Wallace> thx :)
<Sam-I-Am> remote terminal.. ssh <hostname> ?
<Liberty> sam I am through terminal? my ubuntu system doesn't know server name I use IP address
<Sam-I-Am> yeah, thats how ssh works... through the terminal
<Liberty> i didn't know I just logged on .. :) so simple  .. thanks !!!
<Sam-I-Am> yeah...
<Liberty> This is kewl 1st shot and I got it all ..
<uvirtbot`> New bug: #486580 in mysql-dfsg-5.1 (main) "package mysql-client-5.1 5.1.37-1ubuntu5 failed to install/upgrade: subprocess installed post-installation script returned error exit status 2" [Undecided,New] https://launchpad.net/bugs/486580
<aftertaf> hello : i need help diagnosing a potential dns resolution issue. slowness with Bind on local network for local and net resolution
<jmarsden> aftertaf: It's 2am here and my brain is slowing down, but... OK, what did you try already to diagnose the issue?
<aftertaf> :))
<aftertaf> well, sometimes it goes real slow to resolve internet adresses . . .
<aftertaf> i'm on karmic on my PC and have a lenny server setup as my dhcp/dns server, with forwarding etc.
<aftertaf> it's all setup 'correctly' in as DNS resolution works both for my local zone and internet.... but sometimes it takes time to respond, even locally...
<jmarsden> So if the issue is that a Debian Lenny DNS server is slow... why are you asking about that in #ubuntu-server?  Or am I misunderstanding what you are asking?
<aftertaf> example : ssh to my server (though i ran -v and saw the connection happens immediately, its the rsa negociation that is taking time on this example . . ;:()
<aftertaf> seeing as i have debian server and ubuntu box, i asked in both . . .
<jmarsden> Is there a Ubuntu server involved somewhere?  If not, #ubuntu-server is probably not the right channel to use :)
<aftertaf> :)
<aftertaf> true
<jmarsden> if you think the issue is on the client (Ubuntu) desktop machine, ask in #ubuntu.  If you think the issue is with the DNS server on Debian Lenny, ask in #debian or maybe #bind
<aftertaf> it there a huge difference in both distribs, concerning my usage ?
<jmarsden> Probably not, actually, in this case, but it's confusing to use the "wrong" channel.  I'll continue in #debian...
<aftertaf> :)
<aftertaf> you can get yourself to bed too . . ;)
<jmarsden> Yes, that's not a bad idea as well :)
<alex88> morning all..
<alex88> i have a xen vpn with 9.04, someone knows if there is a special way to upgrade to karmik?
<alex88> cause using standard mode it crashes the system
<MatBoy> mhh, I'm wondering if I shall use powerDNS or just bind for my DNS management
<tmus> Hey guys, I'm trying to build a minimal server (for a router/server setup) using karmic debootstrap. Everything works fine, but I can't get my danish keyboard to work (not really a showstopper, but it's starting to annoy me :-)). It just doesn't work (tty). Performing a standard install, the keyboard works fine, so I'm sure i'm just missing a small but important detail. Anyone?
<Dawgmatix_> I want looking to test some distributed code I have written by running multiple virtual machines on my workstation. any ideas how I can easily get ~8 instances of ubuntu running on my workstation ?
<ahe> Dawgmatix_: how many do you get running?
<ahe> i only tried with two machines in virtualbox so far but i think at min. 4 shouldn't be a problem on a dual core machine
<ahe> but it mostly depends on how big your virtual machines are and how powerful your physical machine is
<uvirtbot`> New bug: #485973 in php5 (main) "php5-cgi: IMAP toolkit crash" [High,Confirmed] https://launchpad.net/bugs/485973
<Liberty> I am tryinting to get my new Karmic Server cups to work
<Liberty> I don't know how to get the machine to see the printer
<Liberty> 210 people and no one has anything to say ;) sure is a quiet bunch
<tmus> Hey guys, I'm trying to build a minimal karmic server (for a router/server setup) using debootstrap. Everything works fine, but I can't get my danish keyboard to work in a tty (not really a showstopper, but it's starting to annoy me :-)). Anyone?
<Wallace> anybody know of an alternative to fetchmail for retrieving mail via pop3 and injecting it into the local mail system?
<jbernard> Wallace: perhaps getmail4?
<jbernard> Wallace: I've not used it, but it's described as 'a fetchamil replacement'
<Wallace> thx, I'll have a look
<BrixSat> hello
<BrixSat> Nov 22 15:06:39 zeus proftpd[3247] zeus: Check the ServerType directive to ensure you are configured correctly.
<BrixSat> Nov 22 15:06:44 zeus proftpd[3249] zeus: Failed binding to ::, port 21: Address already in use
<BrixSat> :S what is the problem for me dont have ftp?
<Liberty> I can't get my Karmic gnomes machine to print out on my karmic server printer
<BrixSat> stupid ftp
<Liberty> TI can adnminster thopugh from the web browser
<Liberty> can anyone help?
<BrixSat> try the karmic support channeÃ§
<jbernard> BrixSat: it would appear that another process has already bound to port 21, quite likely another ftp daemon, do you have two ftpd's installed?
<BrixSat> or what ever
<BrixSat> jbernard no only one
<BrixSat> proftpd is the only one
<BrixSat> jbernard how can i know if i have only one?
<jbernard> BrixSat: perhaps proftpd is already running then?
<jbernard> BrixSat: netstat will tell you what processes are bound to which port
<BrixSat> only proftpd
<BrixSat> i will stop it
<jbernard> BrixSat: it's currently running, listening on port 21?
<BrixSat> netstat
<BrixSat> http://pastebin.com/f23424e50
<BrixSat> with out stopping the server!
<BrixSat> and he does apears listed
<jbernard> BrixSat: try 'netstat -tap'
<jbernard> BrixSat: you could grep that for 'LISTEN'
<jbernard> those are the lines your interested in
<BrixSat> http://pastebin.com/f490dcfc2
<jbernard> so it appears that your ftpd is run through inetd
<jbernard> as opposed to standalone
<BrixSat> yes is it ok or not?
<jbernard> the config for that should be in /etc/inetd or some such thing
<jbernard> i think it's fine
<BrixSat> what would  you recomend?
<BrixSat> going to that folder and view config
<BrixSat> on the /etc/inetd.conf i have ftp     stream  tcp     nowait  root    /usr/sbin/tcpd /usr/sbin/proftpd
<jbernard> ahh, there you go
<jbernard> i think running through inetd is fine
<BrixSat> but no ftp
<BrixSat> Nov 22 15:34:52 zeus proftpd[7667] zeus: Failed binding to 0.0.0.0, port 21: Address already in use
<BrixSat> Nov 22 15:34:52 zeus proftpd[7667] zeus: Check the ServerType directive to ensure you are configured correctly.
<jbernard> im not an expert on that though, i do know that opinions vary
<jbernard> are you also starting proftpd standalone?
<jbernard> like /etc/init.d/proftpd start, or something similar?
<BrixSat> yes i used that
<BrixSat> cant i do that way?
<jbernard> the ftp daemon is already listening on port 21 because it's running from inetd, so subsequent attempts to run it standlone will always fail with that error
<BrixSat> :o new one to me :D
<BrixSat> i reebooted the machine
<BrixSat> and same thing
<BrixSat> i see on the login screen "Starting ftp server proftpd OK"
<BrixSat> and no ftp
<BrixSat> same thing failed to bind.....
<jbernard> i suspect it's already listening on port 21 and your startup scrips are, for some reason, attempting to run proftpd more than once
<BrixSat> i have removed the line from inedconf
<jbernard> and restarted inetd?
<BrixSat> rebooted pc
<BrixSat> and i still se on the screen the ftp started ok
<jbernard> and it's listening on port 21 now?
<BrixSat> and now it is working :D
<jbernard> ahh, fantastic
<BrixSat> you solved my problem :D it was inet :D
<jbernard> now don't touch anything ;)
<BrixSat> very very very thanks :D
<jbernard> you're welcome
<BrixSat> ;)
<Dream-Ubu> erm, installing server 9.10 and it keeps askking for a cd drive and, i dont have one all the files where copied directly to a harddrive yet its still askinng for drivers any ideas?
<Dawgmatix_> ahe - sorry i was away
<Dawgmatix_> yes i am trying virtualbox. but i was wondering if there are some other solutions which would start multiple virtual machines automatically at boottime
<Dawgmatix_> i have a machine with 8 cores and 8 gigs of ram, so i am thinking of running 6 vms
<ahe> Dawgmatix_: you could try out eucalyptus and UEC (which emulate Amazons EC2) but then you need to use special EC2 images
<ahe> although there is a base image on which you can build
<Dawgmatix_> ahe, i was looking at that too, but was a bit overwhelmed by the documentation :)
<Dawgmatix_> for eg the default example suggests using a host machine , and then other machines which actually run vms
<ahe> didn't try it myself yet, but my 4 core to be node cluster machine comes tomorrow :)
<Dawgmatix_> I dont know if having the same machine as the main eucalyptus controller as well as running eucalyptus machines works
<ahe> you need at least two machines
<Dawgmatix_> :(
<ahe> someone got it running but it's a bad hack and therefore he didn't document it
<Dawgmatix_> oic
<ahe> the upside is the frontend machine can be a very cheap one
<Dawgmatix_> okay, in that case I have a very old laptop
<Dawgmatix_> I can use that one - its an athlon 1.6 Ghz with a gig of ram
<ahe> that should work
<Dawgmatix_> btw one host machine can run multiple virtual machines right ?
<ahe> hardware requirements/suggestions are here: https://help.ubuntu.com/community/UEC/CDInstall
<ahe> according to the documentation one per core
<ahe> so you should get your 8 machines running
<Dawgmatix_> cool thats nice :)
<TeTeT> Dawgmatix_ + ahe : be aware that in UEC the instances on the node do not have any state, so in case of a powerdown they come back vanilla
<Dawgmatix_> oh noes
<ahe> oh yeah, right
<TeTeT> it's compatible with amazon EC2 and that does not retain state either
<TeTeT> so if you just want a couple of virtual machines running services, go with kvm
<ahe> Dawgmatix_: you could also go with plain kvm
<Dawgmatix_> any other recommendations - i am just starting and just need a testbed on whcih to write distributed networking code
<TeTeT> Dawgmatix_: kvm with bridged networking might be best suited then
<Dawgmatix_> does kvm running freebsd run slower than kvm running linux in linux ?
<ahe> it should be possible to use a start script to start all vms on boot up
<Dawgmatix_> because the only time i tried kvm was when i tried a freebsd guest on an ubuntu karmic host. and it was really slow
<Dawgmatix_> (as compared to virtualbox on this same machine)
<TeTeT> Dawgmatix_: was hardware support enabled for virtualization on the box? By default it is off in the BIOS
<TeTeT> Dawgmatix_: it sounds to me that you were running kvm in qemu mode
<Dawgmatix_> yes i was
<Dawgmatix_> also yes virtualization is enabled
<ahe> by the way virtualbox has a command-line interface
<ahe> it should be possible to automatically start your VMs with that on boot up too
<Dawgmatix_> oic :)
<Dawgmatix_> looks like theres much more to learn :)
<Dawgmatix_> will read the kvm docs
<kenpark> I updated to karmic, now I don't get a shell via ssh (login works) I have direct access to the machine: I need to press ctrl+c after local login to get a shell. How to fix this?
<zoopster> kenpark: find what's keeping your login from completing and fix it?
<Sam-I-Am> kenpark: might be the update checker hanging
<Sam-I-Am> kenpark: script that runs at login to tell you if there are package updates
<kenpark> How do I disable that script? I can't seem to find it in .bashrc?
<kenpark> zoopster - thanks :-) I am having a hard time with this.
<Sam-I-Am> iirc it generates an motd on the fly...
<Sam-I-Am> does your machine have net access?
<Sam-I-Am> the scripts that run are part of update-motd
<Sam-I-Am> you can find them in /etc/update-motd.d
<PorterTech> Hey guys, wondering if anyone could help me out with expanding a ebs volume that uses xfs.
<PorterTech> I cannot get it to grow, because it doesnt detect change in disk size
<kenpark> the machine does have internet access
<Sam-I-Am> kenpark: for some reason maybe its choking on trying to access the ubuntu servers.  might want to check on that... or just disable the scripts.
<Sam-I-Am> personally i hate the login delay even on a system with good net access, so i kill those scripts anyway
<Sam-I-Am> if i'm interested in updates i'll go find them :)
<Sam-I-Am> you might also try touching .hushlogin in your home dir
<Sam-I-Am> PorterTech: wish i could help, but i'm not familiar with ec2
<PorterTech> its ok, I'm sure i will figure it out eventually
<PorterTech> thanks tho
<kenpark> Sam, this fixued it
<Sam-I-Am> heh
<Sam-I-Am> i've done a lot with xfs, just not in the cloud \
<Sam-I-Am> kenpark: which did?
<kenpark> gee .. i would have never found out
<kenpark> I moved all the scripts from /etc/update-motd.d to my home-dir
<Sam-I-Am> heh
<Sam-I-Am> there used to be a script called 'update-motd' where you could do 'update-motd --disable' but i'm not seeing that anymore on karmic
<PorterTech> well, if i had a xfs file system on a 10GB disk, but then i mirrored it onto a larger disk and wanted to grow it to full disk size
<PorterTech> but it didnt detect change in disk size
<PorterTech> lol, just leave out the ec2 part
<Sam-I-Am> that'd be an lvm thing...
<PorterTech> it is mounted with mount -t xfs -o noatime "/dev/sdd1" "/mnt/ebs"
<Sam-I-Am> it should see the partition table grow
<Sam-I-Am> does lvm show the addition?
<PorterTech> one sec, just startup up the instance
<PorterTech> starting*
<PorterTech> lvm is not installed
<Sam-I-Am> so... you added a completely separate disk and want to expand a single filesystem over to it?
<PorterTech> well, I used a snapshot of the 10 GB disk and created a 20GB disk with it
<Sam-I-Am> did you just write the image bitwise?
<Sam-I-Am> like... dd
<PorterTech> its an exact bit copy
<kenpark> Actually the problem is caused by landscape-sysinfo. There is a script that runs /usr/bin/landscape-sysinfo. Once started everything just hangs.
<Sam-I-Am> PorterTech: yeah, so your 20gb disk/partition thinks its a 10gb disk/partition still
<Sam-I-Am> because that image probably contains the partition info from that 10gb
<Sam-I-Am> kenpark: yeah, thats what the script runs iirc
<Sam-I-Am> kenpark: you should really figure out why thats hanging tho... sounds like a network issue.
<Sam-I-Am> PorterTech: lvm is designed to do things like this... not plain old partitioning.  if you dont mind a chance at losing the data there, you might try expanding the partition with fdisk to fill the remaining 20gb
<Sam-I-Am> but... ymmv
<Sam-I-Am> lvm lets you do all sorts of disk addition and partition resizing on the fly
<PorterTech> ya, it wasnt setup with lvm or md
<PorterTech> wont fdisk completely corupt all of the data?
<kenpark> Sam: It appears there is some kind of issure with acpi that causes it to hang
<PorterTech> can i not some how update thexfs metadata?
<kenpark> Thank you Sam, I think I am going to look for the acpi thingy :D
<PorterTech> i think i am going to create another volume, and rsynk --links -av
<PorterTech> rsync*
<spiritof76> I am having trouble connecting desktop wirh server to print
<spiritof76> Can print from server but cant get print from desktop
<spiritof76> can call call the cups server from desktop
<Sam-I-Am> PorterTech: yeah, rsync works too
<Sam-I-Am> PorterTech: fdisk might not corrupt the data as long as it starts at the same place... and theres nothing scattered around the disk.  its a hack and has some requirements :)
<Sam-I-Am> i need to get some work done outside... back later
<spiritof76> Can any any one help me with printing to my server from desktop
<PorterTech> thanks sam!
<spiritof76> I can't get my server printer to print from my desktop..
<uvirtbot`> New bug: #302012 in xinetd (main) "Update from 804 to 810 Xinetd and Update manager" [Undecided,Invalid] https://launchpad.net/bugs/302012
<uvirtbot`> New bug: #351509 in vm-builder (universe) "vmbuilder should provide an option to choose which libvirt virtual network" [Wishlist,Confirmed] https://launchpad.net/bugs/351509
<uvirtbot`> New bug: #366268 in vm-builder (universe) "fails if no ssh keys exist" [Undecided,Fix committed] https://launchpad.net/bugs/366268
<MK13> i just setup hostapd with this tutorial: http://blog.robin.smidsrod.no/index.php/2008/08/08/how_to_setup_an_atheros_based_access_poi  , other devices now see the ssid i put up however they have no internet access (i do not know if this is because of IP problems or bridging problems)
<Wallace> anybody know where TLS certificates used by dovecot live / how to generate them?  I did this last week, but i need to change the hostname, and I can't remember how I did it or find the instructions I followed
<qman__> Wallace, the SSL certs dovecot uses are specified in the main dovecot configuratino
<qman__> configuration*
<Wallace> qman: yeah, but I created one for my host...now i want to replace it with a new one, and I can't remember how i created it
<thomas_newbie__> how to list all related packages to "ssh" with apt-get ?
<KurtKraut> thomas_newbie__, try aptitude search ssh
<Noble> Hi, having problems with a Zimbra install on 9.10. Dependency libgmp3 is not found in the repos.
<Noble> Hi, having problems with a Zimbra install on 9.10. Dependency  libgmp3 is not found in the repos.
<uvirtbot`> New bug: #486831 in samba (main) "Nautilus network share - browsing windows computer" [Undecided,New] https://launchpad.net/bugs/486831
<erichammond> PorterTech (gone): I think you were looking for: xfs_growfs /mountedvolume
<crohakon> is there a free alternative to cpanel?
<GammalSokk> hmm... if I want to run two samba servers on the same pc, one on each of it's two network cards with separate configs, how do I do that?
<GammalSokk> in 9.04 that is
<andol> GammalSokk: In (very) short you need separate copies of /etc/samba/smb.conf and /etc/init.d/samba. You'll also need separate copies of the files and folders being refered to from those files.
<andol> GammalSokk: Of course, just for the fun of it, some files and folders might not explicitly be refered to from smb.conf, but simply from default settings.
<GammalSokk> hmm... the /etc/init.d/samba doesn't refer it to a config file to use... so I guess it uses /etc/samba/smb.conf as default so I would have to add wich config file to use in the init for the 2nd samba I guess
#ubuntu-server 2010-11-22
<Queops> A total nightmare this samba
<Scunizi> I've got a chicken and egg syndrom.. just installed "server" on a laptop with a Broadcom BCM4401 eth0 card.. sudo lshw shows the card and static ip address I setup and a b44 driver that it's chosen.. however it's not connecting.. any help is apriciated.
<draven_sol> at a highlevel how do i create an encrypted raid 10 on ubuntu server 10.04, using 5 disks. i'm using one for /boot, without encryption and the other 4 for the encrypted raid.
<draven_sol> i managed to get the system installed but when i power down the system and remove one drive as a test, i am dumped to an emergency shell
<rcsheets> would it be reasonable to use the built-in 'ssh' group to restrict ssh access using sshd_config's AllowGroups option?
<rcsheets> or would it be somehow better to create an ssh-users group?
<rcsheets> https://help.ubuntu.com/10.10/serverguide/C/user-management.html implicitly suggests creating an sshlogin group.
<ehcah> Does anyone know if the casual home user serving up Movies from Server Storage and played locally by dedicated HTPC's, would notice any speed/performance difference between Linux generic Raid6 / Samba versus ZFS?
<chrismsnz> hey guys - any canonical devs around? Looking for convirt 2.0 - I see all the press releases saying it's in the partner repo but it's nowhere to be found on my lucid system
<twb> ehcah: for a single user, I very much doubt it
<MTecknology> Wasn't there an #ubuntu-virt channel?
<chrismsnz> i tried that - seems to be invite only?
<twb> chrismsnz: have you enabled the partner repo?
<chrismsnz> twb: yes
<twb> #ubuntu-virt is a deprecated channel; it redirects here.  You're seeing an "invite only" error because of a bug in the ircd, because you're already IN this channel
<chrismsnz> i c
<MTecknology> oh..
<MTecknology> thanks
<MTecknology> so.. I'm getting an error [ pci_add_option_rom: failed to find romfile "pxe-rtl8139.bin" ] when I try to start a vm in kvm - any ideas why?
<MTecknology> there we go - needed kvm-pxe
<MTecknology> so.. I'm trying to boot NetBSD with KVM - it boots - but doesn't go much futher..
<twb> MTecknology: rtl8139 is an ethernet chipset.  PXE is a netboot protocol, usually implemented as a ROM chip on the NIC.
<twb> MTecknology: it is complaining because it can't find the netboot ROM (firmware?) for your NIC
<twb> This might be because (IIRC) rtl8139 requires non-Free firmware that Linus ships, but Debian (and Ubuntu?) remove from the kernel because binary blobs aren't DFSG compliant.
<MTecknology> oh
<MTecknology> twb: Installing that package seems to have made that go away and there's not complaining about anything now - any ideas why booting NetBSD won't get past this point?  http://imagebin.ca/img/5CXyyiSy.png
<twb> MTecknology: sorry, I don't have time.
<MTecknology> ok- thanks
<chrismsnz> Can't see anything obviously wrong in with that output, MTecknology
<chrismsnz> not that I'm a bsd expert of any sort
<MTecknology> chrismsnz: it just hangs there - never finishes booting
<chrismsnz> MTecknology: relevent? http://mail-index.netbsd.org/netbsd-bugs/2010/11/08/msg019756.html
<MTecknology> chrismsnz: seems to be
<chrismsnz> MTecknology: http://mail-index.netbsd.org/netbsd-bugs/2010/11/08/msg019751.html matches your problem exactly
<chrismsnz> seems like a netbsd bug :\
<chrismsnz> apparently a workaround is "-no-kvm-irqchip" to the kvm command if you haven't seen that post already
<MTecknology> chrismsnz: I tried that and it didn't seem to help - I'm trying another iso now
<MTecknology> chrismsnz: thanks for finding that :)
<chrismsnz> np
<chrismsnz> getting back to work now tho :)
<demonspork> how can I use apache to monitor the bandwidth usage of each website that it is hosting
<draven_sol> what is proper manual method to create an encrypted raid 10 in ubuntu 10.04
<G> demonspork: I think the really popular one not too long ago was mod_bandwidth
<demonspork> draven_sol, the proper method is to avoid it at all costs
<G> demonspork: looks like all the apache modules I can remember off the top of my head either don't work w/ the latest Apache, no longer maintained or unknown
<demonspork> k
<MTecknology> so netbsd has been trying to install itself for a long dang time now - it 'seems' to be an issue with talking to the virtual disk... It's been running the equiv of mkfs for about an hour on a 10GB disk.. Any ideas what might be causing that?
<draven_sol> demonspork, why would it be proper to avoid?
<demonspork> that is more of an opinion
<G> demonspork: http://serverfault.com/questions/30149/alternative-to-mod-throttle may be interesting
<G> (for you that is)
<demonspork> but at the point you can build a raid 10 you might as well do an LVM RAID 5
<G> draven_sol: software raid or hardware raid
<draven_sol> G software raid
<G> btw, be careful about which way you get the RAID 1 and 0 (just an opinion)
<G> draven_sol: Putting encryption on a software raid 10 I'd suspect is just going to make your I/O get to the point where it's non-existant
<demonspork> also why do you want it to be encrypted?
<G> demonspork: it's a reasonable requirement for some situations
<G> that said, nothing beats a properly secured room
<demonspork> I use an encrypted partition on a server in an open colo room
<demonspork> no locked rack
<demonspork> I got there to install it and saw that there weren't lock rack sections as I had assumed
<demonspork> so I just quickly sat there and said "I am goign to be here for about an hour" and an hour later I had the thing redone with an encrypted partition
<draven_sol> G, what is the highlevel method, is it to set the drives for raid use, then encrypt?
<G> draven_sol: you may be better off performance wise, considering the purchase of a decent RAID controller that can offload a bit of the work from the OS
<draven_sol> it's a home server which i'll consider a hardware controller if the performance is poor
<G> draven_sol: normally the encryption would go on after the RAID, but it does depend on the type of encryption
<G> fwiw I've never touched RAID+Encryption (mainly for sanity reasons ;))
<draven_sol> G yeah that's my problem right now, is the sanity of properly doing it so it's bootable with a failed drive
<G> draven_sol: well the most important part is the visualise it and get your RAID right
<G> if it's not the primary boot device(s) then just get the RAID going, test it, then worry about encryption
<draven_sol> i have a separate drive for /boot to maintain some sanity
<G> hmmmm really it's up to you in the end how you want to do it, but draw it out on paper, and make sure you get your RAID10 right (the order of the RAID1 and RAID0 can matter)
<uvirtbot> New bug: #324889 in libnss-ldap "Ubuntu Notebook Remix 1.0.1 does not work with OpenLDAP" [Undecided,Expired] https://launchpad.net/bugs/324889
<draven_sol> i'm testing my raid, powered down the system. removed the power and data cable to one of the drives. when i reboot i am dumped into a recovery shell. is this normal for raid 10?
<kaushal> hi
<twb> draven_sol: yes
<twb> draven_sol: if you want it to boot normally, you need to boot with "bootdegraded"
<uvirtbot> New bug: #678420 in samba (main) "smbd sometimes does not start on startup" [Undecided,New] https://launchpad.net/bugs/678420
<stanman> hi, how do i tail netstat?
<joschi> stanman: `netstat|tail`
<joschi> stanman: but you're probably looking for something like `watch`
<stanman> aight! That's what it was!
<uvirtbot> New bug: #678498 in samba (main) "Ubuntu fails to copy any files on windows share with "Invalid Argument" error" [Undecided,Confirmed] https://launchpad.net/bugs/678498
<xfaf> soren:hey did you merge in my changes to the debian branch yet?
<soren> zul: Hm.. Nope, I must have missed the e-mail about the patch.
<soren> zul: Replied.
<zul> soren: thank will look after i drop liam off and try not to break my kneecaps ;)
<soren> zul: I have people for that sort of thing.
<soren> Daviey: Did I miss an e-mail from you?
<Daviey> soren: no, not yet
<soren> Daviey: Alrighty.
 * RoyK orders a new 17" MBP
<LyonJT> Hey
<LyonJT> Does anyone know how to setup a iptable so that only connections from say ssh.domainname.com are accepted instead of domainname.com?
<zul> soren: yeah i should probably outsource that to india
<soren> zul: Knee cap bashing?
<soren> zul: I don't think that would work.
<soren> zul: They're way too polite.
<zul> soren: heh
<zul> smoser: you here today?
<zul> is american thanksgiving this week or next week i forget
<patdk-wk> this thursday
<patdk-wk> LyonJT, you can't use dns names in iptables, unless those ip's will never change, and your dns upstream will never be spoofed when you restart your firewall
<Pindakaas> hello everyone! Can anyone tell me what the easiest way is to set up a mail server?
<patdk-wk> depends on what you want to use the email server for
<Pindakaas> for joomla
<patdk-wk> receive, easy
<patdk-wk> sending, not so much
<patdk-wk> spamfiltering, depends, but generally not
<Pindakaas> ow it needs to recieve and send:$
<Pindakaas> well lets try babysteps first:P how about recieving ?
<patdk-wk> install email server, done :)
<Pindakaas> wow
<Pindakaas> LOL:
<Pindakaas> and should i use something like EXIM3 or Postfix?
<patdk-wk> you probably want something like: https://help.ubuntu.com/community/PostfixCompleteVirtualMailSystemHowto
<Pindakaas> so i need a "mail delivery agent"and thats it?
<patdk-wk> but for sending of email, I would make sure all your dns stuff matchs correctly
<patdk-wk> forward dns, reverse dns, mx name, spf records, dkim, helo name
<zul> nijaba: ping when you are around
<Pindakaas> ok thank you im going to look into it. 2 weeks ago i didn even know how to navigate a command line server.
<Pindakaas> :P
<nijaba> zul: pong
<patdk-wk> heh?
<patdk-wk> they make servers without cli's?
<Pindakaas> yes windows does :P but i got fed up with it:P
<zul> nijaba: bonjour so your virtual networking spec what needs to be done? openvswitch dkms stuff, tinc and ...?
<patdk-wk> dunno, I've been admining an exchange server for a several years now (not cause I want to), and I do it all via cli
<nijaba> zul: just to make sure the pakage installs and the kernel modules compiles, that's it, I think
<zul> nijaba: oh....thats easy :0
<nijaba> zul: great
<Pindakaas> patdk-wk > I just started with ubuntu server but now i know how to get around it gets better and better :D thank you for the help btw
<patdk-wk> make sure all your dns is setup good though, or all your email will be rejected, or go to junk folders, when you send to other poeple
<zul> nijaba: now i just have to do the spec for it?
<zul> nijaba: grrr
<nijaba> zul: what do you mean?
<Pindakaas> ok i will keep that in mind and google for the keywords you just typed
<zul> nijaba: i mean i just have to write the spec
<nijaba> zul: that's should not be a long one ;)
<zul> nijaba: it shouldnt...shout it be in main though?
<nijaba> zul: not unless something else depends on it
<LyonJT> patdk-wk: thanks pal
<zul> nijaba: ack thanks
 * SpamapS is away way too early
<maddog> hihi
<maddog> hiho
<highvoltage> hi maddog
<highvoltage> oh, not *the* maddog :)
<maddog> i have a ubuntu server 10.10 with a 3ware raid and a crypto volume. Everytime i write data to that volume, the transmission hangs every ~350mb for 30 seconds or so. I already disabled all caching functions on the controller, so i have no idea why that happens..
<uvirtbot> New bug: #674803 in samba (main) "package samba-common-bin 2:3.4.7~dfsg-1ubuntu3.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 2" [Undecided,New] https://launchpad.net/bugs/674803
<SpamapS> maddog: is it possible that you are running out of entropy?
<maddog> hm, how would i check that?
<SpamapS> maddog: cat /proc/sys/kernel/random/entropy_avail
<maddog> alright, let me watch that while provoking the error
<SpamapS> maddog: if you're going to be writing a lot of data, you may want to run something like EGD (Entropy Gathering Daemon)
<maddog> hm, the value is jumping between 137 and 180 while the error occurs
<SpamapS> hmm.. EGD seems to be old old school :p
<SpamapS> maddog: thats the number of bits of entropy you have available.. and may be too low
<SpamapS> maddog: you might want to try rng-tools which I believe will take advantage of any hardware on your motherboard to help with that
<patdk-wk> ya, around 150 avail means basically your in the 0% usable
<uvirtbot> New bug: #677611 in bind9 (main) "package bind9 1:9.7.0.dfsg.P1-1 failed to install/upgrade:" [Undecided,New] https://launchpad.net/bugs/677611
<maddog> hm, rngd tells me it cant find /dev/hwrng, but it exists and should be accessible
<SpamapS> maddog: but is it attached to anything working?
<maddog> hm, good question...
<maddog> according to lsof it isnt
<SpamapS> maddog: I mean to a working device
<maddog> ah ok, how would i check that?
<SpamapS> maddog: good question. ;)
<maddog> hehe
<smoser> zul, i'm here today
<smoser> and part tomorrow
<smoser> whats up?
<zul> smoser: you wanna talk ec2 stuff later?
<smoser> sure
<zul> smoser: k
<zul> soren: branch fixed again
<LoganPhyve> hello all, wondering if anyone has any idea how to upgrade an ubuntu 7.10 server to 8.04, then to 10.04... on $ sudo do-release-upgrade , I get "no new relase found"...
<pmatulis> LoganPhyve: such a thing is not officially supported
<LoganPhyve> I know... do I have any options for either a network upgrade or a cd-based upgrade?
<\sh> LoganPhyve: vi /etc/apt/sources.list s/gutsy/hardy/g <save it> ; apt-get update
<\sh> apt-get dist-upgrade
<\sh> LoganPhyve: so you can go from gutsy (7.10) to hardy (8.04)
<LoganPhyve> is that the only line that needs to be in /etc/apt/source.list?
<pmatulis> LoganPhyve: is this an important machine?
<LoganPhyve> yes, but I'm working on a clone of it in a virtual, isolated environment. THe physical machine is out in prodctiuon right now.
<\sh> logon: you have normally three lines: deb http://archive.ubuntu.com/ubuntu gutsy main restricted universe multiverse  and then two other lines with gutsy-updates and gutsy-security
<\sh> LoganPhyve:  you have normally three lines: deb http://archive.ubuntu.com/ubuntu gutsy main restricted universe multiverse  and then two other lines with gutsy-updates and gutsy-security
<pmatulis> LoganPhyve: well if it's a clone you can try the sources.list edit method
<LoganPhyve> i did try editing them to add the hardy repos, but it didn't like that
<pmatulis> LoganPhyve: right
<LoganPhyve> i'm thinking my syntax was right
<pmatulis> LoganPhyve: pastebin the file perhaps
<LoganPhyve> sure, one moment
<\sh> LoganPhyve: this is the right apt/sources.list for hardy (when you want universe/multiverse disabled, just drop them from the lines)
<\sh> LoganPhyve: http://paste.ubuntu.com/535263/
<pmatulis> LoganPhyve: and associated errors?
<LoganPhyve> ah, that's probably what's wrong... the list entries I had ended the url with a forward slash
<pmatulis> LoganPhyve: please read https://help.ubuntu.com/community/EOLUpgrades/Gutsy
<LoganPhyve> thanks, I think this will help a lot... will let you know if I'm successful.
<pmatulis> LoganPhyve: i'd like to know how it turns out
<LoganPhyve> sure, will do. it's an OLD firewall server running 7.10 and shorewall 3.4.4, the last IT guy didn't update anything... ever... wow.
<eagles0513875> hey guys is it possible to resize a swap partition?
<zul> nijaba: ping one more thing
<nijaba> zul: no thanks if you want to send over freezing rain :0
<zul> nijaba: heh...you are getting anyways
<zul> nijaba: does this look alright for work items for the virtual networking spec? http://pastebin.ubuntu.com/535274/
<nijaba> zul: maybe add a test item?
<zul> nijaba: ack
<nijaba> zul: something like "write a checkbox test case for openvswitch"
<[diablo]> anyone know why ubuntu-virt is invite only please?
<eagles0513875> [diablo]: is your nick registered? if so are you identified
<[diablo]> eagles0513875, yep it is
<[diablo]> Cannot join #ubuntu-virt (Channel is invite only).
<[diablo]> weird
<eagles0513875> [diablo]: im not sure never been in that channel before
<[diablo]> eagles0513875, np ... annoying thing is I want to be in it :-)
<[diablo]> lionel, you there mate?
<eagles0513875> it could be that its ubuntu-virtualization instead of ubuntu-virt so they made the virt channel invite only
<eagles0513875> nm scratch that
<[diablo]> heres a man who will know
<[diablo]> jono, you know why #ubuntu-virt has become invite only please?
<zul> nijaba: spec has been updated
<jono> hey [diablo]
<jono> no, but that should not be the case
<[diablo]> jono, do you have access please?
<eagles0513875> jono: [diablo] and i have it saying invite only
<jono> [diablo], I don't
<eagles0513875> i dont need in but i kinda find it strange
<jono> it says invite only to me too
<[diablo]> odd
<jono> I am sure it is a mistake
<[diablo]> can we get this fixed? any idea who is controlling the channel?
<jono> [diablo], eagles0513875 looking into this now
<[diablo]> cheers jono
<eagles0513875> thanks jono
<jono> so it should re-direct to #ubuntu-cloud
<jono> but it seems the redirect is broken
 * [diablo] found a neat trick to preform on Dell laptops with the Ubuntu stickers given to him at his meeting with Canonical last week... place them over the Dell logo encased in the circle, they fit perfectly, stick three on top of each other and you can not see the word Dell
<[diablo]> oh
<[diablo]> jono, should they not really be separate channels?
<jono> [diablo], eagles0513875 ok, so it turns out it redirects to this channel
<jono> so you are all good
<jono> sorry for the confusion
<eagles0513875> lol
 * eagles0513875 has yet to figure out why so many ubuntu channels. the language ones make sense and dev ones but virt etc dont make so much sense
<qman__> if you've spent any time in #ubuntu, you should know why
<qman__> way too busy
 * \sh got rid of #ubuntu long time ago...no real input...mostly noise..
<eagles0513875> qman__: im in kubuntu more then ubuntu as i use kde
<zul> there is an #ubuntu channel? :)
<SpamapS> zul: thar be dragonse
<zul> SpamapS: heh
<aljosa> can't figure out if there is some way to add http://kernel.ubuntu.com/~kernel-ppa/mainline/ to /etc/apt/sources.list and use apt-get to install specific kernel?
<[diablo]> jono, LOL ok cheers
<[diablo]> mmm does laclasse not sit around here ever?
<consumerism> i ran apt-get install mysql-server &
<consumerism> it asked me for confirmation and then said "stopped"
<consumerism> i thought it would run in the background. how do i resume the process?
<patdk-wk> fg
<patdk-wk> I dunno why you would ever do that in the background
<consumerism> patdk-wk: thanks. i should have used screen or something, wasn't thinking
<jmgalloway> does anyone know how to run terminal scripts using php?
<Pici> jmgalloway: install the php5-cli package.
<jmgalloway>  I need to be able to run command line inputs from a web page
<jmgalloway> does that come with the php install?
<Pici> jmgalloway: I don't think it is installed by default.
<jmgalloway> sudo apt-get install php5-cli?
<Pici> jmgalloway: Yep :)
<jmgalloway> ok, its installed...is there a good web reference on how to use it?
<Scunizi> Is byobu available for server? I can't seem to find it in the repos (apt-cache search byobu).  of course screen is there
<kirkland> Scunizi: yes, where are you looking?
<kirkland> Scunizi: ie, what version?
<Scunizi> kirkland: 10.04.04 server.. Just installed and did all the updates.. did an apt-cache and "nothing"
<Scunizi> kirkland: apt-cache search screen pulls a huge list of stuff which of course includes screen
<Pici> !info byobu
<ubottu> byobu (source: byobu): a set of useful profiles and a profile-switcher for GNU screen. In component main, is optional. Version 3.5-0ubuntu1 (maverick), package size 75 kB, installed size 532 kB
<tomsdale> I can ping my domain but if I open the url in a browser the request doesn't end up at the server (checked with tcpdump) Are my dns entries wrong or is it the apache config? Here is my DNS config. http://pastebin.ca/1999180
<Scunizi> Pici: so only maveric? It also seems to be available for 10.04 kubuntu..
<Pici> Scunizi: It should be available in the package 'byobu' since Karmic
<Scunizi> Pici: apt-get install byobu returns "couldn't find package byobu"
<kirkland> Scunizi: check your sources
<kirkland> Scunizi: cat /etc/apt/sources.list
<kirkland> Scunizi: maybe pastebin that
<Scunizi> kirkland: http://pastebin.com/id2HDX0L
<kirkland> Scunizi: you're running 8.04, not 10.04
<kirkland> Scunizi: this is a hardy system, not a lucid
<kirkland> Scunizi: you could install byobu from a PPA for hardy, perhaps
<kirkland> Scunizi: but byobu doesn't exist in Hardy proper
<Scunizi> ARG!.. I should have noticed that.. could have sworn that I downloaded 10.04 yesterday.. back to the drawing board.. new download and install.... :(
<Scunizi> My bad.. embarrasing
<Techie> does ubuntu-server have an active automounter, and does it support read/write to OSX drives (HFS+ i think)?
<SpamapS> Techie: I don't believe we can write to hfsplus no
<SpamapS> Techie: though I didn't try very hard to enable write mode.... so it might have some secret way to do that.
<SpamapS> Techie: as far as automount, yes.
<Techie> okay, thankyou
<Techie> im currently trying to work out some financing so that i can purchase another 500gb drive and not have to shift ~1tb of data around repeatedly
<reggie_> hey anyone alive in here?
<highvoltage> maybe.
<reggie_> lol great, thank god actually
<reggie_> I am a win admin and am just learning how to use ubuntu server, installed it on one of my old servers at work
<reggie_> and I actually took the dive and installed the gnome desktop on top of it with ebox
<Techie> RAID question, not really ubuntu specific, but can i stipe 2x 500gb drives and then in turn mirror the array onto a singular 1tb drive, or does it have to be 4 drives?
<reggie_> problem is I cannot authenticate t osynaptic even though i can install from the command line
<reggie_> i did make myself an admin but still no dice am I suppose to be part of a special group or something?
<highvoltage> reggie_: you can add a user to the admin group if you want them to be able to use sudo to gain root access
<reggie_> well i see my name in the admin group but it was unchecked
<kirkland> hallyn: yo
<reggie_> i just checked it so let me try now, btw Ubuntu is way better than I expected it to be
<reggie_> very impressive
<kirkland> hallyn: you and lool get the qemu-kvm bzr v. source figured out?
<reggie_> ok highvoltage i added myself to the admin group but for some odd reason it will not autheticate using my password, am I doing someting wrong , am I suppose to create an additional user on this system just for synaptic?
<reggie_> i did also add myself to the root group
<reggie_> and still no dice
<Techie> failing that, you can always make an entry in the sudoers file
<highvoltage> reggie_: you'll have to log out and back in again for it to take effect
<Techie> he shouldnt have to log out and in
<reggie_> ohh ok let me try that thanx for your patience highvoltage
<reggie_> ok well that did not work
<Techie> reggie_: you may also wish to edit the sudoers file, this will allow you to specify specific users that can have sudo access and also you can create new entries for groups/users and limit them to certain types of commands
<reggie_> Techie I was thinking the same thing
<reggie_> windows is able to do this on the fly without a reboot or a logout
<highvoltage> reggie_: what do you get when you type 'groups' on the command line?
<reggie_> one sec have to go to the server to try this
<reggie_> highvoltage, actually when i type groups it just list a bunch of different groups that I am guessing i belong to
<highvoltage> reggie_: do you see the admin group in there?
<reggie_> actually no it is not in there
<HackeMate> hello
<Techie> may i make a suggestion
<reggie_> i guess the gui did not add me properly to the admin group although it is checked
<reggie_> yes Techie please feel free
<HackeMate> I have /etc/dhcp3/dhcpd.conf that an user should modify, but I won't let him to get access to root user
<HackeMate> what permissions should I give to that file?
<HackeMate> or what group I need to set up
<Techie> if your making a singular dedicated admin, edit the sudoers file and add a line specificaly for that user, that way nothign can go wrong and other users cant be given sudo by accident
<HackeMate> but I only want let him modify dhcpd.conf, not every sudo files
<databits> I'm having an issue with apache.  I was running two virtual server's, and both websites were poping up fine.  Now when I get back from my trip... If I browse to one of the websites in IE, I'm getting the main webserver directory instead of the folder pertaining to that dns.  Anyone have any idea's ?
<highvoltage> reggie_: from an existing admin user, do a 'sudo adduser reggie admin' to add reggie (or whatever your username is) to the admin group
<reggie_> well this is the server only one admin will access this machine and that would be me
<Techie> and from there on, you can add further lines, so lets say ontop of you super user, you have a bunch of people that you want to be able to use sudo to restart only, then you can make another entry for them
<reggie_> ok strange i tried what you said and it says I Am already a part of the admin group
<reggie_> should I uncheck from gui
<reggie_> Techie I would be the only user that has access to this server
<Techie> well then i single modification in the sudoers file would cause you ALOT less hassle
<reggie_> ok I am just trying to figure out why it is it telling me that I have an incorrect password entered when I am part of the admin sudo root group
<Techie> hold up
<Techie> just checking
<reggie_> again i can install software with no issues from the command line since i learned the very basics of installing software on cli
<Techie> when usig sudo, are you using your own password, or the root password?
<Techie> using*
<reggie_> well i am the only user created during the install so I am using my password
<Techie> okay
<reggie_> from what i understand so far the first user is supposedly the admin well at least on the Desktop version
<Techie> just this line to your sudoers file and modify the username to fit
<Techie> Techie ALL=NOPASSWD: ALL
<Techie> that will allow that one user to authenticate with sudo without having to use a password
<reggie_> ok Techie you are a pro so on the cli i am adding this with my username instead of Techie correct?
<Techie> yes
<Techie> and from then on if you want other poeple, you can add stuff like this, %power ALL=NOPASSWD: SHUTDOWN_CMDS, MOUNT_CMDS
<reggie_> reggie All=NOPASSWD: ALL
<Techie> yep
<reggie_> does that look ok ?
<Techie> looks perfect to me
<reggie_> ok well says command not found
<reggie_> am I supposed to sudo
<Techie> you have to add that to the file
<reggie_> humm where do I find the file
<Techie> so as root, you will have to use an editor to edit /etc/sudoers
<reggie_> so sudo gedit
<Techie> yes
<reggie_> ok one sec
<reggie_> so will I be adding this as the last line
<reggie_> ok Techie how long will you be here
<Techie> i will be here for awhile longer
<reggie_> I want to do this but i need to take care of an exchange issue real quick
<reggie_> ok great brb, thank you for helping me
<Techie> reggie_: no problem, im trying to scrounge together an extra $35 NZD so i can sort out all my hard drive issues, so ill be around
<kirkland> smoser: hey, are you around today?
<smoser> yeah
<smoser> and some tomorrow
<Dramatic> hey fellows in arms! =)
<Dramatic> I get: " Marking TSC unstable due to: check_tsc_sync_source failed." when trying to install ubuntu 10.10 on a Multiprocessor IBM system.
<Dramatic> After that message the installation freez
<Dramatic> Any clue?
<blistov> phppgadmin 4.2.2 and 4.2.3 breaks after ... security update?
<blistov> Deprecated: Assigning the return value of new by reference is deprecated in /usr/share/phpPgAdmin-4.2.3/classes/Misc.php on line 344
<blistov> 4.2.3-1 is supposed to fix it but doesnt' seem to be available through any official Ubuntu channels.
<blistov> Anyone fixed this?
<Dramatic> "Marking TSC unstable due to: check_tsc_sync_source failed." => Install freeze => Hardware defunct?
<Pindakaas> When i installed munin on a 10.04 server (sudo apt-get install munin;sudo apt-get install munin-node
<Pindakaas> ) i get the nofication "You don't have permission to access /munin on this server" when i try to acces http://host/munin. Bot are on the same server. does anyone know what i need to do to get the web frontend to work?
<vraa> Pindakaas, did you check that apache2 was setup with the proper munin.conf
<Pindakaas> @ vraa. 2 weeks ago i did n ot even know what a cli server was, so im sorry if i sound a little stupid. but how do i do that?
<vraa> np i set up my munin on 10.04 ubuntu very recently
<vraa> http://jc.vkcsubway.com/munin/vkcsubway.com/jc.vkcsubway.com/index.html
<vraa> first read a few of these tutorials that i used
<vraa> http://www.ubuntugeek.com/monitoring-servers-and-clients-using-munin-in-ubuntu.html
<vraa> http://articles.slicehost.com/2010/3/12/installing-munin-on-ubuntu
<vraa> http://library.linode.com/server-monitoring/munin/ubuntu-10.04-lucid
<Pindakaas> thank you i will look into that
<reggie_> hey Techie still there?
<reggie_> sorry I took so long
<Techie> reggie_: yep, still here and still havent worked out where im gonna get some extra money from
<reggie_> huh extra money?
<reggie_> why do you need extra money
<Techie> i need another 500gb HDD
<Techie> and im gonna be about $35 NZD short
<reggie_> well I have a proposal
<Techie> im listening
<reggie_> if you teach me Ubuntu I can send you a drive free of charge as payment for your services
<Techie> would take too long
<reggie_> lol well it's up to you
<reggie_> i'm an admin so have access to quite a few things
<Techie> as much as i owuld love to get a drive for teaching someone how to use a unix based OS
<chrismsnz> hey guys, any canonical peeps around? I saw the press release mentioning a partnership with convirture and that Convirt 2.0 was in the partner repositories - except I can't find it in the partner repositories... anybody know the story?
<Techie> if i leave it too long, it will cause me ALOT of trouble when creating this RAID array due to having to backup data in alot of places, as my server is already almost full
<reggie_> I see, so 500 sata or scsi
<Techie> sATA
<Techie> its for my desktop rig
<reggie_> yup looking right at it on my desk
<reggie_> just collecting dust
<reggie_> again all you have to do is sign on the dotted line and i would ship it to you by fedex tomorrow
<reggie_> all i'm asking is that you think about it
<Techie> i know
<Techie> it sounds simple, but really its not
<reggie_> really why is that not simple? i think i'm a quick learner
<Techie> ive tried teaching before
<Techie> its more a matter, of where to start, what to cover
<Techie> how to cover it
<reggie_> really and what was the outcome
<reggie_> i see
<Techie> so while it seems simple, its not
<reggie_> well i'm trying to learn ubuntu linux admin so i can apply it to my work network
<Techie> and also, you cant really teach unix
<reggie_> so strictly server stuff and some admin stuff
<Techie> its sort of something you can only be guided through
<reggie_> why not, you learned it somehow and you seem knowledgeable
<Techie> reggie_: thats only because ive been tinkering with my own systems for a year or so, almost everything i know is stuff that ive picked up myself
<reggie_> ahh ok
<reggie_> well i've purchased a book on ubuntu
<Techie> the main problem though is the content, i know its for a server
<reggie_> a practical guide for 10.04
<Techie> but when learning about servers, you have to decide whether you cover the absolute basics, ssh, how to edit differnent things, networking, security and network security
<Techie> what to do, what not to do
<reggie_> it will cover some server stuff but i think for some stuff like the synaptic issue I would be lost even with the book, since i'm so new to this but to be fair I do have some basic understanding on how linux works since i've been experimenting with linux for 2 years now
<Techie> so i cant really offer you lessons as per say
<Techie> but i can offer you guidance in what interests you
<reggie_> but never took the time to really learn it
<reggie_> I understand
<reggie_> I'll have to take the time to read the book and see how far I get
<Techie> that would be best
<reggie_> so now going back to the sudoers list
<Techie> also dont try jump straight into setting things up for production
<Techie> try set some things up, then if it fails... re install and start again
<reggie_> well I Am trying to set it up first test it against active directory first before allowing users on my network access to ti
<Techie> that way its you actually discovering how to do things, therefore you learn faster and theres some repitition
<reggie_> so no this may be a project for the enxt few months until I have it down pat
<Techie> yep
<reggie_> now
<reggie_> regarding the sudoers list
<Techie> okay
<reggie_> I Am at another location I was able to vnc to the server desktop so I can add the line to the list
<reggie_> what was the command again
<reggie_> ?
<Techie> one sec, just gonna test somethign against one of my servers
<reggie_> ok
<Techie> im gonne try be real tricky here and get it all out of the way with one command
<toast018> hello everyone. first time IRC user here... anything I should be aware of or any tips for a newb?
<reggie_> welcome to the clubtoas
<reggie_> toast018, *
<toast018> thanks reggie_
<Techie> sudo chmod 777 /etc/sudoers && echo reggie ALL=NOPASSWD: ALL >> /etc/sudoers && sudo chmod 440 /etc/sudoers
<Techie> that should do the trick all in one line from the command line
<reggie_> ok great give me a sec
<Techie> if it doesnt work, then we can always do it manually
<reggie_> toast018, i'm a win admin trying to learn here as well
<toast018> I was thrown into it... I was working helpdesk supporting windows and fiddled with linux at home. Never a server in a production environment!
<toast018> now Im the sys admin for 2 sites!!! Yikes!
<reggie_> lol better buy a book like I did and come here for help
<Techie> toast018: sites, as in 2 websites or sites as in 2 projects?
<toast018> I did... several of them! and sites as in Buildings/locations. lol... sorry...
<reggie_> Techie I am going to paste the response
<Techie> i see, not trying to be too nosy here, just trying to judge difficulty, what does each site do?
<reggie_> sudo: /etc/sudoers is mode 0777, should be 0440
<reggie_> sudo: no valid sudoers sources found, quitting
<Techie> hrmm
<reggie_> so what are the servers being used for ?
<toast018> its cool... One is a WIC Center and the other a Regional Health Dept.
<Techie> okay, well the first part worked, which means the second part would have worked
<Techie> so sudo chmod 0440 /etc/sudoers
<reggie_> sudo: /etc/sudoers is mode 0777, should be 0440
<toast018> I admin a Mail Server (having issues with) a File Server and a dedicated Zimbra Server. Also a few windows servers and a BES server
<reggie_> sudo: no valid sudoers sources found, quitting
<Techie> oh snap
<Techie> oh fuck fuck fuck fucck fuck
<reggie_> linux mail or exchange
<Techie> i just realised what i made you do
<Pici> Techie: That language is not acceptable here.
<reggie_> huh now you are making me nervous Techie
<toast018> Linux mail server...
<reggie_> ahh ok
<toast018> I refuse to use exchange. To $$$
<Techie> toast018: linux mail servers arent that tricky once you get the hang of it
<reggie_> i know just spent 13k on exchange 2010
<Techie> reggie_:  try chmod 0440 /etc/sudoers
<toast018> I am having to reboot the mail server Ubuntu 8.04LTS with sendmail and I have to restart it several times a week because our internet connection starts dropping packets.
<toast018> what could be the cause?
<hallyn> kirkland: oh, there's your ping - yeah, i assume loic has it straightened out.
<reggie_> ok techie one sec
<Techie> hopefully that works
<Techie> or you may have to boot into recovery to change the permissions
<hallyn> There is something about udd i must not be getting.  namely, how the tags are used.  i'll have to look that up when i get a few mins
<reggie_> i'm guessing with the sudo in front of it
<Techie> without sudo
<Techie> basic run down of whats happened, used sudo to give everyone write permission, added the line
<reggie_> operation not permitted
<Techie> damnit
<Techie> im extremely sorry to say this, but your gonna have to boot into recovery
<reggie_> toast018, do you think you have a bad nic or perhaps a bad prt at the switch
<Techie> i should have seen it coming aswell
<reggie_> well if we all have write cant i use synaptic now
<reggie_> ?
<reggie_> and fix the issue later
<Techie> no
<Techie> because the current problem is sudo is refusign to work
<toast018> reggie_: just replaced all the switches with new HP Procurves two weeks ago. so not the switches.
<Techie> and we cant change the permissions back because the user reggie isnt the owner of the file
<reggie_> humm have you checked the switches using the procurve manager to see if you're getting any crc errors
<toast018> not one error...
<reggie_> I see well here is the bad news Techie
<reggie_> I am at another site and doing this via vnc
<Techie> i know the feeling
<Techie> i run a few servers in another country
<reggie_> lol
<reggie_> where are you located Techie
<Techie> and if i screw up, it could be 24 hours+ by the time something gets done about it
<Techie> in in New Zealand
<reggie_> ohh wow no wonder you dont want to teach and wait for the drive
<Techie> yeah
<reggie_> toast018, still there
<Techie> and its not the matter of waiting really
<Techie> its the difficulty of teaching
<toast018> still here
<toast018> :)
<reggie_> you can either log in to the switches via web browser , java is a dependency on this and see if any errors are being generated at those ports
<toast018> Already have and they show no errors.
<reggie_> or use the procurve manager to manage all of your switches
<reggie_> interesting so could be bad nic card if I had to guess
<Techie> toast018: packet drops are extremely normal and is usually caused by things beyond your control
<toast018> I have them setup in a stack so I can manage all of them with one IP...
<Techie> as an example, my home server
<Techie> http://phpsysinfo.technz.info/
<reggie_> try changing cat5 first and check
<Techie> look how many packets have been dropped
<reggie_> if that does not work then replace nic card
<Techie> woah woah woah
<toast018> is over 50% packet loss normal? restart thr mailserver and its fine for a day or so?
<Techie> dont pull out the credit card just yet
<Techie> link up the NIC to either another machine usign the same cable, or create a loop on the same machine
<reggie_> lol Techie he's an admin not coming out of his pocket
<Techie> i never said it was his card
<toast018> When I say packets dropped I mean I issue a PING request from any machine and no matter the webpage I choose I get over 50% packet loss sometimes 100% then I restart and all is swell...
<reggie_> wow cool interface for checking your server Techie
<reggie_> how were you able to do that
<Techie> im sure your employer would rather you actually test the hardware than just buying new stuff when theres a large possibility that the old hardware isnt faulty
<Techie> reggie_: its called phpsysinfo, its a project on sourceforge
<reggie_> really cool Techie
<Techie> thats only whats publicly available
<Techie> i have alot more cool stuff
<reggie_> toast018, from my experience it sounds like a bad nic
<reggie_> but if you dont have the ability to make a purchase or are on a restricted budgtet then I would try what Techie is advising
<Techie> you have to remember that a network is only as good as the worst component, it could posibly be anything on the network
<toast018> I will do a loop test after hours today to see what happens.
<reggie_> what i'm trying to understand Techie is how come the permissions on a desktop install work out fine but on the server it's completely different
<Techie> the permissions were workign fine
<Techie> its a problem in that string of commands that i gave you
<reggie_> i mean this is not a major issue but it would be nice to know that everything works ok after a server install
<reggie_> reason I say it's not major is because I Am still able to install from cli
<reggie_> wow Techie I Am looking at your hardware specs on the web page
<reggie_> now could you please advise on how to fix when I boot to recovery mode
<toast018> Thanks techie for the cool link. I downloaded it and will more than likely install it on our machines.
<Techie> reggie_: chmod 0440 /etc/sudoers
<reggie_> does recovery mode work with networking and if so is there a way of accessing through ssh perhaps
<toast018> anyway it will notify you if you set certain peramiters like if CPU usage gets to 65% send an email?
<Techie> toast018: its just a bit of php, so you can serve it with almost any webserver, and on windows and *nix
<Techie> reggie_: sorry
<Techie> recovery mode is almost like safe mode
<toast018> I have two NIC cards on the mail server anyway I can copy the config from one and apply it to the other so I can use the second nic?
<Techie> it requires you to reboot the machine and physicaly be ther to perform the maintenance
<reggie_> hey Techie please dont apologize, I appreciate you taking the time in trying to help me out
<Techie> toast018: yes, see the file /etc/networking/interfaces
<reggie_> toast018, are you using gui on your servers or working strictly from commmand line
<Techie> im gonna sound a bit cruel here
<reggie_> lol let me guess
<reggie_> no gui on servers
<Techie> if starting to work with *nix servers when coming from a win background, it may be extremely tempting to install a GUI
<Techie> but i urge you not to
<reggie_> that's not being cruel
<Techie> learn to do everything from command line, sure the learning curve is ALOT steeper, but you will learn faster due to necessity
<reggie_> i get the same advice from a friend of mine who admins Redhat servers
<Techie> also you will then know how to recover your system if you ever need to use recovery mode
<reggie_> I see
<reggie_> Techie you dont understand it's more than tempting
<reggie_> i just feel naked without a GUI
<reggie_> fell almost helpless, I will have to rethink everything with this linux server
<Techie> i do understand, i was once a complete noob
<reggie_> well there you have it
<reggie_> so you dont even reccomend using ebox or webmin to administer the server
<reggie_> ?
<Techie> not as a primary way of working
<Techie> i myself have webmin
<Techie> but only for when im workign from a restrictive network
<reggie_> ok gotcha
<guntbert> don't recommend it though...
<reggie_> well then I am at square one
<reggie_> crap
<Techie> also keep in mind that webmin isnt supported by the ubuntu-server team
<guntbert> and ebox is plain evil (in my eyes)
<reggie_> ok got it
<reggie_> why is it evil?
<Techie> webmin doesnt play completely nicely with the debian package manager
<guntbert> reggie_: it insists on using it's own config files - so no easy way back after using it
<Techie> ive trashed my server numerous times with webmin because i didnt think things through
<reggie_> ahh ok so what you're saying once installed there is no alternative on administering the system except using webmin???
<toast018> reggie_: I use CL only no GUI sorry had to step out for a sec
<reggie_> no problem ok so you're not a complete noob lol
<reggie_> it felt nice having another noob here with me for a sec
<reggie_> lol wishful thinking
<Techie> your still both in the same boat
<reggie_> well thank you for pointing that out Techie
<reggie_> :)
<toast018> I am still a newb but am forcing myself to use the CL only
<reggie_> i see
<toast018> thanks Techie ;)
<Techie> which is actually the best thing to do, the only reason im as fluent as i am today is because for about a month, all i had was a command line
<reggie_> ok well I am not stubborn i will use the cli
<toast018> I setup a CL only server at home that I tinker with just to get use to it. Also use my Moto Droid to do a lot on the server at home too...
<Techie> iven watched movies on the command line
<toast018> dont say hackers!
<reggie_> btw just learned the hard way Techie I cant even install anything from the cli because of the permissions
<guntbert> reggie_: sorry, I was talking about ebox (no way back) -- with webmin you just don't use it...
<Techie> toast018: i think i may have watched that on CLI
<ikonia> webmin is the devil
<Techie> oh here we go.... now everyones gonna pitch in about webmin
<reggie_> lol huh you expect me to believe that you can watch a movie from the command line ?
<reggie_> sort of like the matrix huh :)
<Techie> reggie_: its more than possible
<reggie_> very funny
<toast018> Techie: nm I misread your message... lol... I thought you said you watched movies on CLI not watched movies in CLI lol
<Techie> its actually not that hard
<reggie_> huh can you please explain how that is possible
<Techie> toast018: help me out, the differnece being what?
<Techie> reggie_: ever seen ascii art?
<reggie_> huh yes everytime i look at an NFO from downloading something of of Usenet
<Techie> reggie_: well, think that but refreshing fast
<Techie> throw in a bit of colour
<reggie_> hummm lol well definitely not HD quality
<Techie> stand back and its as good as anything
<Techie> yay, the first peice of really good news for the week
 * RoyK celebrates his 0x25s birthday
<reggie_> got it guntbert
<Techie> my 1tb hard drive has returned from being RMA's
<Techie> RMA'd*
<reggie_> nice so you'
<reggie_> are good to go
<Techie> no
<Techie> thats one of my drives
<reggie_> ohh wow lol sorry
<Techie> its the reason why the tb drive in my server is almost completely full
<reggie_> got excited for a minute
<Techie> it started failing so i had to backup everything to my server
<Techie> the 1tb in my server should be ~600gb full
<reggie_> I see why not just buy an external and saving the excess there
<reggie_> or build a NAS boxfor your media only
<Techie> my server is my NAS
<reggie_> I have to say though I came from using another distro and there are some things on the desktop I would like to see changed on Ubuntu
<reggie_> but this is not the room to discuss that
<Techie> and im on a budget, if i could have got an external i would have just got a new 500gb
<reggie_> hey Techie are you an Admin as well?
<Techie> in which term of the word?
<reggie_> Admin as a Job, lol
<Techie> no
<reggie_> ohh ok
<Techie> i am currently unemployed
<reggie_> you should consider it
<Techie> i am
<toast018> you can get a 1.5TB off newegg.com for right at $100
<toast018> if you catch it on sale. :)
<reggie_> I dont know about New Zealand but in the states linux admins get a pretty penny for their services
<Techie> they do here aswell, but not many places use *nix
<b0gatyr> hi, does anyone know how to make a shell window "flash" (urgency hint) when a bell signal is sent?
<reggie_> that penny can definitely look prettier than mine at times depending where it is you find the job
<guntbert> b0gatyr: look for "visual bell" in the config
<reggie_> hummm not even on the finacial side of things??
<reggie_> I know most of the linux admins work for banks, stock market etc
<blistov> Techie, I've been offered quite a few jobs in NZ.
<blistov> Certainly more than Auz
<reggie_> ahh see Techie
<blistov> I always thought NZ was big on *nix
<reggie_> I knew it
<reggie_> you can thank me by teaching me nix :)
<reggie_> for the info that is
<Techie> i would love to get a job working as a *nix sysadmin
<Techie> but i am currently with only one reference on my CV
<mrmist> heh. try working as a *nix sysadmin, it'll soon cure you of that
<Techie> and while i may have the knowledge, i dont have the qualification
<blistov> Techie,  :)  maybe talk to the oversees recruiters.  They try to snag me on a regular basis.
<blistov> hell, they were willing to pick me up 5-6 years ago when I had very little formal experience.
<b0gatyr> guntbert: if I go to Edit >> Preferenced >> Terminal Bell is set, is this what you are referring to ?
<reggie_> look i will vouch for you techie have them call me at my company if you need a reference
<toast018> real quick. If I change auto etho to auto eth1 and iface etho to iface eth1 will that then enable the other NIC card as the primary and all I have to do si swap the cable from one to the other?
<toast018> I am in etc/network/interface
<toast018> under primary network interface
<Techie> toast018: lemme take a second to read through that and make sure everythign is correct
<Techie> toast018: sounds right, presuming that the second NIC is working and is mapped to eth1
<Techie> also you will need to sudo /etc/init.d/networking restart
<reggie_> Techie when you say qualification do you mean certifications?
<Techie> and possibly sudo ifup eth1
<Techie> reggie_: yes
<toast018> sweet thanks Techie!
<Techie> what i wouldnt mind doing next year, is a ubix certification
<reggie_> well i think references would certainly be more valuable than certs
<Techie> unix*
<Techie> yeah, well ill have to dig up my CV from my backups and modify it
<Techie> reggie_: is there any way i can contact you other than IRC?
<reggie_> why yes
<reggie_> how do you want to contact me? email?
<reggie_> phone?
<Techie> email is probably best at this point
<Techie> you could email me all your details
<Techie> my email is simple enough
<Techie> techie (at) technz (dot) info
<Techie> i say it like that because this channel is logged
<reggie_> ahh got it
<reggie_> let me send you a test email now
<Techie> im waiting for it
<reggie_> give me a sec
<Techie> oh yeah, i should probably mention that _TechAway_ is me
<toast018> techie: I made the changes... only problem is I can no longer reach the server with putty and I am at the machine now and cant ping out or go to the webmail page. :(
<toast018> any ideas?
<reggie_> ok just sent it
<Techie> toast018: ifconfig | grep eth1
<kirkland> hallyn: okay, good
<toast018> done that and it brings up the mac address
<reggie_> can anyone make a reccomendation on a book on Ubuntu but just on the server stuff
<Techie> okay, replied
<reggie_> let me take a look using owa so will need to refresh
<reggie_> got it
<Techie> toast018: you able to use pastebin quickly and efficiently?
<toast018> pastebin?
<Techie> !paste
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://tinyurl.com/imagebin | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<toast018> how am I to get what I pasted to here? as of right now I have no internet connection on the mail server... :( lol
<Techie> okay, im gonna need you to think for yourself slightly here
<hallyn> kirkland: so i intend to let that settle until tomorrow :)  then propose a patch (from someone else) for kvm.ko only to be insmod'd if /usr/bin/kvm exists
<toast018> NM guys I rebooted and the changes were pushed through. DOnt know why it didnt when I restarted networking. :)
<toast018> sorry if im being newbish
<Techie> toast018: ifconfig, and tell me what information is shown for eth1, i only need to know what information is shown, not hte actual information
<Techie> oh, thats great then
<Techie> makes all our lives easier =P
<toast018> lol yep...
<toast018> I will see how the traffic does over the next day. we are only working three days this week due to the holiday so hopefully it wont mess up when Im not here. (live an hour away.)
<reggie_> lucky you
<Techie> toast018: got ssh access?
<reggie_> i have to work even on christmas day granted it is double pay but would rather have my time at home with the new 3d television
<Techie> wwah, you have a 3d tele
<Techie> what a rich dude
<Techie> JK
<reggie_> yea samsung 55 inch bought it saturday
<Techie> dang
<Techie> beats the hell outta the 50" in our lounge
<reggie_> not rich lol just my penny is pretty shiny, but linux admins pennies shine even brighter
<toast018> I do but if the network is stalled like it usually does I wont be able to get in...
<Techie> although it still doesnt beat a good multi monitor setup on a computer
<toast018> but we get $.0.47/mile and comp time so I wont mind to much. :) 100 round trip
<reggie_> humm I would have to question that, I have my gaming rig hooked up to it and it looks magnificent
<Techie> reggie_: 1920x1080?
<reggie_> yes sir
<Techie> thats 2073600 visible pixels
<reggie_> youtube it samsung un55c8000
<reggie_> contrast on that tv is in the millions
<toast018> thanks for the recomendation on the NIC card. would have taken me a min to think of that... lol almos that time to head out... thanks again guys hope to see yall on here again!
<Techie> i have 3932160 visible pixels
<Techie> thats an extra 1.8 million pixels pixels
<Techie> ... pixels pixels... not sure how that happened
<reggie_> reason why i bought it is because they had avatar playing on it and ohh my god, it just looked and felt like you were part of the movie, it was surrreal
<reggie_> it felt like i was watching it in 3d even though it was not 3d that's how the picture looks on it
<reggie_> incredible worth every penny
<reggie_> how can you have more pixels
<reggie_> is this a tv or a computer monitor
<reggie_> there is a difference you know
<Techie> computer monitor
<reggie_> lol that's why
<Techie> 3 of them
<Techie> http://www.youtube.com/watch?v=LBVivp8MY0Y
<reggie_> this is a TV
<Techie> thats how i game
<reggie_> I've seen multiple monitor setupss
<reggie_> I do have the capability have 2 nvidia 480s in SLI
<Techie> not bad
<reggie_> yea but wish I would have waited for the 580s
<reggie_> same damn price
<Techie> i run 2x ATI HD5770 Turbo's in crossfire
<Techie> on a dual 16x PCIe board, none of this 8x/8x rubbish
<reggie_> have 24gigs of ram and 2 ssds running raid 0 and 2 raptors running raid 0 and 3 2 tbs running raid 5
<Techie> okay, i admit.. you got me beat there
<Techie> 4gigs and sATA2 HDD's
<Techie> and youve probably got a full ATX case
<reggie_> well spent quite a bit of dollars on this rig because this is my last custom rig i will ever put together
<reggie_> after this will just buy straight from dell or HP
<Techie> i spent approx 1.9grand NZD
<reggie_> but that's like 7 years or so from now
<reggie_> lol add 4k to that for me
<Techie> got most of my parts at cost price too
<reggie_> i did pretty well as well i think
<Techie> aaah the bonuse of helping out in a computer store
<reggie_> Techie, do you know how to configure samba as well and how to link it to AD
<Techie> didnt get payed, but i have a hell of a rig to show for it
<Monkeygorilla> hi everybody
<reggie_> yea same here Techie
<Techie> im not an expert on samba, but i can be of help still
<Monkeygorilla> can virt-viewer run with only x server installed
<Monkeygorilla> ?
<reggie_> ok well i am hoping I can get you once i am ready to configure that part of it
<Monkeygorilla> i need to use gnome
<reggie_> hey Monkeygorilla
<Monkeygorilla> or KVM and libvirt are enough ?
<Monkeygorilla> reggie
<reggie_> I need to purchase a kace box for my network
<Monkeygorilla> what ?
<Monkeygorilla> ?
<reggie_> lol i was just saying hello
<Techie> Monkeygorilla: okay, start from the start, what is virt-viewer?
<Monkeygorilla> a viewer for virtual machines running on KVM
<DSpair> Hello all.
<Techie> okay, from the sound of things, it should run fine without X
<DSpair> My boos did a dist upgrade on one of our servers and GRUB is no longer functional. The server used LVM2 and GRUB. How caI restore GRUB?
<Techie> if it works how i think it does
<DSpair> s/caI/can/
<Monkeygorilla> yeah of course KVM will run without x
<DSpair> I am booted to an i386 LiveCD and I can now mount the LVM2 volumes.
<Techie> DSpair: if you have an ubuntu livecd you can use grub-install
<DSpair> But the server install is amd64 and I cannot chroot to the old root.
<Monkeygorilla> but virt viewer i used to view the machines UI and manage the vm running on KVM
<DSpair> OK, I see the problem now.
<DSpair> The newer version (GRUB2) cannot use my LVM2 /boot volume.
<DSpair> I will have to copy and restore it to a non-LVM volume.
<Techie> DSpair: http://ubuntuforums.org/showthread.php?t=224351
<DSpair> Techie, That article would be helpful, but I am using LVM2 volumes and not raw disk devices.
<Techie> oh
<Techie> i tend to stay away from LVM's, they give me headaches
<Techie> Monkeygorilla: i know this isnt of much help if youve already put alot of work into getting things workign with KVM, but VirtualBox has an inbuilt RDP server, and the opensource version has an inbuilt VNC server, also there is a nice project that allows you to manage your VM's from any web browser using an AJAX interface
<Monkeygorilla> okay
<Monkeygorilla> thanks
<Techie> no problem
<Monkeygorilla> could you link me to the project
<reggie_> yea Techie link me too
<Monkeygorilla> im still downloading ubuntu server so im a considering options
<Techie> http://www.virtualbox.org/ and http://code.google.com/p/phpvirtualbox/
<Monkeygorilla> and btw , my name is creative isnt it
<Tiibiidii> hi, i want to install ubuntu server on a virtual machine, since the installation will have only one purpose and it should let me save space i wanted to use this occasion to try jeos
<Monkeygorilla> ?
<reggie_> huh Monkeygorilla are you serious
<Monkeygorilla> yeah
<Monkeygorilla> isnt creative ?
<Tiibiidii> since i already know virtualbox (and actually i had some problems with vmware player), i was planning to use vmbuilder to generate my minimal ubuntu image for virtualbox
<Tiibiidii> i started by supplying only the compulsory flags and parameters to the command
<Tiibiidii> (so it should be using the default partition layout, default user, etc)
<Tiibiidii> that is: sudo vmbuilder vbox ubuntu
<Tiibiidii> unfortunately i got an error
<Techie> ... and the error isss.....?
<Tiibiidii> (i also reported it here: https://bugs.launchpad.net/vmbuilder/+bug/677378 )
<uvirtbot> Launchpad bug 677378 in vm-builder "TypeError: deploy() takes exactly 1 argument (2 given)" [Undecided,New]
<Techie> seems simple enough
<Techie> it only wants one flag
<Tiibiidii> does someone knows if some of the optional parameters wasn't really optional... or know a workaround to this?
<Techie> lemme track down a man page
<Tiibiidii> http://manpages.ubuntu.com/manpages/maverick/man1/vmbuilder.1.html
<reggie_> ok Techie I'm out will try your solution tomorrow, i'm leaving work to go play star wars the force unleashed 2
<Tiibiidii> thank you for your assistance Techie in the meanwhile
<reggie_> Techie, is great later
<Techie> Tiibiidii: accordign to that page it doesnt support vbox anymore, i dont see it in the listed hypervisors
<Tiibiidii> uhhhh
<Tiibiidii> you're right
<Techie> however IIRC, virtualbox handles VMserver images perfectly fine
<Tiibiidii> sorry but i think that when i checked the manual, was the lucid one :/
<Tiibiidii> Techie, uhm, but there wouldn't be a difference in the kernel?
<Tiibiidii> i mean... i never really looked into the Jeos details
<Techie> not really
<Techie> it might be slighly different, but overall it should work
<Techie> its worth a shot anyway
<Techie> nothing ventured nothing gained
<Tiibiidii> but since it seems to be a very minimal and stripped down system... i also understood that the kernel had only the strict minimum modules needed for working with vmware (and by using vmbuilder, one could get one working for vbox, kvm, etc.)
<Tiibiidii> ok, i'll try
<Tiibiidii> (indeed this should be easier than having to create it from scratch, since the vmware jeos is already inside the server iso)
<Techie> im gonna be leaving in just under half an hour
<Techie> just a heads up
<Tiibiidii> (however it's strange... in the list there's vmw6 and vmserver... are these 2 different hypervisors for vmware?)
<Monkeygorilla> hey
<Monkeygorilla> shouldnt be the link on the topic
<Monkeygorilla> 10.10
<Monkeygorilla> instead of 10.04
<Techie> actually no
<Techie> 10.04 is a LTS so it is our preferred version
<Monkeygorilla> ok
<Monkeygorilla> i forgot its directed to enterprise and pro user
<Monkeygorilla> no people like me who want to virtualise Mac osx and dont have enough ram to run a full desktop alongside
<Monkeygorilla> ;-)
<Monkeygorilla> lol
<Techie> ubuntu-server is not made for enterprise severs
<Techie> its made for everyone
<Monkeygorilla> well
<Monkeygorilla> but is focused of them of coure
<Monkeygorilla> *course
<Techie> offcourse
<Monkeygorilla> sorry
<Techie> also virtualizing OSX is not legal and therefore not supported by this channel, i dont mind, but i thought id let you know before you got flamed
<Monkeygorilla> is legal if you use mac as plataform
<Monkeygorilla> lets suppose i use linux on mac ;-)
<Techie> no
<Techie> both the platform and host OS have to be mac
<Monkeygorilla> oh
<Monkeygorilla> so i could only virtualise mac on hackintosh
<Monkeygorilla> lol
<Techie> no, that would still be illegal
<air^> hopefully they change these rules soon (as xserve is being faded out)
<Monkeygorilla> oh plataform , i forgot
<air^> or there will be no more os x servers in any large scale environments.
<Monkeygorilla> well i live in mx so im pretty sure im not being trackers
<Techie> they wont, its apple were talking about... the day they allow their users to do anything like that is the day hell freezes over
<Monkeygorilla> *tracked
<air^> I woudldn't mind them billing 1k$ for os x server if it was allowed to be run on top of esxi.
<Techie> Monkeygorilla: also please keep in mind that this channel is logged
<Monkeygorilla> ok
<Monkeygorilla> but isnt like apple is gonna check the logs and sue us
<Techie> so if you would just say your full name and address
<Monkeygorilla> i hope
<Monkeygorilla> of course i wont say my name
<Techie> =P
<air^> :)
<Monkeygorilla> please download ...
<Monkeygorilla> i want my mac
<air^> huh
<Monkeygorilla> 400 mb out of 631
<Monkeygorilla> why your release always weigh 631 mb
<Monkeygorilla> im sure server install fits in less space
<Monkeygorilla> ?
<Techie> while the final install probably sits in less space
<Techie> we have to have common packages for different servers on the CD
<Techie> IE, not everyone wants to install a mail server
 * RoyK just turrnned 0x25
<air^> must mean it's time to get an intel x25 ;)
<Tiibiidii> uhm
<Tiibiidii> finished the install
<Tiibiidii> duh, can't find the disk :/
<Tiibiidii> dropped to a busybox shell
<Techie> =(
<Techie> i wish i could stay and help, but i gotta head into town to pick up my hard drive
<Tiibiidii> it says that it can't find the disk
<Tiibiidii> ok, no problem
<Tiibiidii> however i installed on the full disk, and setup the mbr on the disk... so there aren't many things that could've failed
<Tiibiidii> maybe it's indeed a problem due to this not being vmware
<Tiibiidii> but if anyone knows how to debug this (in busybox there's no fdisk to check for the disk attached)
<Tiibiidii> it could help (don't know... maybe inside /proc there's some information about disks... i'll look)
<Monkeygorilla> groooooooooar , godamn internet , download
<Tiibiidii> /proc/devices is empty
<Monkeygorilla> 460 out of 641
<Monkeygorilla> i hate having 1mbps
<Techie> wow, thats bad
<air^> don't blame the internet if your own connection sux.
<Tiibiidii>  /proc/devices is empty <-- duh, i'm dumb... it's a file, not a directory
<Techie> i usually have between 2Mbps and 3.4Mbps
<Monkeygorilla> 26:51 remaning
<Monkeygorilla> i do have 2mbps
<Techie> and thats my line sync rate, not actual download rate
<Monkeygorilla> but is up to 2megs
<Monkeygorilla> they give me 1
<Tiibiidii> Techie, have you any idea on where to check for disk devices inside /proc ?
<Tiibiidii> (otherwise i'll gave up and try another install)
<Techie> nope
<Monkeygorilla> yeah
<Techie> just install ubuntu-server and work your way up from there
<air^> what about /proc/diskstats ?
<Monkeygorilla> i should go to the phone and complain
<air^> $ cat /proc/scsi/scsi
<air^> Attached devices:
<air^> Host: scsi0 Channel: 00 Id: 00 Lun: 00
<air^>   Vendor: ATA      Model: MAXTOR STM316081 Rev: 3.AA
<air^>   Type:   Direct-Access                    ANSI  SCSI revision: 05
<air^> etc.
<Techie> Monkeygorilla: check that your line can actually handle the 2Mbps first
<DSpair> OK, I got the partitions resized and created a /dev/sda2 /boot partition. I am now getting a "grub>" prompt, but it cannot find the kernel in order to boot.
<Tiibiidii> uhm... /proc/scsi/scsi finds only the dvd drive
<Monkeygorilla> ADSL : max 4096 kbps  download
<Tiibiidii> in /proc/diskstats there are a lot of numbers... unfortunately it seems that busybox doesn't have a pager, so i'm unable to read all of it :P
<air^> maybe it's nothing relevant. :)
<Monkeygorilla> and they (incorrectly) set up 1024
<Tiibiidii> (and my keyboard doesn't have a scroll lock key to do otherwise)
<Monkeygorilla> of course it can handle 2 megs
<Monkeygorilla> im so angrrrrrrrrrrrrrrry!
<Techie> Tiibiidii: is that your actual max possible sync rate on your modem?
<air^> Tiibiidii: well, it's the last rows that list the drives.
<Monkeygorilla> yeah
<air^> Tiibiidii: I got a proper listing from sda, sda1, -> md0.
<Monkeygorilla> they maid a fucking mistake and set up my router to 1024 mbs instead os 2048
<air^> what's the last thing you see? dvd?
<Tiibiidii> i have ram1 to ram15, then loop0 to loop7 and then sr0
<Tiibiidii> so yes, dvd
<air^> ok. seems it doesn't find any drives, very strange.
<Techie> okay, im off cya everyone
<Tiibiidii> ok, i could try remounting the drive on the ide channel
<Tiibiidii> bye Techie
<Tiibiidii> uhm
<Tiibiidii> it's slow... i think it won't work
<Tiibiidii> uh, it worked O_o
<Tiibiidii> great :D
<Tiibiidii> (i guess i should disable the quiet flag from grub, to get more information at the next boot)
<Tiibiidii> air^, do you have any suggestion to check that everything is working ok?
<Tiibiidii> (i mean: the scsi driver isn't working... and if it was supposed to, there could be other problems around that i don't know of)
<air^> Tiibiidii: sorry, no suggestions. what hardware are you running on?
<Tiibiidii> virtualbox
<air^> ah, sorry, can't help you then :)
<Tiibiidii> oh ok
<Tiibiidii> do you know better vmware, maybe :) ?
<air^> I prefer esxi :)
<air^> but I suppose that wont help you very much :D
<Tiibiidii> yeah
<Tiibiidii> but maybe
<Tiibiidii> you can help by telling me if i'm doing something terribly terribly wrong :P
<Tiibiidii> i'm looking into hadoop
<Tiibiidii> for that i downloaded a clouder vmware image
<Tiibiidii> i installed vmware player
<Tiibiidii> but i got an horrible problem with the numpad of the keyboard
<Tiibiidii> (i mean: by pressing iopjkl it displays 456123... and the rest of the keyboard is inert)
<Tiibiidii> i tried to enable/disable the related setting in the vmware bios to no avail
<Tiibiidii> tried to look into the ubuntu desktop, nothing again
<Tiibiidii> as you can guess, trying to fix a problem without a keyboard isn't exactly pleasant :P
<Tiibiidii> so i decided to install an ubuntu from scratch
<Tiibiidii> and on this setup all the tools provided by that image
<Tiibiidii> (that is: hadoop, its filesystem and all the tasktrackers, a web interface... )
<Tiibiidii> (things like that... shouldn't be difficult since there're also available some packages)
<air^> sorry, I'm not familiar with that.
<Tiibiidii> since i never liked vmware (player at least), i opted for virtualbox
<Tiibiidii> and i decided to go with the jeos install
<Tiibiidii> ok, but i just want to know
<Tiibiidii> does this make any sense to you?
<air^> sure.
<Tiibiidii> (i mean: often i tend to overcomplicate what i need to do)
<Tiibiidii> ok, thanks :D
<air^> :)
<Tiibiidii> actually i'm not familiar with hadoop either, since i used it for the first time last week :D
<Tiibiidii> uhm... the jeos install it seems it's using 519MB... i thought it was way more svelte
<Tiibiidii> maybe i chosed a normal install by mistake?
<nigelb> ScottK: poke, around?
<nigelb> ScottK: Need some help with a package, jorge asked me to talk to you
<nigelb> Its a tar in tar package, and there are 2 patches which zul said were okay to go in.
<nigelb> The question is how do I do it.  Never dealt with a tar in tar package
<Tiibiidii> <Tiibiidii> uhm... the jeos install it seems it's using 519MB... i thought it was way more svelte <-- no, it seems it's fine
<Tiibiidii> but actually i found out a strange thing
<Tiibiidii> about vmbuilder
<Tiibiidii> (i was about to close the firefox tabs i opened before)
<Tiibiidii> i got the "vbox" hypervisor choice
<Tiibiidii> not from a manual
<Tiibiidii> but from the program itself
<Tiibiidii> Available hypervisors: vmserver esxi xen kvm vbox vmw6 qemu
<Tiibiidii> but in the manual it says only
<Tiibiidii> xen kvm vmw6 vmserver
<Tiibiidii> (also for older versions of the manual)
#ubuntu-server 2010-11-23
<uvirtbot> New bug: #680301 in eucalyptus "DNS Search Domain in instance /etc/resov.conf should be set by DHCP" [Undecided,New] https://launchpad.net/bugs/680301
<ScottK> nigelb: With lots of pain.
<nigelb> ScottK: that seems to be the general opinion :(
<nigelb> I tried letting the debian/rules run, but that didn't really untar it.
<LowValueTarget> my apt is screwed
<DSpair> Oh, BTW...
<DSpair> Got my server fixed.
<DSpair> The Ubuntu 10.04.1 "rescue broken system" options let me do everything I needed. Thanks Ubuntu!!!
<DSpair> Steps I had to take::
<DSpair> 1. Had to resize my LVM to make room for a raw partition to hold the /boot volume.
<DSpair> 2. Had to format that partition and restore the contents of /boot
<DSpair> 3. Booted from the rescue option on the server install disc.
<DSpair> 4. Opened a shell on the root FS of the machine.
<DSpair> 5. Mounted all filesystems
<DSpair> 6. Performed an aptitude dist-upgrade (which failed because of the chroot environment).
<DSpair> 7. cd'd to /var/cache/apt/archives and performed a 'dpkg -i --force-all *.deb'
<DSpair> 8. Rebooted.
<DSpair> 9. Logged in and obtained root
<DSpair> 10. Performed another dist-upgrade.
<DSpair> 11. Danced a little jig!
<databits> I'm having some issues, with some virtual server's with apache.  Everything was working perfectly, before I left town.  Now when I bring up the url in a browser, it is listening the root web directory for the server.
<databits> Does anyone know what might be causing this issue ?
<databits> figured it out.
<WALoeIII> how/why does a package have a name like 2:
<WALoeIII> like redis-server
<WALoeIII> 2:1.2.0
<twb> WALoeIII: that is the "epoch number".
<twb> WALoeIII: it is used when upstream's version number decreases, because Debian versions MUST increase monotonically.
<twb> WALoeIII: for most purposes you can ignore the epoch number.
<WALoeIII> ugh
<fuho> join
<fuho> Hi
<fuho> Is this the right place to have a question about how to install VNC server on my VPS running Ubuntu Server 10.04?
<ScottK> nigelb: What's the patch system for the package?  If you've got a patch, you can just add it to the patch system without untarring the interior tarball.  Just check other patches to make sure you've got the right path in the patch..
<twb> fuho: yes; install vncserver4 or so
<fuho> twb: dO i have to install Gnome or something like that?
<twb> fuho: only if you want to run gnome inside your VNC session
<fuho> twb: I thought VNC is always graphical, and for terminal we have Putty.
<twb> VNC *is* graphical, but you could run, say, xlogo or xterm in it instead of GNOME.
<fuho> twb: Tried installing the whole ubuntu-desktop metapackage, took over 4 hours and then when installing VNC it didnt created ".vnc" folder, so i reformatted the whole box, so now i have clean installation again, dont want to do the same mistake again :(
<twb> The linuxvnc package, for example, appears to export the text console over VNC.
<twb> fuho: I don't know what a ".vnc folder" is.
<twb> fuho: why can't you just use the command line over SSH (putty) ?
<fuho> twb: It was part of the server, i think it didnt create the directory because i didnt run the vnc....i will show you the link, just a moment. But anyways I would like to avoid installing the whiole ubuntu-desktop again, is there a way to get graphical UI with less resources?
<twb> fuho: why do you want a graphical UI?
<fuho> twb: I could, its just that i kinda want to have the option too, I never had VPS before and since i think its possible I would like to figure it out
<fuho> twb: And to be honest i think it could make things a little bit faster sometimes
<twb> We will have to disagree on that point.
<fuho> twb: I for exmple dont know how to use vim at all.
<fuho> twb: faster for me as a noob, with very basic if any knowledge of terminal
<twb> It is much faster in the long term to invest a little time know learning the CLI
<twb> If you insist, I can help you install a GUI, but we discourage it.
<fuho> twb: Thanks. I should probably know why  do you discourage it. isn't it just another option? And in my eyes options are always better than no options.
<Datz> fuho: there are other options to vim
<twb> We discourage it because, like I said, learning the CLI will make you more efficient and powerful in the long run.
<fuho> twb: Also, I plan to learn CLI (if that means using terminal), really, I just think it would be great t have the UI too
<fuho> datz: I believe there are, I think one is called VI,I just found it difficuilt to use. I am sure in the long run it is better solution, but as a long time Windows user it is very diffiuilt to give away everything I am use to.
<shauno> gui can be useful, just not so much on a vps, where you tend to be paying for a fairly small slice of ram
<twb> fuho: vim is an implementation of vi.
<Datz> fuho: I personally use emacs, but there are perhaps better options for you
<twb> fuho: you might try "nano", which is more like NOTEPAD.EXE
<twb> fuho: it's very limited, but easier for beginners
<fuho> twb: I found the tutorial i was following before: http://nuclear-imaging.info/site_content/2010/04/19/vnc-server-setup-for-ubuntu-10-04-lucid-lynx/
<twb> Like Datz, I use Emacs.  Not just for editing files, but also for email and IRC and web browsing and a bunch of other things :-P
<Datz> fuho: shauno has a good point.
 * Datz remembers now that there is an emacs irc client :po
<fuho> datz: I trust you guys I just want to try it
<twb> Datz: emacs *ships* with two IRC clients, but there are at least three more you can install separately :-)
<Datz> humm
<fuho> I have 2GB RAM on the server, hope that will be enough
<Datz> fuho: that is plenty for a GUI
<shauno> that's not half bad for a vps.  I get 360Mb on mine :)
<Datz> twb: I installed emacs-nox11 does that ship with IRC too?
<twb> Datz: yes, M-x irc (rcirc) and M-x erc (ERC).
<shauno> emacs ships with everything but a kernel.  I believe they're working on that tho
<fuho> twb:So first I did this : "apt-get install x-window-system-core xserver-xorg gnome-desktop-environment" to install the ubuntu-desktop, i dont think i need the whole DESKTOP package though
<twb> fuho: how much *do* you need?
<Datz> twb: humm, have to try it sometime. right now I use irssi
<twb> Datz: stop by #emacs sometime if you want to talk about it
<Datz> twb: sure, thanks
<fuho> oh by the way this is not ad, can i recommend VPS here? its really cheap
<twb> fuho: I don't care either way; I suppose if you get too annoying an op will yell at you.
<fuho> twb: I would like to be able to use synaptics and edit files in some normal text editor with ui
<twb> fuho: your local machine is Windows?
<fuho> just so you know,cause i think i got a pretty good deal on this its 160GB HDD, 1GB RAM (2GB peak) 600GB bandwith for $13.5/ month
<twb> If your local machine was unix, you could "ssh -X example.net synaptics" to just run the synaptics GUI, without needing VNC or gnome.
<twb> You can do it on Windows, too, if you can work out how to run an X server on the Windows machine.
<fuho> twb: Yes, right now it is, my T23 died, I used to have ubuntu on it, but now I only have W7 desktop box.
<fuho> twb: I was really hoping to be able toaccess it from anywhere, therefore some sort of java environmebt
<twb> I dunno about that, sorry.
<fuho> twb: I dont need that, I just thought it would be cool if possible. So lets just stick with windows and RealVNC client.
<twb> FWIW I would recommend you learn aptitude's TUI instead of synaptic
<Datz> yea, vnc is slow and consumes too much bandwidth
<fuho> twb: What is the advantage of Aptitude to synaptic?
<twb> fuho: it runs in putty
<fuho> twb: Synaptic doesnt?
<twb> An ssh CLI connection uses much less bandwidth than a GUI, regardless of whether it's VNC, RDP or X11.
<fuho> twb: I thought that when i do apt-get install something                it is synaptic
<twb> fuho: no, that's apt-get.
<twb> fuho: synaptic is a GTK2 GUI wrapper around apt.
<twb> Aptitude is a different wrapper, and it has a GUI, a TUI and a CLI
 * Datz did not know about aptitudes GUI
<twb> Datz: it's relatively new; it wasn't around in 8.04
<twb> Datz: personally, I've never run it :-)
<Datz> ah
<Datz> haha, I see
<Eric_> ubuntu server is bad!
<twb> aptitude-gtk - terminal-based package manager (GUI and terminal interfaces)
<fuho> twb: CLI connection is just pure text putty?
<twb> fuho: yeah
<Datz> talntid: yea, bad to the bone
<twb> CLI = command-line interface
<talntid> =D
<Datz> ;)
<twb> talntid: did you want help with something, or are you just venting?
<fuho> twb: Oh :) thanks
<talntid> i'd love help, but it's above the level of expertise of most of the people in here... so I don't ask.. I'm not here to vent.. just watching :)
<fuho> twb: So which one would you suggest X11 (which i think is the one that can do Java magic) or VNC or RDP (i didnt even know you can d that on linux, i thought thats purely windows)
<twb> There isn't an RDP *server* for Linux.
<fuho> twb: so X1 or VNc? Advantages?
<twb> Well, technically there's an RFB (VNC) to RDP bridge, but using it defeats the purpose of using RDP -- namely, that it operates on a higher level than raster damage rectangles.
<twb> fuho: X11 (or NX, I suppose) is what you should use for Linux <--> Linux.  VNC is the "lowest common denominator", it works everywhere but it's crap.
<twb> NX is a recent X11 protocol compressor, I haven't used it much myself, but it seems to make X11 much more bandwidth-efficient.
<fuho> twb: Oh, well unfortunately most of the owlr has Windows so I will go with VNC for now, then when i get a new laptop with linux i will install X11 too
<fuho> twb: BNut can you help me install it ?
<twb> Sure.
<twb> You will need to install vnc4server plus whatever app/desktop you want to run.
<fuho> twb: Only if there is no way to install X11 client on windows machine
<twb> fuho: there are X servers for Windows, but I don't know if any are any good.  xming is a recent port of Xorg to w32.
<twb> (X calls the client side the "server" and the GUI apps the "clients".  Don't worry about why.)
<fuho> twb: Just found Xming, reding wiki, not sure if this is the wy to go yet.
<fuho> twb: It definitely looks usable and they are still working on it, last release is fron november, screnshots look fine and if you say its less resource hungry i would go that way
<fuho> twb: So X11 it is, now how do we start?
<twb> fuho: I think you will get VNC up easier than xming
<fuho> twb: Do you think you can help me with X11?
<twb> fuho: for X11, on the Ubuntu side you just need to ensure that xauth and the app (e.g. synaptic) are installed.
<fuho> twb: OMG you were right, it looks like x11 is for connecting to applications not whole desktops,
<twb> fuho: X11 is for everything.
<fuho> twb: i just jum from one to the other :(
<twb> fuho: when you run an app on your unix desktop, it's talking X11 on the local machine.
<shauno> vnc's probably a much better idea if you're doing this over the internet.  the only thing X has ever done well, is survive where it shouldn't have
<fuho> twb,shauno: Okay, I played with xming a bit, id much rather use VNC now, I am ueÅed to it.
<fuho> So now I have to pick what UI I want? Gnome or the the other one?
<Slugs_> can you start a virtualized hardy session w/o a gui, only conosle?
<Slugs_> using kvm
<fuho> twb: Also is it possible to not have the Gnome running all the time, to only swith iton when i need it (when I am connecting)?
<Slugs_> skitter@vagabond:/ubuntu-kvm/ubuntu-kvm$ virsh start ubuntu error: Failed to start domain ubuntu error: monitor socket did not show up.: Connection refused
<fuho> shauno: Thanks, I barely even heard aof Xming today, and now when i installed it I dontthink i want to know more atleast for couple weeks :)
<shauno> they're nothing scary .. remote X is how it was designed from day one.  It's just not particularly efficient.
<Datz> fuho: you sould be able to do something like "sudo service gdm start/stop"
<fuho> datz: letme first see what gdm does
<twb> fuho: if you have ssh as well, sure.  Just manually start VNC by sshing in and running "xinit /usr/bin/gnome-session -- /usr/bin/Xvncserver" or something
<twb> Datz: that assumes the gdm upstart job is configured to use Xvncserver is Xorg isn't installed -- I'm not sure if that's the case.
<Datz> twb: ah, ok.
<twb> shauno: X is actually quite efficient if you're using contemporary toolkits (i.e. xlib or xaw).
<twb> shauno: it's just REALLY slow if you're using bloaty toolkits/apps that were only designed and tested on local connections, especially gtk/qt and firefox/oo.org
<Slugs_> anybody have exp with virsh?
<fuho> twb: What should i install first?
<twb> For example, for me emacs21 worked quite happily over 256kbps lines, but oo.org 2.0 crawls on a 100mbps lan
<fuho> BTW what does logmein use, that seem very fast even on pretty slow connections?
<twb> Slugs_: there's a dedicated channel for libvirt, but I can't remember its name.  #virt or #libvirt?
<Slugs_> oh ty
<twb> Slugs_: you can wait here, too.  Some people know about libvirt here
<StrangeCharm> i just set up a new ubuntu install, but when i try to boot into the new system, my machine halts after 'verifying dmi pool data' what's going on? [i'm certain that i'm booting from the right disk]
<Slugs_> yeah #ubuntu-virt redirected me here
<twb> shauno: of course, NX makes it a lot faster, as should xcb :-)
<twb> StrangeCharm: when booting, hold shift or alt to get into grub.  Edit the boot options and change "quiet splash" to "single".  That will boot with more information, so you can see what's happening
<fuho> twb, shauno: So is anuone wilingto point me in the right direction, or even push me to the finish?
<twb> fuho: I'm better at specific questions
<fuho> vanilla ubuntu serve with ssh I am connected to right now
<StrangeCharm> twb, i don't think that my bios is actually loading grub. at no point do i get the 'grub loading' line, just halt on/after verifying the dmi pool
<fuho> twb: Do I need to install vnc server first?
<twb> fuho: you will need to install a VNC server (e.g. vnc4server) before you can do VNC
<twb> StrangeCharm: then it's a hardware problem and you need to isolate the faulty component or take it back to your vendor and have them do so
<fuho> twb: So i dont need the UI manager (its probably not called UI manager, but I mean Gnome probably)
<twb> fuho: you will need to install whatever GUI app or environment you want to run inside VNC
<twb> fuho: to begin with, you could just use xterm or xlogo to test that the VNC part is working, and *then* install whatever app/DE you really want
<StrangeCharm> twb, i don't think it's a hardware problem. it booted just fine with the pervious os, and the only hardware change was connecting the usb drive with the install media
<twb> StrangeCharm: if it isn't getting as far as grub, then surely the bios or hardware is at fault
<twb> StrangeCharm: that or you haven't installed grub correctly, I guess.
<StrangeCharm> twb, i wasn't exactly involved when installing grub - the install disk did that all on its own. i'm concerned that the install disk did something odd, because i can boot from removable media, and could boot under the previous os
<twb> StrangeCharm: I've had lots of problems with d-i installing grub onto the wrong disk (e.g. onto the USB key)
<StrangeCharm> twb, d-i? i used the partition editor on the install disk. surely it put grub at the start of the disk with /boot on it?
<twb> StrangeCharm: d-i is the installer for Ubuntu Server
<StrangeCharm> twb, why is it called d-i?
<twb> Because it's the debian-installer program that Ubuntu, uh, borrowed from Debian
<twb> cf. ubiquity
<fuho> twb: Just want to ask you before I press eneter "sudo apt-get install ubuntu-desktop" I am going to isntall this and then i will install the vnc server, is that correct?
<twb> fuho: installing ubuntu-desktop is probably overkill
<fuho> twb: https://help.ubuntu.com/community/ServerGUI Looks like I only have two options, X11 or  this.
<twb> fuho: what is "this"?
<fuho> gwb: ubuntu-desktop
<twb> fuho: ubuntu-desktop is a metapackage that pulls in EVERYTHING that a normal Ubuntu desktop has
<twb> It'll work, but do you really want to install e.g. rhythmbox?
<fuho> twb: nope i just want gnome, so i acan conenct to it using vnc
<twb> fuho: try "gnome-core" or "gnome-desktop-environment"
<fuho> twb: gnome-desktop-environment
<twb> gnome-core is the gnome desktop, but none of the apps.  If I were you, I'd install that and specific apps
<fuho> twb: ha, I jsut found it too!
<fuho> twb: ok I will do taht
<StrangeCharm> twb, so, the fix here is probably to reinstall grub on the right disk?
<fuho> twb: Ok, that is 650MB to install. After this finishes do I ahve to REstart the server? This is kinda generic question, do I have to restart the server every time i install something?
<twb> fuho: no restart necessary
<twb> StrangeCharm: *if* that's the problem
<twb> StrangeCharm: your first step should be to diagnose the issue
<StrangeCharm> twb, what could i do to rule out issues?
<uvirtbot> New bug: #680358 in openldap (main) "ldapadd -w password parameter causes assertion failure" [Undecided,New] https://launchpad.net/bugs/680358
<twb> StrangeCharm: boot something else and inspect the MBR and the partitions
<twb> StrangeCharm: pull out the USB key and see if that helps
<twb> StrangeCharm: check the BIOS boot order
<StrangeCharm> twb, options b & c already investigated. i have no idea what i'd be looking for on the mbr & boot partitions.
<twb> StrangeCharm: file -s /dev/sda would be a start -- check that they're bootable MBRs
<StrangeCharm> twb, bootable mbrs? you mean uncorrupt?
<twb> It should say /dev/sda: x86 boot sector; ...
<twb> If it doesn't say "boot sector", it's not bootable
<StrangeCharm> twb, so, file -s will read the mbr of a disk, and tell me something meaningful about it?
<twb> Basically, yes
<fuho> twb: Do you have any experience with x11vnc? http://www.karlrunge.com/x11vnc/
<twb> fuho: x11vnc exports an existing X session.  It's not what you want.
<fuho> twb: oh ok, i will keep looking. people seem to run into lot of problems installing vn4server, so I ama a bit scared.
<WALoeIII> can anyone proficient with debhelper/debuild help me diagnose an issue with dh_auto_install
<twb> WALoeIII: I can, but -devel might be a better channel
<twb> WALoeIII: or #debian-mentors on OFTC
<WALoeIII> twb: ok, https://gist.github.com/711240 - it seems when it does the make install it has a permissions issue?
<WALoeIII> seems totally weird to me, the 2.0.0rc2 stuff I'm basing this off of wokrs
<WALoeIII> works*
<fuho> twb: Okay, so gnome-core is installed, now I plan to do this "sudo apt-get install vnc4server xinetd"
<twb> I don't know why you'd want xinetd
<fuho> twb: Apparently its more secure and can keep better logs.
<twb> fuho: keep better logs *than what*?
<twb> fuho: why do you think you need *any* inetd implementation?
<twb> WALoeIII: cp: cannot create regular file `/usr/bin/redis-server': Permission denied
<twb> WALoeIII: upstream is ignoring $DESTDIR
<WALoeIII> twb: correct
<WALoeIII> uhrrm is that set by dh_something?
<twb> WALoeIII: patch upstream's makefile, or override dh_auto_install with a custom invocation.
<fuho> twb: io have no clue, i dont even know what it is. Do you think vnc4server is enough?
<twb> WALoeIII: upstream is in the wrong to ignore DESTDIR, but it might not be feasible to fix it
<WALoeIII> twb: I know where it is now
<WALoeIII> makefile
<twb> WALoeIII: yep
<twb> fuho: yes
<WALoeIII> INSTALL_TOP= /usr
<icek> Anyone know any cvs server front ends?
<WALoeIII> ok thanks, I can do that
<icek> I want to be able to minitor like checkouts and committs and such
<twb> WALoeIII: try override_dh_auto_install: \n\t dh_auto_install -- INSTALL_TOP=$(CURDIR)/debian/tmp/usr
<RoAkSoAx> kirkland: ping?
<icek> ??
<fuho> twb: vnc4server is installed, from what i read online people tend to edit .vnc/xstarup file. I tried to connecto to the server using VNC Viewer with no luck, do you know whati s that file for?
<twb> fuho: no.  I would try "xinit /usr/bin/xterm -- /usr/bin/Xvncserver"
<twb> Sorry, make that "xinit /usr/bin/xterm -- /usr/bin/Xvnc4"
<fuho> error opening security policy file /etc/X11/xserver/SecurityPolicy Could not init font path element /usr/share/fonts/X11/Speedo/, removing from list! Could not init font path element /usr/share/fonts/X11/Type1/, removing from list! Could not init font path element /usr/share/fonts/X11/CID/, removing from list! Could not init font path element /usr/share/fonts/X11/75dpi/, removing from list! Could not init font path element /usr/sh
<twb> Those aren't errors
<twb> X is looking for fonts in obsolete places, it is OK that it can't find them
<fuho> twb: It still didn't connect
<twb> pastebin the full transcript
<fuho> twb: http://pastebin.com/tvmQpyEJ
<twb> fuho: the error is: xinit:  No such file or directory (errno 2):  no program named "/usr/bin/xterm" in PATH
<twb> fuho: you don't have xterm installed
<twb> Try "xinit /usr/bin/gnome-session -- /usr/bin/Xvnc4"
<buntu> anybody ever installed 10.04 amd64 on ibm blade HS22 ?
<twb> !anybody
<ubottu> A large amount of the first questions asked in this channel start with "Does anyone/anybody..."  Why not ask your next question (the real one) and find out?
<nigelb> ScottK: That's a relief.  Its using quilt.  I'll need to unpatch to just figure out the directory system.
<fuho> twb: now it accepts connection, client asks fro password (not username) i type it says in client"No password configured for VNC Auth"
<buntu> my problem on IBM HS22 is fail to boot after finished installation on /dev/sde
<fuho> twb: And in terminal : "Tue Nov 23 04:44:09 2010  Connections: accepted: 0.0.0.0::59016  SConnection: Client needs protocol version 3.8  SConnection: Client requests security type VncAuth(2)  Tue Nov 23 04:44:10 2010  SSecurityFactoryStandard: neither Password nor PasswordFile params set  SConnection: AuthFailureException: No password configured for VNC Auth  Connections: closed: 0.0.0.0::59016 (No password configured for VNC Auth
<twb> fuho: I don't remember how to do the password bit.  I think you're supposed to use vnc4passwd -- try reading its manpage
<fuho> twb: http://pastebin.com/JK4kDtHr
<billybigrigger> i keep getting an emails from root@xxxxx (xxxxx being my server) with the Subject: [ -x /usr/lib/php5/maxlifetime ] && [ -d /var/lib/php5 ] && find /var/lib/php5/ -type f -cmin +$(/usr/lib/php5/maxlifetime) -print0 | xargs -n 200 -r -0 rm and the message only contains...Warning: Directive 'register_long_arrays' is deprecated in PHP 5.3 and greater in Unknown on line 0
<billybigrigger> i've had this message spamming my inbox for months now hoping that there would be an update that would resolve it...but i'm really sick of seeing it spam my inbox, so how do i get rid of it? as the message isn't really clear as to what file is the culprit
<UndiFineD> grep -r -i register_long_arrays /var/www
<UndiFineD> or it might have been set in your php.ini ?
<fuho> twb: It was "vnc4passwd" i set up password, then ran "xinit /usr/bin/gnome-session -- /usr/bin/Xvnc4" gain and it still wont connect, with the same error: http://pastebin.com/kjzQRFdv
<buntu> anybody experience grub problem upon installed on /dev/sde ?
<twb> fuho: NFI, sorry
<fuho> twb: not even why it shows 0.0.0.0 instead of my ip?
<twb> fuho: 0.0.0.0 means "all interfaces"
<nigelb> ScottK: err, s/unpatch/untar
<zwang> hello
<Datz> greetings
<twb> LXC question
<twb> Suppose my lxc rootfs is on LVM
<twb> Can I use lxc.mount.entry /dev/mapper/lxc-barserv /srv/lxc/fooserv ext4 default ?
<twb> Can I use "lxc.mount.entry = /dev/mapper/lxc-barserv /srv/lxc/fooserv ext4 defaults", rather -- in /etc/lxc/fooserv.conf, that is.
 * twb tries
<SpamapS> a blockdevice is a blockdevice
<twb> SpamapS: I thought maybe the root filesystem was special as far as lxc.mount.entry was concerned
<twb> i.e. I couldn't mount it on-demand during lxc-start
<SpamapS> twb: I've only booted two lxc containers ever, but the root fs seems to be the easy part. ;)
<uvirtbot> New bug: #680371 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.37-1ubuntu5.4 failed to install/upgrade: subprocess new pre-removal script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/680371
<twb> SpamapS: doesn't work
<twb> http://paste.debian.net/100515/
<databits> What is a good SMTP server to run to use from accepting php mail form's ?
<twb> postfix
<databits> that is what I'm looking into right now ... thanks
<latenite> Hi folks, I want to manage my contacts and adresses serversided. So any client on my LAN can access these contacts. Is there a "contactserver-tool" in any form? I am looking for tools. thanks :)
<twb> latenite: address book ("yellow pages") data is typically stored in LDAP nowadays.
<twb> You could set that up, but I don't think there's a "turn key" solution for it in Ubuntu
<latenite> twb, would you know a nice tuorial on ldap and adressbooks? I never got my hands on ldap. I feel like its a big monster...*scared*
<twb> latenite: nope
<latenite> twb, is ldap hard t learn?
<twb> LDAP itself isn't complicated, but it's messy and some of the edge stuff like auth can be confusing
<latenite> twb, what do you meen by "edge stuff"? *brand new*?
<MTecknology> What would you guys suggest using if I wanted to pump out a quick and easy 'planet'
<MTecknology> I know there's PlanetPlanet - but that doesn't seem like an 'easy' solution
<MTecknology> I'm looking for something that's easy for users to add onto as well
<Callum__> okay, so I am shutting down my web server remotely and then using my remote file server to kick it back up via my custom ipmitool frontend for the first time...
<Callum__> let's see if it works
<twb> Callum__: do you have a backup plan? :-)
<Callum__> twb: well, it worked fine, but the backup plan was just to work with ipmitool manually if the thing didn't work, the program isn't finished yet =P
<Callum__> anyway
<Callum__> SELinux is giving me troubles with remote CUPS printing (over the Internet)
<twb> Callum__: I just ssh example.net lpr <foo.pdf :P
<Callum__> actually, its probably been causing me problems with even local printing via PostScript as well because I haven't been able to print all the time locally
<Callum__> kernel spams something like this: [  248.167806] type=1503 audit(1290504722.212:60):  operation="open" pid=897 parent=1 profile="/usr/sbin/cupsd" requested_mask="r::" denied_mask="r::" fsuid=0 ouid=0 name="/var/run/samba/gencache.tdb" , when I try to print
<Callum__> if SELinux is even running on this thing
<Callum__> none of the SELinux utils are installed, so this may be AppArmor being an asshole
<Callum__> twb: any ideas?
<twb> dunno
<twb> That says cupsd can't read /var/run/samba/gencache.tdb
<twb> And yes, that's an apparmor message
<twb> On ubuntu apprmor is on by default, selinux is not
<Callum__> ugh, it looks just like SELinux apparently
<Callum__> so do I have to change a rule or something?
<twb> Hm, actually, maybe it's a generic LSM message, so it could be either
<Callum__> I have no experience with AppArmor OR SELinux
<twb> Callum__: only if you want it to work :P
<twb> Callum__: look in /etc/apparmor for cupsd stuff
<Callum__> /etc/apparmor.d/usr.sbin.cupsd, /etc/apparmor.d/cache/usr.sbin.cupsd and/etc/apparmor.d/abstractions/cups-client...
<twb> Callum__: also, talk to #ubuntu-hardened about it
<Callum__> what for?
<twb> Because they're the ones that know about apparmor
<MTecknology> ok.. so I'm going to try to use PlanetPlanet - Any chance I could get some help figuring out how to set it up?
<Callum__> ah
<Callum__> well, there are no permissions defined for /var/run/samba/gencache.tdb in /etc/apparmor.d/usr.sbin.cupsd
<twb> IIUC apparmor is "default deny" for specific apps
<Callum__> to be honest I never understood why we needed SELinux or twb
<Callum__> ooops twb
<twb> haha
<Callum__> I meant AppArmor
<Callum__> wth
<Callum__> I saw your name and wrote it down
<Callum__> DAMN, that happens on IRC as well as IRL
<Callum__> what is wrong with me
<Callum__> anyway, changed it, let's see what happens
<MTecknology> OH! Is PlanetPlanet a python app that gets run on a cron and then just outputs static content?
<Callum__> heh, I probably need to go down to the station to restart the printer
<Callum__> they kind of lock up when this happens
<Callum__> damn
<Callum__> Let's try my OTHER printer there
<Callum__> HP LaserJet 5Si from the mid 1990s =D still prints brilliantly at 600dpi even when its this old, plenty of toner left in it too
<Callum__> sure it needs a little bit of time to warm up, but what other large printer doesn't these days apart from huge photocopiers
<joschi> MTecknology: yes, it is
<Tiibiidii> uhm i have a doubt... about my virtualbox setup... it's working fine, but i'm wondering if i could setup things better
<Tiibiidii> i mean: my issue is with the hostname resolution
<Tiibiidii> i have this ubuntu server vm...
<Tiibiidii> from this i can ping fine the ip address of the host and vice-versa
<Tiibiidii> (the network is bridged)
<Tiibiidii> but the hostname resolution doesn't work
<Tiibiidii> i mean... the local name resolution should be done by the local wifi router
<Tiibiidii> i can obviously setup statically the ip address inside the /etc/hosts file
<MTecknology> Is there anyone around that knows much about PlanetPlanet? I'm trying to separate the config directory from the template directory.. I have /opt/planet/nginx and /opt/planet/nginx-data. In nginx/config.ini I have template_files = nginx-data/index.html.tmpl  -  planet.py spits this out when I try to run that - planet.htmltmpl.TemplateError: Htmltmpl error: IO error while reading template 'index.html.tmpl': (2) No such file or
<soren> MTecknology: I use absolute paths.
<soren> MTecknology: Works great.
<MTecknology> soren: that must get to be one massive line
<soren> 349 characters.
<soren> I'm a big boy. I can handle it.
<MTecknology> :P
<MTecknology> soren: how hard is it to make a nice theme for this when I'm all done? I think that's all I really have left
<MTecknology> I won't do it now - it's 05:58 - sleepy time - that'll be a task for after my break
<soren> MTecknology: As hard as html and css.
<MTecknology> soren: I'm screwed..
<soren> MTecknology: Me too. I stole mine.
<twb> soren: HTML *is* hard.  Look how many people end up using tables for alignment rather than doing it properly
<soren> twb: People fail at the simplest tasks. it's common.
<soren> twb: I'm reasonsably good with html, but I still can't make anything that doesn't look like crap. Frustrating, really.
<soren> I have the technical skills, but completely lack the aesthetic skills.
<twb> Bah
<MTecknology> soren: where did you steal yours from?
<MTecknology> I know what this needs to look like in the end - and I'm not excited for it..
<twb> The content provider is supposed to provide *content*, not style.
<soren> MTecknology: Planet Ubuntu, I believe. It's ok, it was for planet.ubuntu-dk.org
<twb> That's why I use w3m, since it doesn't implement CSS, I get a consistent style across all sites :-P
<MTecknology> oh
<MTecknology> soren: even an absolute path doesn't work...
<soren> MTecknology: What's the error now?
<MTecknology> http://dpaste.com/278785/
<soren> MTecknology: index.html.tmpl doesn't look like an absolute path to me.
<MTecknology> template_files = /opt/planet/nginx-data/index.html.tmpl /opt/planet/nginx-data/atom.xml.tmpl /opt/planet/nginx-data/rss20.xml.tmpl /opt/planet/nginx-data/rss10.xml.tmpl /opt/planet/nginx-data/opml.xml.tmpl /opt/planet/nginx-data/foafroll.xml.tmpl
<soren> That's fine. You must not be using that configuration file.
<MTecknology> http://dpaste.com/278786/
<MTecknology> :(
<soren> MTecknology: grep template_files  nginx/config.ini
<MTecknology> soren: only the one line shows up..
<soren> -v?
<MTecknology> .....
<MTecknology> rm -r nginx-data/*tmplc nginx-data/cache
<MTecknology> that made it work..
<soren> Awesome.
<MTecknology> well... learned something new :P
<MTecknology> thanks :)
<MTecknology> Now I just need to add feeds and make it look pretty
<MTecknology> easy peasy
<MTecknology> and the fact that it generates static content - amazing
<soren> Daviey: Ok, just so we're clear.. We can all commit stuff to the nova packaging branch now, but we review things before commit. Is that accurate?
<Daviey> soren: If that is good for you?
<soren> Daviey: That sounds perfect.
<Daviey> soren: \o/
<soren> Blimey, i have a lot of nova branches.
<Daviey> lol
<soren> 52 of them.
 * soren cleans house
<shauno> seem to be having problems routing from eth0 to ppp0; ufw is disabled and ip_forward is set in sysctl - what else am I missing?
<soren> shauno: What are you trying to do?
<soren> shauno: ...and what makes you say it doesn't work?
<shauno> trying to pass traffic from a device on eth0 to a modem.  everything the device tries to reach times out
<shauno> (it's an embedded device that hits a http server on a regular basis, but unfortunately doesn't have any settings for a http proxy)
<soren> shauno: You (very likely) need masquerading set up.
<shauno> soren: masq turned out to be just the google-fodder I needed, ty
<soren> shauno: Sure
<shauno> luckily I just need to capture a few minutes worth of traffic from it, so it doesn't have to be tidy - just functional
<zul> soren: why is there two urls in the watch file?
<soren> zul: One has snapshots, the other has releases.
<soren> Click 'em :)
<zul> soren: gotcha
<zul> soren: so you should be able to do a uscan and it will download the tarballs for you?
<soren> zul: Yes. that's what "debian/rules get-orig-source" does.
<zul> sorry i never used uscan before
<soren> zul: "bzr bd -S" also does it for you.
<zul> ok...duh...need more caffine :)
<soren> zul, Daviey: We need better defaults for networking.
<zul> soren: like?
<soren> zul: Something that doesn't suck.
<soren> zul: What's the default in Eucalyptus?
<Daviey> soren: I agree :)
<soren> MANAGED-NOVLAN?
<zul> soren: yeah :)
<Daviey> soren: asking for avaliable IP addresses :)
<zul> soren: having never touched eucalyptus i dont know :)
<soren> Daviey: Oh. Which network mode?
<Daviey> range, notation or comma separated :)
<Daviey> soren: lemme confirm
<soren> Daviey: Ta.
<Daviey> soren: Interesting, http://pb.daviey.com/3vQ8/raw/ :)
<Daviey> soren: but yes, MANAGED-NOVLAN
<soren> Daviey: Ok.
<soren> We don't have that :)
<soren> It's on my TODO, though.
<hggdh> JamesPage: I found the issue with my couchdb -- an interesting side effect
<Daviey> soren: hmm
<Daviey> soren: what does nova call the default?
<soren> Daviey: VlanManager.
<JamesPage> hggdh: yep - I found a few issues as well.....
<Daviey> soren: How does VlanManager differ from Managed-novlan ?
<soren> Daviey: It uses VLAN's :)
<Daviey> :P
<soren> Daviey: Other than that, it's mostly the same, IIRC.
<soren> Daviey: ..but the choice of -NOVLAN over just MANAGED was intentional.
<Daviey> then using that makes sense IMO.
<soren> Let me think about it. The goal is simply to have something that works as well as possible out of the box with as few questions asked as possible.
<Daviey> soren: Well... asking what IP addresses should be used (to the user), is pratical IMO.
<soren> I'm unsure how valuable it really is. Sure, it should be debconfable, but if we can provide some defaults that give you a working cloud setup without asking any questions in 98% of the cases, that's a major win.
<Daviey> totally
<soren> We have a benefit over Eucalyptus, though.
<soren> Eucalyptus didn't work well on a single box.
<Daviey> soren: Ok... That would mean we need to expect a dhcpd to be avaliable on the network... ?
<soren> Daviey: No.
<soren> Nova works just fine on a single box, so the impact of choosing the VLANed option isn't big.
<Daviey> soren: Ideally, we work well on one box - but equally work well on (n)
<soren> Daviey: Sure. It's just that when you're going to n boxes, you need to do things differently anyway.
<Daviey> soren: Are there doc's on the network settings nova currently supports?
<[diablo]> guys is the default dns server in 10.10 server BIND or PowerDNS please? When choosing "DNS Server" in the installation process
 * [diablo] hopes its PDNS
<Daviey> [diablo]: Bind
<[diablo]> doh
<[diablo]> ah well :)
<RoyK> [diablo]: apt-get install pdns-server .....
<[diablo]> nod
<[diablo]> damn I soooo love ubuntu server over RHEL
<RoyK> hm... powerdns looks promising
<RoyK> but then, bind works too :Ã¾
<Daviey> powerdns has a bounty on it, doesn't it?
<Daviey> if you find a security bug
<RoyK> dunno
<RoyK> couldn't find one on first google
<[diablo]> I like pdns cos I backend it to openldap
<Daviey> No, i was thinking of djbdns.
<Daviey> (tinydns)
<soren> Daviey: Good question.
<soren> Daviey: /me checks
<soren> Daviey: The stuff on http://nova.openstack.org/nova.concepts.html looks accurate enough to me.
<soren> Daviey: At a glance, at least.
<Daviey> soren: thanks!
<HackeMate> hello
<HackeMate> is there a way to restart the dhcp3 server and modify the dhcpd.conf without being root or executing sudo?
<pmatulis> HackeMate: no
<HackeMate> a part of give 777 permissions
<HackeMate> what about give the user a certain group?
<HackeMate> i dont know what group is required for dhcpd
<pmatulis> HackeMate: trying to circumvent standard security measures is not the way to go
<HackeMate> that's why I find a best way
<pmatulis> HackeMate: state why you are trying to do that
<HackeMate> I have created a cgi that need restart the server
<HackeMate> and I wont give 777
<HackeMate> the cgi is a web-based app to add mac addresses to the dhcpd.conf
<pmatulis> HackeMate: so allow the user that the cgi is run under to issue the commands you want without a password
<pmatulis> HackeMate: do this by editing /etc/sudoers (ideally with visudo) and using NOPASSWD (man sudoers)
<HackeMate> but then I will let the www-data to run everything sudo can execute
<pmatulis> HackeMate: no.  you specify the commands he can issue
<HackeMate> oh, that's exactly what i want
<HackeMate> so i modify in sudoers what www-data can execute without password
<HackeMate> perfect
<highvoltage> stgraber: ^^^ now /that's/ completely insecure :)
<HackeMate> another strange question, I get timeout in ssh when idle
<HackeMate> I have configured the TCPKeepAlive and ServerAliveInternal but still die
<soren> zul, Daviey: Ok, do you want to review https://code.launchpad.net/~openstack-ubuntu-packagers/ubuntu/natty/nova/ubuntu/ now?
<zul> soren: sure
<zul> soren: what about --FAKE_subdomain?
<zul> is it still needed?
<soren> zul: The docs say it is.
<soren> zul: But they're lying.
<zul> soren: k
<soren> zul: Feel free to nuke it.
<zul> soren: ack
<zul> soren: looks good to me...im guessing daviey will look at it after the meeting and ill upload it
<Daviey> two eyes is enough IMO.
<soren> Daviey: I have two eyes.
<Daviey> err, 4 eyes - perhaps :)
<soren> Daviey: Yeah, that I don't have :)
<soren> zul, Daviey: It will use r412. That seems fine to me.
<zul> soren: ack
<zul> soren: ill start the new changelog after i upload it?
<soren> zul: So to build it, just check out the packaging branch and do "bzr bd -S".
<zul> soren: right
<zul> soren: already did it a couple of times ;)
<soren> zul: Alright, just making sure :)
<soren> Using "bzr bd" just may provide different results than dpkg-buildpackage directly. "bzr bd" is reproducable and consistent, so it's preferred.
<soren> I know you know, I'm just elaborating in case someone is following along at home :)
<MTecknology> soren: so.. 10:24 - I'm considering a nap... but the css and template editing it coming along :)
<soren> MTecknology: masochist.
<MTecknology> soren: You know how often I hear that?...
<MTecknology> I'm starting to think it might be true. :(
<soren> tmi
<soren> :)
<MTecknology> soren: wanna see it?
<soren> Oh, the planet?
<soren> phew. My mind was elsewhere.
<soren> MTecknology: Sure.
<MTecknology> soren: You'll have to add it to your hosts file - waiting on someone to decide if we're going to actually do it and update dns - 69.168.53.33 planet.nginx.org
<MTecknology> woah... were you thinking something you shouldn't be thinking?
<soren> MTecknology: WEll, you just revealed that people call you a masochist a lot.
<soren> MTecknology: http://planet.nginx.org/ looks decent. I coudln't have done it better myself.
<soren> And with that, I bid you all a good day.
<soren> I must eat.
<MTecknology> I should nap... or do homework
<MTecknology> soren: thanks - I'll ttyl
<yann2> what is the preferred disk format for windows VMs under KVM - raw, qcow2?
<soren> /dev/null :)
<MTecknology> soren: hey.. our ip's are incredibly close.. where do you live?
<soren> Denmark.
<MTecknology> oh.. nowhere near then
<reggie_> hey folks I am having a permissions issue with synaptic can anyone help?
<yann2> soren, if only...
<zul> Daviey: can you review the packaging branch?
<reggie_> can anyone help me figure out my permissions issue with synaptic
<ScottK> reggie_: synaptic is a desktop package.  You should ask in #ubuntu.
<zul> how is it different running servers on vm any different from running servers on bare metal other than hardware
<reggie_> lol well I installed gui on top of serverso my first thing was to try and play with synaptic but for some odd reason it will not accept my password
<reggie_> ubuntu tells me to come here since this is server
<ScottK> Once you've installed the GUI, it's not.
<reggie_> I have no issues installing from the command line but trying to use synaptic is a no go
<ScottK> So the server solution would be don't use synaptic.
<reggie_> ScottK, if you dont want to help I can understand but I would still like to find out the root of this problem
<ScottK> reggie_: Fine, but it's off topic for this channel.
<reggie_> I understand
<reggie_> I will try back in ubuntu then
<ScottK> Good luck.
<reggie_> ikonia?
<reggie_> i am here ikonia
<ikonia> hello
<ikonia> do you want to explain the issue for me a bit please ?
<reggie_> hey how are you thank you for helping me out
<reggie_> yes sir
<reggie_> first i'm a win admin tryingt o incorporate ubuntu server into my network
<ikonia> ok
<reggie_> so i am fairly new with all of this but i know a little bit of the basics
<reggie_> so being a win admin my first gut instinct was to install the gui even though it is frowned upon
<reggie_> so i did that and went to try out synaptic and it is giving me a no go with my password even though the password is correct
<ikonia> reggie_: ok, so lets step back and run a few tests
<reggie_> so we looked at my permissions with the groups command and it does appear that I have admin rights
<ikonia> reggie_: firstly can you run "sudo apt-get update" ?
<reggie_> yes sir
<reggie_> i can
<reggie_> i can install with no issues from command line
<ikonia> reggie_: ok, can you do gksudo synaptic
<ikonia> "gksudo synaptic" sorry
<reggie_> one sec let me try
<reggie_> yea it seems to come up when i run that command
<reggie_> wow
<reggie_> so what the heck is the issue from accessing from the gui directly
<ikonia> reggie_: ok, so hang on, wait 20 minutes, then ping me and we'll run some more tests
<reggie_> ohh ok thank you
<reggie_> will do
<hallyn> SpamapS: wanna chat upstart for a second?
<hallyn> i think ivoks might join in too
<hallyn> SpamapS: you hae a bp on making upstart more server-capable right?
<zul> soren Daviey: upload done
<zul> soren Daviey: i started a new release in the bzr branch as well
<SpamapS> hallyn: yes!
<SpamapS> hallyn: are you trying to upstart-ify something?
<hallyn> sorry, need three ins now
<hallyn> three minutes now
<hallyn> SpamapS: ok.  so, no, not trying to upstart-ify anything,
<hallyn> SpamapS: rather, we're wondering about the upstart behavior when stopping a service
<hallyn> apparently, it doesn't just kill the service, but also all its children?
<hallyn> which of course can prevent a service from doing an orderely shutdown
<SpamapS> hallyn: upstart has no notion of "children"
<SpamapS> hallyn: it tracks a process ID as the "job"
<SpamapS> hallyn: and sends TERM then KILL to that pid
<hallyn> ivoks: ^
<ivoks> yeah
<ivoks> upstart is an as***
<SpamapS> hallyn: if the process dies and it has children, they get assigned to init (upstart) as zombies and handled
<hallyn> SpamapS: i wanted to see if you'd run into that, for starters.  all right, lemme pull down the code
<hallyn> bc i think you are wrong :)
<SpamapS> ivoks: this is no different than an init script
<ivoks> init script sends TERM to parent
<ivoks> and waits
<ivoks> upstart does massacre
<ivoks> anyway, i worked around that... so, i'm not that angry any more
<SpamapS> ivoks: massacre in what way?
<ivoks> it kills children before it kills parent
<hallyn> ivoks: i wasn' ttyring to soothe your anger, but rather wonderng whether there is something platform should do for usptart on server
<\sh> ivoks: should we change to systemd? ;-)
<ivoks> i have a specific parent
<SpamapS> ivoks: that would be crazy
<ivoks> that is terminating children for a minute
<ivoks> but it can't finish cause someone sends term to kids
<SpamapS> ivoks: what I think you're hitting is the kill timeout
<ivoks> it's not
<ivoks> it's TERM, -15
<smoser> anyone able to help me. i'm a dolt. https://launchpad.net/~awstools-dev/+archive/awstools/+build/2060214
<ivoks> i get children writting that they received -15
<SpamapS> ivoks: was the *parent* killed though?
<SpamapS> ivoks: see if it sends SIGKILL to the parent, then the children get assigned to init and it kills them off.
<ivoks> SpamapS: i'm in the meeting right now, let me get back when that finish
<SpamapS> ivoks: try raising kill timeout
<ivoks> parent doesn't exit until all kids terminate
<SpamapS> would bet thats the issue.
<\sh> smoser: chmod 755 ec2-activate-license when it's there?
<ivoks> this isn't apache or something simple
<ivoks> these kids need to be terminate in a specific order
<ivoks> terminated
<hallyn> ivoks: thanks, let us know when you're out of the mtg, ttyl
<ivoks> those kids also fork, so... it's mess :)
<SpamapS> I can't find in upstart's code where it sends SIGTERM to anything except the main job pid
<smoser> \sh, yes. thank you. i was tihnking it was a different error.
<smoser> http://launchpadlibrarian.net/59504186/buildlog_ubuntu-maverick-i386.ec2-api-tools_1.3.57419-0ubuntu2%7Emaverick2_FAILEDTOBUILD.txt.gz is what i intended to point at
<smoser> but never mind. i have to run i'll sort it out somtime.
<\sh> smoser: Package java6-runtime-headless is a virtual package provided by: <- no candidates
<smoser> right. but why ?
<\sh> smoser: looks like no package provides java6-runtime-headless
<smoser> hm..
<\sh> smoser: default-jre-headless should provide that package (at least on maverick)
<smoser> http://packages.ubuntu.com/maverick/java6-runtime-headless
<SpamapS> hallyn: have to run out for a bit, but you should try asking keybuk as well.
<reggie_> hey ikonia
<hallyn> SpamapS: thx, ttyl
<SpamapS> ivoks: I'd also be interested in what daemon.log says that upstart did.. whether it says it sent TERM/KILL to the main process and such
 * SpamapS will bbl
<\sh> smoser: yes..but the buildd does think it's not provided anyhow..
<progre55> hi guys. I've set up exim4 on a server, but some emails I send from it are returned with error "550-Verification failed for <me@mysite.com>\n550-Unrouteable address\n550 Sender verify failed". Any suggestions, please?
<blackxored> hello guys, I can't remember the name of this app, so I ask, a LAMP application which was intended for streaming audio/video, along with a pretty management interface, pops up some suggestions???
<blackxored> i'm getting some scaped html i shouldn't
<blackxored> ups sorry
<RoyK> try apt-cache search or freshmeat or even google
<Scunizi> I'm trying to scp from /var/www on one machine to /var/www on another machine and am prompted for the password to the remote machine. After entering it all files/directories respond with "Permission Denied" when trying to copy. Any assistance appreciated.
<b0gatyr> salutations
<ivoks> SpamapS: i'm back
 * pmatulis wonders why his freshly installed maverick server shows a load of 0.90
<ivoks> SpamapS: it sent TERM, but to all the processes
<progre55> Scunizi: your user doesnt have permissions for the /var/www directory
<progre55> and I'm guessing, on both servers
<Scunizi> progre55: how do I add the user to www-data via cli?
<Scunizi> progre55: would it be ... #useradd -g <user> www-data ?
<ivoks> adduser user group
<Scunizi> or #useradd -g www-data <user>
<progre55> Scunizi: umm.. useradd
<Scunizi> no -g ?
<ivoks> adduser user group
<Scunizi> k
<ivoks> notice *adduser*, not useradd
<Scunizi> ivoks: does it take effect immediately?
<ivoks> user needs to log out
<Scunizi> ok.. thanks.
<ivoks> if you are adding user to www-data, you are probably doing something wrong
<progre55> Scunizi: btw, why would you add a user to www-data just to scp?
<progre55> Scunizi: just scp it to some other location, and then ssh into the server and mv it into /var/www
<Scunizi> progre55: I was just trying to avoid that
<progre55> that's a bad idea
<Scunizi> progre55: why
<progre55> for security reasons
<Scunizi> progre55: so you don't want any other users to be listed in the www-data group other than apache?
<progre55> www-data can run some critical processes, that you wouldnt want your ordinary user to run
<progre55> or have access to
<Scunizi> progre55: ok.. that makes sense.. then how do you remove a user from a group?
<progre55> anyways, can anyone help out with exim4, please? )
<progre55> Scunizi: hmm.. sec
<hggdh> zul: I am in doubt about samba bugs 678498,659854,393012 -- are the first two really duplicates of the last one?
<uvirtbot> Launchpad bug 678498 in samba "Ubuntu fails to copy any files on windows share with "Invalid Argument" error" [Undecided,Confirmed] https://launchpad.net/bugs/678498
<uvirtbot> Launchpad bug 659854 in samba "Nautilus 2.32.0: Copy to SMB  (dup-of: 393012)" [Undecided,New] https://launchpad.net/bugs/659854
<uvirtbot> Launchpad bug 393012 in autofs "[SRU] smb: Error while copying file, "Invalid argument"" [Undecided,Confirmed] https://launchpad.net/bugs/393012
<zul> first one and last one are probably duplicates
<hggdh> zul: and, if they are, is it not a good idea to open a task for samba(Ubuntu) on 393012?
<Scunizi> progre55: I could directly edit /etc/group and remove the user from there on the line that reads www-data:x:33:<user>
<zul> hggdh:probably :)
<ivoks> SpamapS: http://pastebin.com/n709p8pZ
<hggdh> zul: doing it
<zul> hggdh: merci
<hggdh> zul: mon plaisir
<progre55> Scunizi: usermod -G theNeededGroup username
<Scunizi> progre55: thanks
<progre55> wait
<Scunizi> k
<progre55> Scunizi: the needed group is the group that the user actually belongs to, not the want you want to remove
<zul> hggdh: have you tried to run the test rig on natty since the last time we did it?
<progre55> after this comman, the user will only belong to the group you specified here
<hggdh> zul: no, I was waiting for the new Natty kernel. I will try it today
<progre55> you have have a list of comma-separated groups
<progre55> Scunizi: ^^
<zul> hggdh: cool...
<Scunizi> progre55: ah.. so that command re-associates a user to one group or several groups in a comma-separated list?
<progre55> yep
<Scunizi> progre55: ok.. thanks
<progre55> you can also : "id -nG username" to find out which groups the user belongs to
<Scunizi> progre55: yea.. I was just thinking that I didn't know all the groups that the primary user on the server belonged to..
<Scunizi> On a side note.. when logged into a headless server via ssh.. how do you log the user out?  log off the ssh session?
<uvirtbot> New bug: #393012 in autofs "[SRU] smb: Error while copying file, "Invalid argument"" [Undecided,Confirmed] https://launchpad.net/bugs/393012
<progre55> Scunizi: "exit"?
<hggdh> Daviey: any news from the euca bug?
<Scunizi> progre55: that's what I though.. just shutdown the ssh session.
<progre55> but what's a headless server?
<Pici> A server without a monitor.
<progre55> ah )
<progre55> makes sense =)
<progre55> so, I've configured exim4 on my headless server, and sending email works fine, except I get error 550 for some email addresses. Any ideas, please?
<progre55> "550-Verification failed for <me@mysite.com>\n550-Unrouteable address\n550 Sender verify failed"
<hggdh> zul: natty still does not recognise the NetXtreme II card...
<zul> hggdh: crap
<hggdh> aye...
<zul> hggdh: there is a bug number for this isnt it?
<hggdh> zul: 6 machines rendered useless :-(
<hggdh> zul: yes, there is, just a sec
<zul>  https://bugs.launchpad.net/ubuntu/+source/linux/+bug/676245
<uvirtbot> Launchpad bug 676245 in linux "Broadcom NetXtreme II BCM5709 not recognised on install" [High,New]
<hggdh> aye
<Pici> progre55: It could be a few things: invalid/missing reverse dns, spf record missing
<progre55> Pici: where do I check the reverse-dns settings?
<Pici> progre55: Wherever you have your dns setup.
<progre55> Pici: somewhere in resolv.conf?
<Pici> progre55: no. You have a domain name right?
<progre55> yep
<progre55> Pici: saplo.com
<Pici> progre55: The reverse dns entry for 79.125.15.2 doesn't point there though.
<Pici> So wherever you update your dns records, you should have an option to set a reverse dns entry.
<progre55> but it's an amazon server, and I'm using the default amazon dns
<oru_work> greetings how to tell which php version i have installed. php --version returns some weired stuff
<progre55> oru_work: php -version
<Pici> progre55: From a little googling it looks like there is a way to setup reverse dns within Amazon's AWS, but since I don't have one or have access to one, I don't know where that setting would be.
<progre55> Pici: oh thanks, I'll try googling then )
<progre55> thanks for all the support
<WALoeIII> Pici: don't try to send email from AWS, its not worth it
<WALoeIII> use some relay
<WALoeIII> authsmtp.net
<WALoeIII> sendgrid
<Pici> WALoeIII: Don't tell me, tell progre55 (who just quit)
<WALoeIII> oh :\
<WALoeIII> well, he'll figure it out the hard way :()
<oru_work> can someone have a look at this please http://pastebin.com/702fYJ3Q
<orudie> php -version returns the following complaints/errors and i'm not sure how to fix them m http://pastebin.com/702fYJ3Q
<navanjr> help.... "mvn (Apache Maven >= 2.2.0) is not in the path" what have i missed?
<navanjr> im attempting to install zenoss from source
<\sh> whoosa mcollective + puppet == production rollout in less then 15 minutes...world record (rollout of 25 SOA services on live servers)
<Daviey> \o/
<navanjr> is this room a good place to find general server support?
<navanjr> im new to ubuntu and having, what i think is, a path or version issue installing Zenoss
<Daviey> \sh: How was your mcollective setup experience?
<Daviey> navanjr: it is a pretty good place, but you sometimes find more active support in #ubuntu
<navanjr> thanks!
<\sh> Daviey: not good...we are working on it...it's sometimes not straight forward as it should
<Daviey> \sh: That was my thought when i looked into it a while ago
<Daviey> (I didn't finish setting it up)
<dbowlby> I have a ubuntu 10.10 server that I use for a firewall.  It currently only uses about 3gb of disk space.  I'd like to move this from a hard disk to a usb key.  What steps would I have to perform to copy my installation to usb key and make sure it boots
<\sh> Daviey: but the idea behind mcollective is awesome...I'm thinking about implementing something similar like that in python + rabbitmq + python-carrot / python-celery
<dbowlby> \sh, cluster talk?
<\sh> dbowlby: link? :)
<dbowlby> \sh, using mq to pass stuff onto the cluster is an interesting notion
<Daviey> dbowlby: rsync the files from the server to the usb pendrive, run grub-install on pendrive, and change /etc/fstab to point to new disks
<Daviey> i think that is all
<dbowlby> Daviey, cool, I'll give it a shot
<Daviey> \sh: Oh aye... that is interesting... keep me posted if you get your hands dirty with code.
<dbowlby> I already have a java mq sender and consumer
<Daviey> \sh: I would love puppet to natively discover the puppetmaster :)
<\sh> Daviey: well, it will be a part of my (DC)Â² project (launchpad.net/dc2)
<Daviey> \sh: I am aware of your project :)
<dbowlby> would you require the same software on each box, or have components located on a nfs share (depends on the app I assume)
<dbowlby> \sh, Daviey, have you guys played around with perceus?
<Daviey> common NFS defeats the purpose IMO
<Daviey> dbowlby: no
<dbowlby> Daviey, well you have to confirm that apps are loaded, and seems kinda silly to waste repetitive space for executables
<dbowlby> Daviey, server specific space I'd understand
<dbowlby> Not like the NFS couldn't be mirrored
<\sh> dbowlby: nope...
<dbowlby> are you guys looking at this from a cloud perspective or from a clustered perspective
<\sh> dbowlby: I'm looking from a bare metal datacenter perspective :)
<binBASH> hi sh ;)
<\sh> binBASH: hey :)
<binBASH> your tool sounds intressting ;)
<dbowlby> \sh: what kind of things are you looking to manage?  Are you looking to plug in a server and have it autoconfigured once you enter the mac address?
<\sh> dbowlby: that already works ;)
<dbowlby> \sh: yeah I guess with dhcp in the mix you don't need to do even the mac step
<dbowlby> \sh: so what are you looking to manage then, just event calls across the platform?
<\sh> dbowlby: well, what we do is FAI for OS Deployment (which means, MACs maintained via mysql/couchdb enabled tftp server), auto inventarisation works already, and deployment too...now we are working on integrating puppetd single runs inside the FAI deployment, after reboot, we should have a working production system with apps etc. fully fledged...now we are looking at rolling app deployment with puppet and mcollective (eventually not mcollective but
<\sh> the idea behind it)
<\sh> dbowlby: when everything works here, we can increase the focus to VMWare ESX (which already works with PXE enabled VMs) and UEC (XEN/KVM etc.
<\sh> dbowlby: amazon style cloud servers are different
<dbowlby> \sh: nice
<toast018> afternoon everyone!
<orudie> is there a way to back one version in php from php 5.3.x to 5.2.x ?
<dbowlby> \sh: yeah, it is different
<dbowlby> \sh: I like the idea of making it work UEC :)
<\sh> dbowlby: the FAI maintainer is working to integrate gpxe into FAI but I doubt, that amazon or rackspace will support bootps over internet ;)
<dbowlby> \sh: awwww, why not ;)
<dbowlby> \sh: I could put up a pptp :)
<dbowlby> \sh: and hope it doesn't catch on fire
<\sh> dbowlby: well...time is here my enemy...;) and right now, I'm the only one here @office who is working on the topic "bastard automation from hell"
<toast018> how can I temporarily unblock .exe files in my mail server? I use ubuntu 8.04 with sendmail, spam assassian, and clamav
<toast018> is it in spam assassain?
<\sh> dbowlby: eventually I'll find the time in 2011 to attend another UDS and present the DCÂ² project :)
<jmgalloway> anyone here know how to use hsql?
<soren> zul: In the future, I'd appreciate it if a release was done like so: "dch --release && debcommit --release && bzr bd -S && dput", and then, if it's accepted, "bzr push".
<dbowlby> \sh: definitely an interesting thing to play with, you've got me thinking :)
<toast018> anyone? :)
<\sh> dbowlby: the real problem is sell automation to your management, 'cause in the beginning it costs time and money, but in the end it saves you money and time and (human) resources
<dbowlby> \sh: in my world I have no problem selling that.  I have a particular use case that it would be VERY useful.
<\sh> dbowlby: actually the use case is already starting at no. of servers >= 2 ;)
<dbowlby> \sh: yeah, I was thinking selfishly :)
<zul> soren: ack
<orudie> is there a way to back one version in php from php 5.3.x to 5.2.x ?
<orudie> anyone ?
<zul> no
<dbowlby> toast018: from what I've found from googling, "SpamAssassin does not block, it only scores according to configured rules. "
<toast018> yea I found that as well just now. Seems that in version 2 you could choose to block it.
<toast018> thats no good. :( lol
<toast018> my surpervisor has an email with an exe in it coming from a legit company and needs to file to update a program.
<toast018> o well just found out I got a bigger problem...
<toast018> I changed my eth ports from eth0 to eth1 because it was going bad and even though everything works (email, client page, etc) I cant putty into the system any more it times out. Also the external IP times out as well.
<pindemon> somebody here using zarafa+exim?
<zul> SpamapS: there is a mysql merge with your name on it
<dbowlby> toast018: sounds like you're toast ;)  Just have them rename the exe to a .hateemail
<dbowlby> toast018: you could buy some time with management if you told them e-mail is so 80s and everyone sends their files via SMS now.  They'll spend hours trying to figure it out.
<toast018> dbowlby: That was my suggestion. I hope they do that instead of forcing me to change all the rules to allow one email. lol. I wished that would work
<toast018> I have adjusted the firewall to allow ssh but still cant connect on port 22 while using eth1
<toast018> it works fine on eth0
<RoyK> pastebin ufw status
<RoyK> and also dmesg output
<toast018> the ufw status is showing that all traffic from my subnet is allowed to port 22
<RoyK> toast018: what's your ip?
<RoyK> I might try to do an ssh connect from here if you like
<RoyK> ufw iptables rules won't usually deal with which interface the traffic comes from
<toast018> 12.52.251.72
<toast018> I think its a firewall issue. It was not enabled. when I enabled it port 22 opened but all others closed.
<RoyK> no contact with 12.52.251.72:22 from here
<toast018> I blocked it from outside my subnet. Try port 25
<toast018> I just looked on mxtoolbox.com and it shows it open but always like a second look... lol
<RoyK> doesn't make ssh debugging easier
<toast018> I got it working on my network now. sorry...
<toast018> thanks for the help... :)
<RoyK> I'd use fail2ban or denyhosts for blocking bots
<RoyK> and just leave it open elsewhere
<RoyK> ufw is usually down, if you enable it, it'll block everything not specifically allowed
<toast018> Ill look into fail2ban and denyhosts. I am still learning as I go here.
<toast018> total newb...
<RoyK> nothing bad in being a newbie
<RoyK> I was a linux newbie myself 15 years ago....
<toast018> im forcing myself to not install any gui at all on the servers ... Im hoping that will help me in the long run
<RoyK> it will
<RoyK> you can be certain of that
<toast018> even setup a box at home with no gui so I can log into it and mess around. if I would start keeping better notes I would be doing alot better... lol
 * RoyK is teaching his boss vi these days
<toast018> nice
<toast018> what is the diffference between vi and vim?
<\sh> RoyK: wasn't emacs for the bosses and VIs for the others? ;)
<RoyK> vim is "improved"
<RoyK> \sh: boss isn't really a bossy style
<RoyK> which is good
<RoyK> toast018: most distros use vim these days - for good reason
<toast018> Thats what I use on our systems. took a min to get use to and still learning. lol
<RoyK> toast018: try 'set -o vi' in bash
<toast018> what will that do?
<RoyK> <esc>/whatiwroteyesterday
<RoyK> it'll turn bash into vi
<toast018> what would the benefits be?
<guntbert> RoyK: and how to revert that step?
<RoyK> well, if you like vi syntax, it's greeat
<RoyK> guntbert: set -o emacs
<RoyK> but then, it will only affect the current shell, so you can just quit the shell
<guntbert> RoyK: thats understood :-) - but I always ask for/tell the way out :-)
 * RoyK really wants this issue with his controllers to get fixed so he can get 2x110TB online
<Egonis> I have a basic ufw configuration to masquerade traffic from eth1 to ppp0 -- however I have a /28 subnet from my ISP, which I am using on br0 successfully from a shorewall configuration previously. How do I add a route to allow traffic from the /28 subnet to pass through the bridge to ppp0?
<Egonis> i.e., should I be using route add, or a direct arp command? I used to use 'proxyarp' in shorewall, which did the job nicely, but wanted to try to achieve this through ufw and alittle hard-coding
<uvirtbot> New bug: #680687 in samba (main) "samba share refuses to authenticate login attempt" [Undecided,New] https://launchpad.net/bugs/680687
<Egonis> I'm going to rephrase my question -- sorry: I have a /28 subnet from my ISP which I use for a few servers that are attached to eth1, eth1 is also serving 10.0.0.0 for LAN PC's. How do I add a route for my subnet to route through my ppp0 interface?
<Egonis> I am using UFW
<rimp> hello
<rimp> is there anyone here who can help me
<Pici> We won't know until you ask a question.
<SpamapS> zul: I'll get started on the mysql merge tonight. :)
<SpamapS> ivoks: ack, just got your pastebin message (sorry been away from IRC for a bit) ... I don't see any upstart messages there. upstart should log what its doing in daemon.log
<ivoks> SpamapS: that's all i have in daemon.log
<ivoks> SpamapS: but you can see that all forks got TERM signal
<ivoks> SpamapS: corosync is the parent that should stop crmd, lrmd, cib, pengine...
<ivoks> SpamapS: but, those just die before it gets the chance to terminate them
<ivoks> SpamapS: this is with 'expect fork'
<SpamapS> ivoks: yes, but what I don't see is if anything got KILL first.
<ivoks> they didn't get KILL
<ivoks> they got TERM
<SpamapS> ivoks: did corosync get KILL ?
<ivoks> no
<SpamapS> hm ok
<ivoks> SpamapS: on line 119 is example how it should look like
<SpamapS> I spent a little of the time digging around in upstart's code and I still haven't seen where anything except the single, forked main process is sent any signals
<ivoks> SpamapS: well, lines 0 -> 117 are result of 'stop corosync, shilw lines 121 -> 409 are result of pkill -TERM corosync
<ivoks> shilw?
<ivoks> it must be getting late :)
<ivoks> ^ while
<uvirtbot> ivoks: Error: "while" is not a valid command.
<SpamapS> ivoks: Indeed, it does seem that they all got sent TERM's .. can you pastebin the upstart job too?
<ivoks> sure
<ivoks> SpamapS: http://pastebin.com/sb4By88x
<ivoks> SpamapS: i've tried without expect fork, 'service' and all i could find
<SpamapS> ivoks: did you try 'expect fork 1' ?
<SpamapS> I think thats the default..
<SpamapS> but not sure
<SpamapS> ivoks: actually, 'expect daemon' might be more appropriate w/ corosync
<ivoks> SpamapS: i can try
<ivoks> SpamapS: same results
<ivoks> SpamapS: this is lucid
<SpamapS> ivoks: interesting.. corosync might not daemonize in the usual way..
<SpamapS> ivoks: I believe if you take out 'expect fork' it may actually work properly
<ivoks> i think i've tried that
<ivoks> but i can try it again
<SpamapS> ivoks: the problem is corosync seems to just close its stdin/stdout/stderr, drop the controlling terminal, and then declare itself the leader of its process group, without ever forking
<ivoks> SpamapS: hm.... just noticed:
<ivoks> corosync start/running, process 1194
<ivoks>  1195 ?        Ssl    0:00 /usr/sbin/corosync
<SpamapS> ivoks: ok maybe strace deceived me
<SpamapS> ivoks: corosync actually calls clone, I wonder if upstart can't handle clone
 * SpamapS is preparing a stack of questions for keybuk on Thursday. :)
<ivoks> :)
<ivoks> that's his last day?
 * ivoks needs some sleep
<ivoks> SpamapS: without expect fork it doesn't work (cause, i guess, there's no pid 1194)
<SpamapS> ivoks: not sure, but I am going to be chatting with him about upstart.
<SpamapS> ivoks: right, it may need to be 'expect clone'
<ivoks> :)
<ivoks> ok, i really have to go
<ivoks> SpamapS: thanks you
<ivoks> thank
<SpamapS> http://paste.ubuntu.com/535702/
<SpamapS> thats the startup sequence..
<ivoks> yeah, it clones
 * SpamapS will be especially happy when upstart supports chroots
<ivoks> SpamapS: good night
<ivoks> :)
<SpamapS> ivoks: I feel a new upstart bug report coming. :)
<SpamapS> ivoks: there's a new "proc adapter" that is coming, that will probably be far more reliable than the ptrace method used to implement "expect fork"
<SpamapS> ivoks: but for now, I'd say if a process clones instead of forks to daemonize, it cannot be managed via upstart in the regular way
<SpamapS> ivoks: HOWEVER, you *can* manage it with tasks
<SpamapS> ivoks: which will at least let you start it, and pkill it, based on upstart events
<jiboumans> smoser: what's the right way to set a hosts hostname via cloud-init? http://ubuntu-smoser.blogspot.com/2010/03/introducing-cloud-inits-cloud-config.html implies there's currently no 'proper' way
<SpamapS> jiboumans: o/ !
<jiboumans> SpamapS: o/
<SpamapS> jiboumans: couldn't you just shove the hostname into /etc/hostname and run 'hostname' ?
<jiboumans> spamaps: i can via runcmd: but i happen to know cloud-init is already setting it to the value of the ec2 metadata service
<jiboumans> i want it to use a different value though (a hostname from my domain not, ec2s)
<jiboumans> runcmd: - ["cat my.host > /etc/hostname"] - ["hostname"] would probably do it
<jiboumans> but seems... ugly :)
<gl1d3r> Hi
#ubuntu-server 2010-11-24
<gl1d3r> Does anyone know how to get a server working over wifi on a password protected network?
<jiboumans> spamaps: actually, it looks like the *last* thing cloud-init does is set the hostname.. so it'll override whatever i do in runcmd =/
<SpamapS> jiboumans: guess you'll have to create an upstart task ;)
<jiboumans> spamaps: don't be silly
<SpamapS> task\nscript\necho bah > /etc/hostname && hostname bah\nend script
<SpamapS> start on startup
<SpamapS> actually
<SpamapS> start on filesystem
<jiboumans> and how would i pass that through userdata?
<SpamapS> cloud-init has a mime type for upstart jobs
<jiboumans> oh hells no
<jiboumans> i have some shiny plain text yaml to pass
<jiboumans> we're not butchering that for somethign silly like this :)
<SpamapS> jiboumans: write-mime-multipart can take your yaml and marry it with an upstart job. :)
<jiboumans> spamaps: surely in our time together you know that 'can' and 'should' aren't always the same thing :)
<SpamapS> jiboumans: the mime type thing is a little bit obtuse, but what else can you do to insert unrelated data of unknown type in a single location?
<SpamapS> actually
<SpamapS> oo
<jiboumans> things that look more obvious right now: 1) disable cloud metadata service
<jiboumans> 2) run-cmd + fork
<jiboumans> 3) crontab entry
<SpamapS> you can just add it to the cloud-config
<SpamapS> #upstart-job\n
<SpamapS> followed by the upstart job
<jiboumans> where're you reading this?
<SpamapS> docs/examples
<SpamapS> hmm not lucid seems
<SpamapS> 2010-06-17 "fix cloud-config.conf upstart job"
<jiboumans> yeah, has to be lucid
<jiboumans> although i keep telling smoser to spin new isos with backporting cloud-init
<jiboumans> it's probably the single most awesome app shipped by default on an ami imho :)
<SpamapS> jiboumans: actually #upstart-job should work in 0.5.10
<SpamapS> jiboumans: and agreed on that point. There's not much reason to spend time perfecting an AMI if you can write 4 lines of cloud-config and have your app deployed and configured
<jiboumans> spamaps, using: /usr/share/doc/cloud-init/examples/upstart-cloud-config.txt ?
<scubes13> what is best method of getting bind9 9.7.2 installed on 10.04 server?
<SpamapS> scubes13: you can try just building from the natty source package. If that works, submit it for backports.
 * SpamapS wishes the launchpad/ubuntu/+source/$package pages showed backports
<scubes13> SpamapS: would I just grab it from here? http://packages.ubuntu.com/natty/i386/bind9/download
<jiboumans> also: https://launchpad.net/~hauke/+archive/bind9/+build/1940598
<jiboumans> scubes13: ^
<SpamapS> scubes13: note that LaMont seems to be maintaining a backports PPA https://launchpad.net/~lamont/+archive/backports
<lamont> SpamapS: maintain might be a bit overstretching it.
<lamont> I tend to keep a current-ish bind9 package for hardy and lucid there
<lamont> for really sloppy versions of "recent"
 * lamont uploads his latest missives
 * lamont tries to remember which of his packages he just broke for hardy
<scubes13> jiboumans: maybe a stupid question, or obvious.. how do I proceed to install from the link you posted? ie, do I add this as a source (somehow) to sources.list?
<jiboumans> scubes13: it links to: https://launchpad.net/~hauke/+archive/bind9
<jiboumans> that explains how to add the ppa, basically:
<jiboumans> add-apt-repository ppa:hauke/bind9
<jiboumans> scubes13: no guarantee of the quality of course, but another ubuntu user has built it for lucid
<scubes13> thanks - will give these a shot and see how far i get!
<scubes13> really appreciate the help SpamapS jiboumans !
<jiboumans> np scubes13, good luck
<mathman54> need help locating resources
<SpamapS> mathman54: you can find water with a divining rod
<mathman54> hi pnunn
<pnunn> hi mathman54
<mathman54> what's up?
<pnunn> not much... you?
<mathman54> looking for info to set up postfix
<pnunn> kkk.... what are you after?
<mathman54> it is installed but I don't have any mailboxes setup and need to know how to do this
<mathman54> i am hoping that there is a how=to someplace that I have not found yet
<pnunn> OK... the default install is to have a mail box setup in each users home directory.  This can be configured though.
<mathman54> how?
<mathman54> where do I find my mailbox?
<mathman54> there is no mailbox in my home directory
<mathman54> hi cc
<mathman54> hi
<pnunn> Hmm... ok.. looks like the install maybe didn't go well... there are certainly howto's out there on postfix.
<mathman54> do you know where?
<pnunn> Sorry, not off the top of my head.. but look on the ubuntu forums.. there is lots of stuff there.
<mathman54> hmmm
<mathman54> ok i'll try that thanks
<pnunn> Sorry I can't be more helpful... got to get a data centre sorted out for some visitors.
<lamont> SpamapS: should the question come up, postfix is the one I broke wrt trivially backporting to hardy. debian bug 579668
<uvirtbot> Debian bug 579668 in postfix "postfix: should use "${Newline}" instead of "${Newline} " in debian/vars.in" [Normal,Open] http://bugs.debian.org/579668
<mathman54> n
<mathman54> quit
<twb> Does kvm memory ballooning Just Work as at 10.04?
<StrangeCharm> my freshly installed system isn't booting. my bios gets to 'verifying dmi pool', then nothing happens. things worked fine with this hardware configuration under the previous OS. there's no problem booting from removable media, just not when i try to boot from the hdd
<twb> StrangeCharm: were you asking about this yesterday?
<StrangeCharm> yep, twb. i ran file -s on sda, and it tells me that there's an x86 boot sector. looking at the alledged boot partition, there's a folder called grub. i'm not sure how to check that grub is installed right on that hdd, though.
<twb> I still don't know :-(
<twb> I think I'd be swapping hardware components in/out
<demonspork> Chuck Norris keeps a photo of David Tennent under his pillow. Every night before bed, he strokes it, and sometimes, he cries.
<twb> Also obviously you should unplug everything not needed to boot
<demonspork> tennant*
<StrangeCharm> it just doesn't make any sense to me. i'm going to keep asking periodically, until someone knows what broke.
<twb> demonspork: you know what annoys me most?  He has a wicked Scottish accent, but didn't use it for Dr. Who
<demonspork> lol
<demonspork> yes
<twb> StrangeCharm: most of us aren't mind readers and can't/won't break into your place to test your hardware
<StrangeCharm> twb, i hope that someone will eventually go 'have you tried x' and be right
<StrangeCharm> can i boot a hdd from the live cd?
<twb> Theoretically, yes
<twb> pass root=/dev/sda1 boot=local or so
<twb> The kernel versions will need to match
<StrangeCharm> which they should, if i'm using a live cd, after just trying to install
<twb> Well TECHNICALLY it's a different build server vs. desktop, but probably not enough to piss it off
<StrangeCharm> actually, i'm using the alt install disk and the desktop disk
<StrangeCharm> root=/dev/sda1 boot=local doesn't seem to do anything
<twb> StrangeCharm: you're passing those to the kernel at the boot: prompt?
<StrangeCharm> twb, no, i was typing that into the kernet on the live disk
<StrangeCharm> and when i say 'kernet', i mean command prompt
<twb> StrangeCharm: that won't work
<StrangeCharm> hmn, maybe i just need to mark the boot partition as bootable and try again ( the installer won't do that)
<twb> StrangeCharm: no.
<twb> Either you can do what I tell you, or you can ignore me and just keep guessing.
<StrangeCharm> so i should reboot and tell it to boot from /dev/sda under the other boot option ?
<twb> You asked if you could boot the HDD from the live CD.  You can, by telling the CD's bootloader to tell the CD's kernel and ramdisk "boot from an HDD" (boot=local) and which HDD to use (root=/dev/sda1).
<twb> Where sda1 is the appropriate partition for your root filesystem
<twb> Oh: it won't work if your root filesystem is under md RAID or LVM, because the live CD doesn't include support for those in its initrd.
<StrangeCharm> twb, i don't have an unencrypted root, only an unencrypted boot, is that ok?
<twb> StrangeCharm: no, that won't work
<twb> You can pick "rescue" in the server (or alternate) CD, which will eventually allow you to mount your root filesystem on /target and chroot into it.  That will work with mdadm/lvm -- I THINK it'll also work with an encrypted rootfs.
<StrangeCharm> twb, how does that help me?
<twb> StrangeCharm: I don't know; presumably you can then do <whatever> to fix it.
<StrangeCharm> sadly, i still don't know what whatever is
<twb> Right.
<StrangeCharm> could it hurt to set the boot partition as flagged bootable?
<twb> grub will ignore the boot flag.
<StrangeCharm> but i never get to grub
<twb> StrangeCharm: unplug all unnecessary components from the system
<StrangeCharm> that hasn't done anything. it just updates the dmi pool after the change, then verifies it as usual, in every case, not doing anything else afterwards
<StrangeCharm> at minimum, i have the hdd, video card, cpu, ram, psu, and fans
<Shidash> Hello
<twb> cjwatson: it looks like insserv/startpar is disabled on lucid by default (/etc/init.d/.legacy-bootordering).  Why?
<twb> cjwatson: never mind, pere ("the insserv guy") confirmed it's because upstart and insserv aren't friends yet.
<twb> I ran bonnie++ on a three-way RAID1 lucid box and on a three-way RAID5 hardy box.
<twb> The lucid box was faster for most stuff, but per-chr is much lower.  Is that normal?
<soren> twb: Are they otherwise identical?
<twb> Unfortunately, no
<twb> At a minimum, one's running a bunch of flipping vmware VMs and OpenVZ VEs, and the other is basically unused
<twb> I just don't understand why the character rate specifically would be "backwards"
<soren> That does seem odd.
<soren> Are these RAID'ed at the disk level or partition level?
<twb> partition
<twb> And there's LVM on top
<twb> (on both)
<soren> I don't have a anything resembling a plausible explanation.
<twb> http://paste.debian.net/100647/
<twb> Maybe I'm just reading it wrong
<soren> Oh, and different filesystems.
<twb> Yeah, they're basically whatever the default is in d-i partman for that release (hardy / lucid)
<uvirtbot> New bug: #680825 in drbd8 (main) "package drbd8-source 2:8.3.7-1ubuntu2.1 failed to install/upgrade: drbd8 kernel module failed to build" [Undecided,New] https://launchpad.net/bugs/680825
<twb> 3x1.5TB raid5/ext3/hardy and 3x2TB raid1/ext4/lucid
<twb> ...which is interesting, because I just realized there's 500G unallocated on the RAID5 box at the partition level :-/
<soren> I'm not sure what's going on there. I think you're reading it correctly, fwiw.
<twb> Oh, because it's one 1.5TB and two 1TB
<uvirtbot> New bug: #364958 in vsftpd (main) "VSFTPD does not support UTF-8 encoding" [Wishlist,Fix released] https://launchpad.net/bugs/364958
<XeNoT> Anyone can help me with how to change the vlan on a VM? Currently the log gives me "...f9:57,vlan=0" as output when I start a machine, yet I want to use another vlan
<twb> XeNoT: what virtualization technology?
<XeNoT> KVM, machine build using vmbuilder
<jfig> Server boot failure : i have a server (10.10) with softraid, wont boot, if I use rescue mode data on lvm appears ok in /target, booting from disk following messages appear "fsck from util-linux-ng 2.17.2" / "/dev/mapper/lvm1-lv1: clean, ......."
<twb> jfig: AFAICT if you want a different VLAN tag, you just change vlan=0 to vlan=N
<twb> Note that 0 and 1 are often "special" in 802.1q tagging
<progre55> hi guys. I have set up exim4 on amazon, but because of the reverse DNS issue, the emails I send are getting flagged as spam. However, I have a hosting service, and I'd like to set up exim to send outgoing emails through that service. Is that possible?
<jfig> twb: not a lan or vlan problem, server wont start boot
<twb> Sorry, wrong person
<twb> XeNoT: that was for you
<XeNoT> I'll try it, thanks
<jfig> how do i recover from a failed kernel upgrade ?
<yann2> boot the previous kernel
<jfig> no grub
<soren> No grub?
<soren> How do you boot?
<twb> awful!
<twb> Wait, wrong joke
<icCode> who is the default owner of postfix's log files in /var/log (mail.info, mail.err, mail.warn)?
<twb> probably postfix
<twb> Nope, root:adm
<twb> (as at 8.04)
<icCode> thank you
<jfig> how do i install grub from the rescue disk?
<yann2> http://linux.slashdot.org/story/10/11/24/1346221/Ubuntu-May-Move-To-Rolling-Releases?from=rss while this is awesome for desktops it might be concerning for servers :)
<uvirtbot> New bug: #680946 in cheetah (main) "Merge packaging changes from Debian" [Undecided,New] https://launchpad.net/bugs/680946
<smoser> SpamapS, upstart jobs should work in cloud-init
<smoser> in lucid
<smoser> i dont think you can add updstart jobs to cloud-config syntax anywhere.
<uvirtbot> New bug: #680978 in bacula (main) "package bacula-director-mysql 5.0.1-1ubuntu1 failed to install/upgrade: subprocess installed post-installation script rturned error exit status 1" [Undecided,New] https://launchpad.net/bugs/680978
<HackeMate> hello
<HackeMate> my /etc/sudoerrs is like this  www-data ALL=(ALL) NOPASSWD: /etc/init.d/dhcp3-server
<HackeMate> it's just perfect, but how can I let www-data to modify the dhcpd.conf?
<HackeMate> only the dhcpd.conf
<qman__> I hope this isn't internet-facing
<qman__> just adjust the permissions on dhcpd.conf to grant www-data permission
<qman__> I'd change the group-owner to www-data
<Brumle> HackeMate: you can add the user www-data to the ACL of the file: setfacl -m u:www-data:rw file
<qman__> that's assuming he has acls at all
<qman__> which he probably doesn't
<HackeMate> setfacl -m u:www-data:rw /etc/dhcp3/dhcpd.conf
<Brumle> HackeMate: you can then see the ACL by using "getfacl", and remember never to use cmod on that file.
<HackeMate> setfacl: /etc/dhcp3/dhcpd.conf: Operation not supported
<Brumle> ad "vi /etc/dhcp3/dhcpd.conf" as a command in the sudoers-file
<HackeMate> but is a cgifile who modifies that file
<qman__> chgrp www-data /etc/dhcp3/dhcpd.conf
<HackeMate> if another user modifies the file via ssh will the group change?
<qman__> only if he changes it
<qman__> editing a file does not change the owner
<qman__> or any permissions, for that matter
<SpamapS> smoser: what jiboumans wanted was an upstart job and other cloud-config syntax in one file
<SpamapS> smoser: I said the way I knew to do that was with the mime multipart
<RoAkSoAx> kirkland: howdy!! You free to discuss PowerNap for a bit?
<eagles0513875> hey guys im tyring to use apache benchmark
<eagles0513875> whats the syntax to run 5000 page request to test how well apache handels all the requests
<binBASH> ab -c 1 -n 5000 http://your-url.com/site.html
<eagles0513875> whats the -c switch do
<binBASH> concurrent clients
<eagles0513875> and y 1
<binBASH> because you asked for 5000 requests
<binBASH> -c 10 = 10 x 5000 :)
<eagles0513875> ahh
<eagles0513875> ok
<eagles0513875> binBASH: to improve performance im guess if it needs it i would need to go for a proxy server like squid?
<binBASH> eagles0513875: you just have html sites there?
<eagles0513875> binBASH: wordpress sites
<binBASH> or some php/python dynamic stuff?
<eagles0513875> so php html css javascript
<binBASH> ok
<eagles0513875> would you recommend a proxy server
<eagles0513875> such as squid in this case for dynamic content
<binBASH> for wordpress there should be some plugins already to speed up site performance
<eagles0513875> i have heard really good things about squid
<eagles0513875> would that be overkill
<binBASH> eagles0513875: I dunno how much users your site has etc.
<eagles0513875> funnily enough im not sure how many hits a day im getting either
<binBASH> :D
<eagles0513875> but currently my business is on the rise and the site im benchmarking atm gets quite alot of hits as alot of people already know about it according to my client
<eagles0513875> binBASH: is there a way i can benchmark my databases
<binBASH> eagles0513875: I think you're using mysql?
<eagles0513875> si senor
<eagles0513875> lol dont bust out the !es from the bot lol
<binBASH> http://dev.mysql.com/doc/refman/5.1/en/mysql-benchmarks.html
<binBASH> for example;)
<eagles0513875> binBASH: does the ubuntu mysql package come with them
<binBASH> eagles0513875: http://www.tutorial9.net/web-tutorials/wordpress-caching-whats-the-best-caching-plugin/
<binBASH> btw. :)
<binBASH> I dunno that sorry
<binBASH> if those plugins are not helping to improve site performance then you should consider using a proxy like varnish or squid
<eagles0513875> im doign about 8.95 pages per sec :-/
<eagles0513875> thsts not very good
<binBASH> and how much with -k ?
<binBASH> and from where did you bench? localhost? network? internet?
<eagles0513875> lan
<eagles0513875> from my laptop
<eagles0513875> wired
<eagles0513875> i think my bottleneck is my wifi router
<eagles0513875> its linksys 100mbps
<eagles0513875> new one is a small business gigabit router
<eagles0513875> abgn cisco one
<binBASH> what you get if you add -k to ab command?
<PatrickDK> heh?
<PatrickDK> if your going that slow, I wonder about you :)
<PatrickDK> I can easily go 140 rps on a 1.4ghz p3 machine
<eagles0513875> it coudl be the db needs some optomization
<eagles0513875> im running 3 sites from the same wordpessdb
<eagles0513875> binBASH: running the benchmark
<eagles0513875> PatrickDK: also thinking my router is the bottleneck
<PatrickDK> doubt it
<eagles0513875> 100mbps router
<eagles0513875> which is giving me random internet drop outs
<PatrickDK> unless your wordpress, db, or testing machine is on wifi
<eagles0513875> well
<eagles0513875> its using ethernet over power
<eagles0513875> and those run at 200mbps
<PatrickDK> so?
<eagles0513875> not sure if that could be a problem as well but im doubting it cuz performance is suprisingly stellar
<eagles0513875> dunno i still think the router is the bottle neck
<binBASH> eagles0513875: so what does ab show you? ;)
<eagles0513875> still running
<eagles0513875> hold on
<binBASH> omg ;)
<eagles0513875> lol
<binBASH> how many requests did you send?
<eagles0513875> 5000
<eagles0513875> i should probably drop it down to bout 2000
<binBASH> and what at -c ?
<eagles0513875> 1
<binBASH> really slow then ;)
<eagles0513875> :-/
<eagles0513875> well also i set a limit on the apache child processes
<eagles0513875> forgot what its called
<eagles0513875> max requests per child thread or something
<eagles0513875> binBASH:  im not sure if the caching plugins would help
<eagles0513875> if its this slow
<eagles0513875> last 500 requests
<eagles0513875> binBASH: thats the output http://pastebin.com/9XQ7HX26
<binBASH> I'm pretty sure they'll help for most wordpress sites ;)
<eagles0513875> wouldnt it be easier to setup squid then using a plugin for each individual site?
<binBASH> so it looks like your keep-alive on the server is disabled ;)
<eagles0513875> O_o
<binBASH> eagles0513875: can you repeat tests with a static html file?
<eagles0513875> what exactly does that do
<eagles0513875> well i can repeate a test with my business site which isnt getting any traffic cept from me if ya like
<binBASH> keep-alive doesn't close connections on every request
<eagles0513875> should i enable it and run the benchmark again
<binBASH> just test with a static html file now ;)
<binBASH> then you can see what's the max speed of your server
<eagles0513875> have a static php file if that counts for anything
<binBASH> no
<binBASH> html :D
<eagles0513875> just a basic html file
<binBASH> yup
<eagles0513875> can it be a blank file with an html extension
<binBASH> you can create a text file with Hello World in it :D
<binBASH> same thing
<eagles0513875> ok
<binBASH> driving home will read your stuff in 30 mins or so
<binBASH> cya
<eagles0513875> binBASH: ok
<eagles0513875> benchmarking now
<eagles0513875> binBASH: apr_socket_recv: Connection timed out (110) Total of 30 requests completed
<PrestonConnors> Hello, sometimes I see kernel log file messages with operation="profile_remove" in them. What does operation="profile_remove" mean? Where can I get more information on this topic?
<PrestonConnors> Thie affects me because when I try to start some kvm VMs via virsh start this log file message is generated and virsh start just hangs.
<ssureshot> where would the sendmail site.config.m4 file be placed in ubuntu? /?/?/devtools/site
<SpamapS> ivoks: bug 681071 .. you should probably click the 'This affects me too' button. ;)
<uvirtbot> Launchpad bug 681071 in upstart "Sometimes fork() generates a PTRACE_EVENT_CLONE -- upstart misses this event and incorrectly tracks the daemon" [Undecided,New] https://launchpad.net/bugs/681071
<ivoks> SpamapS: :) thanks
<PrestonConnors> Is apparmor a Ubuntu-only thing? Does it come included with Debian?
<SpamapS> ivoks: no problem.. allowed me to get intimate with upstart's ptrace stuff. :)
<ivoks> SpamapS: that problem is my nightmare for some time :)
<ivoks> SpamapS: i have an upstart job that sends term in pre-stop to corosync and then waits for some time before exiting :)
<SpamapS> ivoks: yeah, thats not supposed to happen. ;)
<SpamapS> ivoks: I'm working on a patch to upstart to solve that bug btw..
<SpamapS> It may be 3 lines
<SpamapS> or, I may be incredibly naive
<ivoks> SpamapS: i've learned that being too optimistic always backfires
<zul> heh
<zul> ivoks: you have been an ubuntu dev too long :)
<ivoks> oh, that reminds me
<ivoks> i nee to apply for ubuntu-motu :)
<PrestonConnors> Does anyone know how apparmor and libvirt communicate with each other? Specifically under what conditions does libvirt trigger operation="profile_remove"?
<eagles0513875> PrestonConnors: apparmor fyi comes on most distros
<PrestonConnors> I'm trying to work with apparmor but I'm unclear on what operation="profile_remove" is and what triggers it in relation to libvirt and virsh start.
<zul> ScottK: how does the backport process work?
<ScottK> !backports | zul
<ubottu> zul: If new updated Ubuntu packages are built for an application, then they may go into Ubuntu Backports. See https://help.ubuntu.com/community/UbuntuBackports - See also !packaging
<ScottK> I think that explains it.
<ScottK> Let me know if not.
<jiboumans> summon smoser!
<Daviey> lo jiboumans o/
<Daviey> ScottK: I was under the impression -backports was changing somewhat this cycle?
<jiboumans> hi daviey
<ScottK> Depends on if I get to it or not.
<ScottK> That's the intent.
<Daviey> ScottK: The wiki page is what you /want/, or what it is currently?
<SpamapS> ScottK: is there a spec somewhere that maybe one of us could pick up if you don't get to it?
<ScottK> Daviey: ~current.
<Daviey> ScottK: If what you want is spec'd out, it could be split up - if you are concerned you don't have enough time.
<ScottK> SpamapS: There is, but it won't help much.  The work item is something like "[kitterman] Write up a proposal for what we want to change for the Tech Board"
<draven_sol> is encrypted raid possible using the server install 10.04 disk?
<Daviey> ScottK: Ah, ok - that is kinda a blocker
<draven_sol> i've managed to successfully install what appears to be  an encrypted raid system but if i power down and pull one drive i can't boot degraded like i can if i don't have the encryption on the raid
<zul> smoser is on holiday apparently
<jiboumans> d'oh
<SpamapS> ScottK: but if we wrote a draft for you, you could just edit/stamp it and present it for the TB?
<ScottK> Well it's the sort of thing that would take me about as long to explain as to write.
<ScottK> I have this theory it will get done over Thanksgiving break.
<SpamapS> jiboumans: its this crazy tradition we have where we eat an insane amount of food and fight with relatives.
<jiboumans> spamaps: i'm keenly aware
<jiboumans> i'm also aware that's tomorrow ;)
<SpamapS> ScottK: alright, I'll cross my fingers
<SpamapS> jiboumans: will you be partaking in the engorgement?
<jiboumans> spamaps: we're having some family over and there'll be turkey
<jiboumans> so in a traditional sense 'yes'
<SpamapS> I will be the only person with "only" US citizenship at my thanksgiving dinner tomorrow. ;)
<SpamapS> one czech, one italian, one spaniard, and one half czech/half american.
<SpamapS> oh and two 1/3 italian, 1/3 spaniard, 1/3 americans. :)
<ScottK> 1/3 is tough to get right.
<SpamapS> agreed.. you have to cust just below the armpits and hips
<SpamapS> s/cust/cut/
<hallyn> SpamapS: ivoks: nice (681071)
<SpamapS> hallyn: booting a vm right now to try out a patched upstart ;)
<SpamapS> kirkland: was looking at your puppet change that just popped up on the blueprints. I've been using approx now for a few days, and I'm not sure its scalable enough for large scale deployments.
<SpamapS> kirkland: execing curl works great for a couple of debootstraps on the local machine, but I think it might bog down and/or fail with say 100 machines all trying to fetch stuff at once.
<binBASH> re
<binBASH> eagles0513875?
<_Techie_> what you want him for?
<binBASH> he wanted to know about his webserver probs ;)
<_Techie_> which were
<_Techie_> im in need of some humour this morning
<binBASH> Slow wordpress site;)
<binBASH> _Techie_: why humour? Did he ask stupid questions before? :D
<_Techie_> im in another channel with him
<_Techie_> anyway, im gonna have to get back to you, gotta install some graphics drivers
<binBASH> wb _Techie_
<_Techie_> ty
<_Techie_> still not totaly done though
<_Techie_> okay, restarting
<_Techie_> omg, so much better now that i have all 3 creens running
<_Techie_> screens*
<SpamapS> Interesting...
<SpamapS> Important Change: Replication: The LOAD DATA INFILE statement is now considered unsafe for statement-based replication. When using statement-based logging mode, the statement now produces a warning; when using mixed-format logging, the statement is made using the row-based format. (Bug#34283)
<SpamapS> as of mysql 5.1.50
<fuho> Hi everyone
<uvirtbot> New bug: #681141 in kvm (main) "kvm 1.84 hangs (host 32 bit meerkat, guest created by vmbuilder)" [Undecided,New] https://launchpad.net/bugs/681141
<clayd> i am running a small web server on 10.04 and noticing that the memory useage is almost completely masxed out.  any hints at what i could go look at to figure out what is causing this?
<Datz> clayd: see what is using memory with program "top"
<clayd> i ust found that.  apache is using quite a bit but i dont understand why.  will have to look more into that.  thank though
<RoyK> clayd: set swappiness to 100
<RoyK> it helps a bit
<clayd> what is swappiness?  is that in the apache conf file?
<RoyK> swapping out pages not used much
<RoyK> clayd: sysctl vm.swappiness
<RoyK> normally it's at 60, set it to 100 and linux will swap out earler
<RoyK> meaning more memory will be used for usual stuff even if some process allocates a bunch
<clayd> i am starting to think my biggest issue is running a wordpress site on a 512 cloud server :(
<clayd> I figured it wouldn't be that big of an issue/.   I will try swappiness though.  anything can help from what i can see
<RoyK> are you administrating the server yourself?
<clayd> yes
<RoyK> how many VMs? how much memory?
<JanC> I think clayd means he has a virtual server
<clayd> oh the server is on the Rackspace system.  I am not admin on that side of things.  I only have admin on the VM
<_Techie_> if it is possible, convert the wordpress site to static pages nad host it that way rather than using a modular setup
<_Techie_> that should make things run faster
<JanC> it should run fine in a VM with 512 MiB, unless it has a huge number of visitors
<RoyK> _Techie_: I think you should ask the #wordpress people about that, but afaik, no, I don't think that's possible
<Pici> There are worpdress plugins that will do that.
<clayd> actually you can.  there is a plug in for it that does it for you but i am not a huge fan of it for everything.  You can still set up completely static pages.
<JanC> if the site doesn't have a lot of traffic it might help to limit the number of apache child processes, and/or recycle them more often
<clayd> also a big factor to the load is the requirments and all the massive content (images and such)
<uvirtbot> New bug: #681165 in mysql-dfsg-5.1 (main) "libmysqld-dev missing package dependency" [Undecided,New] https://launchpad.net/bugs/681165
<uvirtbot> New bug: #681167 in php5 (main) "php seg faults if both php5-xcache and php-apc installed" [Undecided,New] https://launchpad.net/bugs/681167
<IdleOne> _Techie_: not cool.
<_Techie_> IdleOne, is there any particular reason i havent been banned from here, being that its the only channel where nobody has complained, ive had people complain over in #xubuntu where its far more dead tahn it is here
<clayd> made off topic comments :)
<_Techie_> clayd, the ban is about my away nick
<_Techie_> which i use because not all clients show different colours on nicks in the userlist
<_Techie_> the freenode qwebirc client being included in the group of clients that dont
<_Techie_> and apparantly one line for when i leave and one line for when i join is considered a spammy away
<_Techie_> wow, thats spam... that deserves a ban
<_Techie_> IdleOne, dont ignore me, i know your there
<IdleOne> _Techie_: channel ops here are free to ban you or not.
<_Techie_> any channel ops preset?
<IdleOne> it is up to them but normally the same rules apply to all Ubuntu channels
<_Techie_> present*
<IdleOne> Also, don't speak to me like I owe you anything.
<IdleOne> I have been very polite and tried to help you out concerning the ban in #ubuntu, you chose to not resolve the ban and you chose to ban evade.
<IdleOne> if you want to discuss it further you know where to join
<_Techie_> i wish to speak with an op of #ubuntu-server to see whether they deem my away nicks to be of a neusance so i can decide if i wish to leav this channel as i did #xubuntu
<clayd> is it common to have apache running 10 times on a server with no traffic?
<_Techie_> yes
<_Techie_> it can be very common
<clayd> thanks
<veovis1> In Ubuntu Server 10.04, I have a banner that tells me basic resource usage whenever I log in through SSH.  On one server, we requested an install of 10.04, but they installed 10.10 instead, and it doesn't have that.  What is that called so I can enable it again
<veovis1> ?
<_Techie_> its a MOTD, although its enabled somewhere els
#ubuntu-server 2010-11-25
<RoAkSoAx> kirkland: ping
<veovis1> _Techie_:  So if I look up ssh motd, I can replicate it telling me ram usage and such?
<veovis1> _Techie_: Thanks
<_Techie_> veovis1, you could search, how to disable ssh motd on ubuntu, that should provide the information on how to disable it, and therefore if you reverse the process, it should be enabled
<veovis1> _Techie_: Thanks, I'll try that too...
<veovis1> _Techie_: Yeah, /etc/update-motd.d is a collection of scripts that you can edit.  Thanks!
<_Techie_> veovis1, no problem
<WALoeIII> hello world
<WALoeIII> I am getting the nosegneg TLS warning (https://gist.github.com/714703) in dmesg, though I do not see 4gb seg fixup in my logs and do not see a performance hit
<WALoeIII> how can I find out where this is coming from, I have in the past had to recompile ruby enterprise with the appropriate flags but I thought  the libc6-xen package handled this for me
<osmosis> can someone help me get the priority upped on this? the patch fix is listed in the comments, and just needs to be added by the maintainer.  https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/668042
<uvirtbot> Launchpad bug 668042 in libvirt "target device info is not in dumpxml" [Low,New]
<draven_sol> i'm testing my encrypted raid10
<draven_sol> the system boots with all disks. when i unplug i'm dumped to the standard busybox
<draven_sol> i tried to set mdadm boot degraded to true but that doesn't work
<draven_sol> how may i boot the system
<draven_sol> anyone here?
<Error404NotFound> draven_sol, ya?
<twb> !anyone > draven_sol
<ubottu> draven_sol, please see my private message
<BuenGenio> hello
<BuenGenio> how come spamassassin is giving mail, including spam very low scores
<BuenGenio> I'm running Mandriva on a different server, and it's doing a lot more tests that the stock SA ubuntu installation
<draven_sol> twb do you know how to install an encrypted raid so if it degrades the system will still boot, the raid is raid10
<twb> Sure.  It's asked of you at install time in expert mode
<twb> draven_sol: I *think* it's BOOT_DEGRADED=true in /etc/initramfs-tools/conf.d/mdadm
<twb> (Then "update-initramfs -u -k all", of course.)
<draven_sol> twb, i've set that and ran the update-initramfs -u all
<draven_sol> it continues to fail and drop me to busy box
<draven_sol> twb, i've kept /boot on a separate unencrypted non-raided drive and have / on the encrypted raid
<twb> draven_sol: this is lucid?
<draven_sol> 10.04 lts server
<twb> Works for me on 10.04, but I only have RAID1 and do not encrypt the root filesystem
<draven_sol> twb, do you have any part of the raid encrypted? essentially i could just make a /data encrypted mount point on the raid and leave / unencrypted
<twb> Incidentally, what is the point of encrypting the root filesystem of a SERVER?  That would mean either 1) you keep the secret on-disk, defeating the point of using it; or 2) you need to be physically present every time you reboot.
<twb> draven_sol: I do not do block encryption at all
<draven_sol> twb, it's a home media server and i prefer to keep all things encrypted, so it is physically present
<draven_sol> twb, i've managed to have the system "install" and boot where it looks to be encrypted and raided but unlike a standard raid10 if i pull a drive out to test if it can boot degraded after it's synced i can't recover thus rendering the system dead
<twb> It drops you to a busybox shell, right?
<draven_sol> yes
<twb> Does it say something like "add bootdegraded=yes to boot paramters"?
<twb> If you have been testing things, one possibility is that you're boot the array which was already out-of-sync
<twb> i.e. it tries to boot degraded, but only the disk you removed has an up-to-date copy
<draven_sol> twb, i booted the system and allowed it to be fully synced prior to powering off and removing the drive using mdadm --device /dev/md0
<etcetera> I'm trying to setup postgresql 9.x using ubuntu-server 10.10
<etcetera> does 10.10 only use ipv6?
<etcetera> the clients can't seem to access it using the ipv4 schema.
<twb> etcetera: define "only"
<etcetera> twb: will it only negotiate inbound requests from valid ipv6 addresses
<twb> etcetera: AFAIK everything SHOULD default to dual-stack
<etcetera> can't get postgres clients to connect to it even though I have a valid pg_hba.conf
<draven_sol> twb, since i've encrypted /etc and anything other than boot can i assume that the bootdegraded option for the initramfs-tools will not be read and will not auto attemp to boot a degraded system?
<twb> draven_sol: IIRC the ramdisk's behaviour is to mdadm --assemble --scan
<twb> draven_sol: i.e. it won't care about /etc/mdadm.conf being inaccessible
<draven_sol> ok, when i've issued that command in busybox it complains about not finding /dev/md0 and the user root
<twb> draven_sol: you issued what command?
<draven_sol> the mdadm --assemble --scan
<twb> mdadm --misc --scan --detail, then check dmesg and /proc/mdstat
<twb> with bootdegraded=yes, it should then go on to mdadm --assemble --scan --run (the --run forces it).
<twb> ..those last two commands are straight from /usr/share/initramfs-tools/scripts/init-premount/mdadm
<twb> Which at your busybox prompt is /scripts/init-premount/mdadm
<draven_sol> twb, thank you
<etcetera> what's the correct way to specify an ipv6 range for an internal network?
<twb> etcetera: isn't the netmask fixed at halfway in?
<etcetera> twb: ?
<twb> Maybe that's only for RIR-level allocations
<etcetera> yea I'm hosting a virtualbox instance of ubuntu-server.
<etcetera> but the vbox instance is getting a proper address from the router.
<etcetera> trying to assign a range for the intranet the postgres server can respond to.
<twb> Unless you actually care about IPv6, I suggest you just work out how to make postgres talk IPv4
<etcetera> twb: that's the issue, I don't think it's talking over ipv4
<etcetera> ifconfig eth0 doesn't show a valid ipv4 address.
<twb> so fix that
<etcetera> ?
<twb> etcetera: do what you gotta do so that it DOES get an IPv4 address
<etcetera> well..shouldnt ubuntu-server do ipv4 / v6 at the same time?
<twb> Yes
<etcetera> I mean the router says it's gotta a valid ipv4 address, ifconfig just is not showing it.
<etcetera> if it does both, why wouldnt it show the valid ipv4 address....
<twb> I don't know.
<twb> Pastebin the output of "ip l; ip a; ip r"
<etcetera> twb: none of them shows a valid ipv4 address.
<etcetera> you would think they would shout something like this from the rooftops.
<etcetera> *WE ARE CHANGING THIS< YO*
<twb> I don't know who you mean by "they", but I haven't heard of anybody else having problems with IPv4 in postgres or ubuntu.
<etcetera> i'm sure it's just my incompetence.
<twb> Which sounds to me like you've fucked up somehow, although I can't tell how from what you've told me.
<etcetera> I havent messed with linux in forever.
<twb> Maybe you haven't got proxy ARP (or even basic networking) working correctly
<twb> That would prevent you getting an IPv4 address, but you ALWAYS get an IPv6 address.
<etcetera> I've got a valid ipv6 address that I can ping from the host.
<twb> etcetera: is ARP working?
<etcetera> no idea what that is :-(
<twb> ARP is a protocol for associating ethernet MACs with TCP/IP addresses.
<twb> DHCP relies on it
<twb> DCHPv4 does, I mean
<etcetera> so, how would I check that it's working?
<twb> arping?  ip neighbour show?
<twb> Note that it has to work between your VM and your DHCP server.
<twb> i.e. working between your domU and your dom0 is necessary but not sufficient
<etcetera> hmm, interesting...
<etcetera> that coud be one reason why it's not working, ive bridge the two devices, the host can ping the guest, but the guest can't ping anything.
<etcetera> *facepalm*
<twb> ICMPv4 over ethernet also inherently relies on ARP
<looseparts>  upgrade from 8.10 to 10.4 but keep GRUB and exclude GRUB2 - can I do this from the
<looseparts>                     command line using apt-get upgrade ?
<rootlinuxusr> do-release-upgrade states 'No New Release Found' status set to normal, not 'never' or 'lts' only, the system is 9.04 trying to upgrade to 10.04. Any ideas?
<uvirtbot> New bug: #436630 in spamassassin (main) "spamassassin caches DNS servers forever" [Wishlist,Confirmed] https://launchpad.net/bugs/436630
<nigelb> !away | _Techie_
<ubottu> _Techie_: You should avoid noisy away messages and -nicks in a busy channel like #ubuntu, or other Ubuntu channels; it causes excessive scrolling which is unfair to new users. Use the command "/away <reason>" to set your client away silently.  See also Â«/msg ubottu GuidelinesÂ»
<_Techie_> nigelb, seriously, you lote are starting to really piss me off
<nigelb> hrm?
<_Techie_> i left #xubuntu because of that, i got banned from #ubuntu earlier today due to it
<_Techie_> so i mean this in the nicest way, leave me the F alone
<_Techie_> ask me anything else, just dont use !away
<twb> _Techie_: plonk
<nigelb> meh, its just IRC manners and part of the ubuntu guidelines
<_Techie_> well until a mod decides if my 2 lines are worse than 2 lines of parts and joins, i dont give  a rats arse about the guidelines
<j0d0> upgraded from lucid to 10.10 with a raid 5. can not boot "ALERT! /dev/mapper/(username)-root does not exsist. dropping to a shell!"  Any help on this one?
<etcetera> anyone know if it's possible to filter 'top' output by process name?
<UndiFineD> yes, tried the ? key
<UndiFineD> by > > it move from default cpu % to sorting by name
<uvirtbot> New bug: #681245 in php5 (main) "package libapache2-mod-php5 5.3.2-1ubuntu4.5 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/681245
<HackeMate> hello
<HackeMate> my sudoers file is like this www-data localhost=(ALL) NOPASSWD: sudoedit /etc/dhcp3/dhcpd.conf
<HackeMate> itthe plan is let www-data modify tthe dhcpd.conf file
<soren> Yikes.
<HackeMate> but it doesn't work
<HackeMate> what's wrong?
<soren> www-data and NOPASSWD.
<HackeMate> itthe=the
<HackeMate> soren: i have a cgi that must modify that file
<HackeMate> via webpage
<HackeMate> truth that the cgi doesn't execute the sudo command in anywhere, but doesn't grant the permission anyway?
<_Techie_> ermm
<_Techie_> why not move the file into a writeable area and symlink it back
<soren> /etc/sudoers only defines what sort of privs people get if they calll things through sudo.
<HackeMate> _Techie_: to do that i prefer give chmod 777 then
<HackeMate> soren: no chance then?
<soren> You can't just put something in sudo's configuration file and expect it affect people not using sudo.
<_Techie_> why not change the owner or the group
<_Techie_> rather than the whole lot
<soren> HackeMate: IOW, your cgi has to call sudoedit.
<soren> ...but I'm still not sure what you expect to happen. Can you CGI drive a visual, interactive editor?
<soren> your.
<SpamapS> HackeMate: Techie is right. chgrp www-data /etc/dhcp3/dhcpd.conf && chmod g+w /etc/dhcp3/dhcpd.conf ...  simple and fairly safe.
<SpamapS> HackeMate: more likely is that you'll need sudo to restart/reload the service
<HackeMate> SpamapS: I solved that part
<HackeMate> the cgi does an exec sudo /etc/init.d/dhcp3-server that works
<HackeMate> SpamapS: no problem about changing the group and the user of that file?
<HackeMate> i mean if the file is deleted and restored a backup from ssh
<HackeMate> or some strange situation
<soren> HackeMate: If your backup/restore procedure alters file ownership, you're screwed anyway.
<binBASH> moin
<HackeMate> well, true that
<HackeMate> so the only problem could be if an user via ssh modifies or changes the attributes
<HackeMate> i'll create a solution that verifies itss perrmissions and i guess it should be ok
<HackeMate> thanks yguys, you helped me
<HackeMate> but now! (heh, sorry for abuse) the dhcpd log is stored in /var/log/dhcpd.log
<HackeMate> i wannt to rotate it so i put rotate daily and size=4096k in logrotate.conf
<HackeMate> but the file is being big
<HackeMate> not rotate
<HackeMate> what i miss
<_Techie_> james
<_Techie_> sorry wrong channel
<SpamapS> HackeMate: install logrotate :)
<HackeMate> +spamI did
<HackeMate> SpamapS: I did
<HackeMate> this is my logrotate.conf http://pastebin.com/cbb5ZP0i- at those
<HackeMate> if i want rotate dhcpd
<HackeMate> what block do i need add
<HackeMate> or //var/log/dhcpd/dhcpd.log
<HackeMate> im freaking lagged
<Whoop> Anyone know if Ubuntu Enterprise Cloud supports booting from an LVM logical volume?
<progre55> Hi guys. I really do need some advice setting up a mail-server. I have my main site, mycompany.com on amazon, and mail.mycompany.com and smtp.mycompany.com are pointed to another IP address, that's a mail hosting service (loopia.se). I've set up exim4 on my server (mycompany.com) and  want to send out emails from me@mycompany.com, but they are getting marked as spam and I'm getting them back saying "550-Unrouteable address\n550 Sender
<progre55> verify failed". rdns for mycompany.com is okay, but MX is directed to the mail-service. Any suggestions, please?
<ehcah> 'morning.  How does ubuntu Firewall options compare to other's?  Say embedded router with dd-wrt or even server specific distro's like a smoothwall or something?
<RoyK> ehcah: same thing
<RoyK> ehcah: they're all based on iptables
<ehcah> RoyK:  I'm trying to figure out how to bypass my Telco's gateway as no matter how I try to disable their embeded firewall, I can not.
<ehcah> RoyK:   Their Fiber is connected to some sort of gateway, which then is connected via ethernet to a their router.
<ehcah> RoyK:  I got a head of myself there a bit...  Assuming that I can figure out how to make a direct connection without the second telco provided device, I want to host my own router on either Ubuntu, dd-wrt, pfsense, clearOS, Untangle, you  get the picture...
<Doonz> Hey guys. Currently i have a 30gb drive for my ubuntu server installation. Is it possible for me just to take an image of that drive and apply that image to a 120gb drive?
<uvirtbot> New bug: #681399 in pptpd (main) "Please merge pptpd 1.3.4-3 (main) from debian unstable (main)" [Wishlist,New] https://launchpad.net/bugs/681399
<rotem925> Hello, Is there an option to list all apt packages with their NAME?
<zul> rotem925: sudo dpkg -l
<rotem925> hi zul, but it doesnt list the name
<jpds> rotem925: 'name' ?
<rotem925> yea, the name of the package like when i get the package info
<rotem925> jpds: I mean the full package name
<pmatulis> rotem925: you mean you want 'wireshark_1.2.11-2_i386.deb' instead of 'wireshark'?
<rotem925> I mean, When im apt for openssh, it should show openSSH (Im on the iPhone)
<rotem925> all the com.package. should be shown as the package name on the iphon
<rotem925> what is --showformat?
<pmatulis> rotem925: sorry, i don't understand you ["When im apt for openssh, it should show openSSH (Im on the iPhone)"]
<rotem925> pmatulis: heh sorry, when im using dpkg -s the package name is different from what i see when im using the -l
<rotem925> pmatulis: the question is: can I list all the packages information? like running dpkg -s for all packages
<rotem925> with one command
<rotem925> pmatulis:  something like this: dpkg --show *
<pmatulis> rotem925: i don't think so.  you'll need to pipe some commands together
<pmatulis> rotem925: for all installed packages you mean?
<rotem925> pmatulis: yea it looks like you are right, can you give me a hand here? I need to pipe the dpkg -l with apt-cache show *
<pmatulis> rotem925: for all installed packages you mean?
<rotem925> for all packages, not only installed
<pmatulis> rotem925: that info is in file /var/lib/dpkg/available i think
<rotem925> pmatulis: hmmm, ill have a look, thanks!!
<rotem925> pmatulis: yep, you are right this file looks like it have all the packages info
<uvirtbot> New bug: #681427 in ipsec-tools (main) "Please merge ipsec-tools 1:0.7.3-12 (main) from debian unstable (main)" [Wishlist,New] https://launchpad.net/bugs/681427
<rotem925> Hey, Is there a file in ubuntu that has all the packages in apt?
<rotem925> not only the installed packages, all of them
<air^> rotem925: huh?
<rotem925> hello air^ :
<rotem925> ill explain what i need
<rotem925> I need to get all the packages for the apt, I mean all the packages information
<rotem925> Is there a file for that?
<air^> why would you need that?
<air^> if you want to find something, just use apt-cache search <keyword>
<rotem925> I'm working on an application that need a list of all packages available
<rotem925> air^: any clue?
<air^> nope.
<andylockran> hey guys
<andylockran> how goes things?
<ehcah> It would appear that all/most of repositories are coming back failed when I "apt-get update" .  Is there a command I run to fix the default repo's for 10.04 Server?  I have not modified the sources.list file by hand, so I am not sure what happened.
<andylockran> can anyone give me any advice about a project dealing with ubuntu-server user management?
<qman__> ehcah, that usually happens when your DNS is broken, or your connection is otherwise disrupted
<qman__> also, check for proxy settings in apt
<highvoltage> andylockran: just ask!
<andylockran> highvoltage: I'd consider myself a beginner programmer, with a bit of experience at administering OpenLDAP servers
<Aison> evening
<andylockran> what would be the best project for me to look at in terms of being able to potentially contribute to user management on ubuntu-server.
<Aison> i'm using 7 ubuntu servers, and i'm thinking about to use landscape
<ehcah> qman_: This box is providing DNS for the rest of my LAN?
<Aison> but I don't get it :( is it completly commercial, or partial commercial?
<highvoltage> andylockran: Gosa is used quite widely but is in a horrible state in Ubuntu atm. imho that would be a good place to contribute
<ehcah> Qman_ will check to see that proxy is off in apt.
<highvoltage> Aison: the landscape client is free software, the server side isn't
<Aison> but with the client alone I can't do anything, I guess ;)
<highvoltage> Aison: indeed
<highvoltage> Aison: except, if you have lots and lots of time, write your own server :)
<Aison> well, maybe i'm going to buy it, that's not a problem ;)
<Aison> but I don't know if it's the right solution for me
<highvoltage> that would be the easier solution
<highvoltage> Aison: you can sign up for a trial on the landscape site
<andylockran> highvoltage: thanks, I'll take a look
<ehcah> qman_:  Shouldn't I be able to find proxy settings in apt.conf?
<Aison> :)
<Aison> can't find any prices for landscape?!? maybe i'm blind
<Whoop> its part of ubuntu advantage
<Whoop> base plan is Â£200 iirc
<eagles0513875> hey guys do we have any wordpress users or people using wordpress on their servers for a blog or otherwise?
<qman__> ehcah, grep -R Proxy /etc/apt/
<qman__> also, just because you're providing DNS doesn't mean your local name resolution is working
<qman__> check resolv.conf and nsswitch
<qman__> err
<qman__> ehcah, sudo grep -Ri proxy /etc/apt/
<highvoltage> eagles0513875: yep
<qman__> meanwhile, I've run into trouble after upgrading my proxy server to lucid
<qman__> squid is running, but upstart has no idea that it is
<eagles0513875> highvoltage: how are you imporving the number of page request served to a particular site
<ehcah> qman_  I had already added sudo to the first command. Neither it, or the second fixed the problem.  I'll have a boo at the other two files you mentioned.
<qman__> I can't figure out how it's being started and, as a result, how to stop/restart it
<eagles0513875> i have one site and according to ab highvoltage im doing about 8,95 requests per second are you using a wordpress caching plugin or squid proxy
<highvoltage> eagles0513875: stgraber got some good performance (>1500 requests to the server a second) by (I think) using a reverse proxy
<eagles0513875> highvoltage: cuz i was considering setting up squid
<eagles0513875> on the site they boast performance gains of up to 75%
<highvoltage> eagles0513875: yeah if you hang around a little bit he might be around and be able to give you some tips there
<eagles0513875> ill be on
<eagles0513875> soon have to relocate my bum to the couch for my weekly favorite tv show
<eagles0513875> ice road trucker but ill be on
<ehcah> qman_:  Tried your suggestions. I added an externally hosted DNS entry into resolv.conf, restarted DNS and DHCP services and still not working.
<qman__> ehcah, what does `nslookup us.archive.ubuntu.com` return (or your locality)?
<eagles0513875> highvoltage: just tell him to poke me please
<qman__> and before anyone asks me "why nslookup", it's because dig doesn't use the system's resolution method
<ehcah> qman_:  Came back with Non-authoritive answer: Name: us.archive.ubuntu.com  (next line) Address: 91.189.92.170....
<ehcah> qman_: SERVFAIL reply from 111.111.111.111, trying next server...
<qman__> well, that looks like the problem
<ehcah> qman_:  The 1's representing my IP for my server.  I got its answer from my routers IP address instead.
<qman__> apt isn't trying as hard as nslookup
<qman__> solve that problem and your apt problem should go away
<ehcah> Ok.
<eagles0513875> hey guys quetsion anyone in here use squid and if so how much has it improved the number of page requests to apache per second
<ehcah> qman_:  If you have an extra second.  Can you have a look at:  http://lani78.wordpress.com/2008/08/09/setting-up-a-dns-for-the-local-network/   This is how I configured my DNS and all the testing at the bottom works?
<qman__> I use squid, but as a regular proxy, not a reverse proxy
<qman__> ehcah, that's all fine, but your problem is with internet resolution
<qman__> what's in your /etc/resolv.conf?
<qman__> if it's just 127.0.0.1, is your server forwarding requests or does it use root hints?
<ehcah> 2 name server entries.  First, my Server IP, Second, my Router IP.
<eagles0513875> qman__: what bout a caching proxy server
<eagles0513875> ehcah: i normally in my resolv.conf put the isps name server ips
<qman__> eagles0513875, I use it with two purposes, an apt caching proxy, and an access control proxy for a couple machines
<ehcah> eagles0513875:   When I was trying to fix it earlier, my 3rd line was my ISP's DNS.
<qman__> far as apt caching, with the right tuning, it does what it's supposed to, faster upgrades
<eagles0513875> ehcah: remove yoru local server ip and router and put the ips of isp name servers
<qman__> no
<eagles0513875> qman__: have you used apache with squid
<qman__> leave 127.0.0.1 in there, otherwise local resolution won't work from that server
<qman__> and if other machines are using it, those machines wouldn't get internet DNS either
<ehcah> as in :  nameserver 127.0.0.1  ?
<eagles0513875> qman__: thats odd in my resolv.conf on my server i have just my isps name servers
<qman__> yes
<eagles0513875> ahh ok
<eagles0513875> i see what ya doing
<eagles0513875> the local machine will be doing ns resolution for the network
<ehcah> I have nameserver localipaddress not 127.0.0.1
<qman__> then, attempt some name resolution, and see what /var/log/syslog looks like
<qman__> that's where bind logs
<qman__> the local IP is fine too
<qman__> I just use 127.0.0.1 for aesthetic reasons
<qman__> makes it obvious at first glance what's going on
<ehcah> no dice.
<qman__> yes, but see what errors it gives in /var/log/syslog
<ehcah> is there a command in nano to get to the bottom of the log?  I'll be paging down until Sunday?
<qman__> I don't know nano
<qman__> but try this
<qman__> tail -n 100 /var/log/syslog | less
 * RoyK points ehcah to vimtutor
<ehcah> Nov 25 14:45:06 myserver named[1985]: error (network unreachable) resolving 'mail/A/IN' : 2001:dc3::35#35
<ehcah> That is the last error on the apge
<ehcah> *page.
<ehcah> Hey Roy
<RoyK> hi
<qman__> try this, filter out the noise
<qman__> grep named /var/log/syslog | tail -n 100 | less
<PatrickDK> heh, mail? people don't use fqdn anymore?
<eagles0513875> i need to setup my fqdn at some point PatrickDK
<eagles0513875> i have apache2 complaining bout that every restart of it
<PatrickDK> oh, apache complains on mine too
<eagles0513875> about the hostname or something
<eagles0513875> PatrickDK: how on earth do you fix that
<PatrickDK> ya, can't reliably determine the hostname
<qman__> that's easily fixed with /etc/hosts
<PatrickDK> I ignore it cause I only use vhosts, and it's all set in the vhost configs
<qman__> you need to put your FQDN in there, with your local bind address
<PatrickDK> so the default doesn't much matter
<qman__> like so
<qman__> 192.168.1.6    web.yournet.com    web
<PatrickDK> and if the local bind address = 0.0.0.0?
<ehcah> qman_  same error.
<eagles0513875> qman__: internal ip or external public ip
<qman__> your interface's address
<eagles0513875> ahh ok
<qman__> it gets more complicated if you have more than one listening interface
<eagles0513875> qman__: i woudl need to change 127.0.1.1       eagle
<qman__> ehcah, look for actual attempts at resolution there, e.g. us.archive.ubuntu.com
<qman__> eagles0513875, no
<eagles0513875> where the loop back ip becomes the interface ip and eagle becomes my fqdn
<qman__> leave that one alone, and add another line
<eagles0513875> i have a 2nd line thats like the one i pasted but localhost
<qman__> my mouse's battery died, slowing me down
<eagles0513875> tyt qman__
<ikonia> don't map two hosts to the same IP in /etc/hosts
<qman__> your /etc/hosts should look something like this
<qman__> 127.0.0.1    localhost
<qman__> 192.168.1.6    web.yournet.com    web
<qman__> and then the ipv6 junk at the bottom
<ehcah> qman_:  Way too much to type:  http://pastebin.ubuntu.com/536408/
<qman__> ehcah, that clears things up
<qman__> for some reason, bind is unable to contact those DNS servers
<qman__> are you running a firewall of any kind?
<ehcah> Not deliberately!  :)
<ehcah> Nothing that has changed anyway.
<ikonia> it just means it can't resolve it
<ikonia> test your DNS servers
<qman__> no
<qman__> his local server can't connect to those server IPs
<ehcah> This isn't a US - Canada thing is it?  :)
<qman__> network unreachable
<ehcah> We won that hockey game fair and square!
<ikonia> why would his DNS server by connecting to the repos ?
<qman__> no, you should still be able to contact those servers
<qman__> his DNS server is not connecting to the repos
<qman__> it is attempting to look up the repos
<qman__> and is failing, because it can't contact the root DNS servers
<ikonia> is the named.ca or root.hint file there
<ehcah> in bind?
<ikonia> is that zone even defined
<ikonia> yes, in bind
<qman__> he's getting network unreachable
<qman__> I assume it is defined, otherwise it wouldn't know to contact those servers
<ikonia> I wonder if this is on a home dsl/cable connection
<qman__> what happens if you ping 192.5.5.241 ?
<ehcah> I'm reaching here, but I seem to remember having to generate a key of some sort when installing Bind.  Could it have gone awry?
<qman__> they should go through and come back
<ehcah> "network unreachable".
<qman__> no, bind would not start
<qman__> well, there you have it
<qman__> you're not on the full internet
<qman__> either your router/firewall is blocking you, or your ISP is
<qman__> assuming you have any network connectivity at all
<ehcah> I definately have network connectivity.  All other devices are functioning correctly.
<qman__> pastebin the results of `ip a s` and `ip r s`
<ehcah> I'm going to try to "wget" something.
<ehcah> k.
<qman__> and also try to ping your router or another local computer
<ehcah> ping'ing internally works fine.
<qman__> how about pinging 209.85.225.99
<eagles0513875> qman__: i bet if he were to put the ips of his isp's ns's that it woudl work
<eagles0513875> it works just fine for me like that
<ehcah> qman_:  Commands not found for 'ip a s' and ...
<qman__> eagles0513875, it would work, but that would not solve the problem
<qman__> his DNS server would remain non-working
<ehcah> qman_ Host unreachable.
<qman__> he'd simply stop using it
<eagles0513875> ok
<qman__> ok
<qman__> ehcah, that last IP is google
<qman__> so your server is not able to reach the internet
<qman__> it's not just a DNS blockage
<ehcah> routing problem thn?
<ehcah> then?
<qman__> yes
<eagles0513875> ehcah: is your server using a static internal ip?
<ehcah> Static Internal IP - yes.
<eagles0513875> ok check your gateway ip
<eagles0513875> thats probably whats not set right
<ehcah> Why would my server have a routing issue, but all my devices including this laptop connect through it ok?
<ikonia> err what about a static external
<ikonia> if your external IP changes running a DNS server seems a bit pointless
<qman__> yes, it's definitely a routing issue
<qman__> if your DHCP server is setting correct routes, that's how
<ehcah> Any tips on which file in Bind to check?
<ehcah> or check'm all?
<qman__> this is not a problem with bind
<qman__>  /etc/network/interfaces
<eagles0513875> ehcah: is your external ip a dynamic ip or static one
<ikonia> bind is not routing
<ehcah> guys:  How much information should be included after "iface eth0 static"  ?
<ehcah> address my .ip
<ehcah> netmask 255.255.255.0
<ehcah> network my.ip.0
<ehcah> Sorry, if there are any gals out there....
<eagles0513875> ehcah: hold on ill pastebin ya mine
<RoyK> ehcah: network, netmask, broadcast and gateway
<ehcah> Is there a way to pastebin from terminal?
<RoyK> pastebinit
<eagles0513875> ehcah: http://pastebin.com/hUWVr7H3
<eagles0513875> RoyK: yep
<ehcah> Royk:  gateway isn't there.
<eagles0513875> pasting from commandline directly to pastebin.com
<eagles0513875> ehcah: copy what i have in the paste
<RoyK> ehcah: pastebinit /path/to/file
<RoyK> ehcah: you'd want a gateway on one of the interfaaces
 * RoyK repeats that he hates winter temperatures
<ehcah> do I still need to add auto eth0  as a seperate line entry?
<uvirtbot> New bug: #681536 in bind9 (main) "/usr/share/bind9/bind9-default.md5sum should be in conffiles" [Undecided,New] https://launchpad.net/bugs/681536
<RoyK> ehcah: if you want it to be enabled automatically, yes
<andol> Anyone feel somewhat confident about their knowledge in SSL/TLS, and can take a look at bug #/595415?
<andol> https://bugs.launchpad.net/ubuntu/+source/openssl/+bug/595415
<uvirtbot> Launchpad bug 595415 in openssl "Curl (openssl) fails to open some https URLs with "illegal parameter" error" [Undecided,Incomplete]
<ehcah> After making these changes, how can I restart eth0?  I assume that restarting DHCP or Bind will not affect the changes...
<ehcah> is it ifconfig something or other?
<Callum__> has printing using Ubuntu Server 10.10 mostly failed short of printing text files and CUPS test page for anyone else?
<Callum__> started*
<eagles0513875> ehcah: ya its ifconfig
<ehcah> wow, I'm having all kinds of special today... ifdown/ifup: couldn't read interfaces file "/etc/network/interfaces"
<Callum__> might have been a recent CUPS update that did it, but printing from anywhere (local or over the Internet) and printing anything more complex that text files from lpr or the CUPS test page (such as PDFs and ODTs) causes the printer its sent to, to not print and crash
<Callum__> actually, this is 10.04 LTS >_>
<ehcah> RoyK/qman_/eagles0513875:  I made those changes, rebooted and no longer have ssh access to my server IP.
<ehcah> "no route to host"
<RoyK> ehcah: pastebin /etc/network/interfaces, the output of ifconfig, and some details about your network infrastructure
<RoyK> ehcah: start with trying to ping default gateway
<RoyK> if that works, check netstat -rn to see if the gateway is the default router
<RoyK> et cetera
<ehcah> Not sure how long this connection will stay live.  I can't surf the web anymore.  I'm gonna go downstairs to the console BRB.
<RoyK> ehcah: pastebin netstat -rn as well
<ehcah> I need to install pastebinit in order to provide you the info you want.  I can't get to apt though...  :(
<ehcah> I #'d out the lines I changed in interfaces and I can now SSH again.
<ehcah> RoyK:  I have always been able to ping anywhere within my LAN from the SSH console of that server.
<RoyK> ehcah: local network access should be quite trivial to setup
<RoyK> what did you do to break it?
<ehcah> RoyK:  Destination: 192.168.2.0  Gateway: 0.0.0.0  Gemask: 255.255.255.0  Flags: U  MSS Window: 0 0  irtt: 0  Iface: eth0
<ehcah> I'm aware that ^ gateway is missing.
<RoyK> are the other machines on 192.168.2?
<ehcah> all machines.
<RoyK> if so, you have a l2 problem
<ehcah> I haven't dropped the VPN connection on my office laptop during this interuption either?
<RoyK> if network connectivity doesn't work on layer 2, meaning (usually) on the same IP network (or ARP et al), something is usually wrong with cabling or drivers
<ehcah> I'm going to type in Pastebin, what my interfaces file looks like. It's small.
<RoyK> can you reach the server over the lan?
<ehcah> http://pastebin.ubuntu.com/536421/
<ehcah> RoyK:  I am logged onto it via SSH
<RoyK> netmask 255.255.255. ?
<RoyK> missing a 0 there
<ehcah> 255.0, typo in pastebin not in file.
<RoyK> so you can access the box over the lan?
<ehcah> Just wanted to see if you were paying attention!  ;)
<ehcah> yes.
<RoyK> then why haven't you tried adding a gateway?
<ehcah> My gateway 192.168.2.5 was there when I could no longer access the box via SSH and had to go to the physical console?
<ehcah> When I #'d it out, I can hit it again from SSH?
<RoyK> http://pastebin.ubuntu.com/536422/
<ehcah> Is not what I had minus the "##" on 3 lines?
<RoyK> more or less, yes
<ehcah> RoyK:  Connectivity failed, again.  I #'d out auto eth0  and restarted the interface
<ehcah> It works now.
<ehcah> Why is auto eth0 causing me grief?
<RoyK> ehcah: I changed the auto lines
<RoyK> try rebooting
<RoyK> one interface per auto line
<ehcah> regardless, everything seems to be working now.
<ehcah> :)
<ehcah> Now all I have to do is find a good "router/firewall" like software to play with.
<ehcah> RoyK:  Do you have any experience with pfsense, smoothwall or untangle?
<ehcah> also endian  (sp.??)
<RoyK> ehcah: I've used pfsense - works well
<qman__> untangle is a good appliance, but the firewall is nothing special
<qman__> it's most useful part is the inline detection and removal of malware
<ehcah> I have to find one that is capable of something called 1483 via DHCP???
<ehcah> qman_ I read that the kapersky subscription can be great also.
<qman__> never heard of it
<qman__> yes, I've been fairly impressed with kaspersky myself
<qman__> it's what I recommend to people who are not satisfied with free antivirus
<ehcah> My ISP provides me a fiber connection.  The fiber comes into my house and into some sort of lucent/alcatel gateway...  then via ethernet to a traditional telco gateway/router.
<ehcah> I'm trying to get rid of the second device.
<ehcah> qman_  I've been running MS security essentials or whatever its called on my kids laptops.
<qman__> I run ubuntu in that position
<qman__> put my firewall together with an iptables script
<ehcah> We haven't found any virus's or anthing yet!  ;)
<ehcah> LOL
<qman__> microsoft security essentials is also surprisingly good
<ehcah> I was trying to be a bit funny, but yeah, not bad.
<ehcah> I'd still feel better having something to get rid of most problems before the kids have a chance to deal with them.
<ehcah> Have you tried Eindian or Smoothwall?  From what I can tell, they are its competition?
<qman__> I have not
<qman__> I've heard good things about smoothwall, but I haven't used it myself
<ehcah> If I were smart enough, I'd compile the same dd-wrt files I was running on my linksys boxes into an x86 install.
<ruben23> hi guys how do i mae file server where situation is the server is hosted on a hosting company and all users are on remote location and they are windows client.
<qman__> this is my firewall:  http://pastebin.com/68cjsa3j
<qman__> combined with a human-readable port forwarding list in /etc/portfile
<ehcah> Looks great!  Is that latin?
<qman__> bash, actually ;)
<ehcah> I wish I was there.
<ehcah> I'm barely, and I do mean barely competent without a GUI.
<ehcah> My delusions of grander and wants make choosing the right NAS or UTM solution problematic.
<qman__> I just have a file server, raid6 array, with ssh/samba/nfs
<ehcah> That is exactly what I keep coming back to.  Everyone and there do tells me ZFS and Raidz2 is the way to go.
<ehcah> All that does is confuse me.
<qman__> some people say raid6 is paranoid, but losing two disks inside an hour changes your mind
<ehcah> God bless poor Roy and his patience with me this past weekend.
<qman__> zfs is great in theory
<qman__> but I'm not willing to run solaris
<qman__> I'll wait for full linux support of it, or for btrfs to mature
<qman__> I really, really hate solaris
<ehcah> IF and I do mean IF, I were more advanced, I wouldn't blink at OpenIndiana or Nexenta.  Unfortunately, the compaq raid controller in my DL380G4 won't allow me to test it outside of a VM on my laptop.
<ehcah> Do you run ext3 or ext4?
<qman__> ext3
<ehcah> Is 4 immature or not necessary?
 * RoyK is quite fond of zfs 
<ehcah> I know my man!
<qman__> 4 is considered stable by most, but I've been using ext3 since I started using linux
<ehcah> :)
<qman__> it's always been there and I've never lost data
<qman__> it meets my needs, so I use it
<qman__> zfs is great
<qman__> very cool system
<qman__> but like I said, I'm not willing to run solaris
<RoyK> we're moving away from solaris at work
<RoyK> that is, using it only for storage
<RoyK> for storage it's gold
<ehcah> My best technical friend here locally just lost a bunch of data on ZFS, not sure what happened, but that scares me because I consider him extremely advanced.
<qman__> I'll wait for ZFS to come to linux, or for btrfs to mature
<RoyK> qman__: btrfs will probably reach the level of current zfs within 5 years or so - dream on :)
<highvoltage> that's not so long
<ehcah> 5 years?
<qman__> for now, ext3 + mdadm get the job done
<ehcah> And no regrets?
<qman__> my needs aren't that great
<RoyK> but then, no checksumming of data
<highvoltage> yep. it's still a fairly new filesystem. look how long it took for ext or ntfs, for example
<ehcah> You never look at FreeNas or OpenFIler or ....
<qman__> I just need a big place to save files
<RoyK> the main thing about zfs is data checksumming
<ehcah> RoyK:  Checksumming is verifying the data?
<RoyK> you'll know if you get silent errors
<RoyK> ehcah: yes
<PatrickDK> data checksumming is ok
<PatrickDK> versioning is nice, I like btrfs for that
<RoyK> PatrickDK: it's not ok, it's mandatory
<qman__> the built in snapshot system is also very cool
<qman__> reminds me of plan9
<RoyK> PatrickDK: with a bunch of terabytes, you'll get silent errors (errors not detected by the drives) quite frequently
<PatrickDK> makes me think of netapp snapshots
<RoyK> snapshotting is also nice
<qman__> I really liked plan9's system, it's a shame it didn't get more traction
<qman__> it's not very useful because it's not widely supported
<RoyK> and real snapshotting, not like the copy-on-copy-on-copy..........-on-write stuff in lvm
<PatrickDK> royk, I think the fact of raid should deal with it for the most part
<ehcah> Do either OI or Nexenta support replication like OpenFIler is supposed to/
<ehcah> ?
<PatrickDK> openfiler support replication?
<RoyK> ehcah: zfs send/receive
<PatrickDK> as far as I know. openfiler only does drbd
<RoyK> PatrickDK: most raid systems don't checksum at all
<PatrickDK> most raid cards are cheap also
<RoyK> PatrickDK: that is, they read a stripe and if nothing is reported from the disk, the block is delivered to user or kernel space
<ehcah> Well, I know this cat has to wait for his "Cheap" raid card to arrive before he can test on a box other than Virtual.
<qman__> I've had a couple files get corrupt, but my data is also not that critical
<qman__> important files have lots of backups
<RoyK> PatrickDK: if a silent error occurs, you get corrupt data, or if that error is in the metadata/filesystem, perhaps a panic occurs
<qman__> not-so-important files can be recreated/redownloaded
<PatrickDK> royk, so turn on read checks
<ehcah> Family pictures, personal files and work backup's not so easy.
<PatrickDK> or if it doesn't support that, nightly verify's
<qman__> don't forget the old mantra
<qman__> RAID is not backup
<RoyK> PatrickDK: read checks are ok so far as the crc on the drive holds, which it doesn't with current storage amounts
<PatrickDK> the sector crc is useless
<PatrickDK> and it's going be more so with this 4k format thing
<RoyK> qman__: that's nonsense - if you have the possibility of checksumming your data, you do so. not doing it will result in downtime, which cost a lot
<PatrickDK> they are really dropping the amount of protection
<RoyK> PatrickDK: most modern raid systems relies on harddisk's CRCs
<qman__> oh yes, I'm not saying you shouldn't checksum, if you can it's a great feature
<PatrickDK> I wouldn't call most modern raid systems, raid
<qman__> I just mean, if there's something you don't want to lose, you still need backups
<qman__> RAID is not a replacement for backups
<RoyK> qman__: of course, but reducing downtime is quite nice
<RoyK> qman__: you'll always need backup of sorts, but with more consistent raid systems, and snapshots, the backup may not be used that much
<qman__> I can't afford a dedicated backup system, so my strategy is to keep copies of important files on several different computers
<qman__> it works pretty well
<qman__> even when I suffered total loss on my raid 5 array, I still had most of my data and all of the important stuff
<StrangeCharm> i'm trying to copy some files from an ntfs disk to an ext4 disk, and i get the error "error splicing file value too large for defined data type". what's going wrong here?
<ruben23> guys any hel how should i setup my hosted server and have remote client in windows to create somehow like a file server..
 * PatrickDK will never use a raid5 ever
<qman__> ruben23, two options I would consider are SFTP and WebDAV
<qman__> SFTP being more secure, WebDAV being easier for windows users
<qman__> yeah, I'm running raid 6 with a hot spare this time around
<ruben23>  qman__:  so i just install webdav..? straight..?
<qman__> writes are slow but it's worth it
<qman__> ruben23, no, webdav is fairly complicated
<qman__> if you want easy to do, SFTP is it
<ruben23> qman__:  but they are windows, can SFTP be accessible on web browser..?
<qman__> no, you would need an SFTP client
<qman__> such as winSCP or filezilla
<qman__> the primary advantage of webDAV is that windows treats it basically like a regular windows file share
<qman__> but it is much more complicated to set up
<a1fa> hello, i am trying to upgrade from 10.04 to 10.10
<a1fa> and it tells me no new releases are available
<PatrickDK> cause you have lts only selected
<a1fa> alright, how do you deselect that
<a1fa> another strange thing is.. cpuinfo is only showing 800Mhz
<a1fa> sometimes it shows the stock speed 2800Mhz
<qman__> it's CPU frequency scaling
<qman__> intel speedstep, AMD powernow, etc
<qman__> when the load is low, it slows down to save power
<a1fa> qman__: interesting
<a1fa> how do i disable this lts in ubuntu-server
<Datz> a1fa: I'm able to disable in bios, I'd think this would be the best/easiest way.
<a1fa> Datz: i mean Ubuntu LTS releases
<Datz> although, there really isn't a point to, unless you want to use more power
<a1fa> I'd lkike to go to 10.10
<Datz> oh.. well that I don't know.  I'm sticking with 10.04 for as long as I can.. 5 years if the hardware lasts :P
<guntbert> PatrickDK: can you tell us what line to change in what file to "deselect lts only" ?
<a1fa> i guess there is no need to go higher then
<a1fa> i have issues with dev mapper and swap
<qman__> yeah, I stick to LTS if I can
<a1fa> #/dev/mapper/smokinggun-swap_1 none            swap    sw              0       0
<qman__> there is a way but I have never done it
<a1fa> i have to disable it because it cant mount the swap partition
<qman__> and there's no manual for do-release-upgrade
<PatrickDK> /etc/update-manager/release-upgrades
<qman__> ah, etc/update-manager/release-upgrades
<qman__> as documented here: https://help.ubuntu.com/community/Upgrades
<PatrickDK> qman, manuals are overrated
<PatrickDK> no one reads them :)
<qman__> a1fa, what happens if you try to swapon manually?
<a1fa> i have not tried yet
<qman__> doing a release-upgrade is unlikely to fix this problem
<a1fa> this is my zoneminder machine
<qman__> and is quite likely to introduce more
<a1fa> works just fine
<a1fa> if i do swapon -0a
<a1fa> # swapon -s
<a1fa> Filename                                Type            Size    Used    Priority
<a1fa> /dev/mapper/smokinggun-swap_1           partition       23248888        0       -1
<a1fa> i guess that fixes it
<qman__> it's possible that the mapper device is not ready when the system attempts to swapon
<qman__> if that's the case you should file a bug
<a1fa> alright
<a1fa> i am going to try rebooting one more time with it enabled
<a1fa> my root  is also mapped
<uvirtbot> New bug: #681598 in samba (main) "passwd doesn't work with pam_winbind" [Undecided,New] https://launchpad.net/bugs/681598
<a1fa> does anybody remember the name of that linux game with spacecrafts and MMOPG?
<a1fa> xstar or something like that
<a1fa> XShipWars
<Volvo> Do you know that if you compile samba manually from source itll actually work as opposed to what youve managed to do with Lucid and Maverik's versions ?
<Volvo> Whats wrong... ?
<Volvo> zul... ?
<Volvo> Because if you cant make a pckage out of perfectly working software id call you a loosely knit team of ... Politichians ?
<twb> Volvo: a committee
<Volvo> So thats why noone moves :P
<Volvo> Umm, samba doesnt work... umm ok... lets do nothing at all.
<Volvo> Do you get paid for this comittee stuff ?
<twb> Volvo: if you're having a problem, it helps to describe it instead of just bitching.
<Volvo> "nmbd" Dies directly after starting it on an fully updated Maverick. "testparm" sais the configuration is perfect.
<Volvo> twb: Politichinas arent garbage so im not bitching.
<Volvo> I see people not liking Ubuntu because SAMBA doesnt work and so i think it could be better if it did.
<Volvo> What do you think ?
<Volvo> Feel free to pitch in, all of you!
<JanC> Volvo: it's thanksgiving in the US, so Americans are not around much, and in Europe it's night, so those are asleep
<Volvo> JanC: Im awake
<Volvo> :)
<Volvo> Thanks for telling me though.
<JanC> well, most are not working at least
<JanC> Volvo: maybe you can figure out why it doesn't work, that would be helpful to get it fixed...  ;)
<JanC> Volvo: does it work with a non-upgraded 10.10 ?
<Volvo> JanC: Doesnt seem to, no.
<Volvo> Check it for yourself. If it works for you then all bugreports are wrong. But if nmbd dies after starting samba or "nmbd" then the samba network cannot work and so samba doesnt work.
<vadi2> What is all involved in creating installing ftp on a ubuntu server and creating a new user for it? I made a new user, added them to the ftp group, and can connect and browse via ftp fine - but trying to upload any file via nautilus results in an 'invalid filename' error
#ubuntu-server 2010-11-26
<jeeves_moss> is there a way to do fuzzy logic comparisions with imagmagick (or any other CLI program) of ~65Gb of pics to come up with dupes?
<jeeves_moss> is there a way to do fuzzy logic comparisions with imagmagick (or any other CLI program) of ~65Gb of pics to come up with dupes?
<ehcah> Can I mirror a couple of 16GB USB Thumdrives during Server OS install?
<ehcah> Or is USB Raid a very new MOBO feature?
<Daviey> Volvo: reading scrollback... i don't care much for your attitude.
<Daviey> Volvo: If zul was around, do you think with your comments he is likely to try and help?
<Daviey> I don't think i would be inclined to help.
<Volvo> Daviey: If it got fixed in a while id like it. I dont think my input was bad when all i want to do is to help fix a bug. Do you ?
<Daviey> ''<Volvo> -Because if you cant make a pckage out of perfectly working software id call you a loosely knit team of ... Politichians ?'
<Daviey> Volvo: So, which bug # is this?
<Volvo> try to start "nmbd"
<Volvo> Itll stop running just about directly and so the server or computer its runing on cannot be found.
<Daviey> Volvo: yes, but what bug number is this?
<Volvo> I guess one could give it a quick search
<Daviey> Volvo: please
<Volvo> If i was you, and im not trying to be bad or anything. Then id care and try to start "nmbd" and see if it dies directly on my own computer but apparently im bad and must be punished :)
<Volvo> Daviey: Do you have any interrest in servers working on Ubuntu or not ?
<Daviey> Volvo: no, i'm not seeing the same behaviour as you
<Daviey> Volvo: If you have discovered an issue, and want to help fix it - it needs a bug number.
<Volvo> But... are you really sure. Youcouldnt have been in this tiny SO_LINGERING
<Daviey> Volvo:  http://pb.daviey.com/UYLB/raw/
<Volvo> And its running now...
<Volvo> Then perhaps its a query issue and then it dies like the microsoft isa servers used to do from my simple scanner in 1998.
<shauno> similar, http://pastie.org/1326798
<Daviey> Volvo: Really can't take this much further without a bug #.
<Volvo> Very good shauno.
<shauno> (I do realise how useless 'me too' is, but in the context of "it's dead out of the box", there's mine "out of the box")
<Volvo> Something kills it. I need to pinpoint that sucker :)
<Daviey> Volvo: let us know when you have a bug number.
<Volvo> I guess an agressive scan against it needs to be constructed or nmblookup be run a few times and perhaps with invalid targets.
<Volvo> Daviey: Ill smash this, nw.
<toddnine> Hi guys.  Question about RAID0.  If I create a RAID 0 array with  mdadm --assemble /dev/md0 /dev/sdi1 /dev/sdi10 /dev/sdi2 /dev/sdi3 /dev/sdi4 /dev/sdi5 /dev/sdi6 /dev/sdi7 /dev/sdi8 /dev/sdi9
<toddnine> then stop it with mdadm --stop /dev/md0
<toddnine> shouldn't I be able to re-attach it with mdadm --assemble /dev/md0 /dev/sdi1 /dev/sdi10 /dev/sdi2 /dev/sdi3 /dev/sdi4 /dev/sdi5 /dev/sdi6 /dev/sdi7 /dev/sdi8 /dev/sdi9?
<toddnine> I always receive the error mdadm: cannot open device /dev/sdi1: Device or resource busy
<toddnine> mdadm: /dev/sdi1 has no superblock - assembly aborted
<Volvo> Its mounted ?
<toddnine> yup that got it
<toddnine> Volvo: thank you, I'm creating a chef recipe and missed that step.  Regarding mdadm and --assemble.  Does the order of the drives in the command matter?
<Volvo> Nope
<Volvo> Youre welcome.
<LowValueTarget> how long do you think it would take to run an fsck on a 6.3T volume
<twb> LowValueTarget: O(1)
<LowValueTarget> twb: ?
<twb> LowValueTarget: constant time
<LowValueTarget> :(
<LowValueTarget> not feasible to run in a few hours
<LowValueTarget> we talking days or weeks
<lifeless> LowValueTarget: depends on the fs
<lifeless> ext4 can be very very fast
<LowValueTarget> lifeless: ext4 i believe
<LowValueTarget> err
<LowValueTarget> 3
<LowValueTarget> actually lifeless fdisk is showing ext3 on a GPT partition
<StrangeCharm> how can i recompile the gnu utilities with large file support? i need to cp a Large file.
<lifeless> StrangeCharm: we build with LFS
<StrangeCharm> well, then something really peculiar is happening, lifeless, because i'm trying to cp some files, and getting the "value too large for defined data type" error listed at http://www.gnu.org/software/coreutils/faq/coreutils-faq.html#Value-too-large-for-defined-data-type
<lifeless> are you on a 32bit or 64bit build?
<lifeless> what does uname -a show
<StrangeCharm> lifeless, i have Linux name 2.6.32-26-generic #47-Ubuntu SMP Wed Nov 17 15:59:05 UTC 2010 i686 GNU/Linux
<twb> So guess what
<twb> I have a motherboard that doesn't support PS/2.  USB keyboard works in the BIOS, and post-boot -- but it can't be used to hold shift/alt to interrupt grub
 * Datz is tempted to say chicken butt
<Datz> twb: surprising
<Datz> I have the opposite problem sometimes
<twb> Also: if you lvchange -pr /dev/mapper/vg0-my_favourite_snapshot0, and /etc/fstab says to fsck it -- guess what happens
<twb> That's right, mountall exit(4)'s, and the whole boot just halts -- no recovery shell, no reboot, nothing
<twb> (Because e2fsck fails on read-only LVs.)
<twb> e2fsck -p, that is.
 * Datz had not guessed yet, therefore was not right
<twb> Flipping upstart
<twb> flipping grub2
<Datz> did you just get a new mobo?
<twb> Datz: it's a brand new machine
<eagles0513875> hey guys
<twb> Datz: but it's OK, I have these problems with Ubuntu on old machines, too.
<eagles0513875> anyone using wordpress with squid as the proxy on the server? im debating if i should have each site im hosting setup with an individual caching plugin for wordpress or just setup squid in general on my server
<Datz> twb: well, I'm  sure you'll find a work around. :)
<twb> Yeah, the workaroud is "hope the machine never reboots"
<Datz> twb: that's not much of a workaround :p
<twb> Exactly
<twb> The other workaround is "install debian, which may be slow to change, but at least it's slow to change"
 * twb froths some more
<Datz> yea
<Datz> humm
<twb> I increase the grub timeout, and it *can* see the keyboard
<twb> It obviously just can't see the shift key down event in the zero seconds that's allocated by default
<Datz> ah
<Datz> great
<twb> WTF, the GRUB_HIDDEN_TIMEOUT code is handled in /etc/grub.d/30_os-prober -- which exists despite os-prober being purged
<twb> Aaaand it reads 30_os-prober.distrib even after I dpkg-divert it, because it isn't using run-parts(8) to iterate over the parts.
<twb> dpkg-statoverride'ing it instead does the trick
 * Datz goes to bed
<uvirtbot> New bug: #681701 in openvswitch (universe) "openvswitch postinst fails" [Undecided,New] https://launchpad.net/bugs/681701
<uvirtbot> New bug: #681703 in libvirt (main) "Domains don't start automatically after reboot a parent host" [Undecided,New] https://launchpad.net/bugs/681703
<uvirtbot> New bug: #681713 in apache2 (main) "package apache2.2-common 2.2.16-1ubuntu3 failed to install/upgrade: ErrorMessage: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/681713
<twb> Sigh.
<twb> This change: http://paste.debian.net/100802/
<twb> ...makes my lucid VM unbootable
<twb> Or more accurately, it prevents it ever entering a runlevel, so none of the gettys start.
<maddog> hiho
<maddog> i have a ubuntu server 10.10 with a 3ware raid and a crypto volume. Everytime i write data to that volume, the transmission hangs every ~350mb for 30 seconds or so. I already disabled all caching functions on the controller, so i have no idea why that happens..ah, and i have plenty of entropy available (between 2000 and 4000)
<lnx1010> Hello all, If i have several sites under my /var/www/ directory such as /var/www/site1 and /var/www/site2 etc how can i create website addresses for those sites so they can be browsed externally such as http://site1.company.com and http://site2.company.com? at the moment i can only get to them by internal ip such as http://xxx.xxx.xxx.xxx/site1 and http://xxx.xxx.xxx.xxx/site2
<VirtSol> I'd like to virtualize, but my server doesn't support VT extentions. What is the best way to proceed?
<zul> oooh....brides from russia
<binBASH> huh? :D
<PC_Nerd101> Hiya, I'm having trouble with upgrading form 9.04 - something along the lines of the xen kernel not being supported by later versions or something (I'm not too familiar with kernel related "stuff")...  uname -a gives http://paste.ubuntu.com/536693/  Can someone point me in the direction of some documentation on this?  most seems to be installing xen on ubuntu, not the other way around.  cheers.
<UndiFineD> maddog, isn't it the bug where on high disk load the kernel hangs for a few seconds ?
<maddog> it could, but shouldn't that be patched in the current kernel version
<UndiFineD> I still encounter it on kernel 2.6.35-23
<maddog> damn it
<UndiFineD> I have two 1TB disks, when copying from one to the other, it occasionally stops here too
<UndiFineD> each disk has 32MB cache and is 7200 rpm, so it is not the hardware
<UndiFineD> maddog, http://paste.ubuntu.com/536701/
<Doonz> has anyone cloned the boot drive and went from a 120gb drive to a larger drive?
<ikonia> Doonz: what's up ?
<Doonz> well im looking at replacing my main boot drive
<ikonia> so what's the issue/question
<ikonia> ok
<Doonz> ive done cloning to windows boxes without issue but ive never do it with a linux disk before
<ikonia> ok
<ikonia> so what approach are you looking to take ?
<Doonz> can i just take an image of the drive and then apply the image to the new drive?
<ikonia> or is that part of the question
<ikonia> how do you propose to take an image ?
<Doonz> acronis
<ikonia> for me personally, I wouldn't do that, especially if your changing the disk size
<Doonz> well with acronis i have disk director wich allows for resizing of the partitions
<ikonia> for me personally, I wouldn't do it that way, however I don't use acronis so don't have that much awareness of it
<Doonz> well how would you go about doing it
<ikonia> I would put the new disk in, partition it, and then copy the file systems across, re-apply grub and then I'm done
<ikonia> (modify files such as fstab etc)
<Doonz> do you know of a step by step guide i could follow?
<ikonia> not directly, but it is as simple as partition the disk, mount the new disk, copy with recusion and permissions the file systems on to the new disk, modify /etc/fstab, then re-apply grub2
<andylockran> highvoltage: thanks for the tip off about GOSA, looks interesting - is that what #ubuntu-server intend to use in the future for LDAP management then?  There doesn't seem to be much activity on the launchpad package other than pulling from upstread.
<highvoltage> andylockran: not necessarilly, but lots of people use it or want to
<sako> hey all, i am trying to get a package into my launchpad ppa... i don't know where to begin though
<uvirtbot> New bug: #681891 in mysql-5.1 (main) "Problem with table 'key' and similar 'keys' etc." [Undecided,New] https://launchpad.net/bugs/681891
<TheSov> does anyone have bind9 experience with 10.10, im switching over from slackware for the first time and ubuntu is scaring me. (not really i just cant seem to get to load the zone files)
<UndiFineD> TheSov, https://help.ubuntu.com/community/BIND9ServerHowto
<UndiFineD> TheSov, sudo /etc/init.d/bind9 restart will reload the zone files
<TheSov> yes this i know, its not loading them
<mrmist> what error is it giving ?
<TheSov> even after i put them into the named.conf.local and copy them over and restart it
<UndiFineD> did you try to upgrade the serialnumber ?
<TheSov> *** [10.1.1.100] can't find www.redlinechicago.com: Server failed
<TheSov> no didn't bump the serial numbers let me try that
<mrmist> Though I don't think that would affect local queries, only prevent secondary servers from updating / make it less likely
<mrmist> /var/log/daemon.log normally keeps quite good bind logs
<TheSov> im going from slack 9 to ubuntu 10 im thinking maybe the zone files are not the same format anymore
<TheSov> let me try using the example and rebuild one
<TheSov> 1 sec
<TheSov> hah when i run named-checkzone i get this: zone redlinechicago.com/IN: not loaded due to errors.
<TheSov> suck i have to fix like 200 zones
<mdeslaur> TheSov: look in dmesg to see if you have any apparmor denied messages
<TheSov> i removed apparmor
<mdeslaur> TheSov: well, that's not a good idea :)
<TheSov> heh i suppose not but i couldnt get some of our apps working right and that fixed it
<TheSov> this is very different than what i'm used to.
<UndiFineD> apparmor needs a bind profile in /etc
<dr4c4n> when I reload networking, why do the two additional virtual interfaces (ip alias's) that are defined, are not brought up?
<mdeslaur> UndiFineD: what do you mean?
<UndiFineD> i had that too with 10.04, once I created a profile for bind it worked
<TheSov> sweet it works now, i was missing the name server A record, it wasnt required in the old version
<UndiFineD> :)
<TheSov> now i have to migrate users and their websites, very very sad to work on thanksgiving
<TheSov> thanks for help everyone!
<patdk-lap> is there a ec2 kernel that is protected against CVE-2010-3904?
<uvirtbot> patdk-lap: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem.  When the candidate has been publicized, the details for this candidate will be provided. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3904)
<patdk-lap> so I guess no
<dr4c4n> nvrmind - a) typo also b) I found two methods of defining the ip aliases recommendation: Linux Administration Handbook (2nd Ed) by Evi Nemeth, et. Al
<uvirtbot> New bug: #680694 in samba (main) "shares-admin command does not realize that samba is already installed" [Undecided,New] https://launchpad.net/bugs/680694
<jeremia> hi
<jeremia> I want to limit the amount of RAM a programm may use. does anyone know how I can do this?
<jeremia> I already tried ulimit from a bash shell, but it didn't work (tried parameters -m and -v)
<eriksson25> Hi, need help removing a raid 5 array. Want to dissolve it and add the disks to two other arrays instad.
<eriksson25> First problem, umount it, it complains that its busym but nothing is open and using it.
<RoyK> jeremia: see ulimit
<RoyK> eriksson25: umount -l
<eriksson25> Just found the comand, so it says its not mounted, but when I try to stop the array is still says its busy?
<eriksson25> I run "sudo mdadm --stop /dev/md0"
<mrmist> If you're not bothered about the contents just shut the computer down and remove the disks.  That'll sort it.
<eriksson25> Well, if I could. I am doing this over ssh. And the disks are going to a other array on the same machine.
<mrmist> Oh i see you're not physically relocating anything
<eriksson25> nope
<mrmist> k
<eriksson25> is there a force comand to the mdadm stop comand?
<TheSov> so i transferred all our users from slack to the ubuntu server box but now i have a strange issue. some, not all of the users webpages get served as downloads instead of actual pages
<TheSov> anyone got a clue on that?
<TheSov> seems to be only the php pages
<TheSov> im guessing that means php is not working correct?
<VSD20C> is it hard to install phpmyadmin from code line?
<ikonia> VSD20C: do you need it ?
<ikonia> TheSov: yes, it means the php 5 moudules are either not installed or apache is not loading them
<TheSov> i just did an apt-get install php5
<TheSov> lets see if that fixes it
<ikonia> TheSov: make sure you got the apache php module, rather than just the cli
<TheSov> im a newcomer to ubuntu my old server is slackware
<TheSov> whats the package name for that?
<VSD20C> well i'm trying to build a lamp and i just install the server ISO with lamp configuration.. i was hoping phpmyadmin would be an easier way to manage it
<ikonia> VSD20C: have you looked at mysql-admin, there are big risks using web based managers
<ikonia> TheSov: something like php5-mod
<TheSov> thanks
<VSD20C> hmm i haven't looked into that yet but ill do some scavenging thanks
<mdeslaur> TheSov: the package to install is called "libapache2-mod-php5"
<mdeslaur> once installed, don't forget to restart apache
<ikonia> mdeslaur: thank you
<TheSov> ok i installing it now thanks mdel
<TheSov> hmm still doin it
<mdeslaur> TheSov: try a page you haven't tried before...It may be in your browser's cache
<TheSov> no good still asks me to download the phps
<mdeslaur> TheSov: look in /etc/apache2/mods-enabled, do you have php5.conf and php5.load in there?
<ikonia> a2enmod
<TheSov> lrwxrwxrwx 1 root root   27 2010-11-26 10:10 php5.conf -> ../mods-available/php5.conf
<TheSov> lrwxrwxrwx 1 root root   27 2010-11-26 10:10 php5.load -> ../mods-available/php5.load
<mdeslaur> TheSov: are you serving php pages from users home directories?
<TheSov> yes
<mdeslaur> TheSov: if so, look php5.conf
<TheSov> public_html
<mdeslaur> you need to enable it
<TheSov> ahhh
<mdeslaur> restart apache after and try again
<TheSov> that did it
<TheSov> thanks much sir
<TheSov> god i never realized how much slack had setup out of the box
<TheSov> or rather "unblocked"
<nginx> fuck off linux FREEBSD FTW
<osmosis> davewalker?
<osmosis> https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/668042
<uvirtbot> Launchpad bug 668042 in libvirt "If Libvirtd is restarted, libvirt drops active domains lose network interface info." [Low,Fix committed]
<osmosis> id like to help test
<rimp> so i just added a second hard drive to my server and was wondering how to wipe it clean and set it up for file sharing with samba
<rimp> can anyone point me to a good web source or something, please?
<osmosis> rimp: well, you gotta know the device id from dmesg, then id use cfdisk to repartition it, then mkfs.ext4 probably
<uvirtbot> New bug: #681969 in samba (main) "package samba 2:3.4.7~dfsg-1ubuntu3.2 failed to install/upgrade: Ð¿ÑÐ¾Ð±Ð»ÐµÐ¼Ñ Ð·Ð°Ð²Ð¸ÑÐ¸Ð¼Ð¾ÑÑÐµÐ¹ -- Ð¾ÑÑÐ°Ð²Ð»ÑÐµÐ¼ Ð½Ðµ Ð½Ð°ÑÑÑÐ¾ÐµÐ½Ð½ÑÐ¼" [Undecided,New] https://launchpad.net/bugs/681969
#ubuntu-server 2010-11-27
<uvirtbot> New bug: #681986 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.37-1ubuntu5.5 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/681986
<ziesemer> Isn't there a virtual package that always provides the latest version of the proper linux-headers package?  (I have DKMS installed to automatically recompile some kernel modules when I upgrade the kernel, but it doesn't work without getting the headers, too...)
<patdk-lap> linux-headers?
<patdk-lap> well, guess you need the right one, linux-headers-server
<ziesemer> Ahh, that did it, thanks.
<VSD20C> can i use a ubuntu server to monitor bandwidth consumption and statistics for a network? I figure if i make it the DC then all that information is going through it...  would it be a 3rd party software or is ther open source alternatives?
<VSD20C> if its possible at all...
<patdk-lap> the DC?
<patdk-lap> it's much easier to figure that stuff out by using a managed switch or something, that gives that info via snmp
<talcite> hi guys. I've got a question about NFS write concurrency. Is it safe to perform r/w operations on the filesystem being hosted on NFS directly from the server? (i.e. will it respect the proper locks?)
<patdk-lap> I doubt it for nfs3, but nfs4 does some kind of odd loopback mounting thing, so I think it would be fine
<talcite> e.g. I've got a server hosting /mnt/storage over NFS, bound to /exports/storage using mount --bind. Is it safe to read and write to /mnt/storage directly?
<talcite> patdk-lap: hmm yeah it's nfs4. What's the loopback thing you're mentioning?
<patdk-lap> sounds like nfs4
<patdk-lap> the --bind
<patdk-lap> that isn't needed for nfs3
<talcite> ah. is there anywhere I can read more about this?
<patdk-lap> google nfs4 :)
<talcite> hmm. alright, I just really want to make sure I don't end up causing data corruption, especially since there's a high chance this will be happening while the clients are writing
<twb> squid or squid3?
<dassouki> i distro upgraded my ubuntu
<dassouki> and lost some stuff like /var/run/network and i can't get apache to work again
<twb> Answer: squid2 -- it has an upstart job and is in main.
<twb> dassouki: /var/run/ should be a tmpfs and empty every boot
<dassouki> twb: i guess that's why i shouldn't have hard upgraded a linode image :(
<Error404NotFound> is there a way i can install mysql 4 on lucid?
<dassouki> twb: now i managed to get an error of dav not allowed here
<Error404NotFound> I am trying to dapper server release, but i can't find its CD version, all i see is dvd.
<JanC> Error404NotFound: http://releases.ubuntu.com/releases/6.06.2/
<JanC> remember you only have 1 year of support left on that...
<JanC> why on earth do you want mysql 4 anyway?  ;)
<Error404NotFound> JanC, ya, just need to try mysql4 and php4 for somethings...
<Error404NotFound> JanC, a 3rd party product that won't agree to upgrade
<JanC> and it doesn't work with mysql 5 ?
<Error404NotFound> JanC, nope... tried and failed, now setting up another dapper server, installing app on that, purchasing upgrade license, upgrading, then upgrading dapper to lucid and changing DNS
<Error404NotFound> JanC, not my idea of a good weekend :(
<JanC> I can imagine  ;)
<JanC> good luck
<Error404NotFound> JanC, really need that... sucks big time
<Edwin_ach> hi everybody, i have a problem trying to write (p.e. create a single text file) inside a directory where i have rwx permission and i am root. What could be wrong... filesystem, permission, attributes (has no attributes set)? some idea, friends? (it is a ubuntu server 8.04.1) 0_0
<ailo> Edwin_ach: Are you getting an error message when you try?
<Edwin_ach> ailo, yes... it tells me that the system is read-only (and I am root) =/
<Edwin_ach> ailo, the problem is in specific on that partition, /storage, because i have tried creating a single txt file on / and it let me create it  o_0
<ailo> I'm no expert, but did some searching and found that one cause could be that the filesystem is mounted as read only
<ailo> Edwin_ach, check fstab
<Edwin_ach> ailo, I have tried to "remount" option as r,w but it doesn't work =(
<Edwin_ach> ailo, this is the /etc/fstab of the server: http://paste.ubuntu.com/536950/
<Edwin_ach> actually, that server runs an application that allow me use the server as a backup server
<ailo> Edwin_ach, did you try a file system check - fsck?
<ailo> Edwin_ach, supposedly, if the disk is damaged it might be mounted as read-only
<Error404NotFound> is there a good AMI available for dapper on amazon?
<dragoon123> Hi, I currently have a bandwidth problem on my ubuntu server machine, my max speed is being limited to 1.7 MB/s not sure why any ideas?
<simplexio> dragoon123: mii-tool can tell what mode cards are, ifconfig will tell if you have alot dropped packages
<simplexio> dragoon123: iperf can be used to test speeds, or just use netcat
<dragoon123> simplexio: How do i test speed with netcat?
<simplexio> http://deice.daug.net/netcat_speed.html tell google
<simplexio> the idea behind using netcat is that when starting it you can use /dev/zero as file and on endpoint you can just > /dev/null
<dragoon123> how does this help me fix/find the bandwidth limitation bw?
<simplexio> dragoon123: or just use iperf
<simplexio> well, if iperf dosent get more that 1,7MB/s speed, then problem is in your network
<simplexio> if it is faster, then problem is server program which dosent put more than 1.7MB/s to net or harddisk
<dragoon123> I only have a bandwidth limit problem on my linux machine/partition if i reboot the pc into windows it runs at full speed
<dragoon123> I have tested the network speed on both LAN and from a remote server
<dragoon123> result on both was 1.8MB/s
<simplexio> over which file tranfer protocol
<dragoon123> I used aria2 (80) and vsftpd (21)
<dragoon123> so http and ftp
<simplexio> dragoon123: did mii-tool tell you that your card is 100baseT...
<dragoon123> 100Mbit
<dragoon123> = 11.8MB/s
<simplexio> and harddisk are ok ?
<simplexio> and no errors etc. show in ifconfig
<dragoon123> yes, as I said before this is a dual boot pc, with windows and linux server
<dragoon123> on the windows partition everything runs at full speed
<dragoon123> under ifconfig 0 dropped and
<simplexio> well, linux uses different fs, driver for disk etc
<dragoon123> 8360errors frame 8360
<dragoon123> for RX packets
<simplexio> dragoon123: does windows have errors too ?
<dragoon123> for packets, no
<dragoon123> windows is windows heh
<simplexio> sound like you have somekind problem with network driver
<simplexio> what driver it uses ?
<dragoon123> hmm
<dragoon123> no idea tbh :s
<simplexio> lsmod helps
<dragoon123> hmm, do not see any modules related to networking listed
<simplexio> dragoon123: and try ethtool eth0 (or what ever it is =
<dragoon123> hmm
<dragoon123> MII?
<simplexio> in some point i had problems to force nvidia 1G ethernet card to full dublex
<dragoon123> it is set for correct speed and duplex
<dragoon123> 100Mb/s and Full
<simplexio> mii-tools can be used to channge negotiated network speeds
<simplexio> dragoon123: it would help to know netcards model
<dragoon123> 02:08.0 Ethernet controller: Intel Corporation N10/ICH 7 Family LAN Controller (rev 01)
<simplexio> have to say that i dont have anyideas. if duplex and other are ok on both sides, then problem must be on drivers
<IrishWristwatch> does anyone know if changing the cipher on openssh is possible?
<IrishWristwatch> Right now I'm using RSA keys to auth, but for the encryption itself I want to use 3des.
<joschi> IrishWristwatch: actually 3des is default
<joschi> IrishWristwatch: see ssh_config(5) and sshd_config(5)
<IrishWristwatch> I saw it now, thanks you joschi
<IrishWristwatch> thank you*
<twb> Here -t rsa is the default.
<april__> having trouble restarting vsftpd -> /etc/init.d/vsftpd restart = error of script has been converted to upstart job- use restart utility. sudo service vsftpd restart, sudo restart vsftpd both = restart:unknown instance:   -vsftpd is running, i can log into it :( any ideas?
<IrishWristwatch> have you tried "sudo service vsftpd restart"?
<IrishWristwatch> oh wait
<IrishWristwatch> I misread.
<april__> same thing ' restart: unknown instance'
<april__> also, i have the options for chroot_local_user=yes however the ftp user still can go up levels into the '/' folder
<april__> soehow i don't think my /etc/vsftpd.conf file is being read, or something :/
<IrishWristwatch> weird.
<SpamapS> april__: type 'status vsftpd'
<SpamapS> april__: does it say start/running ?
<april__> it says 'stop/waiting' but i dont' understand, because I can log into my ftp server
<twb> IrishWristwatch: oh, you mean -oCiphers.  Note that -oCipher=3des is only for SSHv1 -- everything is (or should be) SSHv2 now, i.e. -oCiphers, for which the default is aes128-ctr.
<IrishWristwatch> aah
<IrishWristwatch> So it goes down that list then?
<IrishWristwatch> Well I guess aes128 is pretty secure too.  3.4 * 10^38 combinations
<april__> is there any possible way vsftpd could read another .conf other than /etc/vsftpd.conf?
<cemc> what script generates /etc/motd ?
<IrishWristwatch> have you just tried killing the entire process april__ ?
<cemc> (for when updates are available)
<twb> IrishWristwatch: yes, it goes through the list on the client and server sides until a cipher they both support is found
<IrishWristwatch> so if on the server I only specify 3des in the ciphers parameter, it will only allow 3des I take it.
<IrishWristwatch> Alright, I'll give it a try.
<IrishWristwatch> did it work, april_ ?
<april_> no, i typed sudo start vsftpd and it said start/running process 1862, so i typed kill 1862 - bash: kill" 1862 no such process
<IrishWristwatch> ps aux | grep vsftp
<april_> nothing comes up
<april_> it's not in htop anywhere either
<IrishWristwatch> yet you can still log in?
<IrishWristwatch> weird...
<april_> yea
<april_> and I still don't understand why my 'chroot_local_user=YES' doesn't work either
<april_> and my log files aren't being created
<IrishWristwatch> are you on a standard port?
<IrishWristwatch> 20/21
<april_> yes, at least i assume so, i didn't specify a different port
<IrishWristwatch> then you can try
<RoyK> cemc: IIRC that comes from landscape-sysinfo
<IrishWristwatch> sudo lsof -i TCP:21
<IrishWristwatch> while you're logged in
<april_> on my server? or on the ftp client
<RoyK> server
<IrishWristwatch> server
<april_> there was no output
<IrishWristwatch> ok
<RoyK> april_: that means something like 'wtf is listening to tcp/21'
<IrishWristwatch> are you sure your ftp client is connecting to that server and not some other random server?
<april_> yes, i'm sure it's my server, i recognize my file structure and files
<IrishWristwatch> what client are you using
<IrishWristwatch> in case you're using scp or something
<april_> 'andFTP' - android app
<IrishWristwatch> check the protocol
<IrishWristwatch> is it ftp/sftp/ftps?
<april_> i was using winSCP at my dads house, and it did the same thing
<IrishWristwatch> I use the same app.
<april_> how can i ensure that it's sftp?
<IrishWristwatch> ehh
<IrishWristwatch> ftp and sftp are similar but different
<april_> i 'assumed' sftp was just ftp through an ssh tunnel?
<IrishWristwatch> go to your andftp settings and go to edit
<april_> each machine asked me to verify the cert
<IrishWristwatch> yeah it is, but it doesn't use your vsftp software
<IrishWristwatch> it uses openssh
<IrishWristwatch> :p
<april_> ooooh
<IrishWristwatch> yeaaah
<IrishWristwatch> sftp is ftp over ssh
<IrishWristwatch> HOWEVER
<april_> which would possibly explain why my vsftp.conf file seems to be ignored?
<IrishWristwatch> ftps is regular ftp with ssl
<IrishWristwatch> vsftp isn't even being used for sftp
<april_> is it even being used?
<IrishWristwatch> no
<IrishWristwatch> but on the bright side, I just did this like 2 days ago
<IrishWristwatch> and I can tell you how to chroot openssh
<april_> well, the functionality is exactly what I need, so that would be very helpful
<twb> No, SFTP is a module within SSH that provides similar functionality to FTP, but is actually a totally different protocol.
<twb> (A much BETTER protocol.)
<IrishWristwatch> it's a file transfer protocol
<IrishWristwatch> hence, FTP
<IrishWristwatch> anyway, april_
<april_> yea, i didn't want just FTP, because I've read that it's really un-secure. which I need secure, because I need to roll out a server for my dads business
<twb> http://mywiki.wooledge.org/FtpMustDie
<IrishWristwatch> ftp is unencrypted
<april_> i just need a folder for which 4 employees have access to (using 1 username/password)
<IrishWristwatch> ftps is better
<IrishWristwatch> sftp is the best
<IrishWristwatch> april_, ok do this
<IrishWristwatch> eh, I'll pm it to you
<twb> I agree with IrishWristwatch that you should be using SFTP, not FTP or FTP/S.
<twb> And HTTP instead of FTP for anonymous read-only access to documents.
<IrishWristwatch> also sftp is much easier to set up
<IrishWristwatch> with ftps you gotta make all your certs and it's just a pain
<twb> IrishWristwatch: especially in the current versions where chrooting is handled inside opensshd
<IrishWristwatch> yeah it's a new feature
<Dibbler_> hey all. Do any of you know if there's a way to install XFE or Nautilus without installing any of the X dependencies. I don't even have a video card in the computer , i am only planning to use it from another computer on the network that has an x server installed
<Dibbler_> does anyone have any pointers on this
<twb> Dibbler_: you can install X apps without installing an X server.
<twb> Dibbler_: you cannot install X apps without the X libraries they depend on
<Dibbler_> so  x11-common is not really x ..
<Dibbler_> it just seems very big .. 30 megs
<Dibbler_> for nautilus
<Dibbler_> i just don't wnat my server to crap out on me wfter reboot for not finding a video card .. i'm actually no where near the thing
<twb> grep-available -sInstalled-Size -P x11-common ==> Installed-Size: 568
<twb> It is not a big package.
<Dibbler_> nautilus is 36 megs ..
<Dibbler_> it seems big
<twb> That's because gnome = bloat
<Dibbler_> mmk
<twb> You could, of course, just learn to use a tty file manager like Emacs' dired.
<Dibbler_> the thing is .. it's for my boss
<Dibbler_> don't ask
<twb> I know what that's like
<Dibbler_> i'm fine with MC
<twb> He could just run nautilus on his local machine nad use gnome-VFS URLs like (IIRC) ssh://boss@example.net/etc/default/grub
<Dibbler_> whisper : he's got windows , with winaxe on top
<twb> If he has windows you'll need a w32 X server
<Dibbler_> yes
<Dibbler_> winaxe
<twb> Oh right
<Dibbler_> i'm actually not comfortable with him rummaging in the roadwarriro box i use ubuntu server for
<Dibbler_> but he needs to be able to stay on top of it
<Dibbler_> i just hop ehe doesn't touch anything
<twb> He needs to learn his place is what he needs
<Dibbler_> smike , shake hands , go to the dinners with his wife , and shut the fuck up
<Dibbler_> if it was up to him we'd still be using the AS400 and everyone would have a terminal on their desk
<uvirtbot> New bug: #682085 in samba (main) "Tryd sharing installed samba Unknown process runing not allowing log out" [Undecided,New] https://launchpad.net/bugs/682085
<l3dx> I'm considering building a home server based on ubuntu. It's main purpose will be NAS, but I also want to run irssi, a couple of Tomcat apps and also smaller tasks. My current concern is maintaining the "NAS". Both configuration and monitoring.
<l3dx> any good guides/articles on this topic?
<UndiFineD> l3dx, did you look at freenas or something similar ?
<l3dx> yes I've had a look at freenas
<l3dx> but to me it didn't seem like it is possible to install additional software
<l3dx> like Tomcat
<l3dx> also, I want to be able to run X (don't know yet if I will use it as a htpc as well)
<UndiFineD> browse a bit through synaptic, using search terms etc, there are many webbased managers and monitors
<l3dx> is ZFS supported in ubuntu?
<RoyK> l3dx: with zfs-fuse, yes
<UndiFineD> it cn be done through fuse-zfs, but not sure how that will work
<UndiFineD> :p
<RoyK> l3dx: but performance isn't very good
<RoyK> UndiFineD: it works
<RoyK> seems zpool version is up to v23 on Maverick, which is good
<RoyK> just don't enable dedup
<RoyK> and don't enable dedup
<RoyK> hm... I have this 10TB test box at work - I guess testing zfs-fuse on that should be worth a try :)
<RoyK> l3dx: if you want zfs, go for openindiana or solaris 11 express
<RoyK> both will allow for custom software, but installing stuff like tomcat might be done manually
<RoyK> l3dx: freebsd also has native zfs
<l3dx> guess I will have to play around with them
<RoyK> personally I'd recommend openindiana
 * RoyK is using openindiana on some new 110TB units
<l3dx> :)
<RoyK> that's a truckload of drives :)
<RoyK> raw storage 320TB, net storage 2x110TB
<l3dx> nice
<l3dx> don't know if you remember helping me with a system freezing (you suggested determining if it was a hard hang)
<l3dx> turns out it's the MB that's defect
<l3dx> it won't even start anymore
<RoyK> oh
<l3dx> so I'm browsing for new hardware :)
<RoyK> :)
<l3dx> have already spent way too much time on it
<l3dx> :D
<RoyK> just rememmber - if you want to run zfs, you'd _really_ want a 64bit system, and 4 gigs of memory+
<RoyK> zfs is a little hungry on the memory side
<l3dx> noted
<l3dx> but the old system was running raid1+encryption on the system disk..feels a bit stupid right now
<RoyK> the reason I say Don't Use Dedup, is that it requires hilarious amounts of memory and/or l2arc
<l3dx> how can I get it mounted in a different computer?
<RoyK> should be doable if you have the password...
<l3dx> sure
<RoyK> LVM or MD?
<l3dx> lvm
<l3dx> or..hm
<RoyK> then lvm should detect the attached drives
<l3dx> I had one raid1 and one raid5
<RoyK> type 'lvs'
<l3dx> unsure if both are LVM
<RoyK> IIRC LVM doesn't support raid5
<RoyK> that'll be MD
<RoyK> you might run lvm on top of md, though
<ruben23> guys any suggestion i want to create a file server on my hosted server-  with a couple of client connecting on it with folder permission
<l3dx> with two ram slots, should I buy on 4g or two 2g? I'm thinking 1x4 to be able to expand later on, but is dual channeling a big loss? or am I completely lost:P
<UndiFineD> buy 8 gb and be happy :)
<l3dx> d'oh
<l3dx> :)
<l3dx> another semi-stupid question: is it possible to swap disks while the system is running? without a hot-swap bay
<RoyK> l3dx: usually the memory bus is wide enough to utilize both slots, so get two modules
<RoyK> l3dx: the SATA connectors are made to support hotswap, so if the driver supports it, it'll work fine
<RoyK> l3dx: btw, I googled a little about zfs-fuse and the performance seems to suck quite badly
<l3dx> ah
<l3dx> I've no experience with zfs, I only read that it was quick and self-healing
<l3dx> so it  sounded like a good choice
<RoyK> I've been working with zfs in quite large setups for a year and a half (or so) and I can recommend it
<RoyK> we have a box that's been running stably for more than a year on an oldish opensolaris install with 50TB of storage - on WD Green drives
<RoyK> I really wouldn't recommend those drives, but still, it works
<l3dx> :)
<RoyK> WD Black or Hitachi Deskstar both spin on 7k2, which is better
<l3dx> I have no experience with neither freebsd or opensolaris
<RoyK> freebsd zfs version is _old_
<RoyK> so better try openindiana (opensolaris is dead)
<RoyK> l3dx: http://zfs-fuse.net/issues/37 <-- about zfs-fuse performance
<RoyK> might not be that bad after all
<RoyK> anyway - I'd recommend trying OI first - it won't hurt
<l3dx> downloading openindiana now
<RoyK> :)
<l3dx> going to try it out in virtualbox first
<RoyK> good idea
<l3dx> anyway, I need to order new hardware for my homeserver first of all :o)
<RoyK> how much storage do you plan on this one?
<l3dx> currently I have 4x500gb disks I plan to use
<l3dx> but later on I will most likely upgrade the disks
<RoyK> zfs has a nifty feature in that if you replace the drives one by one and resilver the pool after changing each of them, it'll grow to fill them all
<RoyK> once all are replaced, that is
<RoyK> l3dx: also, use a separate system drive
<RoyK> a usb plug will probably do
<RoyK> OI can't boot from a raidz volume, and the rpool can't contain more than one drive (or two or more in a mirror)
<RoyK> l3dx: I'll be setting up a similar system for my brother for christmas - 5x2TB in a RAIDz2 as a file server :)
<RoyK> s/z2/z/
<l3dx> RoyK: nice!
<RoyK> spoiled a little of the surprise when I told him, but I want him to get the mobo, cpu etc, then I can just get the drives and install the system for him
<RoyK> a 6TB fileserver will be something he can live with for some time, even with his nerdy things about downloading horror movies
<l3dx> based on OI?
<RoyK> yeah
<l3dx> what about PS3 streaming?
<l3dx> as in streaming to a PS3
<RoyK> shouldn't be a problem so far as the PS3 supports standard protocols like SMB/CIFS/NFS/FTP/HTTP/whatever
<RoyK> ok... small test on OI here in a VM. 8 virtual disks attached, 1GB each. create a raidz2 with a spare on the lot, and fill up a gigabyte or so with garbage. shut down the VM, remove two virtual disks and rearrange the others.....
<l3dx> I think ps3 uses DNLA (or similar)
<RoyK> it can probably do streaming over 'normal' protocols as well
<l3dx> http://code.google.com/p/ps3mediaserver/ I've been using this with ubuntu
<l3dx> might work with OI as well
<mdeslaur> I use mediatomb with my PS3
<l3dx> mdeslaur: will have a look
<l3dx> RoyK: I only get a grub> screen when booting
<RoyK> l3dx: after installing??
<l3dx> when booting
<RoyK> booting the cd?
<l3dx> from the .iso
<l3dx> yeah
<RoyK> that's rather wierd
<l3dx> seems like the download is not successful
<RoyK> make an md5sum of it
<l3dx> I downloaded the torrent and pointed it to the same location. started on 65% :)
<l3dx> after a re-check
<l3dx> no wonder why it didn't work
<l3dx> RoyK: know anything about when OI will become stable?
<l3dx> as in a stable release
<RoyK> 2011Q1 they say
<l3dx> ok
<RoyK> l3dx: it's still stable enough for production as of now
<RoyK> l3dx: there are some issues with lsi-sas2 and device order, but that's all I've seen (although that caused a bit of a headache, since with 160 drives in the chassis, you want to know the physical location of a drive once it fails)
<RoyK> ok... small test on OI here in a VM. 8 virtual disks attached, 1GB each. create a raidz2 with a spare on the lot, and fill up a gigabyte or so with garbage. shut down the VM, remove two virtual disks and shuffled the others..... Rebooted into the system, can't read testpool, removed /etc/zfs/zpool.cache, rebooted again, imported testpool without the two drives lacking, powered down the VM, added the missing drives, booted the system again, res
<RoyK> ilver starting, one more drive found, but not all, let the resilver finish, removed /etc/zfs/zpool.cache, rebooted and re-imported the pool, no data corruption....
<RoyK> l3dx: did you get it up running?
<l3dx> yes :)
<l3dx> I just booted the live env
<RoyK> just remember, solaris isn't linux, things are done differently here and there
<l3dx> what are the main differences?
<RoyK> l3dx: litt things like the old sysv startup is more or less abandoned and files are sometimes placed other places than on linux
<RoyK> you'll get used to it
<RoyK> I just use OI (or solaris) for storage plus some database servers
<l3dx> ok
<l3dx> looking forward to try it out as a multi purpose home server ;)
<RoyK> l3dx: for a multipurpose home server, at least if you plan to install a truckload of application services on it, ubuntu is likely to be easier to setup
<l3dx> Yes, sure
<l3dx> I don't think it will be a truckload
<RoyK> that's why I use ubuntu for general purpose servers and OI for storage
<l3dx> but as storage will be its main purpose, do you still suggest trying out OI first?
<RoyK> yes
<RoyK> you can probably run a virtualbox VM for the rest if you're in need for ubuntu
<RoyK> with 4 gigs of RAM, half a gig for an ubuntu VM won't hurt much
 * RoyK loves virtualisation
<l3dx> virtualisation is nice
<RoyK> l3dx: I've seen some rather nasty bugs with virtualbox on opensolaris, but haven't tested it on OI - also, those bugs were only on one system, bugs filed and rejected, so I don't know if it was a single incident. For a home system, I'd use OI as the host with zfs and then run vbox VMs on top of it if it turns out to be hard to install the stuff you need natively on OI
<ehcah> If I've disable NAT on my gateway and want use Ubuntu Server as a router (besides enabling the second NIC), what other service do I need to add other than DHCP, Bind and enabling my routes.
<RoyK> l3dx: btw, those bugs made the system hang, no data corruption, so even if they're still there, it should be safe
<RoyK> ehcah: iptables NATing
<l3dx> RoyK: ok. nice to know
<RoyK> ehcah: and make sure ip forwarding (routing) is enabled - google for iptables nat
<ehcah> RoyK:  thank you.
<l3dx> hm, how likely is it that a mITX MB will fit in a ATX chassis?
<RoyK> l3dx: mini itx?
<RoyK> l3dx: if it doesn't fit, use some gaffer tape :D
<l3dx> yes
<l3dx> hehe :)
<RoyK> l3dx: it'll probably fit
<l3dx> hope so
<l3dx> want do delay buying a chassis
<l3dx> and use the old one for a while
<RoyK> Atom cpu?
<RoyK> if so, make sure it's 64bit
<RoyK> Solaris can't address disks > 1TB on 32bit
<Csmgiw> Hey does anybody know Grub Rescue?
<l3dx> RoyK: no, thinking of i3
<Csmgiw> My laptp just stopped working and only brings me to this screen
<RoyK> l3dx: ok
<RoyK> l3dx: I just thought atom as many mini itx boards come with a cpu soldered on
<Csmgiw> Anybody?
<l3dx> yes, but not the one I've been looking at
<RoyK> Csmgiw: laptop with ubuntu server?
<Csmgiw> Erm ubuntu desktop 10.10.. I used wubi to install
<RoyK> Csmgiw: try #ubuntu
<Csmgiw> Thanks royk
<RoyK> l3dx: i3 should be quite sufficient for a file server
 * RoyK just ordered a new macbook pro 17" with an i7 :D
<l3dx> sweet
<RoyK> I've been trying to make my boss understand that, no, I don't want no HP shit, I want a mac, and finally he gave me permission to get one :)
<l3dx> we use HP at work too. but now I'm soon starting in a new company, and I'm crossing my fingers for a macbook pro, or at least something else than HP ;)
<RoyK> I'm still with my soon-to-be 4YO MBP
<RoyK> still works well, although the monitor is a little patchy and it looks, well, used
<l3dx> I think it's quite funny that my old acer aspire with a DualCore cpu is more comfy to work on than my brand new i5 HP
<l3dx> guess corp-ware is mostly to blame
<RoyK> so long as you have a decent OS on it, even 5YO laptops work well
<RoyK> decent OS != windoze
<l3dx> I think win7 is very nice, but we're stuck with winXP
<patdk-lap> royk, you don't think win2k would run pretty fast on it? :)
<RoyK> win7 is the best windoze version I've tested, but then, I don't really like windoze - taste means a lot
 * RoyK hands patdk-lap a WinME CD
<l3dx> :D
<patdk-lap> yuk
<RoyK> we still have a few win2k servers _in_production_ at work
<l3dx> I wonder if anyone still has a winME computer running
<patdk-lap> ya, and didn't win2k security patchs stop awhile ago?
<RoyK> and DOS and NT4 and even a couple of VMS machines
<RoyK> patdk-lap: some time back, yes :)
<l3dx> RoyK: is OI using some kind of package system?
<RoyK> l3dx: yes, pkg install .....
<l3dx> thanks
<RoyK> l3dx: there is also #openindiana if you want to ask platform specific questions
<l3dx> RoyK: I've already thought of it, but I didn't bother joining..but I did now ;)
<IrishWristwatch> good morning
<RoyK> Guten Abend
<uvirtbot`> New bug: #682219 in nagios-plugins (main) "Please merge nagios-plugins 1.4.15-2 (main) from debian unstable (main)" [Wishlist,New] https://launchpad.net/bugs/682219
<Datz> humm, what can I do about a frozen screen session of irssi?
<Datz> I killed the screen session, but it remains frozen in the tty
<Datz> nevermind
<_Techie_> does anybody in here know how to setup a tv tuner card to be able to be used on the network
<RoyK> _Techie_: I think mythtv has some about that
<RoyK> but it's not really a general ubuntu server thing
<qman__> yeah, your options are basically a myth backend/frontend setup, or a V4L stream
<_Techie_> just thought id ask as im going to be doing it ona buntu server box, and maybe someone in here has done it before
<qman__> never actually done either
<RoyK> I guess the mythtv people will help more
<RoyK> no offence, but I have no friggin' idea
<RoyK> that is, vlc can proabably do it
<RoyK> but the exact config isn't my thing (anymore)
<_Techie_> its only an idea at the moment
<RoyK> ffmpeg can also do it
<RoyK> grab a DVB stream and multicast it on the network isn't very hard
<qman__> I tried to set up a myth-based HTPC, but I couldn't get video acceleration on my hardware
<RoyK> or is this analogue?
<qman__> had to settle for windows
<_Techie_> analogue
<RoyK> I think ffmpeg can do that
<_Techie_> i wish i could have used DVB, but we dont have DVB streams in my area
<_Techie_> only analogue and sat
<_Techie_> and sat cards are damn expensive
<qman__> I have cable, but it's all encrypted
<RoyK> I'd try ffmpeg if working on the commandline
<qman__> can only get over-the-air channels in digital
<RoyK> qman__: that's DVB-T
<qman__> useless cable box and even more useless proprietary cablecard junk
<RoyK> DVB comes in C, S and T (cable, satellite and terrestrial)
<dragoon123> Hi, I was in here last night try to resolve a network issue on my ubuntu server machine, It's speed seems to be limited for some reason
<dragoon123> It is a dual boot with windows as well, speeds are fine on that partition it is just the linux part that is not working correctly
<dragoon123> any ideas on what might be causing the limited speed?
<RoyK> dragoon123: it's a little hard to tell with so little info - is this nfs or cifs? single disk? which filesystem? what is the system load?
<dragoon123> its a single disk with two partitions ntfs + ext4(linux)
<Guinness2702> Can I / How do I upgrade to the latest release (i.e. 10.10) from apt / command line?
<dragoon123> Guinness2702: should be sudo apt-get upgrade
<dragoon123> Guiness2702: sorry is sudo do-release-upgrade
<dragoon123> RoyK: The system load is 0.26
<Guinness2702> dragoon123, Ahh, I read that, and it talked about running a tool, so I assumed it needed a GUI
<RoyK> Guinness2702: do-release-upgrade
<RoyK> oh
<RoyK> someone said that
<dragoon123> RoyK: Can I provide you with anymore information to help me figure out what may be the problem?
<RoyK> the data you're shareing, is that on ntfs or ext4?
<dragoon123> It is the ext4 partition (ubuntu-server) that is experiencing the slow network, limited speed issues
<RoyK> nfs or samba or what?
<dragoon123> I ran mii-tool on my connection and it reported full duplex so I am unsure where the problem maybe
<RoyK> nfs or samba or what?
<dragoon123> I have tested the connection by downloading a file and transfering files on LAN both resulted in max speed of 1.8 MB/s, I have no idea what nfs or samba is
<RoyK> well, how do you download the file?
<dragoon123> with aria2c, http protocol
<dragoon123> and for LAN transfer i use sftp
<RoyK> and during transfer, if you run top, is there a load issue?
<dragoon123> nope
<RoyK> sorry, can't help you, then. 1.8MB/s seems to me like DSL speed - check the nic for corrupted packages (snmp stats)
<dragoon123> ifconfig reports not dropped package hmm
<pmatulis> dragoon123: consider connecting directly to another machine and perform some tests transfers.  this would isolate the LAN itself as part of the problem
<dragoon123> pmatulis: I have resulted in max speed of 1.8MB/s
<dragoon123> But when I reboot the server machine into windows the speeds are  maxed out to 11.8MB/s
<dragoon123> So something on the linux partition is limiting somewhere
<dragoon123> any other ideas?
<april__> dragoon: why do you use sftp for lan transfers? (forgive my noobness)
<dragoon123> april_: I have vsftpd running on my server so i just use that
<JanC> vsftpd does not do SFTP though, only FTPS  ;)
#ubuntu-server 2010-11-28
<pmatulis> dragoon123: consider connecting directly to another machine and perform some tests transfers.  this would isolate the LAN itself as part of the problem
<dragoon123> pmatulis: I am currently transfering a file FROM the ubuntu server machine to my laptop atm over LAN using http
<dragoon123> and its topping out @ 1.1MB/s atm :(
<dragoon123> so it has fallen from 1.8MB/s to 1.1MB/s know hrmm
<pmatulis> dragoon123: by "direct connection" i mean connecting 2 machines via a cable; no switch or any other networking h/w
<dragoon123> pmatulis: okay one moment
<dragoon123> lol
<hackeron> ubuntu is making it so hard to file bugs... - I want to report that network-manager is not killing dhclient when switching to a static IP address - how do I do it? :S
<stgraber> http://launchpad.net/ubuntu/+source/network-manager/+filebug ?
<hackeron>  thanks :)
<hackeron> this should be mentioned on https://help.ubuntu.com/community/ReportingBugs
<Hiiroo> hi anyone awake? :D
<hackeron> *yawn* what? who?
<Hiiroo> good at this virt stuff?
<hackeron> virt stuff?
<Hiiroo> using a guide: https://help.ubuntu.com/9.10/serverguide/C/libvirt.html
<Hiiroo> but cant fiure it out
<Hiiroo> you kno how it works?
<Hiiroo> or it works on one computer but not on my ubuntu server install
<hackeron> Hiiroo: hmm, what does it do? - a virtual KVM? - why not just use ssh for terminal and vnc for X?
<Hiiroo> yee it is the startup script / setup for a kvm
<Hiiroo> and you are supposed to be able to vnc into the machine
<hackeron> I thought the whole point of a network KVM is to recover when the machine froze or stuck during boot or something - seems this wouldn't let you do that
<dragoon123> pmatulis: I can't get a direct connection setup from win7 to linux lols
<pmatulis> hackeron, Hiiroo: you guys are talking about different kinds of "KVM"
<hackeron> pmatulis: no, libvirt: https://help.ubuntu.com/9.10/serverguide/C/libvirt.html
<dragoon123> This would be 10x eaiser if it were linux & linux
<hackeron> I'm not quite getting the point of it, hmmm
<Hiiroo> its like vmware
<Hiiroo> its not a kvm-switch :D
<hackeron> it does hardware emulation?
<hackeron> or is it like Xen?
<hackeron> if so, why not use Xen, lol
<Hiiroo> ubuntus site recommend it and that it is so easy
<pmatulis> dragoon123: you'll need to decide whether you want to test *any* kind of network transfer or just a specific protocol.  then maybe i can help
<hackeron> Hiiroo: ah, cool - where does it recommend it? - I never heard of libvirt :)
<dragoon123> pmatulis: I am just having problems getting an ip assigned for ubuntu
<pmatulis> Hiiroo: just ask a specific question and you might get some help
<Hiiroo> http://www.ubuntu.com/server/features/virtualisation
<dragoon123> I have never setup a direct connection
<hackeron> Hiiroo: thanks, I'll play around with it - only used xen so far
<Hiiroo> ok, the problem is that the command virt-install hangs before creating the virtual disk on ubuntu server, but in normal ubuntu it works
<Hiiroo> I dont know why it hangs
<hackeron> anything in dmsg or /var/log/messages - also any log files for virt? -- maybe try virt-install --verbose if that's an option
<Hiiroo> I'll check
<Hiiroo> the thing is that this happens on several computers and I cant be the only one using that guide who has this problem but it looks like it
<pmatulis> dragoon123: strange.  from memory: 'sudo ip addr add xxx.xxx.xxx.xxx/xx broadcast + dev ethX'
<hackeron> Hiiroo: I never used libvirt, going to check it out now on my ubuntu-server - will report if I'm having the same problem :)
<pmatulis> dragoon123: there you are assigning a static address to device ethX (ex: eth0)
<Hiiroo> ncie :D
<Hiiroo> nice
<pmatulis> Hiiroo: i don't use virt-install.  usually vmbuilder or virt-manager
<Hiiroo> ok it does the same? I will look at it, thx
<pmatulis> Hiiroo: i suggest virt-manager to start
<Hiiroo> ok thanks
<dragoon123> mur
<pmatulis> mur?
<dragoon123> I have static setup already, It's just windows 7 wont initialize the connection
<Hiiroo> pmatulis, Ok I found a debug flag and got this: ERROR n connection driver available for emu:///system
<Hiiroo> is this since there is no x installed on ubuntu server
<pmatulis> Hiiroo: no
<hackeron> Hiiroo: heh, well, looks like I'm stuck before you: # apt-cache search python-virtinst
<hackeron> root@demo:~#
<Hiiroo> hackeron, ah had same problem, it doesnt excist
<Hiiroo> it is another name
<Hiiroo> just do apt-cache search virt-install
<hackeron> yeh, someone needs to update the docs
<Hiiroo> and you find it
<hackeron> what happened to being able to hit edit and fix documntation? :(
<pmatulis> hackeron: you are referring to the official documentation.  it's not publicly editable
<hackeron> so what happens when it's outdated?
<dragoon123> pmatulis: Appearently, I need a cross over cable to do this?
<hackeron> or rather it shouldn't be as I'm looking for documentation for the release I'm using, so probably a package update broke it or something
<pmatulis> hackeron: what release are you using?
<hackeron> pmatulis: 10/10 and looking at https://help.ubuntu.com/10.10/serverguide/C/libvirt.html
<pmatulis> hackeron: so open a bug against 'ubuntu-docs'
<hackeron> pmatulis: like this? < http://launchpad.net/ubuntu/+source/ubuntu-docs/+filebug
<pmatulis> hackeron: yes
<pmatulis> dragoon123: only for very old network cards
<hackeron> pmatulis: filed, thanks :)
<pmatulis> hackeron: bug number?
<hackeron> #682261
<pmatulis> hackeron: bug #682261
<uvirtbot`> Launchpad bug 682261 in ubuntu-docs "10.10/serverguide/C/libvirt.html - package python-virtinst should be virtinst " [Undecided,New] https://launchpad.net/bugs/682261
<pmatulis> hackeron: good
<dragoon123> geez
<dragoon123> 10 years later, i had to download some dhcp software for windows 7 to fwrd ip to linux
<dragoon123> I am getting 9MB/s know
<dragoon123> 9-12MB/s not very stable ;s
<dragoon123> pmautlis: Do you know what causes RX errors & packets?
<pmatulis> dragoon123: could be a number of things
<dragoon123> pmautlis: The count error & frame count goes up by around 6-12  every three seconds, total know is 23546
<hackeron> dragoon123: bad switch? bad network cable? faulty network controller? overloaded load balancer?
<hackeron> also bad driver?
<dragoon123> hackeron: probaly bad drive, its a direct connection and I've switched between two cables
<dragoon123> hackeron: and on windows its a stable speed
<hackeron> cable too long? too much interference along the way (try using shielded cat5/stp)?
<hackeron> dragoon123: direct meaning crossover?
<hackeron> are you using an actual crossover cable?
<Hiiroo> pmatulis, have you ever used virt-* or vmbuilder on a non-x system?
<dragoon123> hackeron: I have no idea its just a regular ethernet cable pmatulis asked me to try a direct connection to see if it would resolve my limited network connection speed on host
<hackeron> dragoon123: you can't use a direct connection unless you use a crossover cable...
<pmatulis> hackeron: wrong
<pmatulis> hackeron: all modern interfaces are auto-sensing
<Hiiroo> pmatulis, I mean, is it easier to build the virtual machines on a x-system and then move them to the non-x system? I dont get how to install otherwise
<patdk-lap> you can't use autosensing on a direct connection
<patdk-lap> cause the autosensing method is made for computer -> switch, computer -> computer has matching timings and confuse the hell out of autosense
<hackeron> pmatulis: what patdk-lap said
<dragoon123> Well I currently have a file transfer going (connected) so...
<pmatulis> patdk-lap: i do it all the time
<patdk-lap> normally you have to manually set the speed for it to work
<dragoon123> How is it working then?
<patdk-lap> pmatulis, sometimes it works, but it's more luck, than science
<hackeron> dragoon123: I thought you said it isn't :P
<pmatulis> patdk-lap: it always works unless i have a very old interface
<dragoon123> no, i said i was recieving error and frames
<patdk-lap> maybe newer ones have adjusted the detection method to take that into account
<dragoon123> and a limited connection speed
<hackeron> dragoon123: yeh, try a crossover cable, they'll probably go away :P
<patdk-lap> dragoon123, are you sure both sides have the same speed and duplex set?
<patdk-lap> or autodetect the same
<patdk-lap> that is the issue I normally see, one side goes full duplex 100mbit, and other goes 10mbit half
<dragoon123> hackeron: When i have it connected through my router its the same but with limited connection speed
<dragoon123> patdk-lap: Its directly connected to my laptop atm, with 100MB/s full duplex
<dragoon123> patdk-lap: the file transfer speed is very unstable though 6MB/s - 12MB/s
<patdk-lap> on both sides?
<dragoon123> yea
<patdk-lap> how are you testing transfer speeds?
<patdk-lap> from a laptop harddrive?
<dragoon123> no
<dragoon123> I have a file on the host(ubuntu-server) pc being uploaded to my laptop (windows7) over apache2 (http)
<hackeron> lol
<patdk-lap> so you have harddrives on both ends, plus the network connection, plus apache, plus firefox? all in the mix there :)
<patdk-lap> nice test :)
<dragoon123> no firefox
<patdk-lap> ie8 :)
<dragoon123> no
<dragoon123> download manager
<hackeron> hahaha :)
<hackeron> nice :)
<dragoon123> =p
<patdk-lap> well, if your getting interface errors
<patdk-lap> you have a bad nic, or bad cable
<patdk-lap> only possibilities
<pmatulis> Hiiroo: you use virt-manager to create the virtual machines
<dragoon123> When I reboot the host to windows 8 (its a dual boot machine) the file transfer is stable though
<dragoon123> windows 7*
<hackeron> patdk-lap: or bad driver?
<patdk-lap> hackeron, possible, but not normally likely
<hackeron> yep
<patdk-lap> what nic is it?
<dragoon123> the driver is e100, with port MII TP
<patdk-lap> I know the e1000e where having some issues alittle while ago
<dragoon123> its some intel NIC i'd have to reboot to win 7 to get the exact name
<dragoon123> (100MB/s) max
<patdk-lap> never heard of lspci, pci id, ...
<patdk-lap> I doubt it's 100MB/s
<patdk-lap> e100 caps at 100mbit
<dragoon123> er ya that
<dragoon123> sorry
<dragoon123> 100Mbps
<patdk-lap> what ubuntu version?
<dragoon123> patdk-lap: they do not return the driver name only the drive fmaily name
<dragoon123> Ubuntu-Server 10.10
<patdk-lap> dragoon123, lspci returns more info than you know what to do with :)
<patdk-lap> it gives you the card id, the pci id (all info about that card is in that id), the driver used for that device
<patdk-lap> all specs of the card
<dragoon123> patdk-lap: I could only get it to return Intel corporation M10/ICH 7 Family LAN controller..
<dragoon123> which is useless
<patdk-lap> lspci -v
<dragoon123> same thing
<dragoon123> just includes Hewllet packard know
<dragoon123> Hewlett(*
<patdk-lap> 00:19.0 Ethernet controller: Intel Corporation 82566MM Gigabit Network Connection (rev 03)
<patdk-lap> 	Kernel driver in use: e1000e
<patdk-lap> 	Kernel modules: e1000e
<patdk-lap> for my laptop
<dragoon123> sec ill pastebin it
<dragoon123> http://pastebin.com/0sjCYYEG
<patdk-lap> e100 driver
<dragoon123> ?
<patdk-lap> are you sure your not getting errors or corruption when using windows on it?
<dragoon123> hmm
<patdk-lap> I have noticed that linux and windows handles packet retries completely different
<dragoon123> Well I figured since I had a stable connection on windows no
<dragoon123> but should I find a program which can .... show errors i guess?
<pmatulis> dragoon123: do you have any other non-windows system to test with?
<patdk-lap> ya, could always load the ubuntu desktop live cd, and give it a try
<dragoon123> hmm
<dragoon123> no cd-drive on host
<dragoon123> Well, anyways I'll load up a bootable usb after since I pretty much know its a router problem
<dragoon123> maybe the rx error&frame is just a problem with the ubuntu-server drivers
<dragoon123> Thanks for your help all :)
<JanC> patdk-lap: e1000e is still having issues BTW, not only "a little while ago"
<pmatulis> too bad dragon123 didn't specify the pci id of his card
<patdk-lap> janc, ah heh, I hadn't heard anything about it since 10.10 was released :)
<JanC> patdk-lap: my 82566DM-2 doesn't want to go higher than 100 Mbit/s, and judging from other bugs on LP some peopel only get 10 or 0 Mbit/s...
 * JanC wonders why Intel can't write proper drivers for their own hardware...
<patdk-lap> hmm, mine works fine, on 10.04 though, so I haven't used the newer intel driver for the e1000e
<patdk-lap> my 10.10 (actually on 11.04 now) only has a e1000 card
<JanC> I have that bug on 10.04 & 10.10 (didn't try with older versions yet)
<JanC> oh, and with the 2.6.37 kernel too
<uvirtbot`> New bug: #530051 in autofs5 (main) "Autofs and semiautomatic credentials" [Wishlist,Confirmed] https://launchpad.net/bugs/530051
<_Techie_> for some reason my wget isnt breaking command on ^C
<Guest79434> ada orang indonesia dsini?
<twb> What's this "virtio" stuff, and how do I use it?
<twb> (re. kvm)
<twb> Here we go http://www.linux-kvm.org/page/Virtio
<Starhero> Hello can someone please help me, i need to force a fsck on my main ub drive
<Starhero> and i am not sure how to do it during boot
<Starhero> Oh god don't tell me there are 258 idlers in here...
<mrmist> nah there's less than that, you're talking
<Starhero> haha
<Starhero> Might you know how i could force the server to check all drives (primarly sda...all partitions?)
<mrmist> I'm afraid that knowledge escapes me
<air^> Starhero: tried googling it? for example http://www.cyberciti.biz/faq/linux-force-fsck-on-the-next-reboot-or-boot-sequence/
<Starhero> I did but that was nto found
<Starhero> I was getting all kinds of thigns so...i figured jsut ask someone
<Starhero> I knew that there was like 500000 irc channels for linux period so...I learned a lot through irc about linux but never needed to do this...Thank you for the information
<ph0t0nix> Hi all.
<ph0t0nix> I'm having trouble getting my KVM VMs to start after upgrading the real server from 10.04 to 10.10.
<ph0t0nix> It seems that apparmor is in the way:
<ph0t0nix> error: Failed to start domain krimson
<ph0t0nix> error: internal error Process exited while reading console log output: libvir: Security Labeling error : internal error error calling aa_change_profile()
<ph0t0nix>  
<ph0t0nix> so I disabled libvirtd's profile by making a symlink in /etc/apparmor.d/disable, but now I have permission errors for the LVM LV that contains the file system for the VM.
<ph0t0nix> Does anybody have an idea how to fix this (chmod-ing the /dev entries for the LV to a+rw seems to work...)
<ikonia> ph0t0nix: that's an intersting issue
<ph0t0nix> :-)
<ikonia> ph0t0nix: are the lvm errors on the lvm devices or the actual lvm file systems
<ph0t0nix> on the devices:
<ph0t0nix> brw-rw---- 1 root disk 251, 11 2010-11-28 13:12 /dev/dm-11
<ph0t0nix> brw-rw-rw- 1 root disk 251, 12 2010-11-28 13:51 /dev/dm-12
<ph0t0nix>  
<ph0t0nix> dm-12 is used by a VM that is running now
<ph0t0nix> starting a VM with an LV that doesn't have 666 permissions gives:
<ikonia> ph0t0nix: should those devices not be in a volume group
<ph0t0nix> # virsh start gaffel
<ph0t0nix> error: Failed to start domain gaffel
<ph0t0nix> error: internal error process exited while connecting to monitor: char device redirected to /dev/pts/3
<ph0t0nix> qemu: could not open disk image /dev/raidvg01/gaffel-vm3: Permission denied
<ph0t0nix>  
<ph0t0nix> # ls -l /dev/raidvg01/gaffel-vm3
<ph0t0nix> lrwxrwxrwx 1 root root 8 2010-11-28 13:12 /dev/raidvg01/gaffel-vm3 -> ../dm-15
<ph0t0nix>  
<ikonia> ph0t0nix: I wonder if it's as simple as udev rules
<ph0t0nix> # ls -l /dev/dm-15
<ph0t0nix> brw-rw---- 1 root root 251, 15 2010-11-28 13:12 /dev/dm-15
<ph0t0nix>  
<ph0t0nix> Notice that virsh has changed the group from disk to root...
<ph0t0nix> nice idea about udev. haven't looked into that yet
<ph0t0nix> hmm, libvirtd runs as root, but the one VM that's running (with the 666 LV) runs with uid 116, which is libvirt-qemu.
<ph0t0nix> that explains the permission error. I'll try to add the libvirt-qemu user to the disk group
<ikonia> odd that the upgrade would change this
<ph0t0nix> ikonia: true. And adding the user to the disk group doesn't change a thing.. Still Permission denied
<awanti> hi, I want to setup a domain in my office. so any one can guide me how to configure domain for my small office. In my office 40 pc are there (running windows xp) NOW i have to setup a server for that. I chooses Ubuntu Desktop edition. But most people are saying go Ubuntu server edition on #ubuntu chat room.
<meatflag> amanti: what services do you want the server to provide? Samba, DNS, HTTP?
<MrStarbuck83> hi everybody
<MrStarbuck83> Can anyone recommend a lightweight ident server?
<MrStarbuck83> test
<billybigrigger> where does nfs log to?
<MrStarbuck83> anybody got this bug too? https://bugs.launchpad.net/ubuntu/+source/python-apt/+bug/664514
<uvirtbot`> Launchpad bug 664514 in python-apt "Unattended upgrade fails with segmentation fault in Ubuntu Server 10.10" [Undecided,Confirmed]
<MrStarbuck83> Wow
<bla_bla> what would be a good easy to use nube email and calendaring server to use/install ?
<RoyK> bla_bla: there are several out there, but I landed on zimbra
<RoyK> bla_bla: it doesn't come with ubuntu, and it is best run on a dedicated machine or VM
<RoyK> bla_bla: a bit on the heavy side, but it works well and all normal administration is done with a web gui
<RoyK> bla_bla: so if you have memory enough to run zimbra as a VM, go ahead
<bla_bla> RoyK: my server has 768 mb i think
<RoyK> bla_bla: then forget about zimbra - it will need 1GB alone
<bla_bla> RoyK: all i want really is a good email program and calendearing service
<RoyK> http://en.wikipedia.org/wiki/List_of_project_management_software
<teardrop-> how to set wireles password in ubuntu server ?
<teardrop-> how to set wireles password in ubuntu server ?
<uvirtbot`> New bug: #682500 in openssh (main) "Agent admitted failure to sign using the key." [Undecided,New] https://launchpad.net/bugs/682500
<uvirtbot`> New bug: #682501 in php5 (main) "php5 5.3.3-1 causing segfaults -> 5.3.3-4 backport for maverick?" [Undecided,Incomplete] https://launchpad.net/bugs/682501
#ubuntu-server 2011-11-21
<three18ti> hey, can anyone help me with orchestra?
<qman__> !anyone | three18ti
<ubottu> three18ti: A high percentage of the first questions asked in this channel start with "Does anyone/anybody..." Why not ask your next question (the real one) and find out? See also !details, !gq, and !poll.
<three18ti> qman__, I'll try my specific question again, but it seems that no one knows the answer to my question...
<three18ti> Hello, how do I reset the Orchestra login?  I reset the cobbler login, but this does not seem to affect the orchestra web login.  Thanks.
<three18ti> !poll
<ubottu> Usually, there is no single "best" application to perform a given task. It's up to you to choose, depending on your preferences, features you require, and other factors. Do NOT take polls in the channel. If you insist on getting people's opinions, ask BestBot in #ubuntu-bots.
<three18ti> !details
<ubottu> Please give us full details. For example: "I have a problem with ..., I'm running Ubuntu version .... When I try to do ..., I get the following output: ..., but I expected it to do ..."
<three18ti> !gq
<ubottu> Are you sure your question allows us to help you? Please read http://www.sabi.co.uk/Notes/linuxHelpAsk.html to understand how to ask a 'better' question.
<qman__> while I don't know anything about orchestra myself, if you're having trouble getting help, fishing with an 'anyone' question isn't going to do any better
<qman__> do you know if it's running on apache?
<qman__> or something else, or what type of login it is?
<qman__> keep in mind also that this is pretty new software and a lot of us have not tried it
<qman__> anyway, login credentials are going to generally be stored in one of three ways: standard PAM authentication (/etc/passwd and /etc/shadow, or other PAM methods), a user and password in a database such as mysql, or HTTP basic authentication in an htpasswd file
<koolhead17> hi all
<twb> And only the former is any good
<three18ti> qman__, I do believe that the orchestra package uses Apache to serve the web stuff, however, I am not sure what authentication module it uses...  I reset the cobbler password as it seems that "orchestra" is just the rebranding of cobbler (then you can add Juju etc...).
<twb> qman__: it's worth noting that apache's ability to talk pam is pretty crappy
<twb> Mostly because of the way libpam makes synchronous challenge-response calls at the wrong place in a web UI interaction :-/
<jcastro> roaksoax: awesome, so I guess it came as a surprise to me the default orchestra install blows away machines without a prompt
<jcastro> I was testing it with my laptop and next thing I know it was formatting my drive and reinstalling ubuntu-server on it
<twb> jcastro: today you learn the value of off-site backups
<jcastro> roaksoax: how do I set it to just default to a normal install instead of a preconfigured preseed?
<jcastro> twb: right, that's not the point.
<three18ti> well, I know cobbler stores credentials in digists; as I understand it "orchestra" is just a meta package that pulls in things like cobbler and sets everything up with post install scripts...  Standard cobbler docs don't apply since Ubuntu seems to mangle the cobbler install (i.e.: the cobbler docs say to use example.com/cobbler/web for the web interface, whereas ubuntu uses example.com/cobbler_web)
<three18ti> jcastro, am I understanding you correctly, did you blow away your laptop hdd?
<three18ti> jcastro, what credentials did you use to log into "orchestra"?
<jcastro> yeah, so I guess by default choosing one of the menu options has a ubuntu-server preseed file
<jcastro> which is an automated install
<jcastro> which is fine, I just need to know how to turn it off
<hansin> I read about "orchestra" the other day. Take what I am going to say here with a grain of salt as I an not fully versed, but it seems like much might be in python. Wouldn't it be nice to have a very lightweight python web server handle this stuff, something you could fire up via SSH on whatever port (kind of like the cherokee web server admin interface) you wanted? Then kill it when done?...
<hansin> ...Might be off here, just a thought.
<CarlFK> hansin: what's orchestra? url?
<lifeless> https://launchpad.net/orchestra
<boxybrown> hey guys, I installed the ubuntu-desktop package on an ubuntu-server install, and now X11 forwarding over SSH has stopped working
<boxybrown> sshd_config has X11Forwarding set to true, I'm not sure what adding the GUI packages did
<CarlFK> lifeless: thanks.
<hansin> Sorry if my comment is missing the point of Orchestra. I just know for some things a simple webserver is cool. But I might not have all the info here. Anyway, cool stuff happening in the server space.
<tjaalton> kklimonda: could you repeat what was needed for sssd? and file a bug :)
<lynxman> morning o/
<koolhead17> morning lynxman sirr!! :)
<lynxman> koolhead17: ello :)
<koolhead17> :P
<koolhead17> Daviey, ping!! :)
<koolhead17> lynxman, BTW weekend was awesome!!
<lynxman> koolhead17: :D
<Daviey> koolhead17: hey
<kklimonda> tjaalton: mostly a new version :)
<eagles0513875_> hey guys has anyone worked with postfix policed before? is that just an install and forget addition for postfix or does it require some configuration
 * koolhead17 points eagles0513875_ https://help.ubuntu.com/10.04/serverguide/C/ server guide
<ikonia> it requires configuration
<koolhead17> hey Daviey
<ikonia> eagles0513875_: it's not the toughest configuration, reasonably straight frward, but it does need it, it's not install and forget
<eagles0513875_> ok ikonia  thanks :D
<ikonia> eagles0513875_: you're not using postfix with mysql or anything like that are you ? just a straight postfix install
<eagles0513875_> ya stright postfix install working with dovecot
<ikonia> no problem then, it's a pretty straight forward config
<eagles0513875_> but i want to setup some sort of spam filtering and noticed that
<ikonia> it's not a bad tool
<ikonia> I'm sure you'll see a benifit with it
<eagles0513875_> :)
<eagles0513875_> in the process though of migrating to a linode vps from home server since I'm going to be heading back to the states
<eagles0513875_> ikonia: looking at the guides I'm guessing it would be better to setup postfix first prior to setting up dovecot correct seeing as dovecot needs to modify some of the post fix config files
<ikonia> certainly setting up postfix first is the best idea, as without it there i no mail store for dovecot to access, and therefore dovecot is pointless
<eagles0513875_> ok
<eagles0513875_> ikonia: another question I'm guessing its best to follow the server guides for the release that I'm on instead of something like http://www.google.com/url?sa=t&rct=j&q=ubuntu+dovecot&source=web&cd=1&ved=0CCcQFjAA&url=https%3A%2F%2Fhelp.ubuntu.com%2Fcommunity%2FDovecot&ei=6i_KTt_gMs2F-wb4rtQo&usg=AFQjCNE0KlTjn_OdEebV-D0tSUkQULa1kw
<ikonia> eagles0513875_: it's up to you
<eagles0513875_> ok
<Daviey> zul: when you are around, can you give me a shout please? :)
<zul> Daviey: barely around
<Daviey> zul: ah!  Did you see quantum has hit debian experimental?
<zul> Daviey: yeah just before i was going to bed last night...i just need to fix one thing on mine then i was goin to upload
<Daviey> zul: Does it make sense for us to base ours on Debian?
<zul> Daviey: not really because our packaging follows the same package scheme, like python-quantum, quantum-client, quantum-server etc etc etc
<Daviey> zul: what gain do we get?
<zul> ease of maintaining it
<Daviey> wait, is it easier?
<zul> i think so if we need to update it we can just do bzr bd -S
<Daviey> zul: if we use UDD branches, we should still be able to do that?
<Daviey> I'm wondering if a common base with Debian makes sense for this package.
<zul> Daviey: i dont think it will be updated often enough myself though...im happy with what we have now
<Daviey> zul: we don't have anything, "now" :)
<Daviey> zul: Right, but we can certainly contrib back to Debian and still enrich if required.
<uvirtbot> New bug: #893077 in eucalyptus (universe) "package eucalyptus-java-common 2.0 bzr1241-0ubuntu4.3 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/893077
<dsirijus> how come i get that there's no nginx (11.04) when running 'apt-get install nginx'?
<lynxman> dsirijus: apt-cache search nginx shows nginx as available on my install
<dsirijus> lynxman: hm, i0ve managed to install from the nginx ppa
<dsirijus> lynxman: but now there's no php5-fpm
<lynxman> dsirijus: that should do :)
<dsirijus> just a sec, i'll pastie my sources list
<dsirijus> (it's custom image for rackspace, maybe they've messed with it)
<lynxman> dsirijus: https://launchpad.net/ubuntu/+source/nginx
<dsirijus> lynxman: anything fishy in here http://pastie.org/2897800 ?
<lynxman> dsirijus: you have the universe repositories commented, nginx is available there
<lynxman> dsirijus: uncomment lines 12 to 15 and run apt-get update
<lynxman> dsirijus: also 46-49
<zul> good morning
<dsirijus> lynxman: and what will happen now with my nginx existing install?
<lynxman> dsirijus: well if you haven't put it in prod I'd recommend removing the ppa and using universe, it's known to be well maintained
<lynxman> dsirijus: but that's just my opinion, I'm sure the ppa is maintained as well, although there's no warranties on that
<dsirijus> lynxman: and how do i exactly do that?
<dsirijus> i just apt-get installed nginx and started it
<lynxman> dsirijus: remove the ppa config file on /etc/apt/sources.list.d
<lynxman> dsirijus: run apt-get remove nginx
<lynxman> dsirijus: then you can apt-get update and apt-get install nginx
<dsirijus> can i purge it somehow?
<dsirijus> just add --purge after remove?
<lynxman> dsirijus: just use purge instead of remove then :)
<dsirijus> hell, this works wonderfully :)
<lynxman> dsirijus: :D
<dsirijus> so friggin' rockin
<dsirijus> i'll have zero to optimized wordpress in half an hour, and not using apache
<dsirijus> lynxman: hey, what's the recommended dir for web sites?
<lynxman> dsirijus: the default one is /var/www
<dsirijus> no it ain't, i don't even have it
<lynxman> dsirijus: hmm damn nginx *goes investigate*
<dsirijus> so, what, it depends on the server using?
<dsirijus> -/usr/share/nginx/www is probably default for nginx
<lynxman> dsirijus: looks like yeah, but I'd change it if I were you, I'd rather use /var/www for websites than /usr/share/
<dsirijus> okie
<zul> greeeeeat
<lynxman> zul: moaning :)
<roaksoax> jcastro: did you add any systems?
<jcastro> what do you mean?
<jcastro> in cobbler?
<roaksoax> jcastro: yeah
<roaksoax> jcastro: or you just instaled orchestra, rebooted the machine and it automatically pxe booteD?
<jcastro> yeah
<roaksoax> jcastro: uhmmm cause by default it should not automatically select a profile but rather boot locally
<jcastro> oh, I selected the profile in the menu
<jcastro> I just wasn't expecting the preseed to be automated
<jcastro> roaksoax: if I want to add a bunch of deskopy things, I can just plop the normal ISOs in the right iso directory and make profiles right?
<roaksoax> jcastro: no, you need to add ubuntu-desktop as package
<roaksoax> jcastro: you wont be able to import the desktop ISO and pxe boot from there
<jcastro> oh ok so just modify one of the preseeds?
<roaksoax> jcastro: and yes the profiles have a No questions asked preseed
<jcastro> orchestra.preseed -> orchestra-desktop.preseed and modify or something
<roaksoax> jcastro: yeah just go ahead and modify the preseed for the profile you want to use or add a system
<roaksoax> jcastro: yeah you could do that and change the reference to the preseed you wanna use
 * jcastro nods
<jcastro> yeah I already made the server ones un-automated.  :)
<roaksoax> jcastro: lol ok ;)
<thafreak> I thought I saw something on the mailing list a while back about removing xinetd from main?
<thafreak> I can't seem to find the discussion though...is there a better way to search mailing list archives, or does anyone know about xinetd's future?
<WeissWaschbaer> hey.. Can i put a cron script to mount->rsync/mysqldump->umount ?
<thafreak> sure...
<thafreak> probably want to make sure it mounted though...
<RoyK> WeissWaschbaer: mount && mysqldump && rync && umount
<jMCg> Maybe even put the whole thing in a make file.
<WeissWaschbaer> RoyK: http://paste2.org/p/1788783
<WeissWaschbaer> i did this script
<RoyK> or do it smarter with some if [ $? -ne 0 ]; then echo "ERROR!!!!!! WHEEWHEEWHEEE!!!" >&2; fi
<RoyK> WeissWaschbaer: line 14 could just check the exitcode of mount ($?)
<RoyK> if that's non-zero, something's wrong
<jMCg> WeissWaschbaer: http://teddziuba.com/2011/02/stupid-unix-tricks-workflow-control-with-gnu-make.html
<RoyK> WeissWaschbaer: also, check umount's exitcode before line 28
<jMCg> Why not use make?
<RoyK> because it's ugly? :)
<jMCg> O_o
<jMCg> I have an inner urge to call you an idiot, but something tells me to choose my words more wisely.
<WeissWaschbaer> jMCg: have to learn it first, long term soltion
<jMCg> Now, would you mind elaborating how a simple Makefile in which every operation's return code actually *is* checked, the state is recorded and can be picked up from there - how is that uglier than http://paste2.org/p/1788783 <<< This.
<WeissWaschbaer> RoyK: the script does run like this, i just need to make cron execute it..
<WeissWaschbaer> for some reason cron is not
<thafreak> Make has to be explicitly installed...bash, python, etc are already on most systems
<jMCg> ah, right. Linux distros...
<thafreak> well, you could write posix compliant shell script then, and most systems (not just linux) default shell will work the same
<RoyK> jMCg: this is an ubuntu channel, so, yes...
<mgw> Does anyone know why iptables-persistent in oneiric has no status command?
<mgw> nm, it looks like the 'status' in previous versions was useless anyway â it just returned
<roaksoax> lynxman: any update son bug #874981
<uvirtbot> Launchpad bug 874981 in mcollective "Please merge/sync mcollective from debian wheezy" [High,Fix committed] https://launchpad.net/bugs/874981
<lynxman> roaksoax: it's done and waiting for Davieys rubberstamp
<roaksoax> lynxman: there's one last Daviey comment
<lynxman> roaksoax: which was solved and ironed :)
<lynxman> roaksoax: he thought the comments were ours and not the debian package ones
<roaksoax> lynxman: oh ok
<roaksoax> Daviey: mcollective ready to be merged?
<lynxman> roaksoax: :)
<lynxman> roaksoax: thought he was dealing with it personally that's why I didn't bother to update on the ticket, apologies
<roaksoax> lynxman: no worries ;)
<smoser> utlemming, i launched a build of oneiric-server-cloudimg-20111121 (cloud-image) which will have the new oneiric kernel in it.
<smoser> (ie, candidate for refresh)
<utlemming> smoser: yes, I saw that -- I saw that you'd kicked a few minutes ago when I went looking to see if we had a build with the new kernel in
<Daviey> roaksoax: Yeah, sorry - Friday EoD i tried to hand it over to someone else. :)
<lynxman> Daviey: 14 hours a day not enough for you sir? jeez ;)
<Daviey> roaksoax: http://irclogs.ubuntu.com/2011/11/18/%23ubuntu-server.html#t00:45
<Daviey> lynxman: 14?  and the rest!
<lynxman> Daviey: like we say in Spain "you work more hours than a clock"
<Daviey> lynxman: the time shown is local time, so yes EoD was 00:45. :)
<roaksoax> Daviey: yeah I remember but thoguht u were looking for a second opinion rather than an uploader
<Daviey> roaksoax: "Would one of you mind reviewing and uploading bug" :)
<roaksoax> Daviey: lol ok
<lynxman> Daviey: that'd also hint for a second opinion? ;)
<Daviey> lynxman: little bit..
<lynxman> Daviey: also for drinks, but I see drinks everywhere
<roaksoax> Daviey: you might help me
<roaksoax> Daviey: quilt has patches-applied, but no record on .pc
<roaksoax> Daviey: so when trying to unapply, then it does not aunapply and consequently, it failts to apply
<roaksoax> so how can I recover from this situation
<Daviey> roaksoax: on an intensive call right now.
<roaksoax> Daviey: ok, let me know when you done please
<dkn> using KVM, can i point a disk to an LVM? the /dev/mapper/disc can be mounted on the host system, but i can't see the partition table if i fdisk /dev/mapper/disc
<dkn> in other words, instead of using an image file, can i instead add storage to a VM ?Guest using a LVM on the host system? i was thinking i mount the LVM on the host system, load it up with files, then unmount, add /dev/mapper/disc to the device list for the Guest and boot up and mount it, but i have nothing to mount in the VM guest, it just see's vdb with no partitions to mount
<SpamapS> dkn: yes, any block device will do. :)
<hallyn> yup
<dkn> hmmm i guess i'm missing the part where the Guest recognize's the LVM?
<RoyK> dkn: if lvm was setup on that device, it should be autodetected during boot
<dkn> mmmm no, i setup the LVM on the host machine, the guest VM has no idea that the storage is and LVM
<hallyn> bc you're just giving it a blockdev, yes
<WeissWaschbaer> my cron is not running my shelscript (it works when I manually run it)
<dkn> hmmm
<RoyK> WeissWaschbaer: does it email you and tell you something's wrong?
<RoyK> WeissWaschbaer: it should...
<RoyK> WeissWaschbaer: that is, if root owns the cron job, that email will go to root
<WeissWaschbaer> RoyK: I didnt set any email
<RoyK> then it'll email root
<WeissWaschbaer> how do I check that?
<RoyK> su to root
<RoyK> type mail
<RoyK> or install mutt - a bit better ui
<dkn> so i should instead mount the host's VG to get the LVM to show up as an LVM?
<WeissWaschbaer> RoyK: not installed
<RoyK> dkn: your guest should never see the host's lvm config
<WeissWaschbaer> mutt is n-curses?
<RoyK> WeissWaschbaer: then install it - apt-get install mutt
<RoyK> WeissWaschbaer: don't remember - but it's light and works well
<WeissWaschbaer> RoyK: it is a server, no Xorg
<RoyK> WeissWaschbaer: mutt isn't an X app
<WeissWaschbaer> ok
<dkn> oh dear... nvm, just mount the /dev/sda device....
<dkn> i was just trying to make it to complicated...
<RoyK> :)
<dkn> thks Spam & Roy
<WeissWaschbaer> No mail for root
<RoyK> WeissWaschbaer: apt-get install postfix
<roaksoax> lynxman: so it looks good... though shouldn't the mcollective-client.config we filtering for configure and reconfigures only?
<roaksoax> lynxman: cause otherwise it would be run at all times
<roaksoax> (debconf question)
<lynxman> roaksoax: hm, your call chief
<lynxman> roaksoax: that'd put some delta from debian though :/
<roaksoax> lynxman: so hold on... in the debdiff you attaching there's changes such as the addition of mcollective-client.config
<roaksoax> is that done in the ubuntu1 and is a delta
<roaksoax> or is that done in the debian package?
<roaksoax> lynxman: err let me rephrase the sentence
<roaksoax> lynxman: that's done as ubuntu delta
<lynxman> roaksoax: that's debian
<lynxman> roaksoax: we're narrowing the delta with this release, only delta now is the addition of mcollective-middleware
<roaksoax> lynxman: right, but the latest release form debian does not contain that change in their source
<lynxman> roaksoax: of course not, because that's on their first release, which was after ours :)
<roaksoax> lynxman: right, but where's the *new* debian verison that contains those changes I see as additions in the ubuntu delta
<Daviey> roaksoax: Still want me?
<roaksoax> Daviey: nope, figured it out :)
<Daviey> cool
<roaksoax> thanks though
<roaksoax> lynxman: changes in description in debian/control seem as ubuntu delta
<lynxman> roaksoax: they're not additions, for sure
<roaksoax> lynxman: right, but that's why I'm saying I'm confused out of your debdiff as it shows ubuntu delta which you mention are in debian
<roaksoax> which are not
<roaksoax> that's why :)
<roaksoax> (maybe you went through this conversation with Daviey already)
<lynxman> roaksoax: because that's the delta from our _latest_ package to the debian one
<lynxman> roaksoax: yes I did :)
<lynxman> roaksoax: so that debdiff is narrowing the delta from debian, but the debdiff is based on our current one
<lynxman> roaksoax: because there was no delta before, since there was no package on their side
<roaksoax> lynxman: right, but for example this things:
<roaksoax> -Description: Marionette Collective clustering framework - server
<roaksoax> +Description: build server orchestration or parallel job execution systems
 * lynxman has dejavu about all this...
<roaksoax> lynxman: that appear as ubuntu delta, changes made for ubuntu
<lynxman> roaksoax: that's the change from Ubuntu to debian
<roaksoax> lynxman: right, that's why I;m saying, you are adding those changes
<lynxman> roaksoax: based on the Ubuntu one, ys
<roaksoax> lynxman: now, --- mcollective-1.2.1+dfsg/debian/mcollective-client.config     1969-12-31 16:00:00.000000000 -0800
<roaksoax> +++ mcollective-1.2.1+dfsg/debian/mcollective-client.config     2011-06-27 10:22:02.000000000 -0700
<roaksoax> lynxman: mcollective-client.config does *not* exist in ubuntu
<roaksoax> and is a delta that we are carrying
<roaksoax> correct?
<lynxman> roaksoax: that comes from debian, yes
<lynxman> roaksoax: we're trying to unify the packages
<lynxman> roaksoax: I'm in contact with hggh (the debian maintainer)
<Daviey> roaksoax: that was the same thing i thought :)
<roaksoax> lynxman: right, so given that case, wouldn;t it be better to wait for a released version in debian to then just sync the packages?
<lynxman> roaksoax: no
<lynxman> roaksoax: because... we have mcollective-middleware, which we're adding
<Daviey> well, the merge is done - we should try and close the gap sooner rather than later
<lynxman> roaksoax: and was in our package
<lynxman> roaksoax: and will be in the debian package as soon as hggh catches it
<roaksoax> ok
<lynxman> roaksoax: so when he gets the changes back the delta will be nil
<roaksoax> lynxman: right
<lynxman> roaksoax: then we can sync :)
<roaksoax> lynxman: i understand, but these changes come from a debian package not yet even uploaded
<roaksoax> lynxman: so technically, they are ubuntu detal
<roaksoax> delta
<lynxman> roaksoax: call them dorothy if you want :D
<lynxman> roaksoax: hehe
<roaksoax> lynxman: hehe ok, dorothy, from my personal point of view, should be documented as delta, and then when debian releases, and we sync (or merge if there's any delta left) that's noted in the changelog
<roaksoax> lynxman: and for ease of understanding
<roaksoax> lynxman: so you wont have to answer questions like these here after
<roaksoax> lynxman: cause others might also get confused
<lynxman> roaksoax: noted
<roaksoax> lynxman: so debian/control needs to be fixed, there's a few typos
<roaksoax> lynxman: its minor though
<lynxman> roaksoax: :)
<roaksoax> lynxman: other than that looks good man
<roaksoax> lynxman: so thanks for having this done
<lynxman> roaksoax: thanks for reviewing this, it was a nightmare to merge
<roaksoax> lynxman: yeah I can see that :)
<lynxman> roaksoax: ;)
<roaksoax> lynxman: but, as a recommendation, it would be better if the fdebian maintainer sets a git repo for you and him to work on so collaboration gets improved
<roaksoax> lynxman: that's what we did with the debian maintainer of the ha stuff
<lynxman> roaksoax: that'll happen soonish I hope
<roaksoax> cool ;)
<lynxman> roaksoax: great recommendation!
<roaksoax> ;)
<Daviey> adam_g: For cobbler-enlist, we are looking to do discovery in this order,  1) static hostname , 2) avahi discovery , 3) manual input.  Do you think this logic should be part of the tool, or a standalone app?
<zul> i think it should be apart of the tool
<adam_g> Daviey: cobbler-enlist should take '-s http://$server/cobbler_api' as one required argument. it shouldn't matter if it gets that from d-i, avahi, wherever.
<Daviey> adam_g: Yes, but where does the $server come from?
<Daviey> within the cobbler-enlist tool, or elsewhere?
<adam_g> Daviey: 1) static hostname, 2) avahi discovery, 3) manual input  , i'd prefer that takes place elsewhere
<Daviey> adam_g: still shove it in the same package?
<Daviey> cobbler-discover ?
<adam_g> and we can keep the enlist tool generic and indifferent to what discovery method is being used
<Daviey> ok
<adam_g> Daviey: correct me if wrong but this could all be scripted in packaging around the tool, no?
<Daviey> adam_g: Yes, but avahi is actually easier for us to handle in c
<Daviey> we have prior art.
<adam_g> oh. im still a  noob. i thought there were easy shell utilities around avahi
<Daviey> adam_g: There are, but IIRC - it linked against too much for us to create a udeb.
<adam_g> ah
<adam_g> hmm
<adam_g> we want it to be somewhat automatic though, right? ie, try avahi or fall back to user input?
<Daviey> adam_g:  I can kick off that part, if it helps.
<Daviey> yeah
<Daviey> adam_g: we are blocked on smoser, bug 893189 :)
<uvirtbot> Launchpad bug 893189 in cobbler "avahi advertisement support disabled" [Medium,New] https://launchpad.net/bugs/893189
<adam_g> Daviey: can you think of anything we have out there that currently uses C libraries to interface with avahi?
<Daviey> adam_g: Yeah
<Daviey> adam_g: do you want to kick it off?
<Daviey> I was going to if not.
<adam_g> Daviey: yeah, i can take a look.
<adam_g> i suppose we'd need to first reenable that cobbler code?  was that disabled by us or upstream?
<b0gatyr> I have a server log entry that looks like this: 111.111.111.111#23444: ns1.somedomain.com , how can I make a new file with only IP and ns1.somedomain.com?
<b0gatyr> in other words I would like to move the trailing #23444:
<DW-10297> Howdy, I'm probably foolish in thinking this but didn't I read a long time ago that Ubuntu 11 has a really nice virtualization/private cloud thing built into it?
<b0gatyr> or anything in between # and :
<Daviey> adam_g: upstream, simply re-enabling it isn't enough.
<DW-10297> or is that a different version of ubuntu/distro?
<Daviey> I tried that, needs another event
<Daviey> git blame helped
<roaksoax> Daviey: the discovery needs to be done in C?
<bhm> Hello chaps, I have a server with root enabled (as the only means of accessing the server) and am trying to get myself created as a user on the server, but the classic "adduser bhm admin" responds "the group admin does not exist".
<bhm> Any good advice?
<roaksoax> Daviey: cause koan was able to "discover" a cobbler server already so I was thinking maybe we could extend koan to do some of the stuff we need
<roaksoax> adam_g: btw.. did you test latest orchestra in precise?
<adam_g> roaksoax: it wasn't built yet by the time i logged off for the night on friday, but i was running the same version locally for a day or two
<roaksoax> adam_g: ok cool
<Daviey> roaksoax: It's really easy to do avahi discovery in pythong :)... The problem is, at the moment, we do not have python avaliable in the instaler.
<Daviey> roaksoax: BTW, cobbler preseed retrieval failed for me when i tried it on saturday, it complained it didn't have an ssl cert
<Daviey> "not found" style error in the logs
<Daviey> We may have dropped the generation, or i did something silly, either way :)
<roaksoax> Daviey: yeah that's fixed in precise already
<Daviey> cool
<roaksoax> Daviey: how did you drop that?
<roaksoax> Daviey: that's generated by orchestra-logging-server
<Daviey> roaksoax: how did i do what now?
<Daviey> Ah, i might not have had orchestra-logging-server installed
<roaksoax> Daviey: it is the same approach the thing is that if the file was not found it failed, so I just did a try/except and return something approprite to not fail if not found
<Daviey> cool
<dkn> i'm playing with FOG and i need to change the password in one of the config files... but the password is hash'd it's a ~digit hex, how can i change the password with a new hash instead of typing it out in plain text in the config file?
<Daviey> roaksoax: I'd quite like a review of, https://launchpad.net/~davewalker/+archive/cobbler-testing/+packages
<Daviey> roaksoax: i split out the theme into a different package, and made it detected at run time.
<Daviey> roaksoax: it's not quite polished yet, but input appreciated
<roaksoax> Daviey: cool, will look at it
<Daviey> ta
<adam_g> trivial bug #892409 is also pending review. :)
<uvirtbot> Launchpad bug 892409 in cobbler "cobbler-ubuntu-import fails to import if ISO_DIR is missing" [Undecided,New] https://launchpad.net/bugs/892409
<roaksoax> Daviey: and yeah, if we enable cobbler avahi publication then we could technically use koan like "koan --server=DISCOVER"
<roaksoax> Daviey: byut the feature seems buggy so I guess that's why its been deprecated maybe?
<Daviey> roaksoax: i did dig out the commit which disabled it, and it was something along the line sof making startup more efficeient or something
<Daviey> seemed unrelated.
<roaksoax> Daviey: weird then, I guess we'd have to check with upstream for that
<Daviey> roaksoax: it was disabled in 2009, not removed, just commented oit
<bhm> ...solved...
<roaksoax> Daviey: maybe its been implemented differently?? i can't remember if I managed to get koan to automatically discover a server or not
<Daviey> roaksoax: ah, scrub that
<Daviey> roaksoax: "Consolidating services to use just one port,"
<Daviey> and avahi opened another port, i guess.
<Daviey> roaksoax: https://github.com/rubenk/cobbler/commit/f24ffa0d4d997d6c536ca7d89d6bfbc1b9dce07f
<roaksoax> Daviey: looks good the webui stuff, are you planning to upstream this?
<Daviey> roaksoax: planning to upstream the cobbler patch, but not the theme
<roaksoax> Daviey: of course lol
<Daviey> bug 893308, is on our hit list.. Anyone that wants to grab that, fee free.
<uvirtbot> Launchpad bug 893308 in wget "wget-udeb possibly larger than it needs to be" [Medium,New] https://launchpad.net/bugs/893308
<adam_g> Daviey: we shouldn't need to have support for broadcasting avahi within cobbler. looking at squid-deb-proxy, couldn't we just advertise via an entry at /etc/avahi/services ?
<Daviey> adam_g: Hmm, maybe.. you think that is cleaner than fixing the support cobbler used to have?
<SpamapS> cobbler had some avahi stuff, but it went away?
<Daviey> SpamapS: yah
<Daviey> SpamapS: bug 893189
<uvirtbot> Launchpad bug 893189 in cobbler "avahi advertisement support disabled" [Medium,New] https://launchpad.net/bugs/893189
<SpamapS> There's a movement to rip out unmaintained stuff going on right now in cobbler's dev list
<Daviey> SpamapS: does bug 893308 interest you? :)
<uvirtbot> Launchpad bug 893308 in wget "wget-udeb possibly larger than it needs to be" [Medium,New] https://launchpad.net/bugs/893308
<SpamapS> Daviey: heh, it does sound like a challenge.. but I wonder.. something 151kB, needs to be smaller?
 * RoyK wonders what some people are smoking
<Daviey> SpamapS: on cd, no - netboot, yeah
<kpettit> can anybody recommend a good replacement for putty that can do tabs and go full screen in windows?  I'm forced to Citrix into a windows machine to get to my linux ones and need something better than putty/cygwin.
<kpettit> ah nevermind, I found a good one.  mRemoteNG
<Dulcin> When I generated opendkim keys the public key included 'r=postmaster;' but it does not seem to get validated here http://dkimcore.org/c/keycheck and I think that's why it doesn't show up when I dig for my txt records either
<Dulcin> anyone familiar with this?
<ersi> Dulcin: How long ago did you setup the TXT record?
<ersi> Might take an hour before it pops up AFAIK
<Dulcin> About 40 hours ago
<ersi> Huh, shoulda popped up by then
<Dulcin> That's why I'm wondering why it hasn't yet. I added it to the DNS admin panel of my domain hosting company, but when I use the validator it's complaining about the r=postmaster
<Dulcin> maybe I'm wrong though ersi:
<Dulcin> should 'dig txt knoep.nl @ns1.hostnet.nl' retrieve the record
<Dulcin> or are DKIM records only retrieveable through the selector?
<Dulcin> that would make sense actually
<ersi> I'd name the txtrecord "@" though
<Dulcin> shouldn't it be selector._domainkey.domain ?
<ersi> Or oh, sorry hehe
<ersi> I'm just used to a certain DNS panel
<patdk-wk> depends on what you want, the dkim key, or the policy
<Dulcin> I'm just trying to get DKIM to work
<Dulcin> first time I'm doing it
<patdk-wk> what is you dkim email header look like?
<Dulcin> You mean if I test it? or how I set it up?
<Dulcin> because I haven't set it up then I think
<patdk-wk> heh?
<patdk-wk> what domain?
<Dulcin> knoep.nl
<Dulcin> what I did was set up postfix, and created the dns record
<Dulcin> and set up opendkim
<patdk-wk> what selector?
<Dulcin> knoep.nl
<patdk-wk> that is a domain
<Dulcin> yeah i used it as selector as well
<patdk-wk> ok, I see that, but I see no policy
<Dulcin> but you do see my record? http://paste.ubuntu.com/745420/
<Dulcin> isn't that the policy? or am I confusing something
<patdk-wk> no
<patdk-wk> the policy is kind of like spf
<patdk-wk> selector is just keys you use
<Dulcin> I see
<Dulcin> so there's my mistake
<Dulcin> I have an spf record set, so I need to set up an additional record for DKIM then
<patdk-wk> normally people just do _domainkey.example.com TXT "o=~"
<patdk-wk> and _policy._domainkey.example.com TXT "o=~"
<patdk-wk> the _policy one is for dkim
<Dulcin> and without _policy. ?
<Dulcin> _domainkey.example.com TXT "o=~"
<patdk-wk> that would be domainkey policy
<Dulcin> ahhh
<Dulcin> no I see
<Dulcin> now*
<patdk-wk> http://www.sendmail.org/dkim/surveyFortune1000
<patdk-wk> hmm, wonder what the _ssp is, have to look at that
<Dulcin> so one more question you might know:
<Dulcin> I tried to set up senderID as well
<patdk-wk> good luck :)
<Dulcin> I've emailed microsoft to add me, and they did
<Dulcin> but when I check my hotmail, I end up in spam and senderid=temperror
<Dulcin> even though it has been over a week since they've added me
<patdk-wk> did you setup your senderid spf record correctly?
<patdk-wk> I dunno what you mean by, they added you
<patdk-wk> there is nothing to add
<Dulcin> from what I understood, the senderid framework belongs to microsoft and is kept manually?
<patdk-wk> http://www.microsoft.com/mscorp/safety/content/technologies/senderid/wizard/
<patdk-wk> senderid is nothing more than an adjustment on how spf works
<Dulcin> yeah I did that one
<Dulcin> and then I did this one: https://support.msn.com/eform.aspx?productKey=senderid&page=support_senderid_options_form_byemail&ct=eformts&wa=wsignin1.0&st=1&wfxredirect=1
<patdk-wk> did you add the dns records?
<Dulcin> yeah I have 1 spf record
<patdk-wk> ya, an spf record, but no senderid record
<Dulcin> aha!
<patdk-wk> spf2.0/pra == senderid record
<patdk-wk> yours says v=spf1 == spf record
<Dulcin> so I'm wondering though, if there's nothing to add, why did microsoft e-mail me back "We have successfully added your domain to the Sender ID program. This may take up to 2 business days to be fully replicated in our systems. If you have any questions regarding this please let me know."
<Dulcin> (and more after that)
<patdk-wk> how evil
<patdk-wk> that wizard says  Idon't need an spf2.0 record
<patdk-wk> but I had to have one, or everything went to spam folder :)
<SpamapS> Daviey: wget-udeb already has ssl support btw
<patdk-wk> dulcin, I can't remember how senderid records work exactly
<patdk-wk> but based on mine, it's the same as the spf record, except for the first part is change from v=spf1 to spf2.0/pra
<Dulcin> so I should duplicate my spf record for this?
<patdk-wk> ah yep, that is what the wizard gives me now
<patdk-wk> that is what I do
<patdk-wk> if I remember correctly
<patdk-wk> if a spf2.0 record is found, the spf1 is ignored
<patdk-wk> but if spf2.0 is missing, it uses spf1
<Dulcin> Ah cool
<patdk-wk> but spf1 was only meant to over source ip, but microsoft expended it with senderid to match envelop and from addresses, causing issues
<Dulcin> so I just found out for some reason my DNS panel does not allow me to add the txt records for some reason it doesn't like the name  _policy._domainkey - so my next question - which is what I'm fearing a bit
<Dulcin> if I want to do DNS on my server, i have to set the nameservers on my domain hosting company to my server and set up BIND9 somehow?
<patdk-wk> sure
<patdk-wk> _domainkey NS ....
<Dulcin> I tried bind9 once, got scared and used the admin panel
<patdk-wk> I dropped bind around bind8
<Dulcin> to replace it with?
<Daviey> SpamapS: yeah, we need to look to make it smaller, before it is actually used.
<SpamapS> Daviey: heh, when recompiled on precise, the udeb grows
<SpamapS> -rw-rw-r-- 1 clint clint 152K May 17  2011 orig.wget-udeb_1.12-3.1ubuntu1_amd64.udeb
<SpamapS> -rw-rw-r-- 1 clint clint 159K Nov 21 14:40 wget-udeb_1.13.4-1ubuntu1_amd64.udeb
<Daviey> crap.
<SpamapS> trying with -Os
<Daviey> SpamapS: that is probably because you aren't using package mangler locally.
<Daviey> ah, not sure it would do much on a udeb
<Daviey> hmmm
<SpamapS> does the default sbuild use pkgbinarymangler ?
<Daviey> no
<SpamapS> Well either way, I don't think it does much to binaries
<Daviey> but it wouldn't be that for a udeb.
<SpamapS> it hasn't been rebuilt since 11.04
<SpamapS> so gcc 4.6 could just be making bigger code
<Daviey> rocking
<SpamapS> -Os is supposed to value code size over all
<SpamapS> trying that
<Daviey> \o/
<SpamapS> I don't see any config options to tweak..
<SpamapS> Daviey: where are we going to use wget that we couldn't use a library?
<SpamapS> -rw-rw-r-- 1 clint clint 142K Nov 21 14:46 wget-udeb_1.13.4-1ubuntu2_amd64.udeb
<SpamapS> compiled with -Os
<hallyn> Daviey, so i'm looking at MIR for freeimage (needed for spice).  Noone seems to maintain it.  Do I have to say "we'd rather not maintain but will if we have to"?  :-)
<hallyn> or is there some other way to phrase that?
<hallyn> (common in MIRs)
<SpamapS> hallyn: is it an optional dependency?
<hallyn> hm, i don't think so, but will check
<Daviey> SpamapS: sorry, what do you mean?
<hallyn> on the bright side zaroo bugs :)
<Daviey> hallyn: is it /really/ required?
<Daviey> gah, SpamapS is ahead of me
<SpamapS> Daviey: just wondering if there's a library call that can be used instead of a big giant 300+k binary like wget.
<Daviey> SpamapS: well i think it would involve re-inventing the wheel TBH, and higher technical obverhead
<hallyn> Daviey, SpamapS: well I think it is
<hallyn> but it's a 2nd or 3d level depend
<Daviey> SpamapS: Currently the busybox built-in wget is used, so it's a cheap replacement
<Daviey> SSL validation by hand, sounds less fun
<SpamapS> Daviey: ahhh so its already being done that way but it is lacking.
<SpamapS> Daviey: ok, so a whopping 10kB drop for -Os ..
<Daviey> yeah, busybox wget doesn't spport ssl apparently
<Daviey> SpamapS: anything interesting in --$options ?
<Daviey> or adding --without-* or somethig?
<Daviey> (configure options)
<SpamapS> Daviey: thats what I'm looking at now.. how those affect the code.
<hallyn> I dunno, we'd need our own custom cegui-mk2 package to not build-depend on freeimage, though I don't see where enable-freimage is given during configure
<SpamapS> Daviey: --disable-threads might help
<Daviey> SpamapS: ooo
<hallyn> lemme try building under precise with and without it i guess.  maybe i'll open a bug to drop that.
<Daviey> hallyn: If we can avoid it, i think it would be best.  It's not the sort of package we'd normally opt to support, as you spotted.
<Daviey> seems to be well maintained to date, as you saw.
<hallyn> right, well, that's why the others i was willing to MIR (like svgalib), they look well maintained in debian
<hallyn> this one, not
<hallyn> but again, to not MIR it, we'll have to get cegui-mk2 package changed
<Daviey> hallyn: incidently, we are ahead of Debian for freeimage
<Daviey> so /someone/ cares about it
<hallyn> i'm not so sure
<hallyn> depends which 'it' you mean
<hallyn> cegui-mk2, yes.  spice calls out to that
<uvirtbot> New bug: #893365 in ec2-api-tools (multiverse) "Upgrade to EC2 API version 2011-11-01" [Undecided,New] https://launchpad.net/bugs/893365
<hallyn> gotta run, bbl
<Daviey> hallyn: no comment why we jumped ahead of debian on the bug.
<Daviey> hallyn: o/
<hallyn> Daviey, i know!
<hallyn> i was considering submitting it back to debian,
<hallyn> but wanted to find the ppl involved in that bug first
<hallyn> (but couldn't)
<hallyn> anyway, bbl
<Daviey> hallyn: catch you later
<SpamapS> no threads just disables linking to libpthread .. there aren't any ifdefs
<jacobw> i'm considering moving from asterisknow (centos based) to running asterisk on a virtualised ubuntu server for ease of management
<jacobw> is there anything i should know about running asterisk on ubuntu?
<jacobw> information about asterisk can be unreliable, so i'm poking a channel where people may have tried what i'm planning to do
<Daviey> jacobw: Using freepbx?
 * Daviey goes awol
<jacobw> Daviey: sorry, yes, using freepbx.
<jacobw> dang, missed the reply.
<patrickmw> is there a way to add a new OS Version in Orchestra (precise)?
<patrickmw> Or is that a code change?
#ubuntu-server 2011-11-22
<uvirtbot> New bug: #893400 in cloud-init (main) "cloud-init: Output machine usable public ssh host key (for known_hosts)" [Undecided,New] https://launchpad.net/bugs/893400
<wakejagr> i have ubuntu server installed on a laptop.  is there a way to remove the waiting for network configuration from the boot scripts?
<SpamapS> wakejagr: plug in a network cable? ;)
<SpamapS> wakejagr: you can use network-manager w/o the GUI (edit /etc/NetworkManager/system-connections and use nmcli) .. or try something like connman. Otherwise, I think we'll add a new 'auto-nowait' group in precise that will allow users in your situation to have an interface that is brought up "when possible" by ifupdown.
<wakejagr> thanks for the info
<arrrghhh> hey all, i recently added a new user to my server and his internet connection has been flaky
<arrrghhh> he had a bunch of failed logins, and now his IP is in hosts.deny
<arrrghhh> i removed it, restarted ssh.... and "something" added his IP right back into hosts.deny
<arrrghhh> is this dansguardian?  what is adding him right back, and why?
<twb> I thought dansguardian was just a shitty proprietary version of squidguard
<arrrghhh> hrm
<arrrghhh> i guess i don't know then
<arrrghhh> all i do know, for sure, is that his IP keeps ending up in hosts.deny
<arrrghhh> and removing it and restarting ssh did nothing.
<twb> That sounds like fail2ban / denyhosts
<arrrghhh> ah
<arrrghhh> that sounds right
<twb> Most things don't write to tcpwrappers
<arrrghhh> i think i did fail2ban, can't remember
<twb> Which in turn will be because someone is brute-force logging in from his IP and causing one of those two to see (via auth.log) an attack
<arrrghhh> i see the refused connections in auth.log
<arrrghhh> ah.  well, i guess i shouldn't have asked in here...
<twb> Uh, whatever
<twb> If you had hung around, I'd have helped more
<EvilResistance> heh
<uvirtbot> New bug: #893421 in apache2 (main) "BUG: unable to handle kernel paging request at 00000000801f0f1d" [Undecided,New] https://launchpad.net/bugs/893421
<Nuc134rB0t> Hello, I installed Webmin because I thought I could manage it from Terminal then I found out I need a browser and w3m is too complicated, so I'm installing ubuntu-desktop. Is that ok or I'm just missing the whole concept of Server with no GUI?
<twb> w3m is too complicated?
<twb> What's simpler?  curl?
<Nuc134rB0t> to manage webmin I think yes.
<twb> Don't use webmin.
<Nuc134rB0t> What should I?
<twb> If you can't administer a system from the command line, you shouldn't be in charge of it
<twb> If you really must have a web UI, I believe ebox is the flavour du jour, but IMO they're all terrible
<Nuc134rB0t> That is true, but this is just a home server for learining propuses, not my work.
<twb> My position still holds
<Nuc134rB0t> How do you recommend I learn the use use a server then?
<Nuc134rB0t>  How do you recommend I learn the use of a server then?*
<twb> By asking questions here
<twb> And reading the Ubuntu Server Guide
<Nuc134rB0t> But you are suggesting me to not be in charge of my own server I installed to learn how it works.
<twb> No, I'm saying either learn how it works or don't use it.
<twb> Deploying webmin will not teach you how a server works.
<Nuc134rB0t> Oh! good then.
<twb> Such tools exist specifically so people DON'T have to learn
<Nuc134rB0t> Haven't seen it that way.
<qman__> also, this
<qman__> !webmin | Nuc134rB0t
<ubottu> Nuc134rB0t: webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system.
<twb> qman__: heh, I hesitated to paste the dpkg bot's version
<twb> <dpkg> Webmin is a lame web-based interface for unsafe system administration for Unix.  Check it out at http://webmin.com/ Remember, dondelelcaro *hates* webmin.  "i'd rather sit on the floor shoving table knives into live electrical outlets than run webmin on an exposed server."  Removed from Debian post-Sarge, see http://bugs.debian.org/343897 .  The Debian package from webmin.com is of poor quality.  See <free whc
<twb> p> for alternatives.
<qman__> installing things like webmin or desktops will not help you learn to administer a server
<qman__> webmin is a crutch for those who don't want to learn, and the GUI does nothing to aid, as all the tools are command line anyway
<twb> Hear, hear
<twb> In squid, can I say "cache_dir aufs 24GB" instead of "cache_dir aufs 24576" ?
<twb> obviously the former is more readable
<Nuc134rB0t> qman__, I did not know about the support, thanks.
<Nuc134rB0t> I guess I will have to ctrl+x this lol
<Nuc134rB0t> Should have asked first.
<Nuc134rB0t> i meant ctrl+c
<qman__> the server guide is the best place to start
<qman__> and find yourself a crash course on bash
<twb> qman__: do you know about M-_ in bash?
<qman__> I learned it mostly through trial and error, so I can't personally recommend any resources
<qman__> can't say I do
<twb> Inserts last argument of previous command
<twb> e.g. ls -ld foo; rm M-_ ==> rm foo
<Nuc134rB0t> Hmm I will think about that, since I know too basic commands for an Ubuntu user since 6.06
<twb> It's actually readline, so it works in e.g. python too
<qman__> interesting
<swharper> question: i have a raid6 config using 11.10 - trying to share /dev/md1 via samba - how do i accomplish that
<pythonirc101> does anyone here maintain their own email server ? I've to deploy an email ssytem for a small company (10 people), currently they use gmail, but do not like the fact that google stores their data
<pythonirc101> any suggestions on what i should use for a gmail replacement
<lifeless> hallyn: where is the upstream for lxcguest? I have a tweak to the /var/run workaround, but want to check my lxcguest.conf isn't just foot-gunning me
<SpamapS> lifeless: I believe the Ubuntu package is the upstream.
<SpamapS> ./debian/lxcguest.lxcguest.upstart
<koolhead17> hi all
<twb> SpamapS: surely you don't need both of those lxcguest. 's
<SpamapS> twb: indeed, first is package name, second is upstart job name
<twb> Yeah but doesn't dh_installinit default to assuming them the same?
<twb> It's only if you call dh_installinit with --name fred that it's different or so
<SpamapS> not that i know of
<twb> Hum
<twb> That's lame, because for the sysvinit part I'm pretty sure you can
<SpamapS> twb: it may default to the first package in debian/control if its not specified
<twb> mm
<jamespage> morning all
<cwillu_at_work> Thank you for observing law 421:  no morning that started with piping netcat into bash and back shall be called "good".
<lynxman> jamespage: morning!
<jamespage> morning lynxman
<koolhead17> http://xkcd.com/978/ lol
<RoyK> http://xkcd.com/979/ was even better :)
 * koolhead17 clicks
<lynxman> RoyK: LOL
<koolhead17> aah RoyK its true. :P
<koolhead17> hola lynxman
<lynxman> koolhead17: ello O/
<lynxman> ouch o/
<RoyK> koolhead17: I usually read xkcd every [mon,wed,fri]
<koolhead17> lynxman, i been doing that :)
<koolhead17> RoyK, so do i at times. :P
<koolhead17> Daviey, hi there
<koolhead17> there are so many now THB
<koolhead17> RoyK, http://en.wikipedia.org/wiki/List_of_Linux_kernel_names
<koolhead17> Pink Farting Weasel
<koolhead17> hehe
<RoyK> koolhead17: erm - yes :P
<koolhead17> hello jamespage
<jamespage> hi koolhead17
<Daviey> koolhead17: hey
<koolhead17> Daviey, https://bugs.launchpad.net/bugs/893466
<uvirtbot> Launchpad bug 893466 in horizon "Quantum should either be fully optional or not optional" [Undecided,New]
<koolhead17> :P
<Daviey> koolhead17: ahha! thanks
<koolhead17> so u need 2 have glance as well as quantum codes in order to have dashboard working
<Daviey> koolhead17: Out of interest, what keystone are you using?
<koolhead17> Daviey, the one from Github. :(
<Daviey> koolhead17: Would you mind trying a PPA for me?
<koolhead17> sure. right away
<koolhead17> i need to know the PPA details i should add though :P
<Daviey> koolhead17: Need to create it first :)
<koolhead17> hehe
<Daviey> koolhead17: will you be around for a few hours?
<koolhead17> let me start a new VM to test this on oneiric
<koolhead17> yes sure
<koolhead17> till another 8 hrs
<koolhead17> :d
<Daviey> koolhead17: \o/
<koolhead17> BTW http://www.cbc.ca/news/technology/story/2011/11/21/technology-datawind-ubislate.html
<koolhead17> cheapest tablet available :P
<caribou> Q: Is there a specific procedure to have a package newly included in Debian/Sid also available in Universe ?
<caribou> collectl, A very useful data collection tool recently made it to sid and could be handy for us as well
<lynxman> caribou: you ask for a sync from debian
<caribou> lynxman: who do I ask it to ?
<lynxman> caribou: requestsync --lp -d debiandistro packagename ubuntudistro
<lynxman> caribou: for example "requestsync --lp -d sid puppet precise"
<caribou> cool, tanks lynxman
<lynxman> caribou: np :)
<caribou> lynxman: maybe I should have checked first, it's already there in precise :)
<caribou> Daviey: I don't know if you remember me from UDS-P, I told you about some HP expertise center in Grenoble
<Daviey> caribou: I think so, have a pic to hand?
<Daviey> caribou: If it's a server related package, please send the bug number returned here; and we'll get it sponsored, thanks.
<caribou> Daviey: no longer needed as I just said to lynxman it's already synced in precise
<caribou> Daviey: Regarding the expertise center,I just wanted to let you know that I sent an email to my buddy regarding it
<Daviey> ah great!
<koolhead17> TeTeT, hello there
<TeTeT> hi koolhead17
<koolhead17> TeTeT, how have you been? long time. :D
<TeTeT> koolhead17: doing ok, how about you?
<koolhead17> TeTeT, am good. :D
<caribou> I have a question regarding packaging
<lynxman> caribou: shoot :)
<caribou> I need to add a patch I made to the kexec-tools package for testing purposes
<caribou> what would be the prefered way to do this ?
<caribou> get the package source, add my patch to debian/patches & rebuild ?
<caribou> (and to ./patches/00list as well)
<lynxman> caribou: yeah, add to changelog to up the version, that's pretty much it (afaict)
<caribou> ok, I'll try this out & come crying if I can't get it working :)
<lynxman> caribou: good luck :)
<koolhead17> *crying
<lynxman> koolhead17: don't cry koolhead17
<koolhead17> lynxman, just had chocolate so am better. :D
<lynxman> koolhead17: good good :)
<Vir> Hi, what error is behind "Waiting for network configuration..."? I.e. it waits for several minutes at boot with that message. And I have no idea how to fix it. There's one DHCP interface, the rest is static. The DHCP works fine. What could it be?
<koolhead17> Vir, is the dynamic interface default one <eth0> ?
<Vir> yes
<Vir> koolhead17: why do you call it "default" BTW?
<koolhead17> Vir, because i had similar problem when i was trying to use DHCP via cobbler
<Vir> koolhead17: I looked into syslog and it shows that DHCP configuration takes about 10s
<Vir> but on boot it shows "Waiting for network configuration ..." "Waiting up to 60 more seconds [...]"
<koolhead17> Vir, can`t that be because of your DHCP server connectivity
<Vir> koolhead17: what do you mean?
<koolhead17> Vir, leasing time by dhcp server
<Vir> koolhead17: dhclient: bound to 10.83.255.6 -- renewal in 1786 seconds.
<Vir> this time syslog shows DHCP config took 5s. Bootup was stuck for 2 minutes at least
<Vir> I don't understand this in any case. What DHCP servers require > 30s to answer?
<Vir> OK, now to my real problem. Kernel 3.0.0 (Oneiric) doesn't boot: http://compeng.uni-frankfurt.de/~kretz/screenshot.png
<Vir> it just hangs there
<Vir> 2.6.38 and 2.6.32 boot (but with 2 minutes waiting for some network configuration that's all good already)
<Vir> executing fsck from recovery boot now - but I just did that a few minutes earlier from the 2.6.38 kernel
<Vir> finally found the problem: I used cgroups on that server before (for LXC) and had a line in /etc/fstab to mount it to /cgroups. Without this line the server can boot again.
<Vir> This mount will be rather common on server installations - everybody that used LXC will have it.
<Vir> All of those systems will break when they upgrade.
<Vir> https://bugs.launchpad.net/ubuntu/+source/libcgroup/+bug/893550
<uvirtbot> Launchpad bug 893550 in libcgroup "Oneiric fails to boot after upgrade from Natty if /etc/fstab contains a cgroup mount entry" [Undecided,New]
<uvirtbot> New bug: #893550 in libcgroup (universe) "Oneiric fails to boot after upgrade from Natty if /etc/fstab contains a cgroup mount entry" [Undecided,New] https://launchpad.net/bugs/893550
<caribou> :q
<koolhead17> Vir, cool :)
<Vir> took me ~4h to find this - I hope others won't need this long now
<koolhead17> Vir, +1
<koolhead17> zul, hey
<mmcji> At work I  have the job of installing several new dns servers.  These servers handle allot of dns traffic.  We already have an aging OpenBSD dns server, and several running on different versions of CentOS.  I have been using Ubuntu server for years at home and am more comfortable with it.  Is the default dns server that can be installed with ubuntu server suitable / secure for the enterprise environment.   Should it be chrooted?  I would rather use ubu
<mmcji> ntu, but I hae to make a case for it vs say OpenBSD.
<zul> Daviey: the keystone SRU test can be found at ppa:zulcss/openstack-updates
<zul> morning btw
<koolhead17> morning zul, is that pkg called python-crypto for keystone? You packaged recently
<Daviey> jamespage: is https://blueprints.launchpad.net/ubuntu/+spec/servercloud-p-cloud-image-testing full drafted?
<Daviey> fully*
<Daviey> zul: great!
<zul> koolhead17: no python passlib
<koolhead17> ok
<Daviey> jamespage: does https://blueprints.launchpad.net/ubuntu/+spec/servercloud-p-complex-deployment-testing need expanding?
<Daviey> zul: https://blueprints.launchpad.net/ubuntu/+spec/servercloud-p-openstack , some of the testing work items - should they be in the complex testing spec?
<zul> Daviey: pehaps...yes
<Daviey> zul: "Package weekly snapshots of" .. that probably needs to be split by week number, as it cannot be tracked currently.
<zul> k
<koolhead17> zul, is python-passlib in some PPA >
<koolhead17> ?
<zul> same pps
<zul> ppa even
<Daviey> zul: didn't that make it in as an SRU?
<zul> Daviey: no it will when we upload keystone
<Daviey> zul: is https://blueprints.launchpad.net/ubuntu/+spec/servercloud-p-arm-deployment deprecated with the next steps blueprint?
<zul> yeah
<Daviey> zul: probably wouldn't hurt for it to bake in th NEW queue first, as it'll require AA approval and SRU.
<zul> passlib has already made it in for precise at least
<Daviey> cool
<Daviey> might not need AA review then, i guess
<koolhead17> zul, sorry to ask but python-passlib solves the deps for pycrypto?
<zul> koolhead17: it should...but what pycrypto stuff are you talking about?
<koolhead17> zul, pycrypto is a package on which dashboard/quantum depands
<zul> koolhead17: sure we arent talking about dashboard/quantum we are talking about keystone
<koolhead17> zul, oops. am doing both at the moment :P
<zul> Daviey: spec updated
<koolhead17> zul, am trying to get dashboard working on oneiric from source and there is new pkg/deps called pycrypto. I got the pkg from easy install
<zul> koolhead17: ah k
<koolhead17> zul, am trying to get dash working by the time i get new keystone PPA :D
<Daviey> zul: rocking
<mmcji> what version of bind9 is installed on ubuntu server 11.10?
<andol> mmcji: 9.7.3.dfsg-1ubuntu4.1
<mmcji> andol: thanks, how do I find the version you just gave me?  What command do I use?  Do you know if this version is susceptible to the recent 0-day bind vulnerability?
<rahmen> Hi! I'm not sure if this is more of a firewall problem. I've got a ubuntu server inside my network. I have an internal ip that works fine. On my firewall I try to redirect an external ip to the internal ip with NAT. When I ping I get 100% package loss. Do I have to enable the external ip somehow on the server? I was hoping it would answer as if it was an internal action
<jdstrand> mmcji: bind9 is up to date as of last week: http://www.ubuntu.com/usn/usn-1264-1/
<andol> mcpanda: https://launchpad.net/ubuntu/+source/bind9 or apt-cache policy bind9 or zless /usr/share/doc/bind9/changelog.Debian.gz
<andol> s/mcpanda/mmcji
<mmcji> I just updated my dns server.
<mmcji> andol: thanks
<mmcji> jdstrand: thanks
<JerryNJ> I need some assistance configuring LTSP if anyone can help. I know dhcpd is running atm and I need that turned off
<JerryNJ> btw - im running Lucid with a single NIC
<SpamapS> JerryNJ: man update-rc.d may be of help
<JerryNJ> run that?
<JerryNJ> that didnt do much exept explain the command
<azertyii> hello there
<azertyii> on hp server i can 't find /dev/sda
<azertyii> is that normal ?
<deej1976> azertyii: cat /proc/partitions | pastebinit
<azertyii> http://paste.ubuntu.com/746029/ deej1976
<koolhead17> grrrrrr http://pypi.python.org/ is taking break it seems
<koolhead17> is it for others too?
<deej1976> azertyii: Looks like cciss/c0d0 is your first disk
<azertyii> what ?
<azertyii> how it change the name ?
<deej1976> http://manpages.ubuntu.com/manpages/oneiric/man8/cciss_vol_status.8.html
<azertyii> and also physically i just only have 2 physical disk, i can't understand why it gives 12 disk ?
<deej1976> p1-11 are the paritions on the disks
<just-a-visitor> http://www.downforeveryoneorjustme.com/pypi.python.org
<deej1976> azertyii: It's got a raid controller
<deej1976> azertyii: sudo fdisk -l | pastebinit
<koolhead17> why python-mysqldb not dependant on mysql-client ?
<hk720> h
<hk720> hi
<hk720> is there anybody know how to add /dev/parport0
<azertyii> ok understand deej1976
<azertyii> thanks a lot
<SpamapS> koolhead17: because python-mysqldb depends on libmysqlclient, mysql-client is the command line
<SpamapS> koolhead17: Depends: python2.7, python (>= 2.7.1-0ubuntu2), python (<< 2.8), libc6 (>= 2.4), libmysqlclient16 (>= 5.1.50-1)
<zul> SpamapS: hey just to fyi php is going to ftbfs because of mysql is multiarch now
<smb> hallyn, So about bug 607039. Just want to make sure I am doing the right things. I think you saw the problem on Oneiric, too. While it seems to work for me on that release. Just the time it takes to complete a cat after mounting is oddly high (doing a direct mount)
<uvirtbot> Launchpad bug 607039 in autofs5 "NFS4 automount using replicated servers doesn't work" [Medium,Fix released] https://launchpad.net/bugs/607039
<smb> I used two VMs to test and have the nfs mount use a private net.
<hallyn> smb, i've seen teh slow cat, i think on precise
<hallyn> did i say in the bug that oneiric failed?  i can't recall offhand
<hallyn> but at any rate, i think it's purely a nfs-client (userspace?) bug
<hallyn> uh, the outright failure that is
<hallyn> slow cat, might be somethign else
<smb> hallyn, Hm, right I think I saw it there, too. But maybe less reliably. Yes, I think that is it
<hallyn> do we have anyone specializing in nfs?
<smb> Not that I know off my head
<hallyn> then i guess it's us :)
<smb> Likely :O)
<smb> I was not sure whether it may or may not be related to the nfs4 kernel parts as well
<hallyn> anyway i don't mind looking more into it, but all i know right now is in the bug report.
<smb> Ok, just wanted to make sure I understand what exactly failed for you on oneiric
<hallyn> if you want to set up a time to look at it together we can try that
<hallyn> lemme re-read real quick
<smb> Because I seemed to be successful
<hallyn> ah, i see, maybe i didn't try oneiric!
<smb> One confusing thing for me is that I thought with nfsv4 you would use / as the mount dir (which you set up with fsid=root in exports)
<hallyn> no idea
<hallyn> oh, right, 'mount -t nfs4' fails for me with -ENODEV on my oneiric laptop.
<hallyn> so id idn't try the whoel autofs setup as there was no point at that point
<smb> Ah ok
<hallyn> bound to fail :)
<smb> Yes, that I saw as well
<hallyn> so if you'd like to assign that to me i don't mind digging deeper.  But it wouldn't be right now.
<smb> I think that was the same on precise
<hallyn> hm?  no it worked for me on precise
<hallyn> (biab)
<smb> hallyn, Ok, I think I will spend a bit more time on it and try to catch you tomorrow. Though it could be I am not around long enough... But I will put things into the report
<SpamapS> zul: thanks for the heads up.. I expect a lot of FTBFS's ... I'll push it into my test PPA and hopefully have a fix on deck before the transition starts
<hallyn> smb, thanks!
<SpamapS> zul: note that 5.1 is multiarch now too. :)
<zul> SpamapS: lovely
<smb> hallyn, Grrr, it seems to be really unreliable. Right now direct mounts (not matter whether -t nfs or -t nfs4) work without any cat timeout. Looking at /proc/mounts there is no difference in option between -t nfs and nfs4. And I did not change anything...
<smb> (oneiric that is)
<hallyn> odd
<SpamapS> argh
<SpamapS> two weeks in a row I forgot that the meeting is now at 8:00am for me
<smb> It brings a new meaning to daylight saving... :)
<SpamapS> https://launchpad.net/ubuntu/+source/mysql-5.5
<SpamapS> w00t!
<roaksoax> Daviey: so I fixed the cobbler lintian issues but lintian still complains
<roaksoax> Daviey: but I think its safe to ignore
<p1ruj3> so when i install a printer and it does the search for a network printer it ends up adding the local machines ip to hosts.deny on my samba server... when i remove that entry and restart denyhosts service i still cant connect from local machine but if i reboot i can
<SpamapS> roaksoax: curious what its complaints are? Seems like lintian just gets more and more annoying. ;)
<roaksoax> SpamapS: just about a license not having its paragraph
<SpamapS> roaksoax: I have a fix for those
<SpamapS> roaksoax: I think I wrote cobbler's copyright file.. and I used to write them wrong. ;)
<SpamapS> roaksoax: branch?
<roaksoax> SpamapS: http://paste.ubuntu.com/746171/
<SpamapS> roaksoax: yeah, you have to add a License: GPL-2 without a Files: attached to it
<roaksoax> SpamapS: lintian http://pastebin.ubuntu.com/746172/
<SpamapS> roaksoax: or rather, License: GPL-2+
<SpamapS> roaksoax: I had to do the same thing for mysql-5.5
<roaksoax> SpamapS: right, but it is not complaining about others that are written the same
<roaksoax> SpamapS: it complains about paragraph13, and other above it have the same format
<roaksoax> and lintian does not complain about it
<roaksoax> that's why I rearranged all the GPL-2+ one after the other cause the lintian complain is about one of them
<roaksoax> ah I think where the issue is now
<SpamapS> roaksoax: you either have to have a paragraph after *every* mention of License: GPL-2+ , or a standalone License: GPL-2+ with no files attached to it that has the paragraph
<SpamapS> roaksoax: http://bazaar.launchpad.net/~clint-fewbar/ubuntu/precise/mysql-5.5/merge-from-ddebian/revision/40
<SpamapS> roaksoax: see the change on copyright.. same exact issue
<roaksoax> let me try it
<roaksoax> SpamapS: yep, now';s fixed
<roaksoax> SpamapS: thanks for the tip
<SpamapS> roaksoax: any time I can give someone tips on how to fix a bug I created.. I'm fine with that. :)
<roaksoax> ;)
<hallyn> stgraber, despite my assigning bug 893550 to you and asking for feedback, I think I'll go ahead and just make /etc/init/cgroup-lite.conf do a 'stop; exit 0' if it sees an (uncommented) cgroup entry in /etc/fstab
<uvirtbot> Launchpad bug 893550 in libcgroup "Oneiric fails to boot after upgrade from Natty if /etc/fstab contains a cgroup mount entry" [High,Confirmed] https://launchpad.net/bugs/893550
<tarvid> freeradius and freeradius-dialupadmin do not play well together
<tarvid> the schema for freeradius defines a table radusergroup
<tarvid> dialupadmin looks for a table usergroup
<tarvid> do I start patching dialupadmin?
<Nuc134rB0t> Hello I'm following the https://help.ubuntu.com/10.04/serverguide/C/dns-configuration.html at the moment I'm creating the db.192 as told, copying db.127  "sudo cp /etc/bind/db.127 /etc/bind/db.192" now, at the bottom of my db.127 there is a 1.0.0 IN PTR localhost. but in the example in the guide, you can see there is a 10 IN PTR ns.example.com. so what do I replace the 10 or 1.0.0 to? My local IP? My external IP?
<stgraber> hallyn: sounds good
<tarvid> Nuc134rB0t, You could use a PTR record for every interface on your local lan
<tarvid> reverse on the local lan is not a necessity but if can speed up operations that want to reverse things like arp
<mterry> Hey, server folk!  keystone is involved in a few component-mismatches: http://people.canonical.com/~ubuntu-archive/component-mismatches.txt    Ideally two things would happen: (A) you guys start filing MIRs for the components you need in main (B) except for python-sqlite which will not enter main.  I can't seem to find anywhere in the code where you import it.  Is that a necessary depends at all?
<Nuc134rB0t> tarvid, oh ok, so that means I will still broadcast my website if this is missed configured
<zul> mterry: hi...keystone has a MIR that is process
<SpamapS> zul: can you spare a panda board for me to do some test rebuilds of mysql 5.5 ?
<hallyn> stgraber, oh ffs, i guess libcgroup isn't in server set, i can't upload it
<SpamapS> zul: https://launchpadlibrarian.net/85702840/buildlog_ubuntu-precise-armel.mysql-5.5_5.5.17-4ubuntu1_FAILEDTOBUILD.txt.gz  .. I'm guessing there will be more of these failures
<SpamapS> (0 needs to be NULL, I think)
<hallyn> stgraber, would you have time to upload this?  (it's pretty trivial)  http://people.canonical.com/~serge/cgroup.debdiff
<tarvid> Nuc134rB0t, yes if it has a public ip address reachable from the Internet
<zul> SpamapS:  you know there are porter machines right?
<SpamapS> no
<zul> SpamapS: yeah
<SpamapS> this is my first armel rodeo
<hallyn> jinkeys nautilus is really upset with me
<tarvid> But the forward file must work
<mterry> zul, can you add its depends as tasks in that MIR?   Also, do you know the deal with python-sqlite in keystone?
<zul> mterry:  it uses a database for a backend
<zul> ill check though
<Nuc134rB0t> tarvid, it does so far, but I'm following the whole guide to see if it is possible to change the IP for a decent domain name.
<mterry> I couldn't grep for the import anywhere
<zul> mterry: grrr
<tarvid> Nuc134rB0t, your IP is issued by your ISP and your domain name must be registered, are you dynamically assigned (DHCP)?
<Nuc134rB0t> tarvid, yes I am.
<micahg> hallyn: it's in universe still
<tarvid> You can't run DNS on a dynamic address so relax and find a workaround, http://dyn.com has worked for me
<hallyn> micahg, oh, i didn't realize server set was restricted to things in main.  drat.  thanks.
<micahg> hallyn: AFAIK, it's auto-generated from the seed
<tarvid> It looks like they want money now so you may have to look around
<hallyn> zoneedit has worked for me for years
<tarvid> My free account still works
<hallyn> micahg, thx
<Nuc134rB0t> tarvid, oh!... I'll have to look for a service a can pay with local coin because I don't have easy access to dollars
<Nuc134rB0t> tarvid, by the way, thanks.
<tarvid> You are welcome. There are many dyndns providers. They accept updates from your interface when DHCP changes
<hallyn> does anyone here have an amd box on which they could try kvm of 64-bit linux on top of oneiric?
<tarvid> running 11.10 on 11.10 with virtualbox
<PedroGomes> Hi, I'm trying to do an unattended install ubuntu with PXE but it stops saying that the hardware needs non-free firmaware. Any advice in how to avoid this ?
<SpamapS> PedroGomes: there's a pre-seed option you can fill in that will answer that question
<genii-around> Like a post-install directive that installs whatever non-free package to /target
<PedroGomes> err, the problem is that it says that the file must be loaded from somewhere else
<PedroGomes> but the pre-seed option would do the trick
<PedroGomes> thanks
<PedroGomes> I guess I have no means of avoiding the pxe templates  :P
<RoAkSoAx> Daviey: adam_g should we drop the import of Hardy by orchestra-import-isos?
<SpamapS> can we even install hardy?
<SpamapS> RoAkSoAx: I think as long as its supported our releases should support installing it.
<RoAkSoAx> SpamapS: ok ;)
<uvirtbot> New bug: #893735 in openssh (main) "native support for X.509 v3 certificates in openssh" [Undecided,New] https://launchpad.net/bugs/893735
<Daviey> RoAkSoAx: yeah, agree with SpamapS
<RoAkSoAx> ok
<Daviey> RoAkSoAx: Is there something we can do to allow the admin to add future releases themselves?
<Daviey> It would kinda suck to SRU a "enable new release".
<koolhead17> zul: are you looking for someone to test the newly built keystone PPA
<soren> Daviey: We do it all the time for debootstrap.
<Daviey> soren: Yes, but this has added complexity.
<Daviey> If debootstrap SRU fails, we hinder a developer, right?
<Daviey> If orchestra SRU fails... :)
<RoAkSoAx> Daviey: cobbler-ubuntu-import
<Daviey> RoAkSoAx: you think it will be ok to do that?
<RoAkSoAx> Daviey: yeah smoser adding cobbler-ubuntu-import to cobbler last cycle
<Daviey> soren: Well if the TB supports doing that, we'll do it :)
<soren> Daviey: If there's complexity involved, I wonder how you'd anticipate said complexity (to avoid the SRU).
<RoAkSoAx> Daviey: and you can import a new release by simply: cobbler-ubuntu-import precise-i386
<Daviey> ok
<adam_g> or by adding it to RELEASES in /etc/orchestra/import_isos
<adam_g> but new releases also need to be added to cobbler, otherwise the end up as unknown distro "breeds"
<raubvogel> Can anyone explain me the deal with 127.0.1.1? How is it used? Must I have the hostname for a machine using dhcp associated with that IP always?
<RoAkSoAx> raubvogel: 127.0.1.1 is an IP address reserved to identify the network card
<RoAkSoAx> raubvogel: or localhost
<raubvogel> RoAkSoAx: I thought that was 127.0.0.1
<RoAkSoAx> raubvogel: its for the localhost
<RoAkSoAx> raubvogel: http://www.debian.org/doc/manuals/debian-reference/ch05.en.html#_the_hostname_resolution
<uvirtbot> New bug: #436947 in euca2ools "If volume creation fails, euca-create-volume shows "None"" [Low,Fix released] https://launchpad.net/bugs/436947
<uvirtbot> New bug: #440744 in eucalyptus "External command failure not handled correctly in some cases" [Medium,Fix released] https://launchpad.net/bugs/440744
<uvirtbot> New bug: #444747 in euca2ools "help message for euca-bundle-vol shows "ec2cert_path"" [Low,Fix released] https://launchpad.net/bugs/444747
<raubvogel> RoAkSoAx: I do not remember seeing that in, say, centos. I would have expected to have the machine's IP with the FQDN but I see the reasoning behind that. It almost works as the Solaris hostname.interface
<RoAkSoAx> raubvogel: debian specific
<semiosis> i'm following the instructions here https://help.ubuntu.com/community/UEC/Images to run an Oneiric cloud image KVM guest on my local Oneiric workstation, but I am getting access denied with the ubuntu/passw0rd credentials from those instructions.  please help
<RoAkSoAx> semiosis: ubuntu/ubuntu?
<semiosis> denied
<semiosis> ubuntu/password also denied
<semiosis> is there a more recommended way of running a VM on my workstation than this?
<RoAkSoAx> smoser: ^^
<semiosis> instructions seem straightforward enough, but then the cloudimage denies me
<semiosis> thanks RoAkSoAx
<RoAkSoAx> semiosis: he would be able to help you ;)
<semiosis> smoser is a legend :)
<RoAkSoAx> hehe
<Daviey> Does someone want to rebase, https://launchpad.net/ubuntu/+source/nova/2011.3-0ubuntu6.1 for SRU?
<Daviey> (it was superseeded by a security upload)
<Daviey> Hmm, although, it might need merging with https://launchpad.net/~zulcss/+archive/openstack-updates/+sourcepub/2080480/+listing-archive-extra
<Daviey> probably best wait for zul.
<uvirtbot> New bug: #893786 in cloud-init (main) "mount option can`t set permissions" [Undecided,New] https://launchpad.net/bugs/893786
<Ursinha> Daviey: hellooooooooooo
<Ursinha> when should I expect you to be free? It's pretty late for you, isn't it?
<Daviey> hey Ursinha
<koolhead17> phewwww
<koolhead17> Ursinha: hellos
<Daviey> Yeah, what time are you likely going to be online tomorrow?  UTC?
<Ursinha> hello koolhead17
<Ursinha> Daviey: let me do the maths
<Ursinha> Daviey: 15utc
<Daviey> Ursinha: ok, thanks
<kees> SpamapS: okay, I've got a funny one for you. in oneiric, my desktop was hitting the "waiting for networks" thing. I had two left over "auto" entries that weren't present on the system any more (from a USB dongle). eth5 and eth5.3 (vlan on eth5). for some reason, /var/run/ifup.eth5 exists, but not ifup.eth5.3 :P
<lenios> kees, oh, i have the "waiting for network", is it because of the auto on unused interfaces?
<lenios> i'll need to test tomorrow
<lenios> i had no problem with 11.04 though
<kees> lenios_: right, it means that something from /etc/network/interfaces that is marked "auto" has not come up yet.
<twb> Or "allow-auto", for which auto is only shorthand
#ubuntu-server 2011-11-23
<dissipate> has anyone here successfully mounted an amazon s3 bucket in ubuntu 11.10?
<erichammond> dissipate: "mounted an amazon s3 bucket" ... with what software?
<dissipate> erichammond, s3fs
<dissipate> erichammond, that's what i tried to do it with, but i'm open to other options
<erichammond> dissipate: Then, yes. I have used s3fs on Ubuntu 11.10.
<dissipate> erichammond, do you have the scripts you used to set it up by any chance?
<erichammond> dissipate: sudo /usr/local/bin/s3fs -o url=https://s3.amazonaws.com -o allow_other $bucket $mountpoint
<dissipate> erichammond, i mean the scripts you used to install s3fs
<dissipate> erichammond, i just tried that command, it didn't work. :(
<erichammond> dissipate: The $mountpoint directory must exist. You need to have set up /etc/password-s3fs correctly. The bucket must exist.
<erichammond> dissipate: svn checkout http://s3fs.googlecode.com/svn/trunk/ s3fs && ( cd s3fs; ./autogen.sh; ./configure; sudo make install )
<erichammond> dissipate: Expand on "didn't work"
<dissipate> erichammond, i did all that.
<dissipate> mount point exists, /etc/password-s3fs is there with my credentials
<erichammond> dissipate: Elaborate on "didn't work"
<dissipate> erichammond, i get no error and the bucket mount doesn't show up.
<erichammond> dissipate: What do you mean by "the bucket mount doesn't show up"?
<dissipate> erichammond, i went into /mnt and there is nothing there.
<dissipate> i mounted into /mnt
<erichammond> dissipate: So /mnt was the mountpoint?
<erichammond> dissipate: or /mnt/somedirectory ?
<dissipate> it appears s3fs can connect to s3 to some extent, because when i tried a bogus bucket it had an error.
<dissipate> /mnt
<erichammond> dissipate: Were the directories and files inside the bucket created through s3fs or through some other process?
<dissipate> erichammond, i created them through the AWS user interface.
<erichammond> dissipate: Are there any keys in the bucket that do NOT contain a slash (/)?
<dissipate> erichammond, no, the bucket has some directories
<erichammond> dissipate: All files are in subdirectories?
<erichammond> dissipate: Pick a subdirectory with a file and run: mkdir -p /mnt/PATH/TO/SUBDIRECTORY
<erichammond> dissipate: Then look in that subdirectory to see if the files are visible.
<dissipate> erichammond, ok, let me try
<dissipate> erichammond, well, it's mounted because i created a directory in /mnt and it showed up as an empty file in my S3 bucket!
<dissipate> erichammond, i created the subdirectory and the files are showing up now! what is happening?
<erichammond> s3fs needs to have a special key in the S3 bucket for each subdirectory before it can see files in that subdirectory.
<erichammond> 'night
<dissipate> erichammond, thanks for the info. do you have bitcoin BTW? i'd like to send you a couple coin for your help.
<SpamapS> kees: ifup -a should have caught the eth5.3 entry after eth5.. thats very strange. That said, I'm not entirely sure of how ifupdown handles vlan entries like that.
<kklimonda> who has some experience writing upstart configs for packages from the distribution's point of view? I'd like to port both slapd and krb5-kdb/admin-server to upstart to fix a small bug with start order but I'm not sure how much of the current sysv stuff move over to upstart (like variables from default files etc.)
<twb> SpamapS: poorly, apparently ;-P
<kklimonda> also, what's the policy on shipping upstart override files in packages?
<SpamapS> twb: I think its worth proposing a replacement for ifupdown in the 12.10 cycle.. seems ridiculous to keep this weird thing alive.
<twb> I bet the replacement will be worse tho :-/
<kklimonda> yeah, base it on network manager while your are on it :P
<twb> haha
<twb> "in 12.10 ubuntu now requires NM to be installed everywhere and is included in the initrd for maximum fail"
<twb> Or some stupid undocumented failtastic upstart helper a la mountall(8)
<kklimonda> heh, I wouldn't mind if it were done well
<kklimonda> but then we are talking about Ubuntu here ;)
<SpamapS> The snark is strong with this one.
<kees> SpamapS: well, the device for eth5 doesn't exist at all any more, so I assume it would never get to eth5.3
<kees> SpamapS: why it "got" to eth5, I don't know either. I think that's the actual bug.
<kees> or rather, just because something is "auto" doesn't mean it attached to the system. ;)
<Corey> What's the proper way to get sshd to start on boot?
<twb> Corey: apt-get install openssh-server
<Corey> twb: Yeah, I get that.  But let's say I want to disable it from starting on boot for a while.  To reenable it, I would...?
<twb> dpkg-divert --remove --rename /etc/init/ssh.conf
<twb> Unfortunately, in their infinite wisdom, the upstart developers broke invoke-rc.d
<twb> Er, policy-rc.d
<Kutakizukari> Anyone here?
<Kutakizukari> Using Ubuntu 10.04 server and getting Request timed out when pinged.
<mgw> can you ssh to the system?
<Kutakizukari> let me try
<Kutakizukari> mgw: Network error: Connection timed out
<mgw> do you have physical access?
<mgw> or KVM?
<Kutakizukari> No physical access
<Kutakizukari> cloud server
<mgw> which provider?
<Kutakizukari> eleven2.com
<mgw> do they give you KVM?
<Kutakizukari> don't know what it is
<mgw> console access
<mgw> essentially
<Kutakizukari> ah, they are using the wrong credit card information so it has been suspended, easy fix.
<mgw> That would explain it. Glad you figured it out.
<SpamapS> kees: was eth5 a static interface, while eth5.3 dhcp?
<koolhead17> hi all
<dissipate> koolhead17, hi
<koolhead17> hello dissipate
<dissipate> koolhead17, what's going on?
<dissipate> koolhead17, are your ubuntu servers running smooth as silk?
<koolhead17> your asking or telling :)
<dissipate> asking. :P
<koolhead17> anyways i can help u?
<dissipate> koolhead17, i'm looking for a way of mounting amazon s3 buckets in ubuntu server that's easier to set up than what i have now.
<dissipate> i'm using s3fs which has no package, must be compiled from source. :/
<koolhead17> dissipate: did you check s3 documentation, am sure your the only one with this idea :)
<dissipate> yep
<dissipate> i'm actually interested in third party tools.
<koolhead17> dissipate: am not a amazon used but i would be interested to know the liberty amazon provides :D
<koolhead17> it be cool if you can also ask it as question at launchpad
<dissipate> koolhead17, fairly cheap and pretty much unlimited storage is what they provide.
<koolhead17> cool
<uvirtbot> New bug: #893887 in samba (main) "package samba 2:3.5.8~dfsg-1ubuntu2.3 failed to install/upgrade: ErrorMessage: package samba is not ready for configuration  cannot configure (current status `half-installed')" [Undecided,New] https://launchpad.net/bugs/893887
<lynxman> morning o/
<jamespage> morning all
<uksysadmin> morning
<uksysadmin> I've a question on preseeding and executing commands at the end of installation... what's the best way to download a script and execute it? Under RH its simple in their kickstart scripts... Ubuntu is 'different'.
 * uksysadmin thought I'd tempt the answer with some Red Hat bait and waits...
<lynxman> uksysadmin: it depends, Ubuntu uses preseed for hardware and cloud-init for cloud instances so you can use either depending on what you're doing
<lynxman> uksysadmin: https://help.ubuntu.com/11.04/installation-guide/i386/preseed-advanced.html#preseed-hooks
<lynxman> uksysadmin: for example :)
<lynxman> (just change 11.04 with your version of Ubuntu)
<fly_80> hello
<uksysadmin> cheers lynxman - read that, I am wanting to set a https_proxy and download a script using wget. bit of a hack atm, but it replicates the post steps I'm doing at present.
<uksysadmin> I get 'export' command not found when setting the env var.
<uksysadmin> I'm trying an alternative
<uksysadmin> this is on a physical server
<uksysadmin> As I'm using Orchestra, is there a way of having this "post-script" living somewhere on my Orchestra server and grabbing it from there instead?
 * uksysadmin is speaking out loud and realises that's the best way
<lynxman> uksysadmin: so this differs heavily from your first question, which was "what to use" and you're already using something :)
<uksysadmin> Not really - I'm new to pxe booting ubuntu
<lynxman> uksysadmin: orchestra uses cloud-init, it has an integrated metadata service, so you just need to add or modify to the cloud-init script
<uksysadmin> at the end of the day it uses cobbler and runs som post hooks
<uksysadmin> just need an example where I can do some post commands and I'm not sure what the difference is between in-target and /run etc
<lynxman> uksysadmin: well... it uses a lot more than that actually
<uksysadmin> happy to be pointed in the direction of some docs that explains how to use it
<uksysadmin> as opposed to how I think I should be using it
<uksysadmin> so in other words, I shouldn't be using the preseed files but something that cloud-init calls?
<Takyoji> For an NFS share, I want it available on a 172.16.11.0/24 as well as a 10.0.0.0/8, do I just list the share twice, but with different network ranges?
<Takyoji> i.e. doing: /Shares 172.16.11.0/255.255.255.0
<Takyoji> /Shares 10.0.0.0/255.0.0.0
<Takyoji> Or is it comma delimited?
<lynxman> Takyoji: you can just add them in the same line /share 172.16.11.0/24(rw,no_root_squash,async),10.0.0.0/8(rw,no_root_squash,async)
<Takyoji> ahh, alright
<Takyoji> I got a syntax error
<lynxman> jamespage: Hey James I have a bug that has been sitting ducks for some days now #884908 would you fancy sponsoring it? :)
<jamespage> bug 884908
<uvirtbot> Launchpad bug 884908 in mcollective "Package dependencies need work" [Medium,Fix committed] https://launchpad.net/bugs/884908
<lynxman> Takyoji: ah my bad, no comma delimitation, just space
<lynxman> Takyoji: did a "man exports" :)
<Takyoji> I tried using whitespace instead, and it reloaded properly, we'll see if it works
<lynxman> jamespage: it's just a change in dependencies to make things work as they should
<jamespage> lynxman, looking now
<jamespage> lynxman: has that same fix already been applied in precise?
<lynxman> jamespage: yes, it's included in the latest package uploaded yesterday
<koolhead11> hi all
<lynxman> koolhead11: ello sir o/
<koolhead11> hello lynxman :D
<lynxman> koolhead11: I always wonder... why the number change? ;)
<koolhead11> lynxman, 11 mostly means am at my workplace :D
<lynxman> koolhead11: aaah
<koolhead11> hehe
<koolhead11> never knew sleeping for 5 hours can give you hangover ..
<Takyoji> The second network still seems to be denied
<Takyoji> The 10.0.0.0/255.0.0.0
<koolhead11> lynxman, i have made some progress with dashboard, i can finally see the login page. hehehe
<lynxman> Takyoji: run exportfs -a
<lynxman> koolhead11: wow, that's very good :)
<Takyoji> No output?
<lynxman> Takyoji: that'll reload your exports file into your nfs server
<Takyoji> ahh
<koolhead11> lynxman, but the django server gets killed and dies once i provide it the authentication. It does connects to keystone. Planning to use apache2 now instead django. It will give me better log/error details
<lynxman> koolhead11: do you have the python error at hand?
<lynxman> koolhead11: I might help you there, done some django
 * lynxman has a dark past :D
<koolhead11> not anything really great.
<Takyoji> Still denied as of yet
<lynxman> Takyoji: then check why it's being denied in /var/log/system.log
<koolhead11> DEBUG:django_openstack.api:auth_api connection created using url "http://192.168.1.4:5000/v2.0/"
<lynxman> Takyoji: it should give a clear explanation there
<lynxman> koolhead11: try running django in debug mode
<Takyoji> There isn't a /var/log/system.log
<Takyoji> Did you mean dmesg, or auth.log, or?
<lynxman> Takyoji: gah I mean /var/log/syslog
 * lynxman really needs coffee this morning
<Takyoji> "refused mount request from 10.242.2.6 for /home (/home): illegal port 53339"
<lynxman> Takyoji: that's a weird error
<Takyoji> Indeed it is. xP
<lynxman> Takyoji: it's too early for tongue mister ;)
<Takyoji> I wonder if the NAT of VirtualBox is causing issues
<lynxman> Takyoji: aaah, add insecure to your nfs share definition, then run exportfs -a
<Takyoji> D:
<lynxman> Takyoji: looks like NFS considers that high port insecure
<Takyoji> Resolved.
<lynxman> Takyoji: \o/
<Takyoji> Any reason for that nature of functionality?
<Takyoji> Is it for the sake of "higher than port 1024" philosophy, or?
<lynxman> Takyoji: kinda, yes
<koolhead11> lynxman, i think django is allready in that debug mode
<lynxman> koolhead11: then you should have a lot more output than that
<koolhead11> lynxman, and do u have custom partition as wll :)
<koolhead11> lynxman, ,
<koolhead11> let me boot my box again
<lynxman> koolhead11: lol okay
<eagles0513875|> hey guys i have a quick question
<eagles0513875|> cobbler does it support provisioning of HVM xen guests?
<koolhead11> uksysadmin, http://paste.ubuntu.com/746865/
<koolhead11> the shell script in postinstall i have used to inject ssh key :D
<koolhead11> lynxman, got few minutes
<eagles0513875|> anyone know or worked with cobbler on 11.10
<lynxman> koolhead11: for you always :)
<koolhead11> lynxman, sir :D
<koolhead11> lynxman, any idea, which file i need to add modify for better log output in dash/django
<lynxman> koolhead11: I do! one sec... *looking*
<koolhead11> cool
<koolhead11> i see this INFO:root:Running in debug mode without debug_toolbar.
<lynxman> koolhead11: just add DEBUG=True to your django site conf
 * koolhead11 wonders what will that be for dashboard
<lynxman> koolhead11: there should be a config.py somewhere
<lynxman> koolhead11: I forgot more django in 1 year than I wish to admit
<koolhead11> checking
<koolhead11> :p
<koolhead11> lynxman, u meant settings.py
<lynxman> koolhead11: yeah that *smacks own head*
<koolhead11> lynxman, go grab a coffee :D
<lynxman> koolhead11: I had already one, looks like a need a second one...
<koolhead11> hehe
<Daviey> koolhead11: How did you get on with, https://launchpad.net/~zulcss/+archive/openstack-updates ?
<koolhead11> Daviey, i have not tried that. not updated the server yet
<koolhead11> am foo fighting to get bloody dash show me some love
<koolhead11> i have been able to get the teaser so far, more than 24 hours and counting :P
<Daviey> heh
<uksysadmin> cheers koolhead11
<koolhead11> uksysadmin, did i saved some time of yours :D
<eagles0513875|> hey guys any cobbler users here on 11.10
<eagles0513875|> or ubuntu orchestra users here
<uksysadmin> not had chance to try it yet - been in a meeting
<koolhead11> k
<uksysadmin> eagles0513875|, yes and its testing my patience
<eagles0513875|> ahh how come uksysadmin
<uksysadmin> my logical brain doesn't extend to d-i weirdness in some preseed files ;-)
<eagles0513875|> ?
<eagles0513875|> ya lost me
<eagles0513875|> uksysadmin:  have you tried provisioning HVM based xen guests with it?
<uksysadmin> I'm trying to do a simple install and after its installed everything, run a script
<uksysadmin> eagles0513875|,no
<Deathvalley122> do you think it might work with HVM guests uksysadmin?
<koolhead11> Deathvalley122, i would suggest you to check #cobbler channel
<eagles0513875|> ok
<eagles0513875|> koolhead11: ya its dead in there right now
<Deathvalley122> google is no help either
<Deathvalley122> cause it does not mention anything about cobbler on google lol
<uksysadmin> not sure what you're asking Deathvalley122 - I'm not using Orchestra for any guests - just bare metal provisioning of OpenStack
<eagles0513875|> uksysadmin: ahh ok does open stack use something like xen as a hypervisor or does it have its own
<Deathvalley122> don't worry about it I will find something
<eagles0513875|> uksysadmin: you working with xen kvm or vmware as virtualization back end
<PedroGomes> Hi, on my pressed PXE template I have "keyboard-configuration/layoutcode=us" but when it boots from the network it shows the menu asking me the keyboard layout, any advice?
<Deathvalley122> all we want to do is provision HVM xen guests on cobbler is all uksysadmin
<uksysadmin> I'm working on physical tin - not virtual
 * uksysadmin isn't someone you want to ask Qs on Orchestra - it has reduced me to a n00b
<eagles0513875|> ahh ok thats different then
<eagles0513875|> uksysadmin: no it hasn't one thing you might like more is juju for service deployment :D
<uksysadmin> indeed - that's next
<koolhead11> eagles0513875|, :P
<uksysadmin> just being able to run a little script is all I ask
<uksysadmin> :)
<eagles0513875|> uksysadmin: then you want juju for that
<koolhead11> uksysadmin, you can easily do that with late-preseed option
<uksysadmin> I've barely got OpenStack working using scripting - if someone has juju charms for OpenStack and a manual for setting up Orchestra to provision OpenStack, send it my way
<eagles0513875|> uksysadmin: there aren't yet but i  know someone who works for backspace that I'm hoping i can push him to do the script would be a great addition to the charms :D
<uksysadmin> absolutely - I've been teased by the things for weeks!
<uksysadmin> it was announced in Paris a while back it was the way to go
<koolhead11> i need some information about PPA. suppose there is a package which is available in archiev and am adding a PPA for same. will i be able to get the pkg downloaded from PPA or archive
 * koolhead11 is confused
<uksysadmin> in the meantime, I can install ubuntu, run a script and voila - OpenStack
<koolhead11> uksysadmin, :P
<CppIsWeird> where is the system umask configured?
 * uksysadmin has a red hat background and this stuff is childsplay using kickstart
<koolhead11> uksysadmin, :P
<uksysadmin> ;-()
 * uksysadmin checks he's wearing flame-retardant underwear
<eagles0513875|> lol
<koolhead11> bahh
<lynxman> koolhead11: if you create your own ppa you can just add it to your server with add-apt-repository ppa:username/ppaname
<koolhead11> lynxman, yeah. my question was i have say pkg A which is allready in pkg archieve and i created/installed one via PPA which will get installed :D
<lynxman> CppIsWeird: It's in /etc/login.defs
<lynxman> uksysadmin: kickstart it's child's play compared to Orchestra ;)
<lynxman> koolhead11: if the version is > it should be fine
<koolhead11> lynxman, aah
<lynxman> s/it's/is/
 * koolhead11 kicks uksysadmin 
<uksysadmin> oi!
<koolhead11> uksysadmin, am scared of ***flame**
<koolhead11> :D
<uksysadmin> :)
 * uksysadmin crosses fingers. 19th pxe boot's a charm I reckon.
<Daviey> uksysadmin: can i see your config?
<uksysadmin> let me see yours :p
<uksysadmin> if my config works - I'll let anyone who pays me see it. apart from koolhead11 as I pinched the last bit from him.
<uksysadmin> ;-)
 * koolhead11 kicks uksysadmin again!!
<Daviey> uksysadmin: works for me... I'm going to add "if user="uksysadmin: kernelpanic()" to many of the packages you care about. :)
<uksysadmin> awesome - fame at last.
<koolhead11> hahahaha
<uksysadmin> if you hold off Daviey - I'll have a working system in 5 mins.
<uksysadmin> if it doesn't work - you can have my config and be damned to eternal reboots for ever.
<uksysadmin> my set up is rather simpl: boot oneiric, grab a script, runs a script, installs OpenStack
<uksysadmin> So Daviey, do you want to see my config and laugh, or see my config and go "n00b"?  The script is a stock example preeseed that runs an OpenStack install script I wrote in the late run section
<uksysadmin> so those who like to give juju love - rather than pre-seeding a script to do stuff, what is the best way to run stuff post-install using juju?  i.e. what does a set up look like from bare metal where I've pre-allocated it to do a particular task?
<uksysadmin> if OpenStack charms existed
<uksysadmin> (an example where it sets up /something/ in juju would be handy)
<lynxman> uksysadmin: There's an Openstack charm :)
<koolhead11> zul, around?
<uksysadmin> is there now...
<uksysadmin> I'm listening...
<lynxman> uksysadmin: https://code.launchpad.net/~charmers
<uksysadmin> intriguing
<zul> koolhead11: still waking up....
<lynxman> zul: good moaning
<uksysadmin> has anyone installed openstack using charms? it's quite a feat to install.
<uksysadmin> or specifically - to install in a datacentre and not in a little sandpit environment
<uksysadmin> would the steps be edit the charm, modify the networking and ... how do you get Orchestra to kick off a juju deployment?
<lynxman> uksysadmin: no need to edit any charm
 * uksysadmin was wondering why preseed was stuck at 23% for last 5 mins. F4 had the answer... now how to press "Y" to continue... ;-)
<uksysadmin> ok
<lynxman> uksysadmin: just create your charm config and run
<uksysadmin> I need to go to charm school
<uksysadmin> What does an preseed file look like that goes "juju deploy blah" - is that literally something you put in the late_command section or is there a more eloquent juju friendly way?
<lynxman> uksysadmin: you assign the machine a juju-deployment profile through orchestra, then just use regular juju commands
<smoser> semiosis, what exact instructions were you trying ?
<lynxman> smoser: morning sir
<smoser> good morning.
<uksysadmin> one shall have a play lynxman
<lynxman> uksysadmin: :D
<koolhead11> zul, good morning :D
 * uksysadmin is getting there - at least script runs now... now onto networking and partitioning...
<koolhead11> uksysadmin, cool.
<uksysadmin> doesn't run as intended, but one small step for mankind and all that!
<kaushal> Hi
<uvirtbot> New bug: #893978 in groovy (universe) "Groovy package should depend on either sun-jdk or openjdk" [Undecided,New] https://launchpad.net/bugs/893978
<kaushal> can someone please comment on http://pastebin.ubuntu.com/746982/
<kaushal> I am on Ubuntu-server 10.04
<kaushal> LTS
<kaushal> Any clue please ?
<RoyK> kaushal: erm...
<RoyK> 17163091969 seconds is like 544 years
 * RoyK somewhat doubts kaushal was running linux back in 1467
<kaushal> RoyK: apologies
<kaushal> please give me a moment
<yaboo> whats good software to monitor my box, e.g. chkrootkit, cacti???
<yaboo> whats good software to monitor my box, e.g. chkrootkit, cacti???
 * koolhead11 points yaboo to google
<yaboo> whats good software to monitor my box, e.g. chkrootkit, cacti???, sorry to ask again seems my irc client did not show me the response to my question
<lynxman> yaboo: software good for you, cacti, rsyslog, munin, nagios
<yaboo> lynx man thanks, using cacti, is rsyslog more on the os level, to check when files get changed etc
<lynxman> yaboo: wow, I didn't know that
 * lynxman ashamed of himself
<lynxman> :D
<yaboo> lynxman, just asking, never heard of rsyslog
<lynxman> yaboo: so you don't want a monitoring solution, you want a tripwire
<lynxman> yaboo: you can use ossec for that
<yaboo> tripwire?? ossec, thanks
<uksysadmin> is there any way to preseed a ubuntu server with multiple nics and assign multiple IPs?
<koolhead11> uksysadmin, expalin
<uksysadmin> I have eth0 and eth1.  eth0 always gets my settings from my preseed, how do I enable eth1?
<uksysadmin> as well
<koolhead11> uksysadmin, i did that using my late command. :)
<uksysadmin> was wondering if that was the only option
<koolhead11> the preseed i shared u
<uksysadmin> yeah
<uksysadmin> ta
<philipballew> How can I tell If i have a proxy running
<koolhead11> netstat -tulpn | grep 3128
<philipballew> philip@philip-Studio-1558:~$ netstat -tulpn | grep 3128
<philipballew> (Not all processes could be identified, non-owned process info
<philipballew>  will not be shown, you would have to be root to see it all.)
<philipballew> philip@philip-Studio-1558:~$ sudo !!
<philipballew> sudo netstat -tulpn | grep 3128
<philipballew> [sudo] password for philip:
<philipballew> philip@philip-Studio-1558:~$
<koolhead11> philipballew, would you care reading squid part in ubuntu server guide at same time https://help.ubuntu.com/10.04/serverguide/C/
<philipballew> sure :)
<koolhead11> thanks philipballew
<philipballew> alright. how can i se if i can get my self back into america?
<philipballew> koolhead11, Whats a way to fix this
<zul> morning
<koolhead11> zul, :)
<koolhead11> tried your PPA and got some error
<koolhead11> for keystone reg unmet deps
<koolhead11> python-keystone
<zul> koolhead11: eh?
<koolhead11> yes :(
<zul> can you pastebin it?
<koolhead11> http://paste.ubuntu.com/747038/
<koolhead11> am using oneiric and then added PPA of yours
<zul> sudo apt-get install keystone python-keystone for now please
<smb> hallyn, Fun, I think I found out what the problem with those nfs4 mounts is...
<koolhead11> k lemme try
<koolhead11> zul, http://paste.ubuntu.com/747043/
<zul> koolhead11: k thanks
<zul> koolhead11: gimme a couple of minutes
<hallyn> smb: oh?
<smb> hallyn, In short there is no nfs4 module which the command tries to load...
<smb> It is the same nfs module than for nfs...
<hallyn> smb: you're talking about a userspace module?  or kernel module?
<smb> A kernel module of course :)
<smb> The magic is that mount -tnfs loads the kernel nfs module
<hallyn> so userspace needs to be told that nfs module is ok?
<smb> mount -tnfs4 tries the same with an nfs4 module which does not exist
<smb> /etc/modrpobe.d/nfs4.conf: alias nfs4 nfs
<smb> That should do the trick
<hallyn> smb: nice :)
<koolhead11> zul, rocking as Daviey  says :D
<smb> But I wait for reporters feedback
<hallyn> smb: if you want to comment that in the bug, i'll happily test it on lucid..oneiric with autofs
<hallyn> oh, ok
<smb> hallyn, Done already.
<semiosis> smoser: thanks for getting back to me.  i downloaded http://cloud-images.ubuntu.com/server/oneiric/current/oneiric-server-cloudimg-amd64-disk1.img then i launched it using virt-manager.  that got me to a login prompt but the creds were not accepted.
<hallyn> smb: ok i haven't read email backlog yet :)  thanks!
<semiosis> smoser: my workstation is vmx capable 64-bit oneiric
<smb> hallyn, Meh, I just did it, so there is chance you have not even have got any email
<smoser> semiosis, there are no creds.
<semiosis> so how does one login?
<smoser> you cannot log in without providing some user-data.
<smoser> i suggest for your virt-manager path to make yourself an iso as described at https://help.ubuntu.com/community/UEC/Images#Ubuntu_Cloud_Guest_images_on_Local_Hypervisor_Natty_onward
<smoser> and just attach it.
<smoser> by 'attach' i mean provide that as a CD-ROM to virt-manager.
<smoser> then it will boot and read the customization data from that iso (which includes setting password for 'ubuntu' to 'passw0rd')
<semiosis> smoser: what is the meaning of the following section, "Ubuntu Cloud Guest images on Local Hypervisor (Oneiric)"
<semiosis> smoser: that makes it sound like you can just launch the downloaded qcow2 .img file directly
<smoser> yeah, thats just bad documentation.
<semiosis> smoser: ha
<semiosis> smoser: it would be better if that section were removed completely
<semiosis> smoser: but i digress.  thanks for setting me straight :)
<semiosis> i'll go the natty iso route
<smoser> so, the reason that these do not have any credentials for logging in is that we expect people to launch them on public networks.
<semiosis> makes sense
<semiosis> so if i understand this correctly then, i'll use the make-iso step to build my user-data ISO file, ovftransport.iso, then skip the qemu-img step because the oneiric image is already in qcow2 format, then jump down to the kvm step to launch the stock img with my custom user-data iso?
<zul> koolhead11: fixed it needs to be rebuilt though
<koolhead11> zul, am here for another 3 hours and i can see the same once am home as well
<koolhead11> to test the keystone i need to check the curl commands after passing the sampledata
<koolhead11> so i can do it today itself
<zul> koolhead11: k
<koolhead11> lets get keystone up and running. :)
<semiosis> smoser: ?
<smoser> semiosis, you actually want to convert the image.
<smoser> but not because you have to
<smoser> it is a compressed qcow disk image, which means that all reads to that disk will go through cpu decompression
<smoser> which clearly you dont want.
<semiosis> that explains why it was so unbelievably slow lol
<smoser> the compressed image is massively useful because a.) its significantly smaller b.) it *can* be "just used"
<semiosis> ok great i'm going to have fun playing with this stuff.  thanks again smoser :)
<smoser> semiosis, i suggest you read that user-data file and the doc in cloud-init's doc/examples directory also
<smoser> to see what other things you can do.
<smoser> and be aware that that demo will set you up with password less authentication with a ssh key.  however, everyone else in the world has the same access to that private key as you do.
<smoser> it is a *DEMO*
<semiosis> yeah i'm already reading that stuff & planning the fun things i'll be doing with it.
 * semiosis is a huge fan of cloud-init
<semiosis> going to skip password auth altogether & supply my own pubkey
<semiosis> set up some stuff to integrate launched instances with my lab lan
<semiosis> etc etc
<smoser> semiosis, updated page.
<semiosis> w00t
<semiosis> heh when i tried the qemu-img create command it make a 200k file, not sure what that was... but with the convert command you just added to the docs it created a 600M file which is more like what I expected
<smoser> qemu-img create makes a delta image
<smoser> you can see info about a disk image with 'qcow-img info'
<smoser> note that the 200k file basically just says "hey, get data from *that* file over there"
<smoser> then, writes to that disk from kvm go to the delta image
<smoser> and it will grow over time.
<smoser> "qcow" ~ 'q' copy on write
<semiosis> but using that the vm would still have to go through gunzip for all reads from the original file
<smoser> right.
<smoser> you can also do the backing file to a raw disk image
<smoser> or a qcow (uncompressed) disk image
<semiosis> hmm so after decompressing the img with convert, could I then use the create command to make a new cow file for each VM, then they could all read from the same master decompressed image
<smoser> right
<semiosis> sweet!
<semiosis> this is great.  i'm new to qemu-kvm (obvs.) so this is very helpful.  i've been using centos xen with lvm disks & getting ready to wipe the old vm server & start over with ubuntu
<semiosis> to match new production network in ec2
<semiosis> ah i see now the ovf/README describes all that disk image stuff too.
 * semiosis goes to study
<uksysadmin>  under what scenario does apt create "dpkg-new" files? on a clean install with no prior packages installed my upstart job files are being created with .dpkg-new on the end...
<uksysadmin> (not all, just some - specifically the ones I'm running in my late command section)
<PedroGomes> Hi, in my Ubuntu PXE installation it stops in a window "Detect network hardware" that asks if I want have a way of installing some missing firmware. How do I pass it automatically with a PXE pressed flag?
<smoser> utlemming, i was following https://help.ubuntu.com/community/UEC/Images#preview for arm images
<smoser> i think i did it correctly
<smoser> http://paste.ubuntu.com/747084/
<smoser> with 20111123 armel image.
<SpamapS> uksysadmin: it does that when both the package, and you, have changed that file
 * SpamapS really wishes dpkg had 3-way conffile merges
<uksysadmin> SpamapS, bizarre... will have to do some digging as there was no original file in the first place and I've literally just logged into a fresh install wondering why something didn't start
<uksysadmin> (complained of the upstart job conf file not being found)
<uksysadmin> I would've expected a .conf file and a .conf.dpkg-new - but not *just* the latter
<smoser> kirkland, fyi, current precise cloud image
<smoser> LC_BYOBU=1 ssh 10.55.60.132
<smoser> seems not to do anything
<kirkland> smoser: i think a byobu upload is blocked on an MIR promotion of tmux
<kirkland> smoser: as I've promoted tmux to a recommends
<smoser> LC_BYOBU=1 sh /etc/profile.d/Z97-byobu.sh
<kirkland> smoser: and it's waiting on ubuntu-mir to approve it
<smoser> doesn't do anythign either
<kirkland> smoser: does /etc/profile.d/Z97-byobu.sh exist?
<smoser> yes.
<kirkland> smoser: byobu -v?
<smoser> $ byobu -v
<smoser> byobu version 4.49
<smoser> Screen version 4.00.03jw4 (FAU) 2-May-06
<smoser> wow. but 'time byobu true'
<smoser> real    0m7.527s
<kirkland> smoser: umm, something's wrong there
<smoser> ok. so LC_BYOBU=1 was because i was coming in under screen.
<smoser> maybe allow me to LC_BYOBU=2 to "REALLY FREAKING DO IT"
<smoser> but still very slow
<smoser> yeah. and even when not connecting from insdie screen, 'time byobu true' is taking several seconds. 7-11.
<kirkland> smoser: this is in ec2
<kirkland> ?
<smoser> canonistack.
<smoser> hm...
<smoser> but that doesn't take so long on ec2
<smoser> i bet something user data
<smoser> ah
<smoser> yeap
<smoser> suck
<smoser> kirkland,
<kirkland> smoser: metadata?
<smoser> https://bugs.launchpad.net/nova/+bug/851159
<uvirtbot> Launchpad bug 851159 in nova "ec2 metadata service is very slow" [High,In progress]
<smoser> you're blocking on that for the ec2 cost thing.
<kirkland> smoser: there's an exit condition
<kirkland> smoser: i need to strengthen that against openstack, i reckon
<smoser> well, i think the right thing to do is to background that
<smoser> as that you shouldn't really be able to tell that you're in openstack versus ec2
<smoser> and anything you try to do will only potentially get fixed
<caribou> Has someone noticed that Oneiric KVM vm never get to the "shut down" status when shutdown ???
<caribou> I systematically need to virsh-destroy the instance
<kirkland> smoser: agreed
<kirkland> smoser: would you file a bug?
<kirkland> smoser: or mark that other bug as affecting byobu?
<kirkland> smoser: http://paste.ubuntu.com/747167/
<kirkland> smoser: could you improve upon that any?
<kirkland> smoser: maybe I need to cache the output of that function
<kirkland> smoser: so that it doesn't need to run more than once
<kirkland> smoser: and it would cost at most 1 second on first run
<smoser> kirkland, https://bugs.launchpad.net/ubuntu/+source/byobu/+bug/894038
<uvirtbot> Launchpad bug 894038 in byobu "byobu should background some data collections (ec2 metadata) " [Undecided,New]
<kirkland> smoser: okay, i almost have a fix for you to true
<kirkland> smoser: just a minute ...
<smoser> note the comment there.  access to that (or any) non-local network resource could potentially hang indefinitely.
<kirkland> smoser: indefinitely?
<smoser> yes.
<smoser> the default timeout of a socket connection is never
<kirkland> smoser: can you try applying http://paste.ubuntu.com/747176/
<kirkland> smoser: wget -q -O- --timeout=1 --tries=1 ?
<smoser> wget does seem to do it right, and the '--timeout' does come back in 1.
<kirkland> smoser: good -- that's what metadata_available() uses
<smoser> i wouldn't rely on either of those 2 things to decide if you sould run or not
<smoser> as clearly they're not going to exist on non-ubuntu
<smoser> sh -c 'wget --tries=1 --timeout=1 http://169.254.169.254 -O - -q >/dev/null 2>&1 && echo 1 > .metadata_available'  &
<smoser> just fork it.
<smoser> even maybe bump the timeout too
<kirkland> interesting
<kirkland> that if will wait for the result correctly?
<smoser> yeah.
<kirkland> smoser: http://paste.ubuntu.com/747183/ ?
<smoser> well that wont work
<smoser> as yo wont wait. i'm thinking you'll always take the x=1 path there.
<smoser> $ if false &  then echo yes ;fi
<smoser> [1] 1308
<smoser> yes
<smoser> :)
<kirkland> smoser: right, that's not it
<kirkland> smoser: http://paste.ubuntu.com/747190/
<smoser> how will 1 get written there?
<kirkland> smoser: not 1
<kirkland> smoser: -s
<kirkland> smoser: non-empty file :)
<smoser> ah. yeah.
<kirkland> smoser: fun?
<kirkland> smoser: can you test this there?
<smoser> http://paste.ubuntu.com/747197/
<kirkland> smoser: sleep == uglier
<smoser> meh.
<smoser> just giving it achance that one time that that path is taken
<smoser> but basically you'll need to background all your gets of that
<kirkland> smoser: well, you're not re-reading it after that sleep
<smoser> you're right. i'm not.
<kirkland> smoser: so if wget does the right thing (and you don't pay for more than 1 second), let's do that
<kirkland> smoser: first run of that function costs at most 1 second
<kirkland> smoser: subsequent runs are inconsequential b/c the cache has been written
<smoser> not really.
<smoser> openstack metadata is slow
<smoser> so the --timeout=1 is going to fail
<smoser> and you'll have "no metadata" service
<smoser> but you *do* have one
<smoser> so background the --timeout=10, to give it a chance.
<kirkland> smoser: that's *so* an openstack bug :-P
<kirkland> smoser: but i'll work around it :-)
<smoser> well...
<smoser> you're setting an arbitrary timeout on a non-local io operation
<smoser> and you were blocking initialization on that
<smoser> but yes, its a serious bug that it is as slow as it is.
<SpamapS> isn't metadata always on ethX ?
<kirkland> smoser: ah
<kirkland> smoser: i see now...
<kirkland> smoser: even if we have metadata, on openstack, it's a big pile a suck
<SpamapS> seems like you could have an upstart job that starts on net-device-up ethX ADDRFAM=x METHOD=x
<smoser> SpamapS, thats probably a bad assumption
<SpamapS> smoser: its worth checking to see if any of them have routes to the metadata IP
<kirkland> smoser: okay, i'm going to have to handle this like updates_available
<SpamapS> so yeah, ethX is bad
<SpamapS> but put that code in an upstart task that starts on net-device-up
<smoser> SpamapS, how would you do that ?
<SpamapS> or an if-up.d script
<smoser> how would you determine "can i see <insert-some-ip-here>"
<smoser> i'm asking generically
<smoser> how do you know if non-response is slowness or permenant
<SpamapS> smoser: ip route show dev $IFACE
<SpamapS> ok forget the route check
<SpamapS> don't start polling until the dev is up.. if you get a "no route to host" .. give up.. wait for the next ifup
<SpamapS> smoser: I get what you're saying.. the VM's iface up does not mean the other side's metadata service is up
<smoser> i'm asking more generically
<smoser> ie, from one system (the cloud-images build system), wget -q -O- --tries=1 http://169.254.169.254
<smoser> will *never* come back
<SpamapS> you won't get a no route?
<smoser> as the host system that that runs has firewall rules allowing traffic to only a small number of things.
<smoser> anything else just hangs.
<SpamapS> I guess you do have to check for the direct local route first then
<SpamapS> smoser: I never said don't have a timeout!
<SpamapS> I'm saying don't start waiting until you know you at least have the capability to reach the other side.
<smoser> ah. right.
<smoser> to see if traffic would go through that device
<smoser> but this is not going to help kirkland
<smoser> really.
<smoser> or, if it does, its really seriously over designed for that
<smoser> :)
<uvirtbot> New bug: #894047 in lm-sensors (main) "Fansensor unavailable under Ubuntu 11.10 on Intel Corporation Mobile 945GME Express" [Undecided,New] https://launchpad.net/bugs/894047
<SpamapS> smoser: yeah in thinking it through here, I see that its not really the problem.
<urthmover> I'm installing 11.10 using a minimal install.  The Kernel to  install section has many choices.  What is the difference between  linux-server and linux-image-3.0.0-13-server ?
<SpamapS> urthmover: I believe the first is just an alias for the second
<urthmover> that is what I think too, so I thought I would check
<urthmover> SpamapS: thanks
<urthmover> I'll go with that
<SpamapS> kirkland: hey, what do I do if my byobu is set for "emacs" ctrl-A mode, and my keyboard doesn't have an f12?
<hallyn> SpamapS, eh what?  ctrl-a and f12 should do the same thing in byobu?
<SpamapS> I thought so
<SpamapS> duno..
<SpamapS> I can't get out of a byobu I started with ctrl-a d and I see its being passed through
<hallyn> weird
<koolhead11> Daviey, around?
<Daviey> koolhead11: always
<koolhead11> Daviey, working on that sqlite bug, so was confused which directory i should run dch -i
<koolhead11> debuild -S -sa
<koolhead11> comamnds
<koolhead11> poked lynxman and got the soln :d
<lynxman> :)
<Daviey> koolhead11: on the upstream root location
<Daviey> so you should be able to see debian/
<koolhead11> yes
<koolhead11> so from php5
<koolhead11> in my case
<koolhead11> :D
<koolhead11> so Daviey as per steave suggestion i am removing line which says sqlite SQLite
<koolhead11> https://bugs.launchpad.net/ubuntu/+source/php5/+bug/875262
<uvirtbot> Launchpad bug 875262 in php5 "PHP Startup: Unable to load dynamic library '/usr/lib/php5/20090626+lfs/sqlite.so'" [High,Confirmed]
<koolhead11> add maintainer scripts for the php5-sqlite package which call dpkg-maintscript-helper to handle removal of the obsolete conffile /etc/php5/conf.d/sqlite.ini
<koolhead11> you have to expalin once more Daviey
<Daviey> koolhead11: I think we need to do it in a shared screen session TBH
<koolhead11> Daviey, in that case i will need a remote machine running ubuntu?
<koolhead11> i will be home in hour time, can we work on it if you have some time today? :D
<Daviey> koolhead11: Hopefully, i'll set up an instance.
<koolhead11> Daviey, awesome. :D
<kirkland> smoser: around?
<kirkland> smoser: http://paste.ubuntu.com/747344/
<kirkland> smoser: that's what I'm testing now
<smoser> kirkland, not erally her.e maybe i can look later.
<kirkland> smoser: okay
<kirkland> smoser: i'm testing no
<PedroGomes> does anyone have a perseed configuration file for partition configuration that works with 11.10
<PedroGomes> ?
<SpamapS> PedroGomes: it depends on what you want to do with your partitions..
<SpamapS> PedroGomes: this has information on how to do complex partitioning: http://www.debian.org/releases/squeeze/example-preseed.txt
<azert> helllo anyone there ?
<PedroGomes> SpamapS: I was trying to use a simple template: http://pastebin.com/ZiFh8FsA
<zul> Daviey: exposing the swift stats doesnt really get you anything extra, its just the system load which we already have plugins for
<adam_g> zul: exposing it for what?
<Daviey> ahh
<zul> adam_g: nagios plugins
<PedroGomes> it is the default file given in Foreman(Puppet)
<adam_g> zul: check out https://github.com/pandemicsyn/swift-recon#readme
<PedroGomes> but it always stops in the Partition disks section
<adam_g> zul: i think this is merged into swift main now, but you can get all kinds of stats about the state of the storage ring too
<h0rjulf> PedroGomes: https://help.ubuntu.com/11.10/installation-guide/amd64/preseed-contents.html#preseed-partman
<h0rjulf> PedroGomes: there is a sample file there too
<zul> adam_g: yeah thats what i have been using ;) and you dont get anything extra if you do /load
<zul> maybe swift processes and thats it
<adam_g> zul: oh, so you're already monitoring for unmounted drives, lots of async pendings?
<PedroGomes> h0rjulf: many thanks, I was wondering if such a page existed
<zul> adam_g: point taken
<kirkland> hallyn: Bug #888245
<uvirtbot> Launchpad bug 888245 in byobu "horizontal split not remembered when switching vertical splits" [Wishlist,Won't fix] https://launchpad.net/bugs/888245
<kirkland> hallyn: so I don't see a fix available to that one
<kirkland> hallyn: poke me and let me know if you find how to do that
<hallyn> sounds like a design flaw :)
<kirkland> hallyn: and poke me again if this is blocking you from using byobu/tmux :-)
<kirkland> hallyn: agreed
<kirkland> hallyn: i'll probably need to work something into upstream tmux to solve it
<hallyn> nah it's not blocking me.  just annoying
<kirkland> hallyn: perhaps something in conjunction with "last-pane"
<hallyn> it may not be solvable...
<hallyn> cleanly anyway
<kirkland> hallyn: well, it's just a buffer that needs to be stored
<hallyn> but at that layer,
<kirkland> hallyn: and updated correctly
<hallyn> do you know the height of each pane above both columns
<kirkland> hallyn: you and i have it in our heads where the cursor should go
<hallyn> right
<kirkland> hallyn: hmm, perhaps through tput or something
<kirkland> hallyn: but not at my level
<hallyn> true, that might be not-too-ugly
<hallyn> if you then walk through each pane in the column you're goin gto, and check which one has that y coordinate from the original cursor position
<hallyn> wait, no,
<hallyn> heh, that's not the behavior i was after :)
<kirkland> :-)(
<Guest23311> hi in here. I found out that root has a /bin/bash on one of my servers. if i run: passwd -dl root would that be enough?
<hallyn> kirkland: and since you can change the height of the bottom left column relative to bottom right, it might not even be clear which you want
<hallyn> oh well
<kirkland> hallyn: meh, yeah
<kirkland> hallyn: sorry
<hallyn> kirkland, so, hey, do you still have bored amd laptops looking for something to do?
<kirkland> hallyn: i don't;  i gave them all back to robbiew
<hallyn> drat
<hallyn> ok, thanks
<kirkland> hallyn: why?  need to john some passwords?
<hallyn> were those vostros???
<kirkland> hallyn: or mine some bitcoins?  :-)
<kirkland> hallyn: yeah
<hallyn> bug 882997 wants to be reproduced
<uvirtbot> Launchpad bug 882997 in qemu-kvm "64-bit linux guests fail to start on oneiric running 3.0 kernel" [High,Incomplete] https://launchpad.net/bugs/882997
<kirkland> hallyn: ah
<kirkland> hallyn: sorry
<hallyn> i'll hit up robbie next week then :)
<hallyn> thx - happy thanksgiving!
<kirkland> hallyn: np
<kirkland> hallyn: see ya!
<adam_g> jhelwig: ping
<jhelwig> adam_g: Pong
<adam_g> jhelwig: hey jacob. i was wondering, has puppet added support to the service type to support managing upstart jobs? /me wondering if this patch we carry is still needed: http://paste.ubuntu.com/747404/
<jhelwig> adam_g: Dunno.  I'll check.
<jhelwig> adam_g: There is an upstart provider for service as of 2.7.0.
<adam_g> jhelwig: schweet, thanks!
<azert> hello there
<azert> how to run ls on several pc ?
<azert> in one time ?
<raubvogel> azert: are you looking for a specific file in all those machines?
<raubvogel> Otherwise, send the ls command through ssh
<azert> yes ls /home/user
<azert> i got 5 machine
<azert> i don't want to connect one by one
<raubvogel> make a loop
<azert> in one line i would like to do ls
<raubvogel> ssh can send a command inside it
<raubvogel> A for loop can be done in one line
<PedroGomes> azert: look int tools like cssh
<PedroGomes> *into
<PedroGomes> csshX for mac
<azert> i don't want to use ccss
<raubvogel> azert: then I do not know the answer
<azert> ok no problem
<JanC> use sshfs and mount all 5 machines somewhere on the local machine?  ;)
<azert> mounting 5 machines
<azert> can you explain ?
<azert> more
<Vinny> Can Someone help me regarding a built in raid controller for a supermirco X9SCL Mother board, The installer is not picking up the raid
<Vinny> I tried the Intel, and LSI and still no detection
<User1002> Does this sound even right for a encrypted backup system | 7zip all files wanted for backup -> Make 500byte random file -> use 500byte file for AES256 encryption -> Using RSA pub/priv keys (4096bit) encrypt the 500byte file, and scub off system) -> PAR2 the archive and the encrypted key -> Zip everyting up and upload somewhere
<SpamapS> Vinny: can you boot a livecd and pastebin 'lspci' on it?
<SpamapS> User1002: what you just described is how PGP/GPG works.
<User1002> I do it by hand I guess
<User1002> I did it with Openssl
<SpamapS> User1002: at least, the bit about encrypting the message with a symmetric key which is encrypted byt he public/private pair
<SpamapS> User1002: rolling your own crypto solutions is generally a bad idea.
<User1002> At the time it was the only thing I could fine
<User1002> that would work on any VPS I did it on
<User1002> without anything extra
<SpamapS> gpg should be available pretty much anywhere
<SpamapS> User1002: you may want to look at duplicity
<SpamapS> User1002: it does a lot of what you're describing already.
<philipballew> QUESTION: I believe I am connected to a proxy server, but I have no idea how it happened and what to do?
<jmarsden|work> philipballew: When requesting help, it is more useful to describe the symptoms (what happens), not your understanding of the cause of them (if you understood them correctly, you would not be asking for support) :)
<guntbert> jmarsden|work: your last statement is so good - would you like to suggest it as a factoid ?  - only I can't think of a sensible keyword
<jmarsden|work> guntbert: I think there is one somewhat like it, maybe in the debian bot rather than the ubuntu one... but it has a very strange keyword... I'll see if I can find it :)
<guntbert> jmarsden|work: ubottu has !details, but that is not nearly as good
<pythonirc101> How can i make my ubuntu-server box not start in text mode and automatically login into my account? (default login+startx)
<guntbert> pythonirc101: why do you use "server"?
<jmarsden|work> ubottu: describe the symptoms is <REPLY> When requesting help, it is more useful to describe the symptoms (what happens), not your understanding of the cause of them (if you understood them correctly, you would not be asking for support).
<ubottu> jmarsden|work: I am only a bot, please don't think I'm intelligent :)
<philipballew> I am wanting to set up a vpn at my home network here via my server i have connected. Anyone seen a good guide?
<Daviey> ahs3: hey, have you had a chance to review that package yet? :)
<jmarsden|work> ubottu: describe_the_symptoms is <REPLY> When requesting help, it is more useful to describe the symptoms (what happens), not your understanding of the cause of them (if you understood them correctly, you would not be asking for support).
<ubottu> jmarsden|work: I am only a bot, please don't think I'm intelligent :)
<jmarsden|work> !describethesymptoms is <REPLY> When requesting help, it is more useful to describe the symptoms (what happens), not your understanding of the cause of them (if you understood them correctly, you would not be asking for support).
<ubottu> jmarsden|work: I am only a bot, please don't think I'm intelligent :)
<pythonirc101> How do i get my ubuntu-server box to do autologin?
<pythonirc101> I followed the instructions on this page: http://tombuntu.com/index.php/2010/01/01/enable-automatic-login-in-ubuntu-9-10-server/ -- but for some reason on my 11.04, startx doesnt work, any ideas whats wrong?
<tarvid> http://paste.ubuntu.com/747648/
<tarvid> is this card incompatible with 11.10?
<Mum29> For setting up the home server, i got a problem. My husband says. Go with debian, And i say ubuntu, has more recent packages. Can anyone shed a light this issue ? what to pick..
<soren> pythonirc101: "startx"? You're in the wrong channel.
<soren> Mum29: It depends, but I think you're unlikely to have anyone in this channel recommend Debian over Ubuntu. It's an Ubuntu channel after all.
<fwfw> hi everyone. I may have a bit of a trivial question... I have set up amavis-new/spamassassin/clamav/postfix/dovecot, but I do not want to discard/quarantine messages but filter them into a trashmail IMAP-box for the user to decide what to do
<soren> Mum29: If I were your husband, I'd reject your research into the subject based on that very fact :)
<Mum29> Soren or is it SÃ¸ren. > Thanks, i know were i am but still wanna hear your opinions
<Mum29> Lol bacause im a women and only a man can setup a server. Come on
<soren> Mum29: No, no, that's not what I mean at all.
<Mum29> specify, english is not my main language
<SpamapS> Mum29: Ubuntu also has good AppArmor integration, and predictible upgrade/release cycles.
<soren> Mum29: I'm just saying that you're having an argument with your husband about whether to choose this or the other and gathering opinions from people who obviously will be biased isn't exactly objective research into the subject matter.
<soren> Mum29: If I saw your husband asking similar questions in a DEbian channel, I'd tell him the same thing.
<Mum29> Ah i see. No but im here to hear pros and cons. u might have some other ones than those in the debian channel has
<Mum29> SpamapS > Iwe seen text saying "Dont upgrade, install fresh" in relation with ubuntu releases. So upgrading is not smooth sayling always
<soren> WEll, IMO the most important difference is the predictable release cycle. Most other differences stem from this.
<soren> Mum29: I always upgrade.
<Azrael> Mum29: http://geekyschmidt.com/2011/03/11/debian-server-vs-ubuntu-server
<Mum29> Being totally dependent on debian sucks though
<soren> Mum29: I've never done a fresh install to avoid an upgrade.
<SpamapS> Mum29: we do actually take great care to get upgrades right.
<Mum29> Thanks for the link
<SpamapS> Fact that there are bugs is just a fact of life unfortunately... and one reason LTS -> LTS upgrades aren't enabled until the first point release after
<soren> We have more frequent releases, which means usually a fresher selection of packages.
<Mum29> I guess on a server the upgrade is not a problem, iwe done a few updates on desktops with ubuntu that went wrong.
<soren> Debian has a much longer stabilisation period (for better or worse).
<Mum29> soren > yeah in some cases. php-apc has been 3.1.7 for well since 10.10, 12.04 will have the same old package for the next few years.
<SpamapS> Mum29: do you usually upgrade on release day? Its generally safer to wait a week or so.. seems like there are always weird upgrade bugs that get ironed out the first few days
<Azrael> Mum29: so far i'm a fan of ubuntu server over debian.  i have noticed that since ubuntu tracks closer to bleeding edge, you're more likely to run into quirks/bugs in software than with debian... since debian is generally a long time behind latest releases, but quite stable.  still though, i recommend ubuntu server over debian.  you'll have newer packages available to you.  newer software, newer features, etc.
<soren> Mum29: Gosh, I haven't heard anyone mention php-apc for... half a decade, at least.
<Mum29> SpamapS > i usually do a fresh install, have just tried it a few times
<soren> Mum29: 10.10 had php-apc 3.1.3p1-2.
<soren> fwiw
<Mum29> okay. But its been 3.1.7 for a looong time
<soren> 11.10 has 3.1.7-1.
<Mum29> due to debian testing. Nothing ubuntu can do.
<SpamapS> [2011-02-28] Accepted 3.1.7-1 in unstable (low) (Pietro Monteiro)
<soren> First Ubuntu release that had 3.1.7 was 11.10, which has been out for a bit over a month.
<SpamapS> 10 months isn't that long. ;)
<Mum29> MMM i was sure it was longer than tat
<Mum29> that
<soren> Mum29: We actually often carry newer versions of stuff than what you find in Debian. We don't have to wait for Debian to package stuff before we can get it.
<soren> We prefer to wait, though. Share the burden and all that.
<Azrael> soren: though i'm still waiting for mysql 5.5 ;-)
<Mum29> 3.1.9 is faster, lets hope debian-testing team gets too it soon
<Mum29> Azrael > Thats the other thing .debian with dotdeb will get u latest mysql
<Mum29> My tests shows its about 5-7% faster on my setup than the old line. So lets hope debian picks that up too, but its extremely unlikely
<soren> Azrael:  mysql-5.5 | 5.5.17-4ubuntu4 |       precise | source
<Azrael> does dotdeb work for ubuntu?
<Mum29> Really so precise will have it
<Mum29> Azrael > no
<soren> Precise has it, yes.
<Mum29> Cool
<Azrael> what is precise
<soren> NExt Ubuntu release.
<Mum29> Its the next release
<soren> Due out in April.
<Azrael> i'm new to *.deb distro's.
<Mum29> Dohhh
<Mum29> Ahh
<Azrael> long time large scale systems engineer... just never used *.deb distro's till now.
<Azrael> so far i'm a fan
<soren> Azrael: Enjoy your stay :)
<Azrael> heh
<Mum29> Actually i also have 3 option on hand. Arch. Seems to be alot more complicated, but they use less altered packages than debian and ubuntu and has faster updates. No idea how it works yet thought
<SpamapS> Azrael: you won't have to wait too long for 5.5 .. I'm working on the transition right now actually. :)
<Mum29> though
<Azrael> sweet
<Mum29> SpamapS > very cool,
<SpamapS> with the cmake build and libmysqlclient_r being deprecated and multi-arch in Ubuntu.. it has been a *bear* .. but .. nearly wrastled.
<elz89> Mum29: Arch is for those who wish to customise every part of their system.. etc..
<Mum29> Lets hope the apt-get install mysql-client mysql-server will work on 12.04 as well and not mysql-server5.5 or something like that,
<soren> I've never really understood the whole "less altered" thing being a goal in itself.
<Mum29> Ohh another thing that iwe found a problem with ubuntu. If i load it in a virtualbox and close the virtualbox and select "Send request for shutdown"
<Mum29> That does not work on ubuntu. But works perfect on debian. Small details, but i noticed
<soren> Mum29: Install the acpid package.
<Azrael> so the next release of ubuntu is scheduled for april 2012 yeah?
<soren> That's all.
<SpamapS> Mum29: mysql-client and mysql-server are virtual packages, provided now by mysql-client-5.5 and mysql-server-5.5
<soren> Azrael: Yes.
<soren> SpamapS: mysql-server | 5.1.58-1ubuntu3 |       precise | all
<Azrael> do we know the name of the distro release?  or will it be called Precise?  or is precise a codename for next?
<SpamapS> soren: give it a day man.. it landed 6 hours ago ;)
<soren> Azrael: Precise Pangolin.
<Mum29> soren > ahh okay, is it not a small package that would make sense to have in there by default
<Azrael> soren: thanks
<soren> SpamapS: Patience is not my thing :)
<tarvid> http://paste.ubuntu.com/747673/
<Mum29> But kuddos for having a dedicated server channel here with friendly chatters, definently added to the list. No matter what my husband likes
<soren> Azrael: Due out April 26th.
<tarvid> eth0 does not come on boot
<Azrael> so... far... away...
<SpamapS> soren: we'll be dropping the 5.1 packages just as soon as 5.5 actually builds on all 4 supported arches. :)
<tarvid>  /etc/init.d/networking restart does not bring it up either
<tarvid> ifconfig eth0 192.168.1.1 up does
<Azrael> will precise continue with upstart or use systemd?
<SpamapS> Mum29: don't get us wrong.. we're Debian fans too. We just are *bigger* Ubuntu fans. :)
<SpamapS> Azrael: upstart
<SpamapS> Azrael: we'll evaluate systemd for 12.10
<Azrael> cool
<Azrael> i'm a fan of both
<Azrael> so either way, cool
<Mum29> SpamapS > Im the same way. the debian crew are just lazy in my book.
<Mum29> I dont like that
<SpamapS> I find systemd's monolithic design disturbing
<SpamapS> But it has more eyeballs than upstart these days.
<SpamapS> Mum29: I would never call Debian lazy.
<Azrael> the author's put out a lotta neat things
<Azrael> like pulse audio
<soren> tarvid: What does "ifquery eth0" say?
<Azrael> i think he's working on a new syslog style for linux now
<Azrael> binary based
<SpamapS> Azrael: yeah, Lennart is a very productive engineer
<Azrael> so \n != end of record heh
<tarvid> http://paste.ubuntu.com/747679/
<Mum29> SpamapS > im less likely to be beaten over such a statement so let me do those. But seriosly. php 5.3.3 it will remain that version for 2 years in squeeze, what do the developers do in that time. Nothing = lazy
<soren> tarvid: So it believes it's already up.
<SpamapS> Azrael: syslog-ng did that oh... 15 years ago? But I think lennart is working more on a simpler more modern logging system.
<Azrael> yeah
<SpamapS> Mum29: Ondrej Sury, the main driver of PHP in Debian, is pretty darn productive
<tarvid> only after a manual ifconfig eth0
<SpamapS> Mum29: http://packages.qa.debian.org/p/php5.html
<soren> tarvid: Which is by "ifup eth0" doesn't bring it up (since ifup on an interface that's already up is a no-op).
<soren> tarvid: No.
<pythonirc101> Anyone has done an autologin in 11.04 here? I can autologin, but my home directory seems to be encrypted at autologin.
<tarvid> it does not come up on boot
<soren> tarvid: ifquery doesn't look at the interfaces state.
<hallyn> SpamapS, i keep wondering - doesn't schneier have a patent on the chained hash system he wants to use for logging?  there was a paper in 97 or so
<soren> tarvid: It looks at what it thinks to be true.
<SpamapS> Mum29: seriously.. he's a big part of why php sucks only as much as it has to in Debian and Ubuntu. :)
<hallyn> but, if that's all you wanted, you can easily do it with syslog-ng to a remote host
<SpamapS> hallyn: I only read a snippet.. haven't looked at it in depth.
<tarvid> but I need it to come up on boot
<hallyn> SpamapS, i just remember reading the paper, implementing it, and thinking "i can't put this out bc i'll get sued"
<soren> tarvid: For some reason, it thinks it already brought it up. Do you have an "interesting" filesystem layout?
<hallyn> neat idea at the time
<Azrael> SpamapS: i've been reading a bit about orchestra and juju these days.  those are some powerful tools which could really, really, *really* capture *.rpm sysadmin's attention.  its too bad juju doesn't yet have a provider for Virtualbox or KVM built in, so i could play around with it on my laptop.  there is an XCP provider under way methinks.
<soren> tarvid: pastebin /etc/fstab, perhaps?
<Mum29> SpamapS > im sure he does alot of stuff and saves the day. But still 2 yeras without a version update. Just comes over lazy in my eyes. Debian will be stoneage in 1.99 years a few month before debian 7 comes out. Way way slower than the latest ubuntu version at the time.
<tarvid> http://paste.ubuntu.com/747681/
<Mum29> I guess i just answered my own question from before
<soren> tarvid: That's remarkably boring.
<tarvid> not quite
<Mum29> Like my husband
<tarvid> fsck always fails
<SpamapS> Mum29: you're misinformed. For those two years, Ondrej is testing and fixing bugs and pushing new versions into unstable for people to test.
<soren> tarvid: Oh.
<SpamapS> Mum29: the every two years bit is just when they stabilize and stop changing things.
<soren> tarvid: I know what's wrong.
<soren> tarvid: Your network config is invalid.
<Mum29> SpamapS > i know but that doesnt make the version in squeeze up to date in anyway. version wise.
<soren> tarvid: Your broadcast address isn't in your network.
<SpamapS> Mum29: its not lazy. Its the only way the project can scale in any way.
<SpamapS> Mum29: and if he hadn't been uploading those versions, Ubuntu would not have had them. ;)
<SpamapS>       php5 | 5.3.2-1ubuntu4.10 | lucid-updates | source, all
<Mum29> Seems like a good concept for someone that just installs a server and leave it for 2 years. for us that likes to gets our hand dirty it doesnt seem like the right choice
<SpamapS>       php5 | 5.3.3-1ubuntu9.6 | maverick-updates | source, all
<SpamapS>       php5 | 5.3.5-1ubuntu7.3 | natty-updates | source, all
<soren> tarvid: bc
<soren> whoops
<SpamapS> Mum29: goes up and up.. because of Debian.. ;)
<Mum29> I know
<Mum29> Im gratefull, not just the perfect server distro for me
<SpamapS> Mum29: for the get your hands dirty crowd, there are backports and PPA's :)
<Mum29> Thought PPA only was for ubuntu..
<SpamapS> Mum29: most serious server admins prefer to install the LTS, and then introduce new versions of only a few things
<tarvid> Looks like it is to me but it should calculate it if I simply delete the broadcast and network line
<Mum29> php, php-apc- mysql the stuff that makes my setup fast or slow does not come in backports of ppas as far as i know. so..
<soren> tarvid: Yes.
<tarvid> I'll try that
<soren> tarvid: Your broadcast address would be 192.168.1.247, if my bitmangling is correct.
<Mum29> SpamapS > sure that makes sense for a production server you dont wanna mess with and have max uptime. But that same server will load pages slower than my reguarly updates system. Thats my focus for our home server.
<soren> tarvid: Sorry, I just realised my use of ifquery was misguided.
<Mum29> Thanks for all your input everybody. Great stuff
<soren> tarvid: It doesn't query the known state, it just parses /e/n/i and outputs it in a more easily parsable format.
<SpamapS> Mum29: not so sure I agree. Every time you update and break something, your speed is 0. ;)
<soren> tarvid: ...but the misconfig would certainly explain your symptoms.
<soren> tarvid: So we're probably in good shape now that you've fixed that up.
<SpamapS> Mum29: that said, I am a big proponent of fresh, new components.. :)
<Mum29> If the guys that makes the updates dont make sur they dont break, they should get a job at 711
<Mum29> me2
 * soren likes his daily crack
<SpamapS> Mum29: Yeah, then you may not want to use PHP anymore
<SpamapS> How many times have they regressed things in a patch release? ;)
<SpamapS> including precise's current 5.3.8 .. which has a broken is_a() function
<Mum29> iwe been using php since 5.3.1, now 5.3.8 on debian, ubuntu many servers. Nothing have ever broken due to php,mysql update
<Mum29> So i dont expect that to be a problem at al
<SpamapS> Mum29: you missed out on the fun of PHP 5.1.2 -> 5.1.4, which broke the date() function *completely*
<Mum29> SpamapS > there is most likely way more problems than that, big projects always have that, but its details that should mess things up for the majority of the users
<Mum29> SpamapS > sounds like fun i could live without
<Mum29> hell 5.1.2 that must have been years ago
<SpamapS> yeah
<SpamapS> 5.2 had some fun breakage too
<SpamapS> I maintained a version of 5.1 on a few backend servers for an extra year because things were so broken going 5.1->5.2 :-/
<Mum29> I only run phpBB3 on the server it just runs. even tried php 5.4. np
 * SpamapS thanks god that his devs eventually saw the light and started running CI tests
<Mum29> lol
<tarvid> soren, thanks - my eyes are blurred the mask was wrong
<soren> tarvid: np
<huats_> I am trying to create a simple xen domU on oneiric but it seems to fail all the time :( when I try to create an oneiric image I got a not a no hook directory to use and if I try to get a natty I got a no /dev/xvda2 device
<huats_> any idea ?
#ubuntu-server 2011-11-24
<philipballew> !vpn
<ubottu> For more information on vpn please refer to https://wiki.ubuntu.com/VPN
<webPragmatist> how do i address this sendmail error
<webPragmatist> WARNING: local host name (...) is not qualified
<webPragmatist> weird
<Mum29> Change your hostname maybe
<Mum29> Check the server is connected to the net as well
<webPragmatist> Mum29: ya that was itâ¦ now i am having a differred error
<Mum29> Post it
<webPragmatist> i can send to like my google domain but i can't send to the localdomain i am sending from
<webPragmatist> http://pastie.textmate.org/private/bv6glytvvaaaj6csxbxqwg
<Mum29> send to localdomain from local domain, that sounds a bit strange
<SpamapS> webPragmatist: any reason you're using sendmail ?
<webPragmatist> kinda just because it was the first thing i got working
<Mum29> I use a external mail service for all our mail needs, 2-3 bucks a month and you can remove all mail stuff from the server and use its ressources for better stuff
<SpamapS> webPragmatist: sendmail does not get much favor with ubuntu. Most users prefer postfix or exim
<SpamapS> Mum29: many programs still want to run /usr/bin/sendmail instead of connect to an external SMTP server
<SpamapS> Mum29: tho for that, there's ssmtp. :)
<Mum29> extra s in there than im used too. google is good
<Mum29> Sure, but i get no errors in the logs about. the php scripts i use works with smtp server and pw
<Mum29> Btw while im here, something i wanted to ask some experts about for a long time. I run this command on all my setups. Sometimes with imagick, apc or xcache, but stream downed it looks like this.
<Mum29> sudo apt-get install apache2 curl mcrypt mysql-common mysql-client mysql-server libapache2-mod-auth-mysql phpmyadmin php5 libapache2-mod-php5 php5-common php5-cli php5-cgi php5-curl php5-gd php5-mcrypt php5-mysql php-pear
<Mum29> Is there something thats not needed in there or something i can do to optimise the setup on a command level ?
<webPragmatist> SpamapS: ah this is much easier to setup
<webPragmatist> mor importantly it works heh
<SpamapS> Mum29: mysql-common is not needed, it will be pulled in by mysql-client and mysql-server
<Mum29> Thx SpamapS
<SpamapS> Mum29: also why do you have php5-cgi?
<SpamapS> anyway, time to disconnect from the net for a while and experience the "real" world. :)
<Mum29> Not really sure. phpBB3 or wordpress wont really need it. Oh and i have that a2seXX something for .htaccess
 * SpamapS disappears
<Mum29> Enjoy
<l0n> mum29, prob not what you're after but, if you use a simpler list e.g. install apache2, you can combine it with --no-install-recommends to only install the min packages needed
<Mum29> Mm not a bad idea, even though i think the software i run needs most of it. but php info has alot of versions of software. That command wont not install of those. Just the apt-get packages that apache2 nornally includes
<l0n> yeah, you would have to use --no-install-recommends on all the major packages to see if you're adding anything that isn't needed
<Mum29> wouldt apt-get apache2 mysql-server --no-install-recommends do that on all packages included in the comman ?
<l0n> not sure, give it a go, it should ask you to confirm before actually doing anything so you can have a look at the packages before it installs
<Mum29> Sure forgot that, but thanks didnt think of that option
<kaushal> Hi
<kaushal> Any clue about http://pastebin.ubuntu.com/747876/ ?
<kaushal> this server also has high %wa
<TimR> does anybody know how I can test a dial up modem inside command line?
<kaushal> Any clue ?
<kaushal> is it due to failing Hard Drive issue ?
<kaushal> 10.04.1 LTS
<patdk-lap> well %wa says your disks aren't responding quick enough
<patdk-lap> what your paste is, I dunno
<kaushal> is there a way to find out which process hogs high %wa ?
<patdk-lap> ever think about trying smartdrv on your disks to check them?
<kaushal> ok
<twb> TimR: screen /dev/ttyS0 115200, send an ATZ
<kaushal> patdk-lap: smartdrv ?
<patdk-lap> in smartmontools I think
<l0n> kaushal, you can see disk usage by getting the kernel to log it using sh -c "echo 1 > /proc/sys/vm/block_dump"
<kaushal> l0n: ok
<l0n> but only leave it going for a little bit if you have high %wa
<l0n> disable it by echoing 0
<kaushal> so do i need to look for dmesg after running sh -c "echo 1 > /proc/sys/vm/block_dump" ?
<l0n> prob would appear in dmesg output but I normally look at /var/log/messages
<kaushal> ok
<l0n> also, with smartmontools, if you can't see anything obviously wrong, run a long test
<kaushal> l0n: sure and thanks
<l0n> On a side note, if anyone is looking for a really good script to show disk usage per process, this looks really good although I haven't personally tried it: http://www.zarafa.com/wiki/index.php/Monitoring_Disk_IO_per_process
 * patdk-lap just uses iotop
 * patdk-lap continues the rsync, that just won't end
<greppy> TimR: minicom should let you test a modem.
<patdk-lap> I figure it will take rsync a month atleast to copy this data
<l0n> I've had problems with iotop because of it using a certain verison of python, not sure if that was on Ubuntu though
<patdk-lap> problems?
<patdk-lap> the only issue I have ever had, was attempting to use it on old dead kernels, and I have discontinued them
<l0n> yeah, don't think old kernels had the ability to monitor disk usage but issues I've had is that it just doesn't work because of some issue with python
<patdk-lap> some issue with python? I don't use python
<patdk-lap> :)
<l0n> iotop uses python :)
<TimR> does anybody know how to install the drivers for the intel 537ep chip set dial up modem
<twb> patdk-lap: I use iostat fwiw
<twb> greppy: you don't need minicom; screen is (probably) already installed, and can speak serial all on its own
<dork> hi
<DanaG> har, in many times, it's faster to ship a hard drive than to send over the internet.
<twb> DanaG: that has been the case since 1963
<dork> hi
<kaushal> patdk-lap: hi again
<kaushal> i see flush-8:0              468      19792          2      19790          0 sda1
<kaushal> in http://pastebin.ubuntu.com/747924/
<kaushal> Any clue ?
<Puck`> hi everyone
<Puck`> could anyone send me off to some documentation where I could read about setting up ubuntu server with media playback capabilities? I want to play a stream on the server, no X
<twb> mplayer -vo null -ao alsa foo.mp3
<twb> Or mpd or xmms2
<Puck`> hmm, thank you twb
<twb> mpd is simple, xmms2 is flexible
<Puck`> I'll go with mpd then
<twb> mplayer and vlc are more if you just want to play a file now, mpd/xmms2 are more about wanting a playlist
<Puck`> I want to plaay a stream, icecast one
<twb> streamripper then, perhaps
<twb> Or just mplayer -playlist http://example.net/foo.m3u
<twb> http://cyber.com.au/~twb/.bin/radio is what I do, specifically
<Puck`> that'll do, I think I just messed up, I installed mplayer with everything, so I think Gnome is being installed now, mhm, no worries, I'll start from the beginning
<twb> mplayer builds on ubuntu are probably stupid
<twb> my mplayer stuff is on debian so I'm not sure
<koolhead11> hi all
<Puck`> maybe I'll go with a debian netinstallation, which package do I need to be able to hear the sound? Alsa?
<jamespage> morning all
<Takyoji> I know it sounds like a stupid question, but: what's the "safest" way to reboot a system via command line?
<Takyoji> I've been doing "reboot -f now", but I get a feeling as if it's SIGKILLing everything or something
<Takyoji> ahh, just 'reboot' I guess. xP
<koolhead11> morning jamespage
<eagles0513875> !a2ensite
<koolhead11> hola lynxman
<eagles0513875> hey koolhead11
<eagles0513875> koolhead11: dunno why kool aid popped into my head :p
<james538227> hey has anyone had any luck with ralink rt2860 driver connecting to router using wpa/wp2 encryption on ubuntu server?
<lynxman> morning o/
<koolhead11> hey lynxman
<uksysadmin> I've been editing my preseed files and for some reason now my late_command section isn't being executed.  no errors in the logs - just a bit weird.  Does the preseed file have a finite length? Does it get downloaded on the system for me to interrogate to see if its got all the right stuff in?
<koolhead11> uksysadmin: you have to check via syslog
<koolhead11> atleast that is what i used while using preseed and deploying the stuff
<uksysadmin> yeah /var/log/installer/syslog - just doesn't have anything abotu any command being run.  it could be because of an extra \ I added for some reason... just trying again.  23rd time's a charm.
<uksysadmin> I'm nearly there with what I wanted to achieve though - 1) to understand pxebooting and preseeding with Ubuntu and 2) booting a new nova-compute node using this process
<uksysadmin> I'll then look at whether or not its the "right way" to do this... I do feel compelled to get this working by doing juju stuff.
<koolhead11> uksysadmin: but you can do the same using Juju
<koolhead11> instead late command in preseed
<uksysadmin> do you have an example - would love to see how it gets done.
<koolhead11> uksysadmin: https://help.ubuntu.com/community/UbuntuCloudInfrastructure :D
 * uksysadmin has no response to the RTFM ;-)
<koolhead11> uksysadmin: in that case you will keep hitting against wall, can`t help sirr. :D
<uksysadmin> no - its good! Thanks!
<koolhead11> uksysadmin: i remember my 1st night at IRC i been told more than 7 times RTFM and i never knew what it meant, google was not there and yahoo search could not answer me well. :P
<uksysadmin> :)
<uksysadmin> well my scripts and preseed now all work
<uksysadmin> (extra \ in late command bit)
<uksysadmin> I can now boot extra compute nodes! :)
<uksysadmin> now to destroy all that and do it the proper way
<koolhead11> uksysadmin: bahhhhh.
 * koolhead11 kicks uksysadmin 
<uksysadmin> bbl
 * koolhead11 planning 4 beer meditation.
<linocisco> hi. who is using Zentyal server. ?? is a renamed version of Ebox based on ubuntu
<linocisco> I would like somebody to share real experience of Zentyal
<lool> RoAkSoAx: Hey, cobbler-common ships a template in /exists; this seems to be a typo in the .install file
<koolhead11> I don't need VT enabled h/w to run LXC, correct me if am wrong.
<lool> RoAkSoAx: fix uploaded
<uvirtbot> New bug: #894377 in mysql-5.1 (main) "mysql-server failed to upgrade to Precise. mysql main process (4700) terminated with status 7 respawning" [High,New] https://launchpad.net/bugs/894377
<RoAkSoAx> lool yes it was a typo thanks for taking care of it
<zul> good morning
<lynxman> zul: good morning sir
<lynxman> RoAkSoAx: morning to you too ;)
<zul> hey lynxman
<Khas> Hello.  I'm running a server with a public IP, and I'm trying to set up a bridge for openvpn.  Is this possible, or do I need an intermediate virtual interface to do the DHCP for the vpn?
<SpamapS> Khas: the server has a real IP on one interface, and a non-routable IP on the other?
<Khas> There is only one interface current, eht0, with a public IP.
<qman__> you have to have somewhere to VPN to
<Khas> Ah yes, sorry.
<Khas> That will be tap0
<qman__> no, as in somewhere to reach with the VPN
<Khas> So what I've read suggests creating br0 between tap0 and eth0
<qman__> you can't VPN to the internet
<Khas> Ah I see.
<qman__> well, you could, but it would be pointless
<qman__> what is it you're actually trying to achieve?
<Khas> I've got a routed vpn set up just now, but I want the server to use dnsmasq to issue the VPN addresses (10.8.0.0/24).
<Khas> Then I can set it up so I can access the machines behind the VPN with host.vpn.mydomain.com
<qman__> I mean overall, what scenario is this trying to solve?
<qman__> a machine with only one interface, directly on the internet, has nowhere to VPN to, it's a bit silly
<Khas> Roadwarrior setup where I can access each remote machines with a name.
<Khas> Ah no, you are confused.
<Khas> The server is the VPN server.
<Khas> It is what everything else VPNs -to-.
<qman__> ok, that makes more sense
<Khas> So it creates a tap0 that listens for incoming connections.
<Khas> I need to bridge that tap0 to eth0 to get out on the the internet.
<qman__> but, in that case, unless I'm mistaken, you need to use routed VPN to create the network the machines communicate on
<Khas> But I want br0 and each vpn client to be issued a LAN IP by dnsmasq
<Khas> Nah, layer 2 bridging works too.
<Khas> Here's the method I'm following: http://maverick.homelinux.net/blog/?p=196
<greppy> do you really need a bridge, or just an iptables nat?
<SpamapS> Khas: so it has one eth0, with a real and a fake address?
<Khas> eth0 only has one address, which is real.
<SpamapS> Khas: I'm trying to figure out where these servers are
<qman__> you need to have some interface with the VPN address on it
<qman__> real or virtual
<Khas> At present, using routing, tun0 is created with the LAN address
<Khas> 10.8.0.21
<Khas> 10.8.0.1 even.  This is using the standard ubuntu openvpn howto
<qman__> but using tap, the tap interface doesn't get an IP
<qman__> you need to bridge to the 'internal' interface, whether that's eth1 or a virtual interface like eth0:1
<SpamapS> you can't really bridge onto an alias.. since they'd have the same MAC
<qman__> true
<qman__> I don't see this working with a tap/bridged configuration
<Khas> Well that was my original question, do I need an intermediate virtual interface to make it work.
<Khas> At present, I can ifup br0, but then the server doesn't respond to any connections heh
<qman__> I think you should stick with tun/routed and just route whatever it is you need to get through
<SpamapS> Khas: explain where you want the packets to flow.. is it.. from the internet to your VPN clients?
<Khas> Ok.  I have a machine, zeus, which is my home machine.  It connects to the vpn, and uses tunneling to tunnel all traffic through the vpn.  However, I may want to access some services on zeus from outside.  I would like to access them through zeus.mydomain.com for example/.
<Khas> The easiest way to do that is to use dnsmasq to maintain the list of LAN IP > hostnames.
<Khas> To get dnsmasq to do that, it needs to provide the LAN IPs, -not- OpenVPN
<Khas> Which requires a layer 2 openvpn connection.
<qman__> I don't know if what you want is possible without a second interface
<Khas> Which is why I was following that blog entry I posted. :-)
<qman__> I do know that untangle can use DHCP reservations for openVPN clients
<Khas> Well technically tap0 is the virtual interface to the VPN
<qman__> which you could then use static DNS or hosts files
<Khas> I'm not sure how many clients may eventually connect to my vpn though
<Khas> Which is why I'd like it dynamic.
<qman__> you have to hand out keys for each client anyway
<SpamapS> Khas: so dnsmasq would be running on zeus, to help you access.. zeus? And all clients would be sending their DNS queries accross the VPN to zeus?
<qman__> setting up a DHCP reservation could be done at the same time, in the same script
<Khas> No. zeus is a client.  Call the server olympos or something :-P
<Khas> qman__: you don't need to use separate keys.
<Khas> It's preferable to, but you don't have to.
<SpamapS> jibel: I responded to bug 894377 ...
<uvirtbot> Launchpad bug 894377 in mysql-5.1 "mysql-server-5.1is deprecated for mysql-server-5.5 in precise, should be removed once transition is complete" [High,Triaged] https://launchpad.net/bugs/894377
<SpamapS> jibel: I think the test needs to be changed to test 5.5
<cr3> I see cloud images for precise on AWS but there's no http://cloud-images.ubuntu.com/releases/12.04/release/, at what point should there be cloud images for precise there?
<jibel> SpamapS, in mail.log there is "main.log:2011-11-24 12:35:04,955 DEBUG Upgrade [...] mysql-common mysql-server mysql-server-5.1 mysql-server-core-5.1 [...]" so I think it upgrades mysql-server or is there something with the resolver ?
<jibel> *main.log
<SpamapS> jibel: Not sure. Where could I find the test code?
<jibel> SpamapS, http://bazaar.launchpad.net/~ubuntu-branches/ubuntu/precise/update-manager/precise/files/head:/AutoUpgradeTester/, good luck with that ;)
<jibel> SpamapS, rather than spending hours on the code, let me know if I can do further testing
<SpamapS> wait what?
<zul> jamespage: lemme know when you are around
<jamespage> zul: I am but not for long
<zul> jamespage: alright ill bug you tomorrow then
<jamespage> zul: OK
<koolhead17> hi all
<sKeiths> i can't boot my server anymore after an upgrade. its exactly like a forum poster http://ubuntuforums.org/showthread.php?t=1690498. his solution involved purging and redoing grub, but in the article on howto purge grub it says first to check boot info script for obvios discrepancies. my problem is i wouldn't know what to look for as discrepancies so i uploaded results http://paste.ubuntu.com/748402/
<SpamapS> jibel: ahh, ok, I think this is just a transition problem ... mysql-server-5.1 won't exist in 12.04
<eagles0513875> !xen
<ubottu> XEN is a virtual machine monitor for x86 that supports execution of multiple guest operating systems with unprecedented levels of performance and resource isolation. Information on installing it for Ubuntu can be found at https://help.ubuntu.com/community/Xen
<eagles0513875> thats where the documentation is O_o
<RoAkSoAx> lynxman: lol morning.. im off today its thanksgiving here
<eagles0513875> anyone have xen running on 11.10
<sKeiths> hmm, i still have no idea what i am doing. i removed legacy grub and installed grub2. now i reboot and only get to a grub> prompt. i type ls and i can see my Node2-root. how do i command grub to boot from that location?
<linocisco> is there any documentation for enterprise level server deployment guide for windows users ?
<genii-around> linocisco: https://help.ubuntu.com/10.04/serverguide/C/  is a good overall guide no matter what OS you are coming from
<linocisco> genii-around: I am sorry. thanks anyway you dont get it.
<linocisco> genii-around: I am meaning to deploy enterprise servers at back end and windows clients at front end
<genii-around> I believe that's covered in Chapter 17
<linocisco> genii-around: As far as I know, samba PDCs are able to support only 500 users , right ??
<genii-around> I'm not sure of the top-end limit. Are you running the Windows boxes as thin clients or are they standalone?
<patdk-lap> heh? your still running nt 4.0?
<linocisco> genii-around: they are standalone. but at least XP version and above. Not NT or Not 3.11
<genii-around> I think NT still had bottom count of 3,000 or so
<linocisco> btw, how to paste image here ??
<genii-around> As far as I know there is no upper limit for users, just whatever your physical hardware can support serving simultaneously.
<linocisco> I mean upload site like pastebin.ubuntu.com
<genii-around> Probably to use imagebin.org
<linocisco> genii-around:  thanks
<mstaessen> Hi All!
<koo1> hey
<mstaessen> Could somebody help me? I want to set up two NICS on a single ubuntu server machine
<mstaessen> but when i try to bing up eth1, I get a RTNETLINK File exists message
<mstaessen> eth1 never comes up
<mstaessen> $ sudo ifup eth1
<mstaessen>     ==> RTNETLINK answers: File exists
<mstaessen> Failed to bring up eth1.
<mstaessen> I have no clue and I can't seem to find anything useful on the internet...
<l0n> mstaessen, Google says: "ifdown eth1:1; ifdown eth1; ifup eth1"
<mstaessen> It's not a virtual interface
<mstaessen> so this does not apply, I guess
<l0n> well, try doing an ifdown then ifup
<l0n> just a straight ifdown eth1 rather than eth1:1
<mstaessen> then I get
<mstaessen> sudo ifdown eth1
<mstaessen> ifdown: interface eth1 not configured
<mstaessen> which seems logical as it is never brought up
<l0n> idd, that's fine, now try ifuping
<mstaessen> but then again, I can't bring it up :)
<mstaessen> sudo ifup eth1
<mstaessen> RTNETLINK answers: File exists
<mstaessen> Failed to bring up eth1.
<patdk-lap> try doing an ifconfig eth1 down, first
<patdk-lap> maybe the status file exist saying it's up
<mstaessen> sudo ifconfig eth1 down && sudo ifup eth1
<mstaessen> RTNETLINK answers: File exists
<mstaessen> Failed to bring up eth1.
<mstaessen> Just the same...
<l0n> are you able to bring it up manually using ifconfig?
<mstaessen> you mean running ifconfig eth1 up?
<rmozden> I have a complex dns question to ask.   I've set up dns internally on this box that also acts as my nat router.  The internet facing is supposed to have a .us address and internally I'm using .int as the domain suffix.
<l0n> no, something like 'ifconfig eth0 192.168.1.3 netmask 255.255.255.0'
<mstaessen> ok, I'll try
<rmozden> basically, how do I tell my server that it also has wolverine as the sub-domain name within the lookup/reverse lookup?
<mstaessen> I ran 'sudo ifconfig eth1 193.190.253.82 netmask 255.255.255.248 up' but it did not come up
<l0n> try without the up at the end, you just want to set the IP, that should be enough to bring it up
<mstaessen> ok
<mstaessen> sudo ifup eth1
<mstaessen> Ignoring unknown interface eth1=eth1
<rmozden> what does ifconfig show currently?  Is eth1 listed?
<rmozden> my other question to that would be ( since I came in late) is this a laptop?
<mstaessen> eth1 is indeed listed
<mstaessen> it's an ubuntu server with two NICs
<l0n> is the IP listed under eth1?
<mstaessen> it an HP Proliant ;)
<l0n> that you configured using ifconfig
<mstaessen> yes it is
<l0n> can you ping it?
<rmozden> then the adapter is live already and cannot be brought to an up status
<mstaessen> from localhost or another machine?
<l0n> another machine
<mstaessen> I cannot from another machine, but I can from localhost
<mstaessen> there also is no entry of eth1 in /etc/network/run
<mstaessen> btw, this is my routing table
<mstaessen> route -n
<mstaessen> Kernel IP routing table
<mstaessen> Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
<mstaessen> 0.0.0.0         10.48.8.126     0.0.0.0         UG    100    0        0 eth0
<mstaessen> 10.48.8.64      0.0.0.0         255.255.255.192 U     0      0        0 eth0
<mstaessen> 193.190.253.80  0.0.0.0         255.255.255.248 U     0      0        0 eth1
<mstaessen> should I remove the  last entry before bringing up eth1?
<l0n> well it's already up you've just done it manually, I just wanted to make sure that would work
<l0n> not sure why you can't ping it remotely, I would imagine that's related to something else
<mstaessen> Probably the firewall then... :s
<mstaessen> but I don't have access to that machine. D'oh!
<l0n> well, you'll prob want to have another look at why ifup isn't working whilst you're waiting for the firewall changes. It would be quite annoying if you had to manually bring it up post rebooting
<mstaessen> true that
<l0n> actually that's a good point, you might want to try rebooting and see what happens, might even fix the problem
<mstaessen> do you have any ideas?
<mstaessen> what's the command to remove a route from the routing table? when I execute 'route del -net 193.190.253.80' I get an error
<l0n> what's the error that you get?
<mstaessen> SIOCDELRT: Invalid argument
<mstaessen> no idea what that means :D
<l0n> try 'route del -net 193.190.253.80/29'
<mstaessen> Now I get route: netmask doesn't match route address
<mstaessen> which it should ... :s
<patdk-lap> no that is /28
<patdk-lap> .252 is /29
<mstaessen> no, 248 is /29 ;)
<patdk-lap> hmm
 * patdk-lap needs to finish waking up
<patdk-lap> been half asleep all day
<mstaessen> lol :)
<mstaessen> Anyway, I find it strange I cannot delete that route
<l0n> I have to use calc when I do it regardless of how awake I am :(
<l0n> idd, that's odd and that error msg makes no sense
<TimR> can anybody tell me how to get my dial up modem to work on my server? because I tried on the forum and not getting help.
<mstaessen> however, when I ifconfig eth1 down, the route disappears
<l0n> maybe you have to do 'route del -net 193.190.253.80/29 eth1'
<TimR> i am using Conexant dial up modem on ubuntu 10.04.3 lts with Linux 2.6.32-35-generic on i686
<mstaessen> Hey, that did it! :D
<l0n> ahh, so it defaults to eth0
<rmozden> Did anyone see my dns question?
<patdk-lap> rmozden, the one that makes no sense? :)
<koo1> kinda serverish question : how do i get programs like mc and finch play well with a monochrome crt? i tried "mono" at boot, some parameter for byobu...no change
<koo1> setting term=vt100 obviously cked up the keyboard
<mstaessen> l0n, when I do 'sudo route add -net 193.190.253.80/29 gw 193.190.253.86 eth1' I get "SIOCADDRT: No such process". Does that makes sense to you?
<TimR> does anybody know?
<rmozden> patdk-lap, I'm trying to hardcode the dns both internally and externally ( this is a permiter machine)
<rmozden> hostname is set to wolverine.mozden.us but I had to use my registrars dns to point it to the ip.  The ISP says they have put the record in on their dns but revers lookup is wrong
<rmozden> Internally I'm doing a smarthost to point to this machine for admin logs etc and just trying to make sure that it resolves appropriately.
<l0n> I don't think it makes much sense to do that, you're trying to add a gateway for your local network, you prob want something more like: 'route add default gw 192.168.1.254 eth0'
<l0n> unless you have different gateways for different networks
<patdk-lap> rmozden, you want your external ip to display your dns name?
<mstaessen> l0n, ok
<mstaessen> it doesn't really matter which gateway it uses
<rmozden> patdk-lap, Correct.  I want it to resolve proper from inside and out
<patdk-lap> then you have to ask your isp that owns that ip to change it
<rmozden> supposedly they did
<patdk-lap> what ip?
<rmozden> 24.154.9.14
<patdk-lap> it works
<patdk-lap> they have a 1day ttl
<patdk-lap> so it will likely take a day for you to see the change
<rmozden> it doesnt resolve that way from their newtwork
<rmozden> but at least from outside  to the server it works
<patdk-lap> cause the old entry is cached on their servers
<patdk-lap> and it will take a day to flush it out
<rmozden> it's been like that for months
<patdk-lap> what happens when you do a, dig -x 24.154.9.14
<rmozden> maybe they finally fixed it after my last call to them
<rmozden> looks that way anyhow
<rmozden> now to go deal with the other 5 addresses - lol
<rmozden> thx for the help
<TimR> does anybody know how to setup a dial up modem on 10.04.3lts?
<rmozden> Oh, while I'm thinking of addresses, is there anyway of doing the ifcfg-netblk on ubunto for a block of addresses o am I stuck entering them all in manual?
<RoyK> TimR: with ppp?
<RoyK> TimR: or what do you want to do? zmodem transfer? chat?
<TimR> well see the modem doesnt apper to show up
<TimR> im trying to create a dial up server
<RoyK> TimR: install minicom
<RoyK> TimR: with minicom, you should be able to dialup manually, when that works, try to setup ppp if that's what you need
<RoyK> TimR: do you mean IP over modem?
<patdk-lap> I think he wants to setup a upstart script for the modem, that runs ppp
<TimR> I am trying to create dial up server
<TimR> well the modem isnt installed from what I am seeing
<koo1> does nobody use monochrome crts anymore?
<RoyK> TimR: a dial up server can be a lot of things...
<TimR> I am trying to be dial up ISP
<RoyK> TimR: that'll be ppp, then
<TimR> but the modem isnt installed so I need to install it
<RoyK> TimR: what do you mean "not installed"?
<RoyK> TimR: is it connected to the PC with a serial cable?
<TimR> no
<TimR> its PCI card
<RoyK> then what sort of modem?
<patdk-lap> oh? it's a softmodem, how evil
<RoyK> a winmodem? or does it show up as a serial port?
<patdk-lap> softmodems are just soundcards
<TimR> Conexant Systems, Inc. HSF 56k HSFi Modem
<RoyK> softmodems == evil
<patdk-lap> softmodem :)
<rmozden> ewwww
<RoyK> TimR: get a good old serial modem
<TimR> I have one
<RoyK> then use that one instead
<TimR> it was from mac
<patdk-lap> timr: http://www.linuxant.com/drivers/hsf/
<TimR> I see that and I have to pay 20 dollars for the licease
<patdk-lap> yep
<patdk-lap> there is no support for softmodems
<patdk-lap> if you want to use that thing
<patdk-lap> otherwise you need a real hardware modem that looks like a serial port
<TimR> I will just use my serial modem I guess
<RoyK> or something like this http://www.ebay.com/itm/USR-US-Robotics-Sportster-External-dial-up-serial-analog-dialup-modem-33-6-fax-/150680494982?pt=PCC_Modems&hash=item231541e386
 * pmatulis does not want to open that link to see the picture
<RoyK> lol
<RoyK> that modem cost about the same 15 or 20 years ago...
<pmatulis> sure, it's so old the price is going up
<linocisco> how can I build my own ubuntu server based settop box ??
<TimR> i dont have that one but I have a best data that was used for a mac
<RoyK> linocisco: shouldn't be too hard with some atom-based mobo or perhaps something with an ARM cpu, install mythtv or something similar...
<RoyK> TimR: so long it uses rs/323, anything should work
<linocisco> RoyK: if I M not familiar with electronic, how can I do?
<RoyK> you may not get 56,7kbps, but...
<RoyK> linocisco: no need to be familiar with electronics - just get something small and install ubuntu on it :)
<RoyK> plese mind that not all ARM stuff works on newer ubuntu, things like guruplug uses older arm arch, not supported > ubuntu 9.04
<linocisco> RoyK: how to build USB port Network port. It should be portable and placable on rack
<RoyK> linocisco: just get anything with usb and network and ubuntu should autodetect it...
<genii-around> TimR: What vendor:device code the thing has?
<TimR> are you talking about the external or pci card there genii-around
<RoyK> genii-around: no vendor:device code for something on rs/323 :P
<genii-around> TimR: PCI. A while ago I wrote a how-to on the forums for Conexant Winmodems
<RoyK> winmodem == evil
<linocisco> RoyK: is there anything on step by step how to ? I want to build and sell them
<TimR> pci dev: PCIDEV=14f1:2f00
<TimR> IDENT=hsfmodem
<genii-around> TimR: Maybe check from my posting at #49 at http://ubuntuforums.org/showthread.php?t=1015673&page=5  ... it's a bit old but should still work
<RoyK> linocisco: you don't need to build anything, just get something small that can run ubuntu and the rest is just software...
<linocisco> RoyK: I dont know how to find it
<linocisco> RoyK:  that is the problem. It should not resemble a real computer
<RoyK> linocisco: there are MANY small single-board computers out there - if you want to start somewhere, why not with a pandaboard? a bit overkill, but good for lab work
<linocisco> RoyK: i have heard of it. I will google it
<RoyK> linocisco: a beaglebone is small ...
<TimR> so genii is it going to work on 10.04.3 lts?
<genii-around> TimR: We got it working as far as Maverick, so yes
<TimR> alright I will give this a try
<genii-around> TimR: If you upgrade the kernel you have to redo the last part ( hsfconfig ) after
 * RoyK is off to sleep
<TimR> well I am running: Linux 2.6.32-35-generic on i686
<genii-around> TimR: I'll be around for another hour, if you run into problems ping
<TimR> well I am getting ready to leave here soon for thanksgiving
<TimR> genii-around did you get my PM?
<genii-around> TimR: Yep
<TimR> alright thanks for that info.
<genii-around> Anytime
#ubuntu-server 2011-11-25
<bfreis> Hi, what should I do to install Ubuntu Cloud Infrastructure using the live image on a server? It looks like it is simply broken, it simply cannot boot: it gets stuck on a loop saying that it can't find /dev/sr0, and later on it drops to a BusyBox shell. How do people manage to install it?!
<twb> sr0 is the CD drive
<twb> Is this during the grub install phase
<bfreis> it is after grub, I think (after I select "normal" boot over "fail safe" boot -- the same thing happens with "fail safe" boot)
<bfreis> and I'm booting from a USB stick
<bfreis> (the same USB stick I used to install Ubuntu Server 11.04 on many other machines)
<bfreis> must I use a CD to install it? or is there any workaround?
<bfreis> I've searched a lot, there's a bug reported on launchpad related to this, but it is marked as fixed
<bfreis> also, on some forums people suggested disabling the floppy drive on the bios, which I did (even if I have no floppy drive), but the problem is still there
<uvirtbot> New bug: #894608 in bridge-utils (main) "Implementing a bridge slows 10G network" [Undecided,New] https://launchpad.net/bugs/894608
<slicslak> i seem to recall a metapackage that has compile tools in it, linux headers, etc. -- basically the stuff needed for building source
<twb> build-essential
<John24Doe> so.... whats the topic?
<slicslak> yea, that's it, thx twb
<twb> slicslak: also "apt-get build-dep foo", or if you are building a kernel module see dkms or (worse) module-assistant
<John24Doe> hellooooo any one therrrrrre?
<twb> John24Doe: do you have a real question?
<John24Doe> yes i do..
<twb> John24Doe: ask it.
<John24Doe> i just got into the ubuntu server and its great so far but i have a question about the email  service..
<TimR> are you trying to setup a email server john24doe?
<John24Doe> ive noticed that there are a bunch of email services.. so my question  is what is the best, simple and secure service out there?
<twb> John24Doe: service that does what?
<TimR> well there is postfix+mysql+dovecot
<TimR> there is iredmail you can use
<twb> TimR: you misspelled "LDAP" as "mysql"
<TimR> no I dint
<TimR> didnt
<TimR> there is a setup as mysql for backend managemnt
<TimR> managment*
<TimR> trust me I have ran postfix+mysql+dovecot before
<TimR> intill I switched it all over to iredmail+mysql setup
<John24Doe> ..
<TimR> it depends how much you know how to run a linux mail server john24doe
<twb> John24Doe: we cannot suggest a solution unless you describe more clearly what you are trying to achieve.
<TimR> that is true what twb is saying
<John24Doe> lol thats the problem...  as i said im new to the linux server world.
<John24Doe> sorry
<TimR> for a newbie I would use iredmail+mysql
<John24Doe> so postfix supports encryption
<John24Doe> ?
<John24Doe> ok ill check out iremail
<TimR> what do you mean encryption like in SSL?
<TimR> http://www.iredmail.org/
<John24Doe> yeah
<funkyHat> email encryption is done at the message level and is not dependent at all on a particular mail server, John24Doe
<John24Doe> ok good to.   know sorry for the newb speech
<funkyHat> SSL is also possible (and yes postfix and dovecot both support that)
<funkyHat> That gives you an encrypted connection from you/other clients to the mail server, which could prevent someone from listening in on the data that goes back and forth at that level, but you can't guarantee that the recipient or sender is using encryption at their end, so the usefulness of that is limited
<funkyHat> It's definitely worthwhile if you are likely to want to access your mailbox or send mail from an internet cafe or other public wifi
<twb> funkyHat: that rather depends on what attack vectors you're guarding against.
<twb> funkyHat: if I ran an internet cafe I would have physical key loggers installed on all the hosts, for example
<twb> SSL helps against MITM but not against the endpoint being compromised, which is basically a given for an internet cafe
<funkyHat> twb: I was thinking of an internet cafe with wireless and your own laptop, if you're using another computer to access the email you'd have to set up webmail at which point IMAP/SMTP encryption becomes irrelevant
<jandrusk> All they have to do is running sslstrip. SSL is in really bad shape these days.
<twb> funkyHat: ah ok
<twb> jandrusk: that from dsniff or something?
<jandrusk> Part of Backtrack, but it works by sending all of the SSL requests through the host running sslstrip.
<John24Doe>  hey twb im going with postfix
<twb> John24Doe: so presumably you want to run an MTA?
<John24Doe> yes
<twb> postfix is a good choice and is the recommend MTA by Ubuntu
<twb> Read the relevant Ubuntu Server Guide sections if you haven't already
<funkyHat> postfix is the best choice unless it doesn't do something you want (which is unlikely), in which case exim4 is probably the best choice
<John24Doe> ok will do. thanks twb
<twb> Yes, exim4 is the other main camp (especially over in Debian); anyone talking about sendmail or cyrus is a greybear or a Red Hat refugee
<twb> *greybeard
<funkyHat> jandrusk: so sslstrip relies on users not noticing the url is wrong?
<RoyK> twb: last I checked, cyrus was a mail store, not an mta...
<twb> RoyK: yes, but dovecot beats cyrus
<twb> RoyK: I was disgusted to find recently that I had a postfix+dovecot instance out at a customer, where cyrus's sasl-bin was being used by postfix :-/
<RoyK> some say so, yes, but still, neither are MTSs :P
<RoyK> s/MTS/MTA/
 * RoyK never made friends with cyrus' sasl
 * funkyHat never heard a good word about it
<jandrusk> funkyHat: sslstrip does not care what the URL is. It is essentially doing a MIM to sniff the data.
<funkyHat> http://www.thoughtcrime.org/software/sslstrip/ the description suggests it's sniffing regular HTTP traffic and replacing links to HTTPS URLs with similar looking HTTP URLs or HTTPS ones if it has signed certs for them
<funkyHat> It doesn't appear to be an actual working exploit on SSL
<funkyHat> (yes, it's probably good enough to fool most people, but still not an actul SSL exploit)
<twb> funkyHat: ah, thanks for the fact-check
<funkyHat> jandrusk: ^
<jandrusk> Hmm. It's been a while since I played with it, but was pretty sure I saw some CCN's from Amazon, GMail, etc... You may be right.
<jandrusk> Pretty much all of the DLP (Data Loss Prevention) vendors clone the server certificate and then sniff the data in order to inspect it.
<twb> "data loss prevention"
<twb> Is that some sort of euphemism for JEDGAR?
<jandrusk> lol
<twb> "Hi this is the NSA for $10/mo we will back up your secrets to our secure data warehouse"
<jandrusk> It's security technology that allows you to inspect network traffic for SSN's, Credit Cards Numbers,etc..
<jandrusk> Or I should say, Corporations.
<jandrusk> For $5/mo I'll give you access to the NSA's secure data warehouse.
<twb> so basically dsniff
<jandrusk> Right.
<dckirba> Hello everyone, how are you? Is it ok to ask what may be a beginner's question in this channel?
<TimR_> whats the question?
<lifeless> dckirba: yes it is
<koolhead17> hi all
<TimR_> why did ubuntu take out syslog in 10.04.3 lts for?
<TimR_> the reason why I am asking because webmin is not seeing syslog on the system
<angelete2> hi
<angelete2> i have such a ghost inside my ubuntu server
<angelete2> i have this line in my crontab: #47 3   * * 1   root    test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.weekly )
<angelete2> so it's commented
<angelete2> but it still executes
<Jeeves_> angelete2: Have a look at /etc/cron.d/
<angelete2> and even worse, it executes not on mondays but on tuesdays
<angelete2> Jeeves_: what should i look for?
<jibel> SpamapS, with the change to mysql yesterday, all mysql-* packages are now completely removed on upgrade included mysql-server, is it what is expected ?
<Jeeves_> angelete2: About the same command
<uvirtbot> New bug: #894660 in unixodbc (main) "odbcinst segfault when no there is no /etc/odbcinst.ini" [Undecided,New] https://launchpad.net/bugs/894660
<dckirba> hi, can anyone give me a bit of help setting up ubuntu 11.10 as a dhcp server for a small office?
<angelete2> dckirba: what do you want to do exactly?
<dckirba> angelete2: Hi! Small office network. Trying to set up Ubuntu 11.10 on one computer to provide IP addresses through DHCP, share files, internet
<dckirba> angelete2: Having trouble configuring dhcp-server
<dckirba> angelete2: I have install icp-dhcp-server and configured the files so that it listens to eth0 for requests and have specified a range of IP addresses to use as a pool
<dckirba> angelete2: But plugging other computers into the network results in no communication with the dhcp server
<dckirba> angelete2: in fact I can't even ping the server if I give another computer a static IP address
<RoyK> dckirba: what ip addresses and subnet mask?
<Daviey> uksysadmin: How are you getting on with your preseeding?
<Daviey> (morning btw)
<uksysadmin> Hi Daviey - I've succeeded!
<uksysadmin> I'm at the stage now where I'm looking at what I want to achieve and improving it - that's a better place to be than scratching my head on the basics.
<Daviey> uksysadmin: Great! Are you using orchestra, or plain preseeds?
<uksysadmin> Ok - its a mix of the two, I guess.  It is done using Orchestra - but essentially its not using any of the features that Orchestra was designed for - its just cobbler and preseeding at this stage
<uksysadmin> As I'm specifically looking at OpenStack - it naturally makes sense to look at achieving this with juju
<Daviey> uksysadmin: interesting, i'd love it if you could write up what you are doing?  Is that possible?
<uksysadmin> The issue is that I've a fairly tried and tested script that I've been using to roll out my environment - which is great for doing unattended installs, but I know it can be improved to fit with more "ubuntu friendly ways.
<uksysadmin> sure - I'll be writing this up
<Daviey> uksysadmin: great!
<uvirtbot> New bug: #894677 in geronimo-jta-1.1-spec (main) "Replace geronimo-jta-1.0.1b-spec -> geronimo-jta-1.1-spec" [Undecided,New] https://launchpad.net/bugs/894677
<RoyK> erm...
<RoyK> roy@tor:~$ ls -lh /proc/kcore
<RoyK> -r-------- 1 root root 128T Nov 25 10:17 /proc/kcore
<_ruben> nice :)
<koolhead11> hi all
 * koolhead11 wonders if everyone is out shopping on black friday!!
<uksysadmin> hello koolhead11
<koolhead11> hola uksysadmin
<uvirtbot> New bug: #833994 in debian-installer-utils (main) "debian-installer does not support https when using with preseed files" [Medium,Triaged] https://launchpad.net/bugs/833994
<Daviey> jamespage: Hola, is https://blueprints.launchpad.net/ubuntu/+spec/servercloud-p-complex-deployment-testing comeplete?
<jamespage> Daviey: yes
<Daviey> jamespage: it does make the complexity look pretty simple... we'll crack that out in a day, right? :)
<jamespage> Daviey: it needs to be taken in context of the other associated blueprints
<Daviey> ah, yes - right
<Daviey> thanks jamespage
<Daviey> cmagina: How is https://blueprints.launchpad.net/ubuntu/+spec/servercloud-p-arm-storage-testing looking?
<koolhead11> zul: around
<zul> good morning
<uvirtbot> New bug: #894754 in openvswitch (universe) "openvswitch_mod module not found" [Undecided,New] https://launchpad.net/bugs/894754
<Mum29> Hey all. I was wondering, Currently i have a setup on a dotdeb server, they use latest mysql, When ubuntu 12.04 with mysql 5.5.xx it wont be the latest. So will there be any problems for them to move to ubuntu due to this ?
<zul> jamespage/Daviey: so openstack jenkins
<jamespage> zul: fire away
<zul> jamespage: so we will want to test the trunk and stable releases for diablo until essex beccomes stable/essex
<zul> so this includes horizon, swift, nova, quantum, keystone, and glance
<jamespage> zul: so is trunk actually essex? but not yet stable?
<zul> so i guess the idea is to have a ppa on commit trunk and maybe a weekly ppa for stable since testing stable can probably be done weekly
<jamespage> and I assume we want to test diablo on oneiric and trunk/essex on precise?
<zul> right trunk is actually essex
<zul> correct
<zul> so my idea is to re-use a lot of the openstack-ci scripts that is already done
<zul> for creating the tarballs and ppas, etc, etc
<jamespage> zul: absolutely
<zul> thoughts?
<zul> Daviey: ^^^
<Daviey> hola
<Daviey> yeah
<zul> jamespage: but ill need help setting up the jenkins jobs
<jamespage> zul: right
<jamespage> just looking at openstack-ci
<Daviey> I think having, nova-trunk-testing produces per commit packages, and nova-trunk-stable contains packages which passed the CI run
<Daviey> Which means on success, jenkins copies the packages between the PPA's
<zul> yeah thats what i was thinking as well
<Daviey> jamespage: You were thinking?
<jamespage> Daviey: 'passed the CI run' == Completely deployed and tested on hardware or something else
<jamespage> ?
<Daviey> jamespage: yeah
<zul> Daviey: right but the diablo-stable doesnt go through any ci afaik
<jamespage> zul: No reason why not
<Daviey> jamespage: so jenkins tests the -testing PPA, and copies to -stable if it succeeds
<jamespage> (famous last workds)
<zul> jamespage: i meant for upstream
<jamespage> ah
<jamespage> I see
<Daviey> jamespage: zul suggested last night that we could also do on-commit of the stable branch, as an SRU candidate.
<zul> Daviey: i was thinking more like stable-testing and copies to -stable and then that is the SRU candidate
<jamespage> OK
<Daviey> zul: did you draft up your thoughts?
<jamespage> so lemme just work this through
<zul> so if people want to test it earlier before the SRU canidate is uploaded then they can
<jamespage> So for Precise/Essex
<jamespage> 1) New PPA somewhere - nova-trunk-testing
<Daviey> jamespage: do you disagree with the mail i sent a while ago, for the approach?
<Daviey> (high level)
<Daviey> jamespage: perhaps we should copy Debian's naming style of experimental -> testing, rather than testing->stable..  We probably shouldn't call trunk stable.
<zul> So this is what I was thinking
<zul> Precise/Essex
<zul> ppa for trunk (called i dont know what)
<zul> and we do on commit testing in that ppa
<zul> Oneiric/Diablo
<Daviey> jamespage / zul: Fancy throwing this into etherpad?
<jamespage> yesJenkins will detect changes on the
<zul> Daviey: sure
<jamespage> yes
<zul> i think i might ttx's input as well
<jamespage> I'll create one
<ttx> .oO0Oo.
<jamespage> http://pad.ubuntu.com/precise-openstack-testing
<koolhead11> i am yet to get dash working, am using the truck/daiblo
<koolhead11> :D
<ttx> JAMES PAGE! Hello sir.
<jamespage> hey ttx!
<ttx> I should hang out here more often.
<koolhead11> hey ttx
<xranby> jamespage: hi i found something interesting this week.   since the default pthread stack size are 8Mb on arm in combination with lp861296   made java only able to start around 200 thread before running out of memory. this can manifest itself as a stall
<xranby> jamespage: now we have a fix for lp861296     and it makes it possible to run at least 50% more threads
<xranby> so we can run around 300 threads.
<jamespage> xranby: thats great news!
<xranby> by fixing the jvm sourcecode i can reduce the amount of memory allocated by pthread
<xranby> and bump this up to around 7000 threads
<xranby> jamespage: so i am working with robert to reduce thread memory consumption so that we can safely run thousands of threads
<xranby> jamespage: you can try the pandaboard kernel attached to  https://bugs.launchpad.net/ubuntu/+source/linux/+bug/861296
<uvirtbot> Launchpad bug 861296 in linux "mmap fails to allocate 2030Mb heap on ARM" [High,Confirmed]
<xranby> and check if it makes your jenkins process more happy while it are checking for updates
<jamespage> xranby: sure - leave it with me - I'll update the bug report
<zul> Daviey: your presence is required
<jamespage> zul: does the openstack-ci toolset have tools for detecting build success/failure?
<zul> jamespage: i think so ill have to poke at it
<zul> if not we can add it and then push it back upstream
<Daviey> zul: oh?
<zul> Daviey: well we would like your input
<jamespage> zul: so I suggest that all of the individual project logic is encapsulated in 'ubuntu-openstack-ci' or whatever
<jamespage> that way you can dev locally fine
<zul> agreed
<jamespage> we only use Jenkins to trigger builds and report on results
<zul> but the trunk ppa will have swift, nova, glance etc etc etc
<jamespage> yes - so jobs for them all
<jamespage> openstack-essex-<component>-trunk
<jamespage> where component == swift, nova, glance etc etc etc
<zul> right
<jamespage> zul, Daviey: I assume we can have a lp account in the right groups for the Ubuntu Jenkins Openstack user?
<zul> i was thinking something like ~ubuntu-openstack-testers
<Daviey> jamespage: pretty confident
<jamespage> so we might want a team for the testing notifications (with a list) and a specific user who will do PPA uploads, send email etc...
<jamespage> zul: I think we should just mimic behaviour for diable/essex re preocess
<zul> jamespage: yeah its just one more extra step for copying to stable trunk to sru candidate trunk i think
<zul> s/trunk/ppa/g
<jamespage> why not consider 'stable' to be the SRU candidate PPA?
<zul> jamespage: good point
<zul> less work
<jamespage> yes - and easily templated - makes setting up the a new release really easy
<zul> right the only concern i have for the sru testing is that we dont have access to github yet and the bzr git-plugin doesnt do branches afaik
<zul> so maybe it would be easier to generate tarballs in this case
<zul> what do you think?
<jamespage> zul: might take a little time but lets get access to github setup
<jamespage> zul: the bzr mirror deadens the pace of commits anyway so it not ideal
<zul> ok so we will definently need access to github
<zul> Daviey: thumbs up with the pad thingy?
<Daviey> zul: sorry, was OTP
<Daviey> will read again
<zul> no worries
<SpamapS> jibel: removed, or replaced by 5.5 versions?
<SpamapS> jibel: (re the mysql server packages)
<Daviey> SpamapS: Did you say there was a transition page tracking this?
<SpamapS> yes... http://people.canonical.com/~ubuntu-archive/transitions/libmysqlclient.html
<Daviey> zul / jamespage: looks good, do have one question - on the pad
 * SpamapS typed that from memory... may be wrong
<Daviey> SpamapS: great! thanks
<zul> SpamapS: still building on arm?
<Daviey> zul: Nah, SpamapS FTBFS on arm :)
 * SpamapS is big endian.. its always a problem
<Daviey> SpamapS: you need more power.
<SpamapS> 5.5 takes about 8-9 hours to build on the armel builders
<jibel> SpamapS, on upgrade it installs mysql-client-5.5 mysql-client-core-5.5 mysql-server-5.5 mysql-server-core-5.5 but removes  mysql-client-5.1 mysql-client-core-5.1 mysql-server-5.1 mysql-server-core-5.1 included  mysql-server
<jibel> which might be a problem for future upgrades
<SpamapS> jibel: what version? The latest version re-added the mysql-server meta-package which should be installed
<SpamapS> 5.5.17-4ubuntu5 I think added that
<zul> Daviey: answered
<hallyn> Daviey: so for https://blueprints.launchpad.net/ubuntu/+spec/servercloud-p-trusted-cloud...  how about i reduce that to 1 item about "follow along with evm development"?
<jibel> SpamapS, 5.5.17-4ubuntu5
<jibel> Broken mysql-server:amd64 Depends on mysql-server-5.5 [ amd64 ] < none -> 5.5.17-4ubuntu5 > ( database )
<jibel>   Considering mysql-server-5.5:amd64 0 as a solution to mysql-server:amd64 0
<jibel>   Removing mysql-server:amd64 rather than change mysql-server-5.5:amd64
<hallyn> Daviey: in other words I think it's worth spending a few spare cycles helping it along, but our eye is to something useful for 14.04, not 12.04.
<Daviey> hallyn: Right, i agree with that.. I suspect as is, it would end up being defered anyway
<Daviey> hallyn: keep the WI's that are already DONE
<hallyn> Daviey: ok.
<hallyn> jjohansen: the seccomp2 in our kernel now, that doesn't allow fork after starting seccomp2 still, right?
<SpamapS> jibel: *HM*
<SpamapS> jibel: that may have been a wonky archive... mysql-server is no longer provided by mysql-server-5.5 ... so apt shouldn't be considering that change
<jibel> SpamapS, k, I'm running the upgrade again
<jibel> SpamapS, logs are here https://jenkins.qa.ubuntu.com/job/precise-upgrade/PROFILE=server-tasks-amd64,label=upgrade-test/lastBuild/
 * SpamapS hugs jenkins
<SpamapS> jibel: hm, the Breaks: on mysql-common may have unintended consequences.. hrm.
<zul> Daviey: ok SRUs uploaded
<Daviey> zul: keystone?
<zul> Daviey: keystone, nova and glance
<Daviey> zul: great!
<zul> well see if they get accepted ;)
<Daviey> SpamapS: would you be able to look at zul's SRU's soonly please? :)
 * SpamapS will have a look at them today for sure
<SpamapS> have not done my SRU duties in 2 days.. its time
<Daviey> \o/
<tjaalton> jamespage: hey, I'm merging curl-7.22.0-3 from unstable, hope that's ok
<Daviey> Does anyone here mind if someone else hijacks a merge where they touched it last, and do not have an open "please merge" bug assigned?
 * Daviey really doesn't mind, but i wondered what others felt about it?
<hallyn> Daviey: uh, not me...
<hallyn> "Git ur dun" I say
<RoAkSoAx> Daviey: i don't mind it either
<Daviey> ta
<jamespage> tjaalton: thats fine - thanks for checking
<tjaalton> jamespage: thanks
<Daviey> SpamapS: who else is working on the mysql transition?
<SpamapS> Daviey: nobody
<Daviey> SpamapS: Are you cracking through the rebuilds?
<SpamapS> I mean other than the occasional saving throw from our dungeon master cjwatson
<SpamapS> Daviey: all no-change rebuilds are done. the things left are broken and need slight changes because of multi-arch
<SpamapS> Daviey: also I seem to have broken upgrades so I'm fixing that
<zul> RoAkSoAx Daviey: the cobbler patches got accepted upstream
<RoAkSoAx> zul: cool
<Daviey> SpamapS: I just did a test build for mythtv.. about to upload?
<zul> no one cares about mythtv come on! :)
<Daviey> gah /me uploads
<SpamapS> Daviey: builds are fine. Its just upgrades of mysql-server from oneiric/lucid -> precise that are broken.. mysql-server gets removed.
<Daviey> oh joy
<SpamapS> Daviey: hmm, mythtv didn't show up on my dctrl-grep ...
<uvirtbot> New bug: #894804 in samba (main) "255 cannot create tmp file" [Undecided,New] https://launchpad.net/bugs/894804
<Daviey> SpamapS: only checking main?
<SpamapS> Daviey: no, checked them all I believe.. hrm
<Daviey> O_o
<SpamapS> libmysqlclient16-dev
<SpamapS> Daviey: that will need fixing
<Daviey> crappers. thanks.
<ringods> Hello, following the info on JeOS and vmbuilder, but get stuck at the problem mentioned here http://ubuntuforums.org/showthread.php?t=1807125
<ringods> No answers available unfortunately. Any hints?
<cjwatson> SpamapS: I started on libdbi-drivers but got depressed at yet another crappy configure script that thinks it knows better than the linker
<cjwatson> Daviey: ah, good, I was about to hunt down why mythbuntu image builds were broken
<SpamapS> cjwatson: yeah they all seem to do that. :-P
<SpamapS> cjwatson: I have libdbi-drivers working locally here actually
<cjwatson> ok, good
<SpamapS> it was broken because it build-depends on mysql-server too
<SpamapS> It really is too bad how autotools works that it just lets bad code sit out there forever
<TimR_> hey micheal aka genii-around
<genii-around> TimR_: Hello.
<TimR_> I did have issues last night
<genii-around> TimR_: Ah. At what stage?
<TimR_> At this point hsfconfig needs to be made so that we can apply the patch:
<TimR_> sudo make install
<TimR_> that is where I got lost at
<genii-around> TimR_: I just got an incoming email from you actually...
<TimR_> alright
<genii-around> TimR_: Yes, the hsfconfig part is what configures the driver for your current kernel, etc. Is it failing to run or you are not sure what values to give it? For linux source build directory that matches your running kernel... to put: /usr/src/linux-headers-$(uname -r)
<TimR_> I didnt even get to start that process yet because I didnt know what directory I should be working out of
<genii-around> TimR_: ~/Linuxant/hsfmodem-7.80.02.04full/
<TimR_> alright let me see if I can get it going
<genii-around> TimR_: Work is requiring me on and off, ping if you have problems and I'll get back to you as soon as I can.
<TimR_> ok
<SpamapS> jibel: mysql-server removal problem found .. fix pending
<TimR_> alright I got where its asking what build directory that matches your running kernal
<TimR_> then its also saying no pre-build modules for ubuntu 10.04.3 linux-2.6.32-35-generic i686-smp
<RoyK> anyone around that can help me with a wierd memory issue? with 64GB memory, seems 56GB is in use by processes, 40GB is swapped out, and ~zero free, also after adding buffers+cache .... http://paste.ubuntu.com/749481/
<jamespage> zul: I've done the basic Jenkins job setup in the lab; I'll look at the openstack integration tests next weel
<jamespage> have a good one
<eagles051387> hey guys has anyone in here gotten xen working on 11.10
<koolhead17> eagles051387: did you searched before asking same here?
<eagles051387> koolhead17: i have compared the configuration i have to another server which is running debian and uses bridged networking and a slightly older version of the hypervisor and i had it set the same yet its not picking up my bridged networking configuration in the xend configuration file
<koolhead17> eagles051387: i just did a search and got this http://www.beyondlinux.com/2011/11/02/install-xen-4-1-and-setup-your-cloud-os-on-ubuntu-11-10/
<koolhead17> see if it helps
<eagles051387> thanks
<koolhead17> !xen
<ubottu> XEN is a virtual machine monitor for x86 that supports execution of multiple guest operating systems with unprecedented levels of performance and resource isolation. Information on installing it for Ubuntu can be found at https://help.ubuntu.com/community/Xen
<eagles051387> koolhead17: already looked there that is incomplete and very out dated
<koolhead17> even the documentation ? :(
<eagles051387> the link ubottu gives
<eagles051387> as well the 11.10 documentation doesnt have any documentation on xen
<eagles051387> koolhead17: just been told that using xend-config.sxp isnt the right way to configure things now
<eagles051387> in regards to xen and bridged networking
<mtaylor> Daviey: around?
<mtaylor> Daviey, zul: https://bugs.launchpad.net/ubuntu/+source/glusterfs/+bug/785158
<uvirtbot> Launchpad bug 785158 in glusterfs "Client 3.0.5 crashes with buffer overflow" [Undecided,New]
<Daviey> mtaylor: o/
<mtaylor> Daviey: coworker just pointed me at that - I'm trying to help them figure out how to better interact with canonical directly (so that it doesn't just involve forwarding bugs to me) but in the meantime, having a broken gluster seemed potentially bad :)
<Daviey> mtaylor: This isn't #canonical-server btw :)
<mtaylor> Daviey: of course not! I'm merely pinging you because a broken gluster is bad for #ubuntu-server ;)
<Daviey> mtaylor: okay, thanks!
<ersi> there's a #canotical-server? :O
<Daviey> no.
<ersi> heh.
<Daviey> mtaylor: Are you aware of the SRU process?
<Daviey> (not sure the suggested fix is correct)
<mtaylor> Daviey: I'm aware that it exists, but don't believe I've ever done it
<zul> Daviey: that work around in the past has been used
<Daviey> mtaylor: seeing that in just natty?
<mtaylor> Daviey: it's possible - I'm just now discovering that the servers in question are all running natty ... so this might be about getting someone to learn SRU process and proposing fixes to be backported
<mtaylor> I'm also questioning the sanity of fixating on natty
<zul> yes because oneiric is alot better :P
<Daviey> mtaylor: Ah, hoped it was confirmed or not on oneiric
<KurtKraut> How do I truly change the default language (locale) in the Ubuntu server? I'm getting this errors during aptitude: perl: warning: Setting locale failed.
<KurtKraut> perl: warning: Please check that your locale settings:
<KurtKraut> 	LANGUAGE = (unset),
<KurtKraut> 	LC_ALL = (unset),
<KurtKraut> 	LC_CTYPE = "pt_BR.UTF-8",
<KurtKraut> 	LC_COLLATE = "pt_BR.UTF-8",
<KurtKraut> 	LC_MESSAGES = "pt_BR.UTF-8",
<KurtKraut> 	LANG = "en_US.UTF-8"
<KurtKraut>     are supported and installed on your system.
<KurtKraut> perl: warning: Falling back to the standard locale ("C").
<KurtKraut> locale: Cannot set LC_CTYPE to default locale: No such file or directory
<KurtKraut> locale: Cannot set LC_MESSAGES to default locale: No such file or directory
<KurtKraut> locale: Cannot set LC_ALL to default locale: No such file or directory
<KurtKraut> Oops, sorry for pasting.
<eagles051387> KurtKraut: i am as well
<eagles051387> not sure how to fix them though :(
<ersi> eagles051387, KurtKraut: /etc/environment if I'm not mistaken
<ersi> There you can change what the system-wide locale is
<ersi> atleast previously
<eagles051387> ersi: im on a clean install and im seeing this
<eagles051387> thats what doesnt make sense
<eagles051387> clean install of 11.10
<ersi> That I have no idea about. Try checking /etc/environment
<ersi> Clean install of 11.10 worked just fine for me, I got en_US.UTF-8 as system wide locale
<ersi> KurtKraut: You could set those on either the command line or in your bash profile btw, if you wish to just set it for your user
<KurtKraut> ersi, this is a very common problem. If I purchase a VPS or dedicated server with Ubuntu, the datacenter realizes that I'm from Brazil and tries to configure the pt_BR locale. But they don't include the locale packages in the default install and seems to partially set the locale.
<ersi> Sounds like the VPS provider is silly
<ersi> so.. install the br-langpack? :)
<KurtKraut> ersi, it doesn't happen with one VPS provider. It happens to all, event AWS Amazon.
<KurtKraut> ersi, I can name about 10 providers that provokes such behaviour.
<ersi> It's all about how the default image is
<ersi> If you do isolate it to the standard Ubuntu install, file/search for a bug about it :)
<eagles051387> ersi: care to explain my issue with locals on a clean install and not in a virtual machine
<ersi> I have no idea what so ever why you have that problem
<mtaylor> Daviey: not confirmed on oneiric to the best of my knowledge
<ersi> but if you can isolate it, I'm sure the developers/maintainers are interested.. note down what you do when you install and file a bug if it doesn't meet your expectations
<mtaylor> KurtKraut: one sec - I have the fix documented somewhere...
<mtaylor> KurtKraut: it's quite annoying
<ersi> or search if there's anything filed already
<mtaylor> KurtKraut: a) you need to ensure that you have a locale selected and that locale is in /etc/locale.gen (in your case, I believe it probably is)
<mtaylor> KurtKraut: next, run the program "locale-gen"
<KurtKraut> mtaylor, thanks, this doesn't fix. I've found a fix by trial and error.
<mtaylor> KurtKraut: yeah? what was your fix?
<Daviey> mtaylor: Sure?
<KurtKraut> mtaylor, the problem is none of these locale commands (ex.: dpkg-reconfigure locales;locale-gen) where able to create and store the system variables LC_COLLATE, LANG and LANGUAGE.
<KurtKraut> mtaylor, I've manually set them by trial and error in /etc/enviroment and at least now I don't see that flood of locale erros.
<mtaylor> Daviey: as in, the folks locally aren't running oneiric, so they can't verify if they are seeing the problem on oneiric or not
<mtaylor> Daviey: so I have no idea if it's on oneiric - although I would like to find out
<KurtKraut> But I'm not sure at all if I've put the correct variables in /etc/enviroment: http://pastebin.com/JcrxSCvH
<Daviey> mtaylor: did you see Marc's update?
<Daviey> he added a bug task pointing to the upstream issue.
<mtaylor> well - you should not need to put things in /etc/environment - BUT - if that works for you, awesome!
<mtaylor> Daviey: just saw just now :)
<mtaylor> Daviey: that's good to know at least
<Daviey> mtaylor: but yes, it looks like s/2/1/ looks like a good fix for natty.
<mtaylor> Daviey: and a thankfully not-very-intrusive one
<Daviey> :D
<Daviey> my favourite flavour
<TimR_> does anybody know how to get the syslog to show up in webmin
<TimR_> for 10.04.3lts server
<genii-around> !webmin
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system.
<TimR_> see I had this issue with couple other desktops I have
<TimR_> unless there is someway I can read the logs from webgui
<zul> mtaylor: https://jenkins.openstack.org/job/python-novaclient-tarball/58/console
<eagles051387> !grub2
<ubottu> GRUB2 is the default Ubuntu boot manager since 9.10 (Karmic). Lost GRUB after installing Windows? See https://help.ubuntu.com/community/RestoreGrub - For more information and troubleshooting for GRUB2 please refer to https://help.ubuntu.com/community/Grub2 - See !grub1 for releases before Karmic (9.10)
<koolhead17> eagles051387: :)
<hallyn> Daviey: around?
<hallyn> Actually maybe I should ask in #ubuntu-devel in general.
<chilicuil> hi there, does anyone know of a one line dhcp server?, something like this: $ ./give_ip 10.0.0.2 -i eth0 (to give the ip 10.0.0.2 to the first one who request it trought the eth1 interface), for http I can do $ sudo python -m SimpleHTTPServer 80
<Daviey> hallyn: yup
<Guest70665> help
<RoyK> !ask
<ubottu> Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<SpamapS> besides its, "HAAALP"
<SpamapS> ^^ the magic word
<uvirtbot> SpamapS: Error: "^" is not a valid command.
<SpamapS> uvirtbot: your mother was a toaster
<uvirtbot> SpamapS: Error: "your" is not a valid command.
<genii-around> I guess the toaster talk threw them off
<hallyn> stgraber: are you still around?
<stgraber> hallyn: yep
<hallyn> stgraber: https://code.launchpad.net/~serge-hallyn/ubuntu/precise/libcgroup/fix-cgrouplite-fstab, it's a trivial fix, i don't have perms to upload.  Woudl you mind?
<stgraber> hallyn: fixed (you have upload rights now)
<stgraber> this package should have been in the ubuntu-server package set, we probably missed it when creating it
<hallyn> stgraber: oh!  i thought (someone said) it was bc it was in universe
<hallyn> stgraber: cool, thanks.
<stgraber> oh, that can explain why it wasn't included in the package set initially indeed
<hallyn> does it mean it shouldn't be?
<stgraber> there's nothing wrong with having package sets contain mixed main and universe packages
<stgraber> my problem is rather with having lxc (the binary package) and cgroup-lite in universe, I think that at least for the LTS they should be in main as it's something we're pushing quite a bit, at least on ARM
<hallyn> soren: don't know wha thappened that time.  http://people.canonical.com/~serge/kill-etherboot/etherboot_5.4.5.dsc should be up now.
<hallyn> oops, sorry about that
<stgraber> hallyn: just did a quick check, it's not the only package that's not in main (squid, mime-tools and feedparser are in the same packageset but not in main), so I really don't feel bad about adding libcgroup to that package set then :)
<hallyn> stgraber: ok, cool, thanks
<mtaylor> zul: fixed. re-running.
<mtaylor> SpamapS: sup
<Daviey> hallyn / stgraber / jjohansen : At some point, would you mind documenting what we can hope for in 12.04 in regards to security for lxc?
<SpamapS> mtaylor: why oh why couldn't you have written pandora-build 10 years earlier?
<SpamapS> mtaylor: and, er, hi
<SpamapS> mtaylor: seems *every* project invented their own way to check for libmysqlclient
<hallyn> Daviey: 'in regards to security' -> what exactly do you mean?
<Daviey> hallyn: Setting expectations of the areas of weakness
<Daviey> (and the areas of added win ofc)
<mtaylor> SpamapS: that's because there is no good way of checking for libmysqlclient
<hallyn> Daviey: basically, without user namespaces, which won't be there for 12.04, there's not much to say.
<mtaylor> SpamapS: because all of the mysql install/release engineering is batshit
<mtaylor> SpamapS: also, I've got a few outstanding pandora-build feature requests, so I may do a little bit more hacking here
<SpamapS> mtaylor: at least since 5.0 there has been mysql_config --libs
<hallyn> you can trust your containers for correctness and reliability, but don't give one to untrusted user.
<mtaylor> SpamapS: but that doesn't always work
<hallyn> Daviey, let's gather the troops on monday to chat about it :)
<mtaylor> SpamapS: and has its own set of gotchas
<Daviey> hallyn: But what /can/ we do to add secuity.. I read an old paper you wrote that suggested some ways many years ago... is that still valid?
<SpamapS> mtaylor: only because people do things wrong. ;)
<mtaylor> SpamapS: and gives you some shit that's not actually valid
<mtaylor> SpamapS: and mysql_config --libs shouldn't be needed in the normal case if the lib were linked properly
<SpamapS> mtaylor: I've never had problems with --libs .. have not used the others admittedly
<hallyn> Daviey: as we can't stack selinux or smack on top of apparmor, it doesn't much apply
<mtaylor> SpamapS: depends on if someone is installing from source, or if they have instaled one of the drop-in binary tarball dists
<Daviey> hallyn: apparmor can't help?
<hallyn> Daviey: we would need some extensions on apparmor to make it work
<mtaylor> SpamapS: so you can't actually 100% count on it from an autotools perspective :)
<hallyn> which is why i say let's talk monday with jjohansen (and maybe stgraber)
<SpamapS> mtaylor: suck :-P
<mtaylor> SpamapS: yup
<Daviey> hallyn: I might be pushing your area here, but how much would need to be added to apparmor?
<mtaylor> SpamapS: simple fix - use libdrizzle
<Daviey> hallyn: as in weeks worth, or a couple of days?
<SpamapS> mtaylor: then again, why would I expect mysql release engineering to understand.. they symlink libmysqlclient_r.so.18 to libmysqlclient.so
<hallyn> Daviey: at least weeks.  we need the ability to specify a pathname relateive to procfs or sysfs, for instance ( no matter where it is mounted)
<mtaylor> SpamapS: they also think that the cmake port of mysql is not without problems, and the cmake is not deficient
<Daviey> hallyn: right, lets start the weekend and sort it Monday :)
<hallyn> Daviey: thanks, bc i'm startgint to type really slowly
<Daviey> hallyn: have a good-in'
<brianherman> im trying to get xen running on ubuntu
<brianherman> i get this error
<Daviey> .. and everyone else
<Daviey> o/
<hallyn> you too :)
<brianherman> WARNING!  Can't find hypervisor information in sysfs!
<brianherman> i installed the hypervisor package
<brianherman> is it because im not running the server kernel
<hallyn> Daviey: and i'll send you the source for my googlechat->irc proxy :)
<SpamapS> mtaylor: http://people.canonical.com/~ubuntu-archive/transitions/libmysqlclient.html .. pretty much all of those with all red X's is the people who wrote their own crappy mysql autoconf function
<mtaylor> SpamapS: wow. that sucks for you
<SpamapS> mtaylor: yeah, multiarch + libmysqlclient == sad panda
<brianherman> nobody got xen experience?
<SpamapS> brianherman: KVM has been the preferred hypervisor on Ubuntu for a while...
<SpamapS> brianherman: Xen dom0 support only came back as of 11.10 I believe (maybe 11.04)
<brianherman> yeah its in 11.10
<brianherman> is it in the server kernel?
<brianherman> how would i check
<SpamapS> yes
<brianherman> oh ok
<brianherman> so its just my kernel
<brianherman> i was running desktop
<brianherman> sorry to bother you
<SpamapS> Might also be in the desktop kernel
<SpamapS> zul: ^^ got any tips for brianherman ?
<SpamapS> brianherman: zul is our xen expert :)
<brianherman> cool
<SpamapS> might not be online right now tho
<brianherman> im nuking my dads computer from orbit
<brianherman> so
<brianherman> i can wait lol
<brianherman> thanks spamaps
<SpamapS> mtaylor: hey guess what? API change in mysql 5.5's libmysqlclient. AWESOME
<SpamapS> extern void my_free(void *ptr);
<SpamapS> 5.5 has a real my_free function..
<SpamapS> 4.1 its a macro.. with 2 args
<SpamapS> >:|
<brianherman> have you tried mariadb?
<SpamapS> #define my_free(PTR,FLAG) _myfree((PTR), __FILE__, __LINE__,FLAG)
<SpamapS> oh they're saying thats an internal function so its ok
<mtaylor> SpamapS: yup. internal function - except that it's in the public header file
<SpamapS> :)
<mtaylor> SpamapS: also - they don't know how to mark symbols as public/private
<SpamapS> since myodbc is "part" of mysql, I guess they figured its ok to call my_free
<mtaylor> SpamapS: which might have something to do with their move to cmake - except that they weren't marking symbols as private properly before the move, so I can't blame it on that
<mtaylor> SpamapS: well, you _have_ to call my_free (in theory) if you call my_malloc
<mtaylor> SpamapS: BUT - libmysys is an "internal" library
<mtaylor> ok. I'm going to go spend money on electronics
<Daviey> RoAkSoAx: I just looked at 51_koan_grub2_instead_of_grubby.patch .. that is neat, but doesn't allow download of kernel/initrd at grub runtime, right?
<RoAkSoAx> Daviey: don't remember if it does it before adding the grub entry and saves it in a temp dir, or after
<RoAkSoAx> in runtime
<SpamapS> mtaylor: just say no to tamagotchi :)
<Daviey> RoAkSoAx: but i can't declare for use at grub time, use this next-server? right?
<zul> brianherman: you are to run a -server kernel
<Daviey> RoAkSoAx: The thought being, it should also be able to boot from local disk, on no change reboots?
<RoAkSoAx> Daviey: yes you can reboot fromm local disk on no change reboots
<RoAkSoAx> Daviey: it just adds an entry to grub
<Daviey> RoAkSoAx: right, but i'm looking at the scenario where people are using booting locally to grub, with the first entry being $something (I was thinking ipxe).. which pulls down the config from cobbler, and either localboot or re-install.
<Daviey> The tricky part is, also careing for the situation where we don't have access to dhcpd.. so we pre-declare the cobbler server.
<RoAkSoAx> Daviey:right
<RoAkSoAx> Daviey: the --replace-self is "pre-declaring" aswell
<Daviey> RoAkSoAx: but you need to do that before every reboot?
<RoAkSoAx> grabs the initrd, linux, and gets the kickstart based on the system or profile
<RoAkSoAx> Daviey: yes before every reboot
<RoAkSoAx> Daviey: i mean, the idea of --replace-self is just to replace an installation
<RoAkSoAx> Daviey: for that particular, already deployed, system
<Daviey> RoAkSoAx: Isn't that de-centralising reinstalls?
<RoAkSoAx> Daviey: you could say so, but either way, it is a way of reinstalling regarles cobbler system has pxe boot enabled or disabled
<RoAkSoAx> Daviey: cause it will force the reinstallation
<Daviey> RoAkSoAx: Hmm, ok - do you think the same could be achieved via grub-ipxe?
<RoAkSoAx> Daviey: i'll have to look at grub-ipxe first and then see what we can achieve with both of the tools
<RoAkSoAx> and in what situations to use them
<Daviey> RoAkSoAx: pxe-kexec is also of interest.
<RoAkSoAx> Daviey: ya
<Daviey> RoAkSoAx: The thing that concerns me about ipxe, is that i'm not sure you can declare a script outside of the binary.. i think it needs embedding.. but i'm not certain
<Daviey> this makes life less interesting.
<RoAkSoAx> Daviey: yeah.. well I guess we'll have to play with it
<Daviey> http://ipxe.org/scripting
<Daviey> rocking!
<zul> ooh i like the ipxe scripting
#ubuntu-server 2011-11-26
<brianherman> is the xen guy here?
<Azrael> hey folks -- i just provisioned a new host via Ubuntu Orchestra.  its online and ready for login.  but... what is the user/password that Orchestra (or cobbler?) sets by default?
<SpamapS> Azrael: try ubuntu/ubuntu .. .if you didn't change the preseeds I think thats it
<Azrael> shaweet
<Azrael> thought i tried that
<Azrael> worked though
<Azrael> thanks SpamapS
<brianherman> spamaps i accidently closed my irssi terminal what who was that guy who knew xen?
<hallyn> brianherman: it's zul
<brianherman> thanks
<brianherman> wait like from ghostbusters?
<brianherman> nvm
<SpamapS> brianherman: zul, but he's out for the weekend most likely
<SpamapS> haha
<SpamapS> yes he's a big staypuft marshmallow man
 * SpamapS hugs zul
<brianherman> lol
<Azrael> hey SpamapS ... where in orchestra/cobbler could i change the default users and passwords created on a newly deployed system?
<SpamapS> Azrael: in the pre-seeds there is a default password hash
<SpamapS> Azrael: kickstarts in the cobbler menu
<brianherman> quit
<Azrael> SpamapS: nice.  looks like i'd just have to make my own.
<jjohansen> hallyn: seccomp2 in oneiric does not support seccomp, in precise it should have exec support, /me needs to verify
<hallyn> jjohansen: thanks, precise is what i was wondering about
<hallyn> jjohansen: basically whether i'll be on the hook for the lxc exploit items in the blueprint :)
<jjohansen> Daviey, hallyn: yeah we are working on the extensions, to apparmor.  I should have a tree up next week sometime with the fake stack, and then I will focus on getting the mediation extensions
<jjohansen> hallyn: :)
<hallyn> jjohansen: do you think you and stgraber and i should be getting together to discuss how much more coverage we'll still need then?
<jjohansen> Daviey, hallyn: I am off monday too, can we meet tuesday
<jjohansen> hallyn: yeah, we should talk, so things can get prioritized
<hallyn> jjohansen: sounds good, thx
<stgraber> tuesday sounds good
<SpamapS> Azrael: there's an open bug to make those edittable
<Azrael> SpamapS: ahh.  i think i'd just create a new profile with a new kickstart script, based on the original.
<Azrael> SpamapS: are newly provisioned hosts supposed to be automatically added to the Orchestra nagios installation?
<SpamapS> Azrael: thats the dream, but I don't know if it works in 11.10
<Azrael> interesting
<SpamapS> Azrael: we've been focusing a bit on using juju for that kind of thing
<Azrael> probably a good idea
<Azrael> so
<Azrael> the oneiric and oneiric_juju profiles
<Azrael> whats the difference?
<SpamapS> the juju profile has a late command that lets juju install itself
<Azrael> nice, thanks
<Azrael> can juju use orchestra as a provider?
<Azrael> ooh yes it can
<Azrael> very very interesting
 * Azrael senses the power
<Azrael> would be cool if the XCP and VirtualBox providers were built in
<Azrael> and KVM
<brianherman> so i rebooted my computer and there is this new menu with xen4.1
<brianherman> problem solved
<brianherman> in grub
<brianherman> :)
<SpamapS> brianherman: woot
<virusuy> howdy
<brianherman> virt manager doesnt see xen?
<brianherman> ...
<brianherman> i can use xm though
<brianherman> ls
<the_mzd> What anti-virus is recommened for running a 11.10 Apache2 server?
<ikonia> none
<arooni-mobile> what does ubuntu rename the httpd binary to?
<qman__> it doesn't, at least not from upstream debian -- /usr/sbin/apache2
<shane91c> Hello
<shane91c> Is there some kind of bug in iptables on Ubuntu Server 11.10? I upgraded my Ubuntu-based "wireless router" to it and IP Masquerading just would not work whatsoever. So I had to re-install 11.04.
<qman__> not of which I'm aware
<qman__> did you check whether ip_forward remained 1?
<shane91c> Yes. It was also enabled in sysctl.conf
<qman__> it's possible your sysctl configuration was modified in the upgrade
<qman__> did you check that your rules were enabled?
<qman__> with iptables -L
<shane91c> It worked, strangely, if I connected eth0 to a "real" wireless router.
<shane91c> But not with eth0 connected to the cable modem/
<shane91c> However the exact setup works fine on Natty
<qman__> my router is still running lucid, but I've set up masquerading on my oneric laptop a couple times as a temporary measure while working
<shane91c> I even tried a fresh install.
<shane91c> Complete format and install from scratch.
<shane91c> hostapd worked for Wi-Fi connection, dnsmasq worked for DHCP, so I was able to connect to it. But the packets simply were not being forwarded.
<shane91c> I set up iptables through Webmin to be sure it wasn't my own fault.
<shane91c> Oh by the way something ChatZilla just reminded me of...
<qman__> do you normally run webmin?
<shane91c> Yes
<qman__> !webmin | shane91c
<ubottu> shane91c: webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system.
<qman__> that's probably the issue
<shane91c> Oh, well it works 100% fine with Natty.
<shane91c> I guess I will leave my setup as it is for now.
<qman__> yeah, but installing webmin is kind of like cutting a "warranty void if removed" sticker
<qman__> we can't really help you because webmin breaks things
<shane91c> Well it's working fine for now, system has been running flawlessly for over a month.
<shane91c> If I ever feel the need to upgrade I will try without using webmin.
<shane91c> brb
<shane91c> Back
<shane91c> Another question, how can get my system to use my domain name as it's FQDN, as opposed to the ISP-assigned dIP-AD-RE-SS.cgocable.net
<shane91c> hostname -A shows that the server's FQDN is d67-193-84-52.home3.cgocable.net. I want it to be my own domain.
<shane91c> If I put "option domain-name "mydomain.com"" in /etc/dhcp/dhclient.conf will that work?
<qman__> no
<qman__> that's up to the registrar, which is most likely your ISP
<qman__> if you want it to say something different you'll have to buy it as a service from your ISP, or whoever owns your IP space
<qman__> PTR records are looked up as your.ip.in-addr.arpa, which is authoritative to whomever owns the IP in question
<SpamapS> IIIiiii been fixing multi-arch bugs... aaaaalllll the live long day
<billy_> hi all,  I,m have'n a pxe install problems for weeks now,  when running a unattended pxe install on ubuntu 11.04 server  ( "tasksel tasksel/first multiselect standard" in the preseed file) on the first reboot of the fresh install all i get is a blinking cursor. But when i change the above line in the preseed file to ( tasksel tasksel/first multiselect ubuntu-desktop ) everything works fine? ( but i get a desktop install.... ) 
<billy_> this user has the same  issue ..... but used kickstart http://ubuntuforums.org/showthread.php?t=1874027
<billy_> any help would be brill
<SpamapS> billy_: you get a desktop install from which iso?
<billy_> i use netboot  and then a mirror
<billy_> the heanet.ie  mirror
<SpamapS> weird.. well I'm passing out else I'd help :p
 * SpamapS falls into an instant slumber
<SpamapS>    
<billy_> np. thanks for you time
<RoyK> morning
<RoyK> any idea how I can list how much of a process's memory is swapped out?
<uvirtbot> New bug: #896551 in samba (main) "package samba 2:3.5.8~dfsg-1ubuntu2.3 failed to install/upgrade: ErrorMessage: package samba is not ready for configuration  cannot configure (current status `half-installed')" [Undecided,New] https://launchpad.net/bugs/896551
<crayzee> My computer sometimes hangs at startup due to 'degraded raid array' but rebooting it (sometimes a couple of times) and it comes up fine and /proc/mdstat lists the array as [UU]
<crayzee> /etc/mdadm/mdadm.conf contains the line: ARRAY /dev/md0 UUID=f0a0371d:12376ea7:4c4ad349:XXXXXXXX [obfuscated]
<crayzee> blkid on the relevant partitions returns the same UUID
<crayzee> But it seems to be that when /dev/sdb is detected as /dev/sdf instead then it doesn't work.
<crayzee> Is it an issue with grub, perhaps?
<crayzee> Going to try probing the issue some more.
<gllera> what is the best soft to do virtualization on ubuntu server?
<qman__> best is a matter of opinion, but the included/supported option is KVM
<gllera> thanks!!!
<gllera> hi, what do you recommend: virtualbox or kvm?
<andygraybeal> for server kvm, for just your home fun computer, virtualbox
<gllera> thanks!!
<andygraybeal> :)
<gllera> andygraybeal, why kvm for servers?
<qman__> KVM is designed around running on a headless server with a bunch of VMs all the time
<qman__> virtualbox is designed around firing up a virtual machine on your desktop to use it, then shutting it down
<qman__> both can do either task, but they're better suited as I explained
<gllera> thanks!!!
<andygraybeal> i run kvm on my poop at home too.. i like it
<andygraybeal> but i wouldn't recommend it to a friend just getting started with virtual machines :)
<qman__> virtualbox is more about easy desktop setup, and it has fairly weak networking capabilities
<qman__> KVM's a little harder to get going, but it's a more robust system and easier to make it run in the background
<gllera> thanks!!
<KurtKraut> Does anyone recomend a SNMP/MRTG tutorial for Ubuntu Server? Everything I find is outdated, the conf files even don't match.
<hallyn> kirkland: do you know of a way to do 'tmux --splitw command' and have the tmux call wait until command is finished?
<Duvrazh> Can someone please help me troubleshooting a connectivity issue on my 11.10 server? It's hardwired to the router, sees the router at 192.168.1.1 and can ping it, however it can not ping any other network devices nor can it make any connections to the internet (i.e. apt-get update completely fails)
<hallyn> kirkland: nm, think i'm all set, thx
<l0n> Duvrazh so you mean it can't ping anything beyond the router or you can't ping anything on the local subnet?
<Duvrazh> both
<Duvrazh> it can only ping the router
<Duvrazh> but i can ssh into it
<l0n> and the machine has 1 NIC which is connected to a switch, everything connects to the switch including router and it's an unmanaged switch?
<Duvrazh> 1 nic, router is a WRT610N with DDWRT
<l0n> any firewalls enabled?
<l0n> iptables -L
<Duvrazh> not that i know of, but ill check
<Duvrazh> input forward and output policies all to ACCEPT
<l0n> might be worth completely disabling it just to rule it out
<l0n> i.e. remove all rules
<Duvrazh> I was using webmin, can you help me with that command?
<Duvrazh> I never really used iptables before and honestly I'm not sure why they're active, had to be a dependency thing or something
<l0n> see: http://www.cyberciti.biz/tips/linux-iptables-how-to-flush-all-rules.html
<Duvrazh> t/y
<l0n> don't bother creating the script, just run them manually
<l0n> saves time
<Duvrazh> rodger
<Duvrazh> rules flushed no errors
<Duvrazh> ping to iMac fails
<l0n> what subnet mask are you using (make sure to check on both machines to ensure it's the same)? What is the IP for the mac and the machine that you're pinging from, also, does the Mac have a firewall enabled?
<Duvrazh> mac has no firewall, same subnet, mac ip = 192.168.1.40 and server is 192.168.1.42
<l0n> what's the mask?
<Duvrazh> 255.255.255.0
<Duvrazh> both run on full auto dhcp
<Duvrazh> no virtual networks on router
<l0n> hmm, and the router is also acting as the switch?
<l0n> i.e. it's got a switch built into it
<l0n> is this a wired network or wireless?
<Duvrazh> wired, both
<l0n> have you got another switch that is just a switch?
<Duvrazh> it's a linksys wireless router but yes it's acting as the switch. the only advanced network features employed on these two devices or any others present is manually defined dhcp by MAC address to enable auto dhcp on clients to fall into a certain order (so I can remember what to ping since hostnames are unreliable for me sometimes)
<l0n> hmm,  you said earlier you can't ping the imac, presumably the imac can't ping your computer?
<Duvrazh> ill try
<Duvrazh> mac can ping server
<Duvrazh> server still can not ping mac
<Duvrazh> maybe it's time to reinstall the os. all data is on a 5-drive raid-5â¦. I could always remount that
<l0n> hmm, shouldn't be necessary, have you tried rebooting?
<Duvrazh> that's what caused this
<Duvrazh> i powered down every electronic in house because network was running slow. i wanted a fresh start, then i noticed this server wouldn't connect
<Duvrazh> I have another 11.10 server not connecting either and it's making think I should roll back to an LTS
<l0n> have you tried using an 11.10 live cd?
<l0n> if one exists...
<Duvrazh> No I have not. I don't think there is an 11.10 live, I think 11.04 or 10.10 is the latestâ¦ based solely on errors from unetbootin
<Duvrazh> a reinstall would not be unwelcomed
<Duvrazh> it would help me fix a folding@home problem
<Duvrazh> only my ps3 has been getting work units over the past week
<l0n> fair enough, an LTS version would be better
<Duvrazh> all 3 ubuntu computers plus iMac have not been getting them
<Duvrazh> yeahâ¦ I'll just do that (I'm a quitter)
<l0n> hehe
<l0n> if you can provide SSH access I'll take a look
<l0n> but otherwise yeah just reinstall an LTS release
<guntbert> l0n: may I PM you?
<l0n> guntbert sure
<bfreis> hi, I'm trying to launch a virtual server (on eucalyptus) with ubuntu 11.10, but it fails to boot: Kernel panic - not syncing: VFS: Unable to mount root fs on unknown-block(0,0)
<bfreis> any ideas on what could I do to make it run?
<bfreis> before that, it says:
<bfreis> VFS: Cannot open root device "sda1" or unknown-block(0,0)
<bfreis> and
<bfreis> Please append a correct "root=" boot option; here are the available partitions:
<bfreis> (but it lists no partitions after that)
<Duvrazh> so you have two OSes installed on two partitions and you want to launch a 2nd partition as a virtual?
<bfreis> no...
<bfreis> I'm running eucalyptus
<bfreis> I'm trying to install oneiric on a virtual machine
<Duvrazh> what vm software?
<bfreis> I'm running the latest Eucalyptus version in the Natty repositories
<bfreis> (the host machines run Natty)
<Duvrazh> oh snap. sorry, Eucalyptus is out of my limited knowledge pool. I wish you luck though.
<l0n> bfreis I've also never used Eucalyptus but from the docs, it looks like it can use either xen or KVM, which are you using?
<bfreis> let me check
<bfreis> (i'm using the default, just making sure which one it is)
<bfreis> kvm
<bfreis> Apparently the device containing the filesystem is not /dev/sda1. However, I have no where I could change it, nor what else could it be...
<bfreis> I've simply downloaded the cloud image from the website, published it to my cloud (doing exactly as I've done on the original and my tweaked 11.04 images, which work fine), but I can't launch an instance
<bfreis> well, I can launch an instance, but it won't finish booting, because the kernel fails to mount the root filesystem
<bfreis> I don't have the slightest idea on how could I get to a GRUB menu and try to list the disks in this virtual environment...
<l0n> well you can change the root device using the root=/dev/device kernel parameter but I am not sure what to change it to
<bfreis> Yeah, the correct device is one problem
<bfreis> The other is: where could I change this parameter?
<bfreis> hmmmm
<l0n> well, you could boot off a live-cd, mount the disk, change the grub timeout to something other than 0 then set the root param
<bfreis> inside the image, in /boot/grub/grub.cfg, I see this:
<bfreis> linux   /boot/vmlinuz-3.0.0-13-generic root=LABEL=cloudimg-rootfs ro   console=ttyS0
<bfreis> it is looking for the filesystem by label
<l0n> yeah
<bfreis> well, the kernel somehow inferred it to be /dev/sda1
<l0n> that might just be a default that it falls back on if it can't find a partition with that label
<bfreis> the label is ok
<bfreis> the image is correctly labeled
<l0n> in the virtual machines config, is the disk assigned to the image?
<l0n> something like hd = blahblah.img
<bfreis> It must be, but I have no idea where this configuration is
<bfreis> All I do to launch an image is: euca-run-instances blahblahblha image-id, where image-id is an id given by the cloud system after I publish the image
<bfreis> (and the procedure to publish an image is what I do exactly the same on the original Natty and Oneiric images, and it works for Natty but not for Oneiric)
<l0n> that's a bit tricky, have you thought about just using plain old kvm rather than kvm wrapped in something else?
<Duvrazh> can euca be used to distribute a single application as opposed to an os?
<Duvrazh> such as folding@home?
<Duvrazh> or the origami frontend?
<bfreis> I have no idea how to use plain kvm... and I think it would be much more difficult to manage the distribution of virtual machines on a set of many physical machines
<bfreis> Duvrazh, no
<Duvrazh> damn
<bfreis> eucalyptus is a cloud system that is supposed to work just like Amazon Web Services
<Duvrazh> oh
<Duvrazh> okay
<bfreis> you have a bunch of machines, you install a lot of packages in one (which you call "cloud controller"), you install the node controller packages on the machines that will host the virtual machines, you exchange ssh keys (all of this is done automatically from the Natty Server install CD), then you are almost ready to go
<bfreis> then you have your own Amazon Web Services EC2- and S3-like cloud
<bfreis> It then automatically distribute the load on the worker machines for the new instances you launch, it manages the distribution of images, etc
<bfreis> however, there's something broken in Eucalyptus/Oneiric that won't allow me to boot it up :/
<l0n> have you tried contacting Eucalyptus support?
<bfreis> It is sad not to know how to launch an instance after you spent some hours tweaking the image...
<bfreis> Lol
<bfreis> yeah
<bfreis> well, not the "support"
<bfreis> i've been to #eucalyptus
<bfreis> but well, it's almost useless, people won't respond there
<l0n> and they couldn't help at all?
<l0n> oh :/
<bfreis> there's 37 people in there, no one will answer
<bfreis> Actually, they are quite good when they answer
<bfreis> some months ago, when I first installed an Eucalyptus cloud, I found a bug related to time synchronization between node controllers and the cloud controller that would simply destroy the network communication on the cloud
<bfreis> I asked there, in less then a week they have published an update in the ubuntu repositories fixing the bug
<l0n> well, maybe there just isn't anyone around at the moment, have you tried asking at diff times of the day?
<bfreis> I was quite impressed acutally... but now, since 2 days ago I'm trying to talk to them without success (there's another bug bugging me, but completely unrelated to Oneiric's bug)
<bfreis> yeah, I will keep trying though
<bfreis> hey
<bfreis> for you who know KVM
<bfreis> maybe the command line executed to Eucalyptus could give some hits:
<bfreis> /usr/bin/kvm -S -M pc-0.14 -enable-kvm -m 626 -smp 1,sockets=1,cores=1,threads=1 -name i-4F5B08DC -uuid 4f437ae4-7c18-e624-c7ff-7cac9fa1c008 -nographic -nodefconfig -nodefaults -chardev socket,id=charmonitor,path=/var/lib/libvirt/qemu/i-4F5B08DC.monitor,server,nowait -mon chardev=charmonitor,id=monitor,mode=readline -rtc base=utc -boot c -kernel /var/lib/eucalyptus/instances//admin/i-4F5B08DC/kernel -append root=/dev/sda1 console=ttyS0 -device lsi,id
<bfreis> =scsi0,bus=pci.0,addr=0x3 -drive file=/var/lib/eucalyptus/instances//admin/i-4F5B08DC/disk,if=none,id=drive-scsi0-0-0,format=raw -device scsi-disk,bus=scsi0.0,scsi-id=0,drive=drive-scsi0-0-0,id=scsi0-0-0 -netdev tap,fd=19,id=hostnet0 -device e1000,netdev=hostnet0,id=net0,mac=d0:0d:4f:5b:08:dc,bus=pci.0,addr=0x2 -chardev file,id=charserial0,path=/var/lib/eucalyptus/instances//admin/i-4F5B08DC/console.log -device isa-serial,chardev=charserial0,id=seria
<bfreis> l0 -usb -device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x4
<bfreis> got it with ps
<bfreis> hmm, there it says root=/dev/sda1
<SpamapS> bfreis: what was your question exactly?
<bfreis> Why can't I boot an Oneiric image on Eucalyptus?
<SpamapS> anything from euca-get-console-output ?
<bfreis> VFS:
<bfreis> VFS: Cannot open root device "sda1" or unknown-block(0,0)
<SpamapS> bfreis: ugh, I'm horrible with kernel stuff. ;)
<bfreis> I can boot a Natty image, but not an Oneiric image
<bfreis> Well, Natty is 2.6, Oneiric is 3.0
<bfreis> (I'm not sure it should matter...)
<bfreis> Yeah, I know nothing about kernel stuff either
<SpamapS> bfreis: I don't know if euca supports aki's .. but maybe try an oneiric image with a natty kernel?
<bfreis> oh...
<bfreis> you mean, take the 2.6 kernel from natty and use it on oneiric?
<SpamapS> bfreis: unfortunately with Euca dropping to universe, the level of testing on it has gone down by an order of magnitude. :-P
<bfreis> yeah
<bfreis> I'd be happy to try the new cloud system
<bfreis> However the installation procedure is WAY TOO COMPLICATED!
<SpamapS> We're kind of in this weird space right now where OpenStack is just starting to grow production readiness, and eucalyptus is stagnant..
<bfreis> yeah
<SpamapS> bfreis: you can try it with orchestra+juju .. much simpler that way. ;)
<bfreis> I've tried the live image, it was very easy but... it's just a play ground, I can't use it for real
<Duvrazh> Since you guys are on the cloud topic, can you make a recommendation for distributing a program across multiple machines?
<bfreis> Now, the problem with orchestra+juju is that I don't have 6 machines
<SpamapS> bfreis: http://cloud.ubuntu.com/2011/10/ubuntu-cloud-deployment-with-orchestra-and-juju/
<bfreis> it seems that orchestra+juju can install only one service per physical machine, which sucks, since there are services which are veeeery simple and could go together
<SpamapS> Duvrazh: any one thread of a program will have to be on one machine at a time. If your program can do two things at once, there are about 1000 ways to get that done. ;)
<SpamapS> bfreis: right, thats being worked on for 12.04 ... probably will land in Jan.
<bfreis> great!
<SpamapS> bfreis: it works fine for giant deployments, but for the 2 - 5 server cluster.. its useless. :(
<bfreis> yeah hehe
<bfreis> It is for a test environment
<bfreis> I have 4 machines for it
<SpamapS> Basically you can do 1 server, or 6 ..
<bfreis> Duvrazh, what do you mean by "distributing a program"? You mean, you are writing a software and you want to distributed the load across multiple machines?
 * SpamapS kind of wishes he could step back in time and play with 4 machines just to solve one problem.. instead of trying to solve the 1000+ problems in Ubuntu server. :)
<Duvrazh> any software, particularly donating my spare cpu cycles, so anything from boinc to folding@home or origami. The goal would be one client to run on all the cores in my houseâ¦. instead of running 12 separate clients
<bfreis> oh
<Duvrazh> it would be a convenience for switching from one client to another
<bfreis> You want to have something like one big, fast core, made up from multiple cores?
<Duvrazh> yup
<bfreis> I don't think it is feasible...
<Duvrazh> I don't either, that's why I like asking
<Duvrazh> it's an anomaly in the back of my mind
<bfreis> lol
<Duvrazh> It can be done but I lack the programming prowess
<bfreis> I doubt it
<Duvrazh> I also lack the linux skills
<bfreis> You simply cannot have more clock speed than your real clock speed
<bfreis> What you can do with multiple cores is run more code at the same time (but at the nominal clock speed)
<SpamapS> Duvrazh: thats really not how distributed computing works. :)
<Duvrazh> I am mis-speaking
<Duvrazh> look at the FAH program
<Duvrazh> it runs an instance for each core on each processor
<bfreis> Yeah, that's what can be done
<Duvrazh> quadcore machine = 4 pids
<Duvrazh> I have 15 machines
<bfreis> You can't "add up cores"
<SpamapS> You can certainly make a program detect how many cores there are and run that many threads/processes
<Duvrazh> I total something like 76 cores
<Duvrazh> I want one client to run on them all
<Duvrazh> 76 pids
<bfreis> Your best bet is to write something that would connect to each machine and launch the original FAH software
<SpamapS> yeah, you'd basically manage that the same way you manage load balanced webservers
<Duvrazh> how would i pipe back the status output though?
<Duvrazh> that part kills me
 * SpamapS must go afk.. will rejoin the discussion in a bit
<bfreis> Actually, this should be very simple to do
<bfreis> what do you mean by status output?
<bfreis> what it prints to the console?
<Duvrazh> yes
<Duvrazh> like i said < linux newbie
<bfreis> well
<bfreis> you could try something like this
<bfreis> ssh to the server
<bfreis> launch a FAH instance with:
<bfreis>  nohup FAH-COMMAND > fah-instance-1-stdout.log &
<bfreis> (launch all the instances you want)
<bfreis> then disconnect from ssh
<bfreis> when you want to see the output, you could do:
<bfreis> ssh machine cat fah-instance-N-stdout.log
<bfreis> Now, you just have to write some code to make it automatic
<Duvrazh> hmm. you're right.
<gllera> hello, how i can connect using remote desktop to ubuntu server on EC2?
<bfreis> gllera, won't ssh be enough?
<Duvrazh> Did you install a GUI on your ubuntu server?
<Duvrazh> bfreis: thanks for the food for thought
<gllera> bfreis, yes but is only to know ;)
<bfreis> Duvrazh, you're welcome!
<bfreis> Duvrazh, if you ever write this code, be sure to publish it somewhere, people could benefit from it!
<jakupl> Hey people. I'm trying to setup a DNS server, but I need some clarification on the zone files and how it all works.
<bfreis> hmmmm, coming back to my boot problems, I see that some of my EC2 instances (in AWS) have /dev/sda1 as the root filesystem, and others have /dev/xvda1... What is xvda? never seen it...
<Duvrazh> xvd a is a virtual address is it not?
<Duvrazh> damn you autocorrect
<Duvrazh> I know that when using Xen I had to boot my kernel from /dev/xvda but it was a virtual image and a virtual disk
<bfreis> hmm
<Duvrazh> part of a retarded event of seeing how many machines I could load inside of each other to piss off an old desktop I had sitting around
<Duvrazh> (I removed the fans before that test)
<Duvrazh> PASTE: Boot Configuration
<Duvrazh> Enter Linode Configuration Profile in your Linode Manager. Change Kernel to pv-grub-x86_32 or pv-grub-x86_64, depending on installed kernel and userspace. Unless you developed a complex configuration set your root device to /dev/xvda.
<Duvrazh> from a google
<uvirtbot> New bug: #896715 in mysql-5.1 (main) "package mysql-server-5.1 5.1.54-1ubuntu4 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/896715
 * SpamapS returns
<SpamapS> jakupl: what do you want to do with said DNS server?
<jakupl> SpamapS: Well, I have used the DNS benchmark utility from grc.com to find the fastest dns server, and all that is well and good, but I thought that it would be faster if I used a local dns server.
<SpamapS> jakupl: thats fine for *local* requests, but what matters for DNS is latency. are all of your clients local?
<jakupl> clients?
<SpamapS> bfreis: re your ec2 question.. EC2 is all xen.. euca is kvm.
<SpamapS> jakupl: yes, the things that will be asking your DNS server questions.
<jakupl> SpamapS: yes. It will only be used locally, but I don't need local domains. I only want the dns server to handle external dns.
<jakupl> SpamapS: and altso, I really like DHCP, so I still want that. I have rules in my router so that the ubuntu server always has the same IP.
<jakupl> (router is dhcp server.)
<bfreis> http://serverfault.com/questions/335076/cant-launch-oneiric-x64-instance-on-eucalyptus
<bfreis> in case someone has a brilliant idea :D
<SpamapS> jakupl: so your clients are.. your home machines?
<SpamapS> jakupl: and they will just be using the dns server to query external domains?
<jakupl> SpamapS: exactly right
<jakupl> is that a bad idea?
<SpamapS> jakupl: honestly, I get better speed just pointing all my machines at google's DNS servers
<SpamapS> since they almost *never* have cache misses
<nebajoth> dnsmasq is good
<nebajoth> it basically just forwards name requests to other servers you specify (including google if you so choose)
<jakupl> SpamapS: hmh. That's so boring
<nebajoth> and layers in your local stuff as well
<nebajoth> in fact, you just add it to the hosts file
<nebajoth> and you get local name resolution
<nebajoth> its very lightweight
<nebajoth> </salespitch>
<jakupl> SpamapS: however. local dns server would be faster for cached domains.
<jakupl> nebajoth: yeah, i've heard other people mention dnsmasq. Maybe I should look into it.
<jakupl> SpamapS: right?
<SpamapS> yeah dnsmasq is pretty cool
<SpamapS> jakupl: somewhere in the last 6 or 7 years I stopped thinking it was cool to run my home network like a business network... so yeah, my home network is boring.
<jakupl> lol
<bfreis> oh great... now my google searches for my problem with booting oneiric in eucalyptus all return my unanswered question on server fault
<bfreis> I simply can't believe there's nothing else on the internet about this issue!!!
<l0n> bfreis where did you get your oneiric image from, I am just seeing if I can reproduce the problem?
<bfreis> l0n, from here: http://cloud-images.ubuntu.com/oneiric/current/
<bfreis> I'm using the x64 version
<l0n> ty
<afeijo> hi guys, what would be the better adduser parameters to create one user? I created one for me in a new linode server, but when I access it, it isn't reading the .bashrc file nor any file
#ubuntu-server 2011-11-27
<bfreis> l0n, did you manage to reproduce the problem?
<l0n> just trying it now, not sure if this is going to work, I am just to run a VM inside a VM
<l0n> just = trying
<l0n> well that's sort of good, I've got the same problem
<bfreis> Oh, I don't feel alone anymore
<bfreis> lol
<bfreis> :)
<bfreis> You got the same message from the kernel?
<l0n> yep
<bfreis> did you use Eucalyptus or something else?
<wmp> hello
<wmp> i have server with only ipv6, what repository can connect with my server?
<l0n> I just used plain old kvm with the cmd line that you pasted a while ago
<bfreis> l0n, hmm ok
<l0n> bfreis when you registered the image with Eucalyptus did you specify a kernel e.g. --kernel <eki-somethinghere> ?
<bfreis> l0n this was done automatically by the uec-publish-tarball script
<l0n> hmm, ok
<bfreis> doing euca-describe-images I see that the kernel is correctly published, and the image is correctly configured to use the kernel
<l0n> does it have the kernel filename?
<bfreis> i don't understand
<bfreis> where?
<l0n> when you do a euca-describe-images, is the filename shown?
<bfreis> IMAGE   emi-95C322B8    ebah-ubuntu-11.10-java-tomcat-amd64-20111126-1909/oneiric-server-cloudimg-amd64.img.manifest.xml        admin   available       public          x86_64machine eki-7A4827A0
<bfreis> IMAGE   eki-7A4827A0    ebah-ubuntu-11.10-java-tomcat-amd64-20111126-1909/oneiric-server-cloudimg-amd64-vmlinuz-generic.manifest.xml    admin   available       public       x86_64   kernel
<bfreis> well, that's not the original image
<bfreis> IMAGE   emi-DB271F35    oneiric-server-cloudimg-amd64/oneiric-server-cloudimg-amd64.img.manifest.xml    admin   available       public          x86_64  machine eki-94B4240C
<bfreis> IMAGE   eki-94B4240C    oneiric-server-cloudimg-amd64/oneiric-server-cloudimg-amd64-vmlinuz-generic.manifest.xml        admin   available       public          x86_64  kernel
<bfreis> this is the original image
<bfreis> you see, it references the kernel by "kernel id"
<bfreis> eki-blah
<l0n> hmm looks like the xml filename is derived from the kernel name - oneiric-server-cloudimg-amd64-vmlinuz-generic.manifest.xml
<bfreis> certainly
<l0n> not sure that is the right kernel, in the tar.gz that you download, you also get a oneiric-server-cloudimg-amd64-loader, have you got that ?
<bfreis> yes, that is inside the tarball
<bfreis> the tarball structure is exactly the same for natty and oneiric
<l0n> and natty works?
<bfreis> and I used the very same uec-publish-tarball to publish it
<bfreis> yes
<l0n> ah ok
<bfreis> the problem is specific to oneiric
<bfreis> actually, the *-loader files are exactly the same
<bfreis> (well, more precisely, they have the same md5 hash)
<bfreis> don't know if it is good or bad though
<l0n> right, well I am now gonna give natty a go to make sure that does work
<l0n> if it doesn't then our problems might be different
<bfreis> great
<bfreis> it looks like it is not an issue with Eucalyptus, but something specific to Ubuntu
<bfreis> and now, if natty works for you, I'd say it is an issue specific to Ubuntu Oneiric's cloud image
<l0n> natty isn't working for me so looks like I haven't yet managed to reproduce it
<bfreis> oh damn
<bfreis> what did it say?
<l0n> natty also says it can't mount sda1
<bfreis> holy crap!
<l0n> don't worry, I am just doing something silly ;)
<wmp> lol: http://wklej.org/id/635463
<nebajoth> why are you using eucalyptus and not openstack?
<bfreis> nebajoth, because it is a PITA to install openstack
<bfreis> (before you ask, I don't own lots of boxes, just 4, so no orchestra+juju)
<nebajoth> but you lose all future compatability and support
<bfreis> nebajoth, the boxes serve only as VM hosts, I don't mind if they are not up to date, if they serve their purpose
<bfreis> if you know an easy way to install openstack on 4 servers, I'd be glad to know how!
<gllera> can i work with a vm on my pc and later put it on ec2??
<l0n> bfreis can you start up a natty VM and paste me the output from ps (prob best in a PM) to show the command line?
<bfreis> l0n, sure, just a sec
<bfreis> l0n, I think it's almost the same thing
<nebajoth> define easy :P
<bfreis> nebajoth, as easy as Ubuntu Enterprise Cloud installation on Natty 11.04
<bfreis> Shouldn't take more than 2-3 hours for someone who has never done it before
<adam_g> utlemming: you around by chance?
<bfreis> l0n, just sent you the kvm command line of one of my instances running a Natty image (not the original one, I tweaked it, but only slightly: installed some packages, etc)
<bfreis> nebajoth, well, I already lost lots and lots of hours searching for a way to install it on 4 boxes with 1 nic each, but let's ignore this part :)
<l0n> ok, shouldn't be a problem, I wouldn't have thought any packages would make a diff
<bfreis> l0n, I can launch an original natty as well, but that shouldn't change the kvm command line
<bfreis> eucalyptus won't know that it is an original or a modified image
<afeijo> hi guys, what would be the better adduser parameters to create one user? I created one for me in a new linode server, but when I access it, it isn't reading the .bashrc file nor any file
<l0n> afeijo how do you know it's not reading the .bashrc file or others?
<afeijo> l0n, when I log in, the prompt has only "$", and no autocomplete thru tab, no aliases, etc.
<afeijo> pretty naked
<l0n> yeah I know what you mean, delete the user and try this.... (me looks through notes)
<l0n> useradd -m USERNAME
<l0n> you may also need to change bin/sh in /etc/pass to /bin/bash
<l0n> for that new user
<l0n> sorry /etc/passwd
<afeijo> thanks!!
<uvirtbot> New bug: #896737 in openldap (main) "package slapd 2.4.21-0ubuntu5.6 failed to install/upgrade:" [Undecided,New] https://launchpad.net/bugs/896737
<afeijo> l0n, now it is perfect
<l0n> np :)
<l0n> btw, the reason the files don't exist is because you didn't have any .bashrc etc files, the -m creates a home directory for the new user and copies /etc/skel into it
<l0n> ok that was a bit of a broken statement but you get my meaning ;)
<afeijo> yeah, I found that, I did try the -m yesterday, I saw a few files in /home/feijo, but the /bin/sh was the issue
<l0n> aahh ok
<afeijo> l0n, do you know how to install maria db?
<l0n> nope never heard of it
<afeijo> l0n, it is the new mysqldb after oracle bought it, the community got the available source and made mariadb, hehe
<l0n> oh right cool
<afeijo> too bad we do not have an apt-get install out of the box
<l0n> they've got debs for Ubuntu on their site so shouldn't be too difficult
<afeijo> I'll try again to add their deb lines into my source.list
<l0n> or just download the debs and do: dpkg -i deb.dev
<afeijo> got it thru apt-key :)
<bfreis> Well, if there are people interested, l0n helped me track down the problem. Actually, Oneiric's x64 cloud image looks totally buggy. The kernel is wrong, /etc/fstab is totally broken (eg, the line that should mount the root file system lacks a mount point...), the file /etc/network/interfaces is buggy (does not configure eth0). I might be wrong, but I guess /etc/fstab and /etc/network/itnerfaces must be correctly set up for the image to work.
<bfreis> let's file a bug...
<bfreis> Well, where should I go to file a bug against the image?!
<bfreis> OH YEAH, after I fixed the network, it looks like it is working!
<bfreis> the instance booted properly, I can ssh into it
<bfreis> I have no idea if everything is fine though...
<bfreis> looks like Canonical uploaded the first crap they could put together to their servers, I cannot be sure that this image is correct now...
<pmatulis> bfreis: if you found a bug then let people know, there's no need to get vulgar
<bfreis> After all, it had nothing to do with Eucalyptus...
<bfreis> Where should I report it?
<bfreis> It is not a bug on any package, it is on the image file
<bfreis> pmatulis, do you know where should I report this bug?
<pmatulis> bfreis: against the ubuntu project
<bfreis> do you know where exactly?
<pmatulis> https://bugs.launchpad.net/ubuntu/+filebug
<jakupl> nebajoth, SpamapS: I installed dnsmasq on the server
<jakupl> nebajoth, SpamapS: and it seems to work, when I try to use "dig www.webpage.com"
<jakupl> nebajoth, SpamapS: But I don't quite understand... It just uses the dns server that the computer has used all the time right?
<jakupl> nebajoth, SpamapS: and all it does is to cache the queries?
<bfreis> Wow, it is REALLY hard to help...
<bfreis> I'm trying to file the bug
<bfreis> But I simply can't find how to do it
<bfreis> https://bugs.launchpad.net/ubuntu/+filebug redirects me to a huge page, with lots of texts, I just want a textarea to fill with all the information and what I did to solve the problem
<bfreis> Isn't there any such form?!
<pmatulis> bfreis: i have no idea what you're talking about.  the link i provided gives the most simle way to file a bug
<pmatulis> *simple
<jakupl> Does anyone feel like helping me understand dnsmasq?
<bfreis> pmatulis, the link you provided me redirects me to https://help.ubuntu.com/community/ReportingBugs
<pmatulis> bfreis: it doesn't for me (?)
<bfreis> if I take out the +filebug part, there's a page with a "Report a bug" link, but this is the same as the other link, and redirects me to the same wiki page
<bfreis> Well, looks like I have a new bug to report then, now against Launchpad, hehe
<pmatulis> bfreis: maybe inquire in #launchpad
<bfreis> You see what I mean when I say that it is hard to help?
<pmatulis> bfreis: i seem to remember such a redirection
<pmatulis> bfreis: looks like it, yes
<bfreis> pmatulis, https://bugs.launchpad.net/ubuntu/+filebug/?no-redirect
<bfreis> That is the trick
<bfreis> people at #launchpad doesn't seem to be very helpful... it is a shame.
<pmatulis> bfreis: i wonder why i don't get redirected
<bfreis> Maybe because your account is "special". You work at Canonical, don't you?
<bfreis> At "launchpad", I'm no one. I've once reported a bug against eucalyptus, that's all. Maybe I'm not trusted, so they redirect me to a page with loooooots of useless information :/
<pmatulis> bfreis: it doesn't work that way
<bfreis> Very strange
<bfreis> a guy at #launchpad said: Ubuntu requested that people be forced to read the page first, because otherwise a lot of people file them improperly.
<bfreis> pmatulis, I've finished writing the bug report, but it won't accept "ubuntu" as the package. What should I use instead?
<bfreis> It is really a bug on the packaging of the image, it is not an specific package
<bfreis> The other option is "i don't know the package", which is not actually the case
<bfreis> well, damn it, I've lost too much time on it already. I will select "i don't know the package"
<bfreis> https://bugs.launchpad.net/ubuntu/+bug/896772
<uvirtbot> Launchpad bug 896772 in ubuntu "Oneiric's x64 cloud image [20111124] won't boot (wrong kernel, buggy /etc/fstab, buggy /etc/network/interfaces)" [Undecided,New]
 * SpamapS subscribes smoser and utlemming to that bug
<SpamapS> bfreis: utlemming and/or smoser will likely be the best resources to help fix that.
<SpamapS> bfreis: can you try the precise images?
<SpamapS> bfreis: http://cloud-images.ubuntu.com/precise/current/
<bfreis> SpamapS, I just tested it
<bfreis> SpamapS, apparently the kernel is ok (it finds /dev/sda1), but the /etc/fstab is broken
<bfreis> SpamapS, it says "mount: mount point ext4 does not exist", exactly as it did with Oneiric when before I fixed /etc/fstab
<SpamapS> bfreis: that would be a nice data point for the bug comments. :)
 * SpamapS disappears
<koolhead17> hi all
<uvirtbot> New bug: #896818 in samba (main) "smbd crashed with SIGABRT in dump_core()" [Undecided,New] https://launchpad.net/bugs/896818
<koolhead17> hi all
<uvirtbot> New bug: #896723 in samba (main) "package samba 2:3.5.8~dfsg-1ubuntu2.3 failed to install/upgrade: ErrorMessage: package samba is not ready for configuration  cannot configure (current status `half-installed')" [Undecided,New] https://launchpad.net/bugs/896723
<Nelis> I'm having a problem booting from a raid1 array. During boot it drops to initramfs saying the boot device does not exist. I have no problems booting from a degraded array.
<Nelis> looks like /dev/disk/by-uuid does not exist, which would explain why it can't boot. No partitions showing in /dev whatsoever.
<tero> has anyone tried to install webmin on ubuntu server? any "hiccups" ?
<qman__> !webmin | tero
<ubottu> tero: webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system.
<dork> other than security no
<dork> there's a huge negative connotation associated with webmin though
<dork> has existed for over a decade
<tero> crap :\
<tero> client demands webmin
<qman__> you can do it, but it isn't supported here
<tero> this sux
<dork> tero: if they're paying you to make themselves vulnerable, it just means future revenue for them
<qman__> you will have to seek webmin-specific support
<dork> so if they demand it, hook them up
<dork> profit
<dork> s/them/you
<tero> well they really don't care about the OS
<dork> i mean future revenue for you
<tero> i guess i will have to use centos
<dork> i've used webmin over centos
<dork> i can't imagine it being any different than webmin over debian based oss
<tero> ok thanx
<dork> also 'isn't supported here' is stated in every irc channel on freenode
<dork> so don't worry about 'support'
<tero> we will see what can I do
<tero> :)
<dork> just make sure you lock it down
<dork> it's a huge vulnerability
<qman__> isn't supported here means just that, we can't help you if you broke your system by installing webmin
<dork> which is in the topic of every channel on this network
<dork>  i hear what you're saying though
<qman__> we also can't help you if something else broke, but you have webmin installed
<dork> it basically means 'we choose to not help you and then ridicule you when that time occurs'
<qman__> no, it means we do not help you because webmin breaks things
<dork> which can be said about anything
<dork> it's selective prejudice
<qman__> no, it isn't
<dork> yes
<dork> it is
<dork> sorry.
<dork> i don't mean to be inconvenient for you but that's pretty much what it is
<qman__> there's a reason webmin is singled out
<dork> if you don't want to help someone with webmin just shut up and don't say anything
<qman__> it breaks things in weird ways that are difficult to troubleshoot
<dork> no i realize that
<dork> the same way someone might single out dovecot because it doesn't like it's pop3s implementation
<dork> it's selective, it's freenode horse sht
<dork> that's just how it s.
<dork> man  need t oclean this keyboard out
<qman__> dovecot is supported here, it's actually the default
<dork> witty rebuttal
<dork> who are you to determne what is and isn't supported
<dork> is my point
<qman__> I am not; the ubuntu devs are
<qman__> packages in 'main' are supported officially
<dork> nobody comes here or any other irc channel asking 'what are your thoughts on me using *'
<dork> you should define that criteria then
<dork> instead of dismissing people
<qman__> packages in 'universe' are also generally supported here, but not officially
<qman__> webmin is neither
<dork> the best policy is to just stop running your mouth if you plan to not support something because you choose not to
<dork> instead of this 'x is not supported'
<qman__> sorry if it's not posted clearly enough, but that policy _is_ defined
<dork> qman__: people like you ruin irc
<dork> :)
<qman__> you're giving bad advice by telling people to use packages that are not supported, in the support channel
<dork> i answered his question
<dork> which you did not
<dork> you gave no advice.
<dork> yet i'm villafied?
<qman__> no advice is better than bad advice
<dork> haha
<qman__> because when he comes back here after webmin breaks his system, we can't help
<dork> that's fucking stupid.
<dork> he was made well aware of the negativity behind webmin
<dork> not sure if you just missed that part
<dork> or overlooked it
<qman__> it's not about negativity, it's simple fact, webmin is not supported here, we don't help people with webmin here
<dork> you don't support webmin
<qman__> if he needs help with webmin, he needs to seek a webmin support channel
<oCean> dork: control your language here, please
<dork> he didn't ask for help regarding webmin on ubuntu
<dork> he asked for input on webmin itself
<qman__> that is exactly what he asked for
<dork> oCean: will do.
<dork> qman__: so you'd rather tell someone that webmin isn't supported versus webmin is a horrible idea?
<qman__> I said both, and usually do
<dork> wah wah.
<qman__> if they stick around, I also usually advise on what they should do, but he was dead set on webmin
<qman__> so I told him to seek a webmin channel
<dork> understandable
<swharper> hm - trying to connect to a media share ive setup on server.  mac is giving me the following error:  The operation canât be completed because the original item for âmediaâ canât be found.
<swharper> it sees the machine and the share
<wolflkoder> hallo
<wolflkoder> habe ein Problem bei der installation vom mt-daapd
<cloakable> swharper: what server software?
<swharper> 11.10
<swharper> it is most likely a basic network issue
<swharper> i am able to connect to my mac from the server via afp but not vice verca
<swharper> id like to set up a samba share that is accessible to the rest of my network
<cloakable> -are you using Samba or netatalk?-
<cloakable> And if you're using a modern version of Mac OS, you can just use Samba.
<Nelis> When trying to boot from raid1 my system drops to initramfs saying it can't find the boot device, which makes sense since the /dev/disk/by-uuid path does not exist and no partitions are available in /dev. Any ideas on how I can solve this?
<swharper> well i installed ubuntu desktop - when i go to "sharing options" and check that box, I assume that is samba?
<swharper> yeah i am...
<cloakable> Yes
<swharper> it is odd because it isnt recognizing the root or admin username/password combos
<swharper> and guest access throws up an error
<cloakable> Does the user 'nobody' have read access to the shared directory?
<cloakable> And you can't connect to Samba as Root for security reasons iirc.
<swharper> ah i see
<swharper> well as my user account, the same applies
<swharper> when i check the media properties, it shows my user account as the owner, and i have folder access set to "create and delete files" but it won't let me change the file access
<swharper> well i guess thats only for files
<swharper> not folders
<swharper> group is my user name
<swharper> could be the issue there
<cloakable> Yeah. All that means is samba will let the guest account change stuff. Doesn't mean the underlying unix permissions will allow that.
<swharper> what should the group be then?
<swharper> nobody isnt an option in the dropdown
<swharper> i should probably just go back to the cli
<cloakable> Check the permissions on the folder. Is it something like rwxrwx---, or rwx------?
<cloakable> swharper: The guest account on samba, by default, is the 'nobody' unix user.
<swharper> permission is drwxrwxrwx
<cloakable> Hmmmm.
<cloakable> Underlying permissions are good then.
<swharper> yeahâ¦
<cloakable> And you have allowed the guest account access?
<swharper> id prefer to not have guest allowed
<cloakable> Aha.
<swharper> but my user isnt being granted access either
<swharper> so i tried guest
<swharper> im about 80% sure this is related to group permissions
<swharper> since my user isnt being granted access
<swharper> and im the creator
<cloakable> You can't get more permissive than rwxrwxrwx
<swharper> rightâ¦ok so how does it work from the client side?  the server doesnt show up at all when i browse the network
<swharper> from the client
<swharper> on the other hand, the server sees afp shares i have set up
<cloakable> That -sounds- like a samba problem, honestly.
<swharper> yeah
<cloakable> Is samba running?
<cloakable> Can you browse to smb://127.0.0.1 on the desktop?
<swharper> christ i hope its not that basicâ¦checking
<swharper> hm
<swharper> i had samba install when i installed the server
<swharper> OS
<swharper> yes i can
<swharper> shows the media share
<swharper> now when i try to open the media share the same issue arises
<swharper> my username/password combo doesnt work
<swharper> this is locally
<Nelis> When trying to boot from raid1 my system drops to initramfs saying it can't find the boot device, which makes sense since the /dev/disk/by-uuid path does not exist and no partitions are available in /dev. Any ideas on how I can solve this?
<stiv2k> hi
<stiv2k> for some reason i cannot write to all of my samba shares other than the homes share
<stiv2k> all my shares have guest ok = yes and
<patdk-lap> guest ok = yes != writable
<patdk-lap> you have to make sure the linux guest user that guest gets mapped to, has write permissions
<stiv2k> writbale = yes
<patdk-lap> and that in samba, the guest user also has write permission
<stiv2k> that sounds unnecessarily complex
<stiv2k> ok let me see the guest user info
<stiv2k> hm my config file must not have all the params in it
<stiv2k> patdk-lap: do you know what parts of smb.conf are for the guest user
<qman__> guest write is usually a really bad idea so it's difficult to enable
<qman__> do you actually want guest write, or do you just want users to be able to write?
<RoyK> stiv2k: it's NOT unnecessary complex, it's how unix is built. If you want to break security etc, just chmod 777 /whatever/dir/is/shared/with/samba
 * guntbert whistles a warning tune
<stiv2k> RoyK: qman__: well, samba is not accessible outside my LAN, so how is it so dangerous?
<qman__> it's dangerous because of anyone or anything that can get inside your LAN
<stiv2k> hmm ok
<qman__> common vectors include wireless access points, or especially if it's a laptop
<stiv2k> so ill just stick with guest read and user write
<stiv2k> but i think i am actually already logged in
<stiv2k> since i see my home directory share
<qman__> less common but equally possible are viruses and similar attacks
<stiv2k> i still cannot write to other shares
<swharper> what is the advantage of configuring ldap with samba as opposed to simply setting up users/permissions within samba?
<qman__> in order to write to the other shares, your user needs to have local write access to the shared folder locations
<qman__> you can fix that by changing the permissions or owner/group-owner of the directory
<stiv2k> okay let me check that
<stiv2k> one sec
<stiv2k> yeah that must be it
<stiv2k> the shares are owned by debian-transmission:debian-transmission
<qman__> in this particular case, I suggest one of two solutions
<stiv2k> group which i am not a part of
<qman__> either change the group-owner of all the files to your user's group, or add your user to the debian-transmission group
<qman__> the latter is preferable for usability since new files are probably going to be created with those permissions
<stiv2k> ok
<stiv2k> thanks for the tip :)
<qman__> you may have to log out/log back in for the change to take effect
<qman__> in the case of samba, that'd mean disconnecting from the server and reconnecting with it asking for login
<stiv2k> qman__: in this case do you think a file permission of 660 is safe
<qman__> swharper, the advantages of ldap include one set of users/passwords, eliminating smbpasswd, and being able to use the same users and passwords across the network on multiple servers and clients, single-sign-on
<qman__> yes
<stiv2k> and directory permission of 770
<swharper> hm
<swharper> thx
<qman__> yes
<qman__> to be reasonably secure, you just want to make sure guests can't write, and can't get to private data
<qman__> and that system accounts like debian-transmission can't log in over the network
<qman__> which they can't by default
<stiv2k> cool
<stiv2k> here is how i set up the shares http://fpaste.org/mVRo/
<qman__> looks good, one trick you may want to use is the 'force group' option
<qman__> if you have more than one user using files, that causes new files to be created with a specific group owner, so other users can then read and possibly write to files and folders created that way
<stiv2k> where can i read more about this
<qman__> IIRC the samba manual explains it pretty well
<stiv2k> i wonder if i need to end my screen session to make the group add to take effect
<qman__> http://www.samba.org/samba/docs/man/manpages-3/smb.conf.5.html#FORCEGROUP
<stiv2k> brb
<stiv2k> ok that worked, now to log out from the windows session
<stiv2k> wtf
<stiv2k> qman__: either i cant terminate the windows connection or... i still cant write
<qman__> stiv2k, have you restarted samba?
<stiv2k> i guess thats a good way to do it
<stiv2k> qman__: it works :)
<stiv2k> thank you
<srk9> Why doesn't ubuntu-10.04.3-server-i386.manifest exist?
<stiv2k> qman__: i noticed a share called 'homes' showed up
<stiv2k> can i make this not show up, as there is already a share with my user name that is my home directory
<qman__> probably a mistake in your configuration file, it doesn't normally show
<qman__> if you pastebin the whole thing I can probably find it
<stiv2k> it just appeared i think
<stiv2k> http://fpaste.org/2fU8/
<stiv2k> is it the browseable = yes of the home directories share?
<lwizardl> Hello
<Nelis> I can't seem to boot from my software raid1 array unless it's degraded. When being dropped to initramfs blkid only lists sda:"promise_fasttrack_raid_member" and /dev/disk/by-uuid/ does not exist. Any ideas on how to solve this?
<chronos> hello.
<chronos> how I can set my ubuntu server to use a wireless connection?
#ubuntu-server 2012-11-19
<k1ng> hi
<k1ng> ii want to copy everything except upload dir and config.php with rsync. how do i do that?
<blkperl> k1ng: `man rsync` search exclude
<lvmer> k1ng: ooooo lmk if you find a good tutorial for rsync or make progress. I need to find a consistent way to backup my server too. xD
<k1ng> i actually did:)
<k1ng> rsync -avn --exclude=upload --exclude=config.php --exclude=fixer.sh --exclude=apfixer.php --exclude=HN9200FU_6.10.0.12.zip --exclude=backup --exclude=news.txt --exclude=images/logo.png /home/backup/sims /root/test
<lvmer> k1ng: xD
<blkperl> lvmer: why not use backup software? like bacula or amanda
<jibel> smoser, the user 'ubuntu' is not added to sudoers in latest raring cloud images, is it known?
<Daviey> jibel: is it added to admin?
<jibel> Daviey, it is a member of adm but not admin
<Daviey> jibel: nice
<jibel> bug 1080685 , feel free to reassign to the right package
<uvirtbot> Launchpad bug 1080685 in cloud-init "raring cloud images: User 'ubuntu' cannot sudo" [Undecided,New] https://launchpad.net/bugs/1080685
<Kartagis> hi
<Kartagis> should I be worried about this? warning: process /usr/lib/postfix/trivial-rewrite pid 18501 exit status 1
<smoser> jibel, :-( no. i'll take a look. thanks for raising.
<Akendo> Heloo Guys
<Akendo> Hello Guys
<Akendo> I'm using OpenStack Folsom from the Ubuntu Cloud Archive, i found and fixed a bug and want to comit this. How can i do this?
<jamespage> Akendo, hi!
<Akendo> Hello jamespage
<jamespage> Akendo, is there a handy bug report for this problem that we can use?
<Akendo> That is what I'm looking for
<jamespage> Akendo, OK - so whats the problem you have found?
<Akendo> There is a problem in glance, creating or uploading via RBD (RADOS Block Device) to Ceph.
<Kartagis> hi. should I be worried about this? warning: process /usr/lib/postfix/trivial-rewrite pid 18501 exit status 1
<Akendo> When i create a  Image it's raising a excepction
<jamespage> Akendo, stack trace would be helpful
<Akendo> 2012-11-19 14:32:45 ERROR glance.api.v1.images [3dfbce68-310a-4fab-8bac-ff1b133d7ea9 None None] Traceback (most recent call last):
<Akendo>   File "/usr/lib/python2.7/dist-packages/glance/api/v1/images.py", line 437, in _upload
<Akendo>     image_meta['size'])
<Akendo>   File "/usr/lib/python2.7/dist-packages/glance/store/rbd.py", line 234, in add
<Akendo>     image_size, order)
<Akendo>   File "/usr/lib/python2.7/dist-packages/glance/store/rbd.py", line 205, in _create_image
<Akendo>     librbd.create(ioctx, name, size, order, old_format=False)
<Akendo> TypeError: create() got an unexpected keyword argument 'old_format'
<jamespage> Akendo, pastebin is better
<Akendo> Oh ;-)
<jamespage> Akendo, which version of ceph are you using?
<Akendo> The Question I have first: Does i can be, that this 'old_format' is requiert by a newer version of Ceph?
<Akendo> Stable Version, 'old_format'
<Akendo> Stable Version, ceph  0.41-1ubuntu2.1
 * jamespage looks
<jamespage> Akendo, yes - it does; 0.48 onwards will do the trick;
<Akendo> hm..
<jamespage> thats currently in-flight to land in the folsom cloud archive - lemme see if I can nudge it along
<Akendo> We
<jamespage> Daviey, ^^ can we get ceph out of folsom-proposed and into folsom-updates please
<david_> I am using public/private keys to log into my server. I want to see in auth.log which key is being used for each login. Anybody know what parameter is needed in sshd_config ?
<Akendo> I want to use the Stable release, but If I'm right there will relese a new version soon, right?
<jamespage> Akendo, 0.48 is the current stable release
<Akendo> Ah
<Akendo> But
<jamespage> bobtail is due based on 0.55 of ceph - a few weeks off yet
<jamespage> that won't be put into the cloud-archive for Folsom; but will make it for Grizzly
<Daviey> jamespage: yes
<Akendo> So, I'm using an outdated Version?
<jamespage> Akendo, basically yes
<Akendo> hm...
<jamespage> Akendo, this is one of the reasons we made the call to put ceph into the cloud archive as well
<Akendo> We have this package out of the stable ceph repo
<Akendo> So
<Akendo> I guess that is the problem
<jamespage> Akendo, which 'stable ceph repo' are you referring to?
<Akendo> http://ceph.com/docs/master/install/debian/#add-stable-release-packages
<Akendo> Like there do it in this documenation
<jamespage> Akendo, the version you quoted is the version from the main Ubuntu archive in precise
<Akendo> hm..
<Akendo> Strange...
<Akendo> ok, just updating this
<jamespage> Akendo, this will all shake out once the new version of ceph lands in the folsom cloud archive - that will push it up to 0.48.2 which is compatible with folsom
<jamespage> Daviey, thanks
<Akendo> So there is no bug report to commit ;-)
<Akendo> Thank you
<Daviey> jamespage: the tooling is on my other machine, so can it wait an hour or so?
<jamespage> Akendo, no problem
<Akendo> That helped a lot
<jamespage> Akendo, FYI we are about to integrate ceph into the automated testing we do for OpenStack on Ubuntu
<jamespage> which should help spot this sort of issue going forwards...
<Akendo> That would be great ;-)
<Akendo> Sounds exciting
<Akendo> ^^
<uvirtbot> Akendo: Error: "^" is not a valid command.
<Kartagis> hi. should I be worried about this? warning: process /usr/lib/postfix/trivial-rewrite pid 18501 exit status 1
<lamont> Kartagis: that depends entirely on why it's exiting
<lamont> what else does syslog have to say about it?
<Kartagis> lamont: http://ccd12e76108915a3.paste.se/
<Akendo> So, I updated now to a newer version of ceph. I restarted the server, but i can't see anymore the image
<jamespage> Akendo, hmm
 * jamespage rubs his chin
<Akendo> I can found the entry in the MySQL Db, but glance image-list is empty
<Akendo> also does the rbd list -p images displaying the uploaded images
<jamespage> Akendo, did you re-upload the image? I'm wondering if something in the DB is not quite right due to that error before
<Akendo> Yes
<Akendo> Also the re-uploaded image is not displayed
<Akendo> Both images a list in the MySQL DB
<Akendo> I'll going to try Cinder with Ceph now. Maybe the glance image-list have a issue with accessing rbd devices?
<peta_> Hello guys
<smoser> smb, around ?
<smb> yees... (wondering whether that is good)
<peta_> I want to roll my custom php5.4 build for my 10.04 production server and I am wondering what is the "best" method to create portable deb packages. I hear about checkinstall and it sounds too easy to be true. What would you suggest?
<peta_> Side note: My production server is a 10.04 amd64 and I have an exact copy of that system as virtual machine on my local computer -- that's where I do all the build stuff before something is moved to the production server.
<lamont> Kartagis: command usage for trivial-rewrite in master.cf is bad in some way
<smoser> smb, i'm hitting https://bugs.launchpad.net/ubuntu/+bug/1078926
<uvirtbot> Launchpad bug 1078926 in ubuntu "raring instance failed to find EC2 datasource" [High,Confirmed]
<smoser> and its exhibiting really strange behavior.
<smoser> i'm bothering you primarily because of the fact that networking was not reliable after reboot.
<smoser> i'm guessing a flakey network driver could have cuased the issue on first boot also.
<Kartagis> lamont: rewrite   unix  -       -       n       -       -       trivial-rewrite
<Kartagis> I'll be back tomorrow
<smb> smoser, Hm, ok. So in micro its netfront. Though I need a bit of time to look trhough the messages in detail
<lamont> Kartagis: I don't have time to dig into it - it could just be parameters in main.cf that are tripping it up as well
<smoser> smb, you want to poke at the instance at all ?
<smb> Oh, it is still up, then maybe yes
<smoser> smb we've seen this "networking doesn't come up" *very* rarely previously, i'd guess on order of 1/1000 or more.
<smoser> but it seems to come up more regularly on raring
<smb> smoser, Ah so even with older releases?
<smoser> well, really really rarely.
<smoser> such that i believed it was a platform (ec2) failure.
<smoser> (and i'm still not convinced it is not for the less common case).
<smb> smoser, Yeah it might be nice to see the logs from the domain creation. Though I know that won't happen
<smoser> smb, ok. stefan-bader-canonical can go into backdoor@ec2-50-16-73-126.compute-1.amazonaws.com
<smb> smoser, Heh nice naming scheme...
<smoser> fwiw, you might find use for lp:~smoser/backdoor-image at some other point in time.
<smoser> smb, so, to show failure on that instanc,e right now, i'm trying to get /var/log/syslog off of it
<smoser> and this fails (hangs)
<smoser> ssh -C -v backdoor@ec2-50-16-73-126.compute-1.amazonaws.com  'sudo cat /var/log/syslog'
<smb> smoser, Hm, even a dmesg hangs after a bit. Feels like network works a bit only... Something like this I only had with HVM domUs that had interrupt issues...
<smoser> smb, one interesting thing though was that 'apt-get install pastebinit' worked.
<smoser> which goes to s3
<smoser> which might point to a packet length issue
<smoser> wow. there is just all sorts of stuff seemingly busted there.
<smb> smoser, It seems a dmesg into less also works better... hm not yet at netfront but "blkfront device/vbd/2049 num-ring-pages 4 nr_ents 128" now if I could remember things better I might know whether that was more than 1 before...
<smoser> smb, hm..
<donspaulding> Hey there, I've got a running installation of Karmic server out in a datacenter.  It doesn't have anything valuable on it, so I'm wondering if I can repurpose it as an openstack controller.  I want to install the Quantal on it, but I don't have console access to the machine.  Is there a way I can install ubuntu server from the running install of Karmic?
<roaksoax> jamespage: oh btw... I don't know if you noticed but there miught be an issue with rabbitmq
<roaksoax> jamespage: sometimes the instances fail due to rabbitmq failing to start
<jamespage> roaksoax, might their?
<jamespage> is that on instances?
<roaksoax> jamespage: yeah
<jamespage> we tear it up and down pretty regular in the lab.
<roaksoax> jamespage: yeah, this is only in the instances, sometimes happens, sometimes doesn't, pretty weird
<smb> smoser, Did you just stop the instance?
<smoser> probably
<smoser> :-(
<smoser> smb,  i hvae another just a minute
<smoser> sorry
<smb> smoser, Oh, no worries. Not sure I can really get much more right now. Just was a bit surprised.
<smoser> backdoor@ec2-174-129-111-177.compute-1.amazonaws.com
<smoser> smb, if you want, you can use that.
<smoser> it seems to me that multiple things at play
<smoser>  * race condition for ifup
<smoser>  * plymouth dies (/var/log/boot.log doesn't get to /dev/console)
<smoser>  * flakey network driver/settings/something
<smb> smoser, Ok, and I probably should try whether things are the same if I run on my version of Xen 3.4.3
<smoser> smb, do you think there is useful info in the fact that local(ish) networking seems to work
<smoser> (ie, to s3)
<smb> smoser, It is a bit confusing as anything goes through the same virtual nic
<smoser> well, but the packet size would differ
<smoser> no?
<smb> smoser, Oh, hm... could it be more of a console device issue...
<smoser> ?
<smoser> no.
<smoser> scp hangs.
<smoser> whic hprobably doesn't allocate a console device
<smoser> i woudln't think (if you're speaking of a pty)
<smoser> but i could be wrong on that
<smb> smoser, Was rather thinking of the console one attaches to at login. But if a remote scp fails as well... Package size may differ but I would rather think internal networking would use the biggest usable size
<smb> smoser, But yeah, we use pts here, so not what I was thinking
<smb> smoser, The only other difference would be that apt-get install would have more receiving data. Which direction was you scp?
<smoser> smb,  i was trying to scp /var/log/messages from the instance
<smoser> also, wget http://ubuntu-data.s3.amazonaws.com/ebs/ubuntu-images-milestone/ubuntu-lucid-10.04-beta1-amd64-server-20100317.img.tar.gz -O /dev/null
<smoser> that works fine
<smoser> reliable ~200M transfer at 10M/s
<smb> smoser, So that scp was also sending, as are the dmesg or cat that seem to lock up
<smoser> hm..
<smoser> smb, i can put up anoter instance in that zone if you'd like
<smoser> then you can try moving data back and forth between it if you 'd like
<smb> smoser, I am just pulling something bigger from people which seems to work too
<smoser> os it woudl seem maybe we're busted on traffic going into the instance.
<smb> smoser, To me it seems higher traffic out of the instance causes issues.
<smoser> "higher" == > 10k
<smb> smoser, Let me try to recreate that locally
<ninjix> does anyone have thoughts or tips for managing the maintenance portion of long running Ubuntu cloud instances? I've been searching around but haven't really found any good writeups on the subject.
<smoser> i had to use 'split --bytes=4095' to use 'ssh user@host cat file' reliably.
<smoser> (4095 not reliably determined. i jumped from 10000 to that just on a whim)
<roaksoax> jamespage: oh btw... i think there's a problem with l3-agent
<jamespage> roaksoax, oh yes?
<roaksoax> jamespage: so I have setup the HA cluster. I "kill" the quantum/0, it fails over to quantum/1, but l3 fails to start due to being unable to connect to whatever it needs to connect
<roaksoax> jamespage: i haven't yet look at what might it be... just wanted to let you know :)
<smoser> smb, on this particular instance, and right now, i'm seeing this works:
<smoser>  ssh backdoor@ec2-174-129-111-177.compute-1.amazonaws.com   dd if=/dev/urandom bs=1024 count=10 >/dev/null
<smoser> this hangs:
<smoser>  ssh backdoor@ec2-174-129-111-177.compute-1.amazonaws.com   dd if=/dev/urandom bs=1024 count=11 >/dev/null
<ninjix> most of what I find written is geared toward ephemera instances. I want to move more of our core systems to Ubuntu Openstack arch
<smoser> ninjix, what does "maintenance portion" mean ?
<smoser> applying updates?
<smb> smoser, wtf...
<roaksoax> jamespage: or the connection was refused
<ninjix> smoser: life cycle of an instance
<roaksoax> jamespage: ./deployer.py -c openstack.cfg openstack-quantal-quantum
<roaksoax> err
<roaksoax> jamespage: http://paste.ubuntu.com/1370377/
<ninjix> I'm wondering about how people are taking care of their long running instances
<ninjix> the question came to mind this morning while I was having to perform a number of full reboots to pickup kernel updates
<smoser> smb, random information:
<smoser> ssh backdoor@ec2-174-129-111-177.compute-1.amazonaws.com   dd if=/dev/urandom bs=$((1024*5+(256+111))) count=1 >/dev/null
<smoser> that is the first block size to hang fo rme.
<smb> smoser, But you do nothing that causes any different traffic on any block or net device... Execept maybe a slightly different timing...
<smb> smoser, Oh wait urandom... lack of entropy maybe
<smb> smoser, At least one I did is waiting on the read to finish
<smoser> urandom doesn't use entrop
<smb> smoser, I think it does but should stop if low on entropy... But I jused messed up the repeat. Doing 1024 5MB records is a bit insane. Seems while being logged in I can do 5*5MB without locking
<smoser> smb, to where?
<smb> backdoor@ip-10-212-103-115
<smb> but also from urandom to null
<smoser> smb, i was just doing network transfer
<smoser> that was the thing
<smoser> used /dev/urandom (badly) to avoid compression.
<smoser> smb, but interestingly, this fails same way:
<smoser>  ssh -o Compression=no $uhost dd if=/dev/zero bs=$((1024*5+(256+110))) count=1 >/dev/null
<smoser> (well, the 111 fails, 110 passes)
<smb> smoser, Oh, doh!
<smb> smoser, Ok, I see, you discard the data locally.
<smoser> right.
<tonyyarusso> Anyone know how ufw/iptables would impact ARP?
<tonyyarusso> (An entry was not showing up on the switch with ufw enabled; disabled ufw and the entry I was looking for popped right up.)
<SpamapS> tonyyarusso: AFAIK, ufw doesn't mess with any of the ARP settings
<vezq> don't have very good experiences with ufw
<smb> smoser, Ok, for now I am off the instance and you can rip it down if you want. I want to try that locally
<nopz> Hi there, anyone using lsyncd ?
<smoser> smb, k.
<jdstrand> ufw does not do anything with arp
<tonyyarusso> I wouldn't think it would, but somehow it seems to be affecting something.  Very confused.
<tonyyarusso> How would I specify that the IP addresses associated with each interface should only be accessible through that interface, not the other?  For instance, if eth0 is .2 and eth1 is .3, no traffic to .3 should could through eth0.
<rbasak> tonyyarusso: is http://www.tldp.org/HOWTO/Adv-Routing-HOWTO/lartc.kernel.rpf.html what you need?
<rbasak> tonyyarusso: also see: http://lkml.indiana.edu/hypermail/linux/kernel/0002.2/0880.html
<tonyyarusso> rbasak: I don't think so?
<tonyyarusso> rbasak: To expand a bit, I have two interfaces that are on the subnet, connected to the same switch, on the same vlan.  The switch is .1, eth0 is .2, and eth1 is .3.  eth0 is connected to switch port 2:20 and eth1 is connected to port 2:15.  My goal is to totally separate traffic between the physical interfaces by IP address, so that if eth1 gets saturated by traffic to .3 (incoming sflow packets only) I can still do management ...
<tonyyarusso> ... stuff to eth0 on .2 (all two-way traffic).
<tonyyarusso> Man, this ufw thing is reproducible.  Disable ufw, and the ARP entry for eth1 pops up on the switch, but it's not there when ufw is enabled.  Weird.
<rbasak> Oh, I see. You can do that with multiple routing tables and advanced routing (see the howto), but I'd recommend against it. Everyone else with that need would use a separate management lan or vlan, and that's probably the path of least resistance
<tonyyarusso> perhaps
<jdstrand> tonyyarusso: are you using bridging?
<tonyyarusso> jdstrand: no
<BrixSat> Hello, is there any daemon with webinterface for network monitor?
<jdstrand> tonyyarusso: I suggest doing something like 'sudo ufw logging high' and then look in /var/log/ufw.log to see what is going on (in fact, with 'logging low' (the default), you might already have stuff there. it seems pretty clear that you will need to add iptables rules to /etc/ufw/before*.rules to handle your setup (see man ufw-framework for details)
<Kartagis> how do I know whether postfix is in chroot?
<lamont> Kartagis: if you didn't chagne the config, it's in a chroot by default on debian and ubuntu
<Cuacrzz> hello, i need some help with a l2tp vpn config please!
<jamespage> roaksoax, that would indicate the l3-agent is not configured at-all
<jamespage> roaksoax, ignore me
 * jamespage scrolls to bottom of log
<jamespage> roaksoax, is 10.55.60.163 the IP of the node you took out?
<jamespage> l3-agent will be getting URL's for quantum from keystone; and if one has dropped we need the haproxy frontend to keystone as well.
<raub> Does anyone know if the Intel x520-DA2 (chipset 82599ES) works well under ubuntu 12.04LTS? https://wiki.ubuntu.com/HardwareSupportComponentsWiredNetworkCardsIntel might be a bit dated
<jamespage> roaksoax, note that the scalability of the l3-agent is a documented limitation - it has to query quantum to figure out what it should be doing
<roaksoax> jamespage: right, this is not scaling though, it is a failover
<roaksoax> jamespage: so l3-agent is simply started in quantum/1 node, if quantum/0 fails
<jamespage> roaksoax, I know
<roaksoax> jamespage: let me deploy everything again
<jamespage> roaksoax, ack
<roaksoax> jamespage: btw.. you didn't make any more changes to the quantum charm right?
 * jamespage thinks
<jamespage> I'd have to check the branch but I don't think so no
<jamespage> last commit on friday
<tonyyarusso> jdstrand: well, I'm not seeing anything obvious yet at least.
<Akendo> Hello jamespage , sorry for disturb again. My cinder have troune using this uuid password for ceph. It looks like it that it's no working
<Akendo> Any idea?
<Akendo> troube*
<jamespage> Akendo, yeah - that is fiddly
<Akendo> Make me a little bit crazy..... why a uuid?
<jamespage> Akendo, take me through how you are setting up and managing the uuid
<jamespage> specifically on cinder and on the nova-compute nodes....
<Akendo> http://ceph.com/docs/master/rbd/rbd-openstack/#setup-ceph-client-authentication
<jamespage> (I wrote all of this stuff into the Juju charms for OpenStack so I know how awkward it is)
<Akendo> Like the ceph guys it do
<jamespage> right - I banged my head against that for a while as well.
<roaksoax> jamespage: another thing. The ha cluster will need at least 2 interfaces ... so in the quantum charm I'll have to specify: 1. network address of interfaces, 2. multicast address to use. 3. and multicast port to use
<roaksoax> jamespage: how can we make the config to dinamically add interfaces
<jamespage> Akendo, you can do it one of two ways
<roaksoax> (in case we want to add a third, fourth)
<Akendo> ok
<jamespage> 1) Create the uuid on the cinder host first; and then create it using exactly the same uuid on all of the nova-compute nodes
<jamespage> or
<jamespage> 2) Create it individually on each node and specify the rbd_secret_uuid for each host individually (they can all be different)
<jamespage> roaksoax, wellll....
<jamespage> that is awkward
<jamespage> Akendo, one second - I'll dig out a bit of code for you
<roaksoax> jamespage: ackward, but required, unless we *always* require a second nic
<Akendo> hm..
<Akendo> Thank you, I'll try it again
<jamespage> Akendo, this is the config in nova-compute for the second option - http://bazaar.launchpad.net/~charmers/charms/precise/nova-compute/trunk/view/head:/hooks/nova-compute-relations#L131
<jamespage> set_or_update just sets options in nova.conf
<jamespage> roaksoax, its tricky because to an extent you have to make assumptions about the physical machine you are using
<jamespage> having a config option that specifies the physical nic to use would make sense
<jamespage> but it has to be consistent across all service units
<roaksoax> jamespage: exactly, but that's why this cluster uses the network address, and with it , it selects the interface
<roaksoax> jamespage: so to me, it makes more sense to send the network address of the iface to use
<jamespage> OK - so lets ignore that issue for the time being and assume that is the case
<roaksoax> rather than a nic
<Akendo> Ah
<Akendo> I now understanding how this work, awesome link!
<jamespage> roaksoax, but you are assuming the nic is already configured then?
<Akendo> Now I *
<roaksoax> jamespage: i';m assuming that I know the network address to which the cluster is going to be connected to
<jamespage> Akendo, https://javacruft.wordpress.com/2012/10/17/wrestling-the-cephalopod/ has a bit more on deploying ceph with openstack using juju charms
<Akendo> hm..
<Akendo> Ok
<jamespage> Akendo, even if you don't want to use juju its worth reading the code to plunder the knowledge :-)
<jamespage> roaksoax, is this a multicast address?
<roaksoax> jamespage: so the thing is the communication between cluster nodes is based on "rings"
<roaksoax> jamespage: each rings needs, multicast addresss, multicast port, and network address
<jamespage> roaksoax, network address per service unit right?
<roaksoax> jamespage: right, the network address to which the service unit is connected to
<roaksoax> jamespage: every node in the cluster nees to be configured with the same network address, mcast address/port
<jamespage> roaksoax, right
<roaksoax> jamespage: so I can't simply assume that eth0, for example, is the interface used for all the physical systems to connect to the same network
<roaksoax> which means using network address is a better approach
<jamespage> roaksoax, I still don't see how that maps to individual service units
<jamespage> eth0 is universally appliable
<zul> smb: still around?
<jamespage> 192.168.21.99 applies to a single unit only
<smb> zul, Somewhat, but a good deal of my brain is away...
<jamespage> roaksoax, unless I missed something and you mean 192.168.21.0/24 (i.e. a network address)?
<roaksoax> jamespage: right, but physical machine 01, is connected to network 10.10.10.0/24 on eth0, machine02, is connected to 10.10.11.0/24
<roaksoax> on eth0
<roaksoax> if we specify interface to use
<jamespage> roaksoax, right - sorry - I see now - I was being dumb.
<roaksoax> the nodes in the cluster will never see each other
<zul> smb: did you have a script that takes the cloud-images and make it usuable for xen?
<jamespage> roaksoax, I'd also never underestimate the value of common cabling in the DC classed by machine type
<smb> zul, Sort of. It is usable for Xen, what it does is adding no-cloud data
<jamespage> its invaluable :-)
<zul> zul: care to share?
<roaksoax> jamespage: oh definitely not, they are going to use a standard cabling/network per interface and stuff
<smb> zul, Talking to yourself again? :)
<roaksoax> i just don't want to assume
<zul> smb: perhaps :)
<roaksoax> jamespage: though it could be a requirement... have the same interface in the same network
<jamespage> roaksoax, I have to dash now - if you want to leave your test rig running and add my LP key (james-page) and PM me the details I'll take a look first thing
<zul> smb: some people's brains are not here as well
<smb> zul, I can post it to you. I hope it is generic in usage, you should look at it carefully
<jamespage> roaksoax, I don't think thats unreasonable
<smb> zul, :)
<zul> smb: please
<jamespage> I make that assumption in the quantum charm already
<jamespage> with the ext-port configuration
<roaksoax> jamespage: ok, so i guess i can do the same then
<zul> right...so libvirt 1.0 works with xen 4.1
<smb> zul, I am trying to get a xen package reviewed for raring that has 4.2 and re-adds qemu-dm since
<zul> smb: linky?
<smb> that was suggested by the xen folks (because upstream qemu does no migration)
<zul> right
<smb> zul, I asked someone else already for a review, so I don't want to create chaos by spreading it into all corners
<zul> ack
<smb> Hope it gets done soonish though
<smb> zul, script sent
<zul> thanks
<smb> zul, Let me know how it works for you. I have to admit it might be a bit "evil"...
<zul> smoser: hey do you have a problem with adding an upstart job for hvc0 for pv-domu guests in the cloud-images?
<smoser> what would said upstart job do ?
<zul> smoser:  just creates a getty
<zul> http://pastebin.ubuntu.com/1370663/
<smoser> id rather you think of it generically.
<smoser> maybe 'virt-getty.conf' that generally tries to run a getty on any "virtual console". even potentially considering 'ttySX' to be such a console.
<zul> sounds reasonable
<smb> smoser, I actually have one for hvc0.conf which only starts it when /dev/hvc0 is present
<zul> smb:  crappers http://pastebin.ubuntu.com/1370663/
<smb> zul, smoser, http://paste.ubuntu.com/1370690/
<zul> smb:  no domU drivers loaded :
<zul> smb: that works for me
<smb> zul, I intend to add this to the xen package in one of the next steps to get the same on dom0
<smoser> smb, you should be able to reference DEVNAME in the getty call i think
<smoser> and then extend the start on to other things also
<ninjix> hey guys, which openstack network mode is the server team using?
<smb> smoser, Well this was started with more of dom0 in mind, so I did want to exclude the container case. Did not seem overly making sense there
<ninjix> are you running Quantum for much of your testing?
<smb> smoser, Oh, if you meant extend to start on different tty's... It seemed that rather each desired one should have its own conf file
<smoser> smb, well i dont know. why would you want a bunch of things that differ only by 3 chars.
<smoser> i was suggesting a generic one that was configured one place that said "do you want a getty on a virtual console device"
<smb> smoser, You could ask why there is tty[12345].conf... ;)
<smoser> then if any were there, it turned them on.
<smoser> (yes, i could ask that)
<smoser> especially if those jobs can be started on demand as yours shows there.
<smb> smoser, I guess one thing is it makes it simpler to start/stop ttys individually
<smb> And not sure how tight the need for one process triggered by one conf file in udev is... that is something I need to investigate too for trying to make xen start scripts upstart ones
<RoyK> what's the big deal with xen when kvm's around?
<smoser> smb, its not significantly simpler to start/stop ttys individually.
<smoser> you hav eto make it an instance job. and
<smoser> start virt-console DEVNAME=ttyS0
<smoser> or something like that
<smb> smoser, Well, yeah. I would not claim to know why it was done that way. I just usually assume there has been some reason for it (maybe just histerically because there were individual lines in inittab). Or maybe it allows for simpler additions without risking to loose those when upgrading.
<tonyyarusso> How do I prevent a route from being created on boot?  Specifically, I do NOT want the route that reads "206.131.129.4   *               255.255.255.252 U     0      0        0 eth1".  Here's my /etc/network/interfaces currently:  http://pastebin.com/pBWq7TC6
<keithzg> I swear I've done it plenty of times, but I've just upgraded a server to 12.04 and it keeps prompting me to upgrade to 12.10 upon terminal login; how do I stick it to LTS only?
<ScottK> keithzg: Look in /etc/update-manager/release-upgrades
<keithzg> ScottK I already did that, it has the line "Prompt=lts"
<keithzg> and yet...
<ScottK> Dunno.
<ScottK> Did you restart after you changed it?
<ScottK> I'm not sure where that gets cached.
<keithzg> I didn't even ever change that
<keithzg> It has, as far as I know, always said that.
<keithzg> last modified date is Aug 8, looks like
<RoyK> keithzg: wierd - try an "apt-get dist-upgrade" - make sure it's updated - simetimes there's a bug...
<keithzg> The following packages will be upgraded: unity-scope-musicstores
<keithzg> heh, methink that won't do the trick
<sarnold> indeed, but at least it is a simple step :)
<keithzg> sarnold truth!
<tonyyarusso> keithzg: You have to delete a file in /var.  Let me see if I can find it.
<tonyyarusso> keithzg: /var/lib/update-notifier/release-upgrade-available
<altermann> hello, is the www-data user equivalent to apache in other distros?
<altermann> i was not able to find anything conclusive on google
<tonyyarusso> keithzg: just remove it, and it will get recreated with the correct parameters on next run of the script
<tonyyarusso> altermann: yes
<altermann> thank you
<keithzg> tonyyarusso: thanks!
<sarnold> tonyyarusso: excellent :) thanks
<rnbrady> Hi folks
<rnbrady> What is the canonical way to configure RAID post install on an Ubuntu server?
<keithzg> arghh I've added a second ethernet card to a server for the sake of an iscsi mount, and now it's insisting on using that interface for everything. How do I get it to only use an interface for a specific IP range, and use the other interface for all other traffic?
<sarnold> keithzg: I assume the iscsi endpoint is in the same netblock as all the other hosts?
#ubuntu-server 2012-11-20
<keithzg> sarnold: no, there's a separate, unmanaged network for the iscsi host and clients.
<keithzg> all the normal addresses are 10.1.x.x, and the iscsi ones are 10.0.x.x
<sarnold> keithzg: ah :) good, that should be far easier to do.
<sarnold> .. to the point of making me wonder why it doesn't just do that already?
<keithzg> ...yeah that's what's confusing me. Suddenly when I want to ping any host, for example, it's trying to ping from the unmanaged iscsi network.
<sarnold> keithzg: 'ip route list' will show you the routing table, perhaps all you need to do is move the 'default' route to a different gateway?
<keithzg> sarnold: yeah, that makes sense, right now it's showing "default via 10.0.0.1 dev br1  metric 100" and should be 10.1.etc dev br0
 * keithzg can't seem to find in the documentation for "ip route" how to change that
<lvmer> I've been reading a bunch of security tutorials, but what is the best way to shield my LAN ubuntu server from internet traffic / etc.
<sarnold> keithzg: that's the anoying thing; back in the day when you wrote all your own ifconfig and route commands fixin these things was easy. now you've got to find the right incantation in /etc/network/interfaces to get done what you want.
<lvmer> do I have to like go to a library with a laptop & nmap my server's IP address?
<sarnold> lvmer: step 1: netstat -anp   will show you what is open and which programs have those sockets open
<sarnold> lvmer: step 2: install ufw, it'll make configuring firewall really easy
<lvmer> sarnold: I have shorewall. Should I use ufw too?
<sarnold> lvmer: step 3: configure applications to only listen on interfaces you want them to -- sometimes you only want them to listen on 10.x or 192.168.x and sometimes you want them on *
<sarnold> lvmer: nah, one firewall thingy is enough.
<sarnold> ufw is just easy enough that people'll use it. :)
<sarnold> lvmer: I also like to make sure tha every program that listens on a network socket is confined by apparmor; the apparmor-utils package tool 'aa-unconfined' makes it easy to see which programs are listening but not confined.
<sarnold> keithzg: that almost sounds like incorrect network masks ..
<lvmer> sarnold:  aaaah all I've done with apparmor  is $ sudo apt-get install apparmor-profiles   lol
<keithzg> sarnold: could be, I'm fairly dumb in regards to those specifics; I have both interfaces set for netmask 255.255.0.0
<sarnold> keithzg: hrm. that sounds like it fits what you wanted in the first place. :/
<keithzg> sarnold: so I got it right? I guess this is one of those perverse debugging moments where finding out one *hasn't* made a mistake is disappointing!
<sarnold> keithzg: well, obviously osmething is slightly wrong somwhere :) you've got the wrong results. I'm surprised though that it sounds to me like you should be fine.
<keithzg> sarnold: yeah, it's quite the conundrum
<sarnold> keithzg: can you pastebin the whole interfaces file? It might be overkill to the right person, but I'm not sure what specificxally to ask for. :)
<keithzg> sarnold: http://pastebin.com/dagKBUEw
<keithzg> there's probably some weird interactions with whatever systems the historical sysadmin of this infrastructure has set up over the years
<sarnold> keithzg: okay, I know nothing of the bridge stuff :) SO, with that caveat out of the way, the 'broadcast' addresses look incorrect; they should probably be 10.1.255.255 and .... hrm.
<sarnold> keithzg: is the 10.1.* a hole punched out of the middle of the 10.* range?
<sarnold> .. or are there two ranges, 10.1.* and 10.0.* ?
<keithzg> sarnold: in *theory* it should be two ranges, 10.1.* and 10.0.*
<keithzg> I'm tempted to just change the iSCSI addresses all to an entirely different range, though, see what that accomplishes
<sarnold> keithzg: okay; then the 10.255.255.255 ought to change to 10.2.255.255, the 10.255.255.255 ought to change to 10.0.255.255, and I think you need to remove the 'gateway 10.0.0.1' line completely; two gateways configured in one file is probably just asking for trouble.
<keithzg> sarnold: yeah I actually commented out the second gateway line recently, but it didn't seem to make a change so I figured I'd just paste the file as it had been for longer.
<sarnold> hehe
<sarnold> good debugging instinct. :)
<shti> hi everyone. does anyone know what the maximum amount of IPv6 addresses I can allocate on one system are? is it limited by memory?
<sarnold> shti: as far as I know, limited by memory; thousands ought to be doable on nearly anything; I'm not too sure about millions, but one hopes you could find out overnight :)
<shti> i figured as much, thank you
<keithzg> sarnold: thanks! that, along with a few other pieces of fiddling with other things that were wrong or conflictingly configured, seems to have solved nearly everything. Now I just need to tackle the actual iSCSI part . . . gulp.
<sarnold> keithzg: woot! :)
<sarnold> good luck there. that thing seems _huge_...
<lvmer> sarnold: I don't think apparmor even runs on startup. But I didn't find anything 'unconfined.'  I only found 'enforce' and 'complain.'
<sarnold> lvmer: aa-status will give you details on what's running..
<lvmer> sarnold: ops. I made a mistake. sshd & apache2 are 'not confined'
<sarnold> yeah, confining sshd requires administrator decisions
<lvmer> sarnold: hum.
<sarnold> and apache2 is so wide open that it is nearly impossible to provide a pre-written profile for it.
<lvmer> sarnold: hum.
<lvmer> sarnold: I installed both my servers the same way, but I'm thinking now... I only want samba on (1) of them. & I'll keep the other with everything to just fool around
<lvmer> sarnold: should I just remove apache2? and php5?
<sarnold> lvmer: I would; I try to keep what's running on my systems to just the minimum
<lvmer> hey
<lvmer> for dpkg -l   how can I output it to a file? lol
<sarnold> lvmer: dpkg -l > filename
<lvmer> sarnold: omg the paste doc is 500 long
<sarnold> yes, there are a lot of packages on a standard system. :)
<lvmer> sarnold: I have no idea what to remove & what not do lol :/
<lvmer> sarnold: oooohhhh the horror: http://paste.kde.org/611126/
<lvmer> am I allowed to remove vim? as I really just stick to nano.
<lvmer> $ apt-get remove vim vim-common vim-runetime vim-tiny    ? xD
<sarnold> heh, funny, removing nano is the first thing I normally do. :)
<lvmer> sarnold: I kind of always understood programing, and setting up this server was frustrating, but it only took about a week.  And now.... seeing this list of 500 things long.... I litterally have no idea what they are. I feel like a teenage girl looking at the task manager processor list.
<sarnold> the names will grow on you -- before long they'll be old friends. :)
<lvmer> lol
<sarnold> the 'deborphan' tool can help you clean up packages you're not using any more
<sarnold> though it probably makes less sense on a brand-new install than one that's been running for a few years
<lvmer> sarnold: so install to uninstall? I like it. :)
<lvmer> bind9 bind9-host bind9utils  ??
<sarnold> lvmer: yes, that does seem strange :) "apt-get install deborphan ; deborphan" --> _fewer_ packages installed...
<sarnold> at least bind9-host is nice to have, you can run 'host foo' and get IPs, reverse lookups, MX entries, etc. awesome little tool.
<lvmer> I just don't want to mess up my samba on this bad boy
<lvmer> aaahh ok. good to know. I shall keep it then.
<lvmer> ftp?
<sarnold> sure, it's just the client program
<sarnold> and sometimes wget or curl are annoying compared to an interactive ftp client.
<lvmer> so many libs
<lvmer> wait so uninstall ftp? or keep?
<sarnold> keep ftp
<lvmer> I do have 2 servers & this one is pretty much only samba
<lvmer> ok
<sarnold> you may never use it :) but it's nice to have when you do need it
<lvmer> mysql ? xd?
<lvmer> easy way to type all those bad names?
<lvmer> mysql-client  .... client-core  common server... etc. lol
<sarnold> just apt-get remove mysql-common will probably get all the rest of them -- they'll need the -common package to satisfy dependencies.
<lvmer> oh... so that happens automatically?
<sarnold> it'll prompt :)
<lvmer> if I remove bind9  ... it says dnsutils & ubuntu-standard also remove
<lvmer> bad?
<lvmer> sarnold: look how much progress I've made:  http://paste.kde.org/611150/
<lvmer> sarnold: lol xD
<sarnold> lvmer: 'nsupdate' from 'dnsutils' might be very nice to hold on to.. I don't know if it is used by default, but it -might- be...
<lvmer> yah I held on to them
<lvmer> sarnold: I can't seem to remove apache2.2-common  is the file special?  it shows up as 'rc'
<sarnold> lvmer: woo. :) that's pretty good. run deborphan and see if there are any libraries you don't need any more... that's probably enough, though. my development workstation has 1807 packages installed. :)
<sarnold> lvmer: 'rc' means 'remove configured' -- the configuratoin files are still there, in case you re-install, but the package isn't currently installed
<sarnold> lvmer: you can use dpkg --purge or apt-get purge to _also_ remove the configuration files
<lvmer> oh how do I get rid of those?
<lvmer> ah
<lvmer> could I type sudo apt-get remove vim-*  ??
<sarnold> try it with 'vim-*' -- with the quotes
<sarnold> if there is something in your current working directory that matches vim-<something>, the shell will expand the * and not give the right results to apt-get
<lvmer> double or single?
<sarnold> either
<sarnold> (that tip goes for way more than just apt-get -- if you want to find all files ending with .orig, you should also use quotes here: find . -name '*.orig'   )
<lvmer> sarnold: :) k
<lvmer> installed deborphan
<lvmer> ah. -a
<lvmer> http://paste.kde.org/611180/
<lvmer> anything weird?
<sarnold> maybe mysql-client-core-5.5
<sarnold> if you don't care about mysql or mysql clients on this machine, you can remove that
<lvmer> sarnold: my computer is a dell 4500 from 2001... it is impossible for it to use wireless should I uninstall wireless stuff?
<lvmer> I did remove most mysql
<sarnold> lvmer: you could remove the wireless stuff if you want, but that might threaten to remove things you want to keep
<lvmer> ah
<sarnold> how much memory is in this system? if four gigabytes of RAM or less, you can probably also ditch the linux-generic-pae kernel
<lvmer> 1gb lol...
<lvmer> if that
<ScottK> sarnold: For recent releases it's all PAE
<lvmer> I'll check
<sarnold> ScottK: oh??
<sarnold> lvmer: don't touch linux-generic-pae :)
<sarnold> ScottK: thanks :D
<ScottK> amd64 has been all PAE for awhile and i386 as of 12.10.
<lvmer> sarnold: I actually surprisingly have 2gb.... wow.
<sarnold> ooh
<sarnold> speed demon from 2001 :)
<lvmer> Now that I think about it... I think I threw away the 2 computers from 2000 & 2001... this bad boy might be an 03 xD
<sarnold> makes sense to drop plain old x86 kernels. they're definitely the minority these days and the pae kernels probably boot pre-pae machines just fine.
<lvmer> what is whoopsie and getty?
<lvmer> gam_server? winbindd?
<sarnold> lvmer: whoopsie handles the "this program has crashed, send a report?" crash reporting service; getty provides the login: prompt on your consoles.
<lvmer> sarnold: um.... I have a lot of 'getty -8 38400 tty'
<lvmer> sarnold: in 'htop'
<sarnold> lvmer: probably seven? :)
<sarnold> .. or six?
<lvmer> sarnold: .... lol
<lvmer> sarnold: ok you win
<sarnold> one for each virtual console, alt+f1, alt+f2, alt+f3, .. , alt+f6
<sarnold> X runs on alt+f7
<lvmer> sarnold: o
<lvmer> sarnold: never used alt+ any f
<sarnold> you probably have to use control+alt+f1 to swap to the virtual consoles from within x
<lvmer> sarnold: I'm on putty too btw.
<lvmer> landscape-common ?
<sarnold> landscape.ubuntu.com -- a management framework
<lvmer> The following packages will be REMOVED:
<lvmer>   crda* linux-generic-pae* linux-image-3.2.0-29-generic-pae* linux-image-3.2.0-33-generic-pae*
<lvmer>   linux-image-generic-pae* wireless-regdb* wireless-tools*
<lvmer> good or bad? lol
<sarnold> bad :)
 * ScottK has a computer from 2001 running precise.
<lvmer> scottk: lol how you do that?
<sarnold> ScottK: you haven't replaced it with a pandaboard? :)
<lvmer> sarnold: oooo bad? dang. lol
 * ScottK doesn't usually replace working hardware.
<ScottK> Also it's my test server.
<lvmer> ........ lol
<lvmer> I must know how to ***
<lvmer> lol
<lvmer> * test
<lvmer> lol
 * ScottK also has one from 1999/2000 running Hardy (it missed the ACPI cutoff date in the BIOS, so that's the latest it can run) doing file storage.
 * lvmer test
<lvmer> lmao
<sarnold> ScottK: yeah, I can definitely understand that urge. but man, a few watts, no heat, no fan... granted, storage speed on panda is s s l l o o w w
<lvmer> test
<sarnold> lvmer: /me test
<sarnold> oh I see you already found it
<lvmer> sarnold I know I did it up there xD
<lvmer> sarnold: what is umode?
<ScottK> They help keep the basement warm.
<sarnold> lvmer: time to learn a new tool :) "apt-cache show umode"
<lvmer> ? lol
<sarnold> ScottK: hehe
<lvmer> unknown command
<sarnold> ohhh, umode, that must be from your irc client -- user modes
<sarnold> lvmer: still, it's time ot learn a new command :) try "apt-cache show ureadahead"
<lvmer> no way
<lvmer> I'm not cache'ing anything
<lvmer> lol
<lvmer> what does it do?
 * lvmer lvmer is not so gullible
<sarnold> lvmer: apt-cache will show you data from the packages visible to apt-get
<lvmer> oh lol
<sarnold> apt-cache search and apt-cache show are two immensely useful little commands on debian / ubuntu systems
 * lvmer has just realized
<lvmer> ok I'm going to stop that before I get banned. lol. I appriciate it. I'm checking it out.  btw: I couldn't find 'umode' lolz :p
<sarnold> lvmer: about umodes: http://freenode.net/using_the_network.shtml
<lvmer> sarnold: yup. :) thanks again. :)
<sarnold> 'night lvmer :)
<lvmer> sarnold: good night
<lvmer> I have no swap space.... is this bad? I'm running lvm2. & I just noticed in htop: swp 0/0MB
<greppy> lvmer: how much RAM do you have?
<lvmer> greppy: 2GB.... I sware I thought I had swap when I installed. I don't see it anymore though... in df -h or fstab or htop.
<ScottK> Depends on what you're doing with the box.
<qman__> it's only bad if you require more memory to perform the tasks you're attempting
<ranjan> Hi all, is there an  official channel for Ubuntu Cloud?
<ranjan> have some doubt related to Ubuntu Cloud Live CD
<lifeless> ranjan: here is fine to ask
<Kartagis> can you help me with roundcube? #roundcube is kind of dead
<ranjan> lifeless, how can i use nova-volume in ubuntu cloud live?
<blkperl> Kartagis: what kind of help?
<Kartagis> blkperl: I'm getting "Make sure that the configured database exists and that the user has write privileges DSN: " but the database is there
<rbasak> ScottK: what do you think of https://bugs.launchpad.net/ubuntu/+source/postfix/+bug/1027061/comments/14 ?
<uvirtbot> Launchpad bug 1027061 in postfix "Postfix upgrade to 2.9.3-2~12.04.1 changes configuration files" [Wishlist,Invalid]
<blkperl> Kartagis: what do the database logs say? do they show failed connection attempts
<Kartagis> blkperl: nothing in roundcube logs. do you mean imap server logs?
<blkperl> Kartagis: what database are you using? mysql, postgres?
<blkperl> sqlite?
<Kartagis> mysql
<blkperl> go look at those logs
<blkperl> also check that the user has write privs in mysql
<Kartagis> create database db;grant all on db.* to user@localhost identified by 'pass'; <--- this was my line
<blkperl> can you connect to the database from the roundcube server?
<Kartagis> yes
<Kartagis> I've also imported the databasr schema. that must mean I have at least INSERT access, no?
<stiv2k> hi
<stiv2k> how can i see which program on my server is causing 2.79 load average.... but cpu usage is low
<Kartagis> htop
<stiv2k> why htop
<stiv2k> over regular top
<Kartagis> it is more detailed
<stiv2k> oh
<stiv2k> well
<stiv2k> transmission daemon is using like 10% cpu and 11% mem
<stiv2k> its the most active process i have... yet my load average is very high
<freakynl> Hi, I'm using automatic updates on some servers. Now it mails me that a reboot is required, but only the make package has been updated. I'm not used to linux requiring reboots for anything but kernel (services are usually just restarted when updated). This however is neither a service nor a kernel and make isn't actively used either :/
<vezq> check are you running the latest kernel
<vezq> uname -a and compare to files in /boot
<freakynl> vezq: heh thx, my spamfilter ate that e-mail :/
<freakynl> it was consistent tho', it ate all of the auto update messages from that day. Must not like some package
<Cuacrzz> Does anyone know how to change metric settings on my l2tp vpn settings like that checkbox on Windows, because i'm connected and it works but all pages are blocked right know
<nopz> When one rsync a directory to another, does it just send the changed bytes or the whole file is transfered for each modification ?
<qman__> changes only
<qman__> well, there's some caveats to that
<qman__> but yes, it only transfers changed bytes by default
<nopz> cool thank you
<Cuacrzz> Does anyone know how to change metric settings on my l2tp vpn settings like that checkbox on Windows, because i'm connected and it works but all pages are blocked right know
<nopz> Regarding inotify, if i lookup a folder by registering to its events, does it watch automatically every child folders in it ?
<Kartagis> qman__: how about if there are some deleted files from source?
<RoyK> nopz: from the manual:  Inotify monitoring of directories is not recursive: to monitor subdirectories under a directory, additional watches must be created.
<nopz> Ho thank you RoyK, do you have a link pointing to that?
<nopz> Ok it's at the bottom of the man page
<ScottK> rbasak: I think the package is designed to use debconf and since they didn't, they are on their own.  That said, I think it would be a useful improvement.
<rbasak> ScottK: I think puppet is probably doing DEBIAN_FRONTEND=noninteractive apt-get install postfix, and then the postinst is clobbering main.cf
<rbasak> ScottK: is that your understanding when you say they're on their own?
<rbasak> (I haven't verified this though)
<rbasak> ScottK: need to go offline but I'll check the logs to see if you've responded.
<lamont> ScottK: I decided to add a comment there. (1027061)
<ScottK> lamont: Thanks.
<caribou> quick question : what is the best way to upgrade the kernel in an Openstack/canonistack instance ?
<caribou> without using a different cloud image, just need to test a new kernel
<Akendo> hi
<Akendo> Hey jamespage, My Cinder + Ceph is working. But without authentication
<jamespage> Akendo, libvirt uuid still proving problematic?
<Akendo> Just a question out of my mind, can it be that you have to create a extra client instead of using client.admin for this?
<Akendo> Yes
<Akendo> I'll solve it late, I just wanted to ensure that the connection is working.
<jamespage> Akendo, I do that yes; client.admin is like 'root' whereas cinder only needs access to pools/rbd's
<Akendo> But shouldn't it be possible to use this "root" for everthing in the beginning? This is justa proof of concept for me, it shound't have to much complexbility
<jamespage> Akendo, what rbd_user did you specify?
<Akendo> For now admin
<Akendo> But late I think it will be one use per tenant
<Akendo> So that this tenant have it's own access credentails
<jamespage> Akendo, I think thats right
<Akendo> First I have to get a feeling for Ceph with OpenStack ;-)
<Akendo> One Question, that keeps going torugh my mind is: How does the single pool per tenant will behavior with this placement groups? It's a "hard" limit for my Pool?
<pmatulis> hallyn: hey.  looks like bug #1057024 is still not done.  i just posted
<uvirtbot> Launchpad bug 1057024 in qemu-kvm "kvm kernel module always loaded, without setting /dev/kvm permissions" [High,In progress] https://launchpad.net/bugs/1057024
<zul> jamespage: ping
<jamespage> zul, pong
<zul> jamespage: fyi the quantum proxy ip stuff got merged into the stable/folsom tree
<jamespage> zul, yeah - I've been watching gerrit mp's
<jamespage> w00t!
<zul> jamespage:  ok cool
<jamespage> zul, thanks for pushing on that btw
<jamespage> Akendo, not sure single pool per tenant makes sense?
<zul> jamespage: no worries all a part of the days work..
<Akendo> Why not?
<jamespage> Akendo, well the pool in ceph is completely abstracted from the users of Openstack
<Akendo> Sure
<jamespage> Akendo, and you can only configure it once in cinder, and not on a per tenant basis
<Akendo> Ah
<Akendo> Really?
<Akendo> hm...
<Akendo> That indeed a problem then I didn't think of yet
<hallyn> pmatulis: the p11-kit thing is separate and was supposed to be fixed long ago.  but yes, there is also the new bug 1080912 i'm trying to reproduce right now
<uvirtbot> Launchpad bug 1080912 in qemu-kvm "package qemu-kvm 1.0+noroms-0ubuntu14.4 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [High,New] https://launchpad.net/bugs/1080912
<hallyn> slangasek had wanted me to change the fix for that bug, and the new way doesn't seem to be as robust as doing it by hand
<hallyn> pmatulis: do you still have access to that box?
<hallyn> well lemme see how my box does after a 11.10->12.04 upgrade
<pmatulis> hallyn: indeed i do
<hallyn> pmatulis: great - what does /dev/kvm look like?  (ls -l and getfacl)
<pmatulis> hallyn: not good at all i'm afraid
<pmatulis> sudo ls -l /dev/kvm
<pmatulis> ls: cannot access /dev/kvm: No such file or directory
<Akendo> pmatulis,  modprobe kvm is working?
<pmatulis> Akendo: yes it does, that looks like the beginning of a workaround
<Akendo> What is lsmod |grep kvm displaying?
<pmatulis> Akendo, hallyn: indeed, after loading the module i can start my guests
<hallyn> pmatulis: do you ahve the ugprade logs?  did 'start qemu-kvm' fail?
<Akendo> ;-)
<hallyn> bc that should have loaded the module
<pmatulis> hallyn: let me take a look for the logs
<pmatulis> hallyn: note that i rebooted twice.  once after the upgrade, and once again after upgrading qemu-kvm
<pmatulis> (-proposed)
<hallyn> hm.
<hallyn> so it wasn't loaded at all after reboot.  that's bad.  and weird
<pmatulis> hallyn: agreed
<pmatulis> hallyn: i'll update the bug
<hallyn> pmatulis: to be sure, did all work well under oneiric on that box?
<ninjix> anyone running a 12.04 based OpenStack with Quantum + Open vSwitch?
<Akendo> That can happend from time to time, then you should add kvm to the /etc/modules.conf
<Akendo> Can you past me via pastbin the dmesg output?
<pmatulis> hallyn: yes, all worked very well on 11.10
<Akendo> ah
<Akendo> btw: /etc/modules for Ubuntu
<fleish> can someone help me translate this EDAC info into a which DIMM is actually reporting errors? EDAC MC1: CE row 1, channel 0, label "CPU#1Channel#0_DIMM#1": Corrected error (Socket=1 channel=0 dimm=1) ... my manual/board labels the  DIMMs P1_DIMM{1,2,3}{A,B,C} & P0_DIMM{1,2,3}{A,B,C}
<hallyn> pmatulis: odd, my test box had /dev/kvm just fine :(
<hallyn> pmatulis: i  suspect yours deserves a new bug
<pmatulis> wonderful
<Akendo> jamespage, Do you know of any bug in glance that can't list the uploaded image to ceph?
<ninjix> I see there are what look like tokens in the Ubuntu Openstack supplied configuration files. Things like %SERVER_USER%. Most of the tutorials call for you to replace these but is there a better Canonical way for configuring the services?
<Akendo> Hey ninjix
<Akendo> Checkout the nimbis-keystone-init on github
<ninjix> Akendo: hi
<Akendo> Maybe not whay you mean, but it can help you to setup all important stuff  for you
<Akendo> Then your using a tenant called service
<Akendo> I hope this can you help
<ninjix> thanks. I've been holding off with the helper scripts while I familiarize with the Folsom release
<Akendo> Great ;-)
<ninjix> then wants I understand how to better use Quantum and Open vSwitch, I'm going to look into a MaaS+Juju rollout
<ninjix> wants ?? -> once :)
<ninjix> Akendo: are you running Openstack?
<jamespage> Akendo, not that I know of - I have not seen that issue
<jamespage> Akendo, just out of interest can you see it with nova image-list ?
<ninjix> Akendo: sorry, better question is are you running it in production?
<tonyyarusso> I'm getting millions of lines like this in my syslog:  "Nov 20 10:30:14 ntop ntop[1180]:   **WARNING** Packet # 37334012 too long (len = 2546)!"  What's that mean?
<lvmer> I've got a LAN server with just samba on it. Is there a good way to maximize the computer solely for samba? aka: like dedicate lots of ram to caching files that are typically requested, etc.
<rbasak> That'll happen automatically for you
<lvmer> rbasak: really?
<rbasak> The kernel uses available memory to cache what it can
<lvmer> in [global] I setup: socket options = TCP_NODELAY IPTOS_LOWDELAY SO_RCVBUF=65536 SO_SNDBUF=65536
<lvmer> I was thinking about doubling it to 131k or so
<lvmer> rbasak cause right now my server is only using 62mb of ram.... lolzzzzzzz
<lvmer> ops I thought I was in the samba channel. -_-
<lvmer> sshd is 'not confined' by apparmor, how shall I change this?
<hallyn> gah
<hallyn> bad changelog
<jdstrand> lvmer: that is acually a particularly challenging application to confine because it is designed to spawn shells
<jdstrand> lvmer: I recommend looking at http://wiki.apparmor.net/index.php/Pam_apparmor_example
<jdstrand> lvmer: you might also want to join #apparmor on OFTC and discuss it there
<lvmer> jdstrand: ah. :/  yes I did #apparmor.  I was guessing it would be easy with only 1  sshd allowable computer / ip.
<lvmer> jdstrand: ty for the starting place. I am looking through it now.
<jdstrand> lvmer: the experts in #apparmor usually don't come online until around now
<RoyK> lvmer: it's little point adding IPTOS... and the SO_ stuff - the default values are ok
<RoyK> lvmer: that is, unless you're on a 10Gbps network and really want full throughput, all the default values should be ok. It'll be either your network or the I/O on the server being the bottleneck
<lvmer> royk: yup you seem right on that. noticed no difference.
<lvmer> royk: definitely server I/O
<lvmer> royk: 12 year old computer ftw... lolz.
<RoyK> lvmer: what sort of disksystem?
<RoyK> single IDE drive? ;)
<lvmer> royk: IDE lol
<lvmer> royk: 3 stripe raid
<RoyK> raid-5?
<lvmer> royk: but the dell motherboard is attrocious
<lvmer> royk: raid 0
<lvmer> royk: lol trust me, it doesn't help much with the bus speed of this Dell.
<RoyK> raid-0 is a bit like BASE jumping with an umbrella...
<lvmer> royk:  all information has 2 other separate backups & is non-essential. I know the risks.
 * RoyK uses RAID-6 for most stuff these days
<lvmer> royk: I'm actually hoping these hd's fail so I can buy a $300 computer this christmas
<RoyK> well, obviously, if you handle the downtime and restore, no problem
<lvmer> royk: lol that will def. be the hard part.
 * RoyK wants uptime... http://xkcd.com/705/
<lvmer> royK: but the server is only 1 week old.... & I've re-installed 2x already from stupid mistakes. so I don't think it'll take more than 1 day.
<lvmer> royk: trying to configure rsync for configs, but right now I just copy/paste them to NAS
<RoyK> if you can do with the space on two drives, use raid-5 and change later or add more drives later
<RoyK> that is, if you have a NAS, why do you want a fileserver?
<lvmer> royk: ide drives? no freaking way
<lvmer> royk: cause it's a windows temp. nas lol
<lvmer> royk: and it sucks
<lvmer> royk: also this was mostly just supposed to be a fun project to get my feet wet.... into linux which is clearly much faster.
<RoyK> you can get a mobo + cpu + memory for almost nothing, probably $150 will go a long way
<lvmer> royk: ok last question.... here I'm done explaining my logic lol. idc if it is flawed.
<RoyK> or at least $200
<lvmer> royk: yes... that is why I est. $300....
<lvmer> royk: 3TB HD... xD
<lvmer> royk: which will be sata
<RoyK> lvmer: install sysstat and start it, and it'll collect performance data for you
<RoyK> or perhaps munin
<lvmer> royk: why?
<RoyK> you'll see quickly where the bottleneck is
<lvmer> royk: k
<RoyK> sysstat / sar is basically terminal stuff, munin makes nice graphs
<lvmer> royk: ok how do I use this? never used sysstat
<lvmer> nvm I got a tut
<RoyK> apt-get install sysstat - vi /etc/default/sysstat - enable it - /etc/init.d/sysstat start
<RoyK> run 'sar'
<RoyK> !uupdate
<lvmer> royk: ?
<RoyK> just tried to ask the bot about uupdate
<lvmer> o
<lvmer> !uupdate
<RoyK> !mail server
<ubottu> Ubuntu supports the Simple Mail Transfer Protocol (SMTP) and provides mail server software of many kinds. You can install a basic email handling configuration with the "Mail server" task during installation, or with the "tasksel" command. See also https://help.ubuntu.com/community/MailServer and https://help.ubuntu.com/12.04/serverguide/C/email-services.html
<lvmer> royk: ok I ran sar.... I don't get it
<lvmer> royk: shows cpu
<lvmer> royk: that's it.
<lvmer> royk: and a restart
<RoyK> no need to restart
<RoyK> and man sar
<RoyK> it'll show a lot more
<RoyK> sar 1 12
<RoyK> and it'll check status every second for 12 seconds
<RoyK> what you get in the %iowait column is the time the system spends waiting for i/o, eg slow drives
<lvmer> should it be  sar -i 12
<RoyK> just 'sar <secs> <number of polls>' will do
<RoyK> like
<RoyK> http://paste.ubuntu.com/1372914/
<RoyK> this system is running a crashplan backup where the client spends a lot of cpu time and waits for i/o a bit
<lvmer> http://paste.kde.org/611492/
<RoyK> guess this wasn't during a copy?
<RoyK> your system's mostly idle
<lvmer> royk: this lan is small & barely gets accessed
<RoyK> start a large copy operation and try again
<lvmer> royk: if I did a copy the disk I/o bottle neck would be obvious...
<lvmer> royk: k
<RoyK> also, you can use
<RoyK> !pastebinit
<ubottu> pastebinit is the command-line equivalent of !pastebin - Command output, or other text can be redirected to pastebinit, which then reports an URL containing the output - To use pastebinit, install the Â« pastebinit Â» package from a package manager - Simple usage: command | pastebinit -b http://paste.ubuntu.com
<lvmer> royk: ah that is helpful.
<lvmer> royk: wait I blocked all 80 ports... only 137, 139, & 445 work. xD
<RoyK> also outgoing?
<RoyK> if you just used ufw to only allow those ports, all outgoing access should work
<lvmer> shorewall
<lvmer> ufw sucks
<RoyK> well, ufw works
<lvmer> http://paste.kde.org/611498/
<lvmer> royk: outgoing works now. I shall use that command it is grand.
<lvmer> 12:36:52 PM Â  Â  all Â  Â  Â 0.00 Â  Â  Â 0.00 Â  Â  Â 0.00 Â  Â 100.00 Â  Â  Â 0.00 Â  Â  Â 0.00
<lvmer> 100 I/o wait
<RoyK> system isn't under heavy load...
<lvmer> royk: nope not at all
<RoyK> well, you get such hichups from time to time
<lvmer> royk: it only runs smbd
<RoyK> you may want to check your drives with smartctl
<lvmer> royk: uninstalled nearly everything except shorewall, denyhosts, fail2ban, etc.
<lvmer> royk: are you trolling me?
<RoyK> no
<RoyK> old drives have a tendency to fail
<lvmer> royk: ..... I already know my hd's are bad
<lvmer> royk: they are 12 year old IDE HDDs.... lol
<RoyK> and smartctl asks the drives if they have known errors
<RoyK> if they have, they'll slow things down
<RoyK> old drives != bad drives
<lvmer> smartctl notfound
<lvmer> john@UBUNTUSERVER2:~$ sudo apt-get install smartctl
<lvmer> Reading package lists... Done
<lvmer> Building dependency tree
<lvmer> Reading state information... Done
<lvmer> E: Unable to locate package smartctl
<lvmer> john@UBUNTUSERVER2:~$
<RoyK> apt-get install smartmontools
<lvmer> is libsensors4 important?
<RoyK> lvmer: don't remember the dependencies or smartmontools, but another set of libraries won't hurt
<lvmer> john@UBUNTUSERVER2:~$ smartctl --scan
<lvmer> /dev/sda -d scsi # /dev/sda, SCSI device
<lvmer> /dev/sdb -d scsi # /dev/sdb, SCSI device
<lvmer> /dev/sdc -d scsi # /dev/sdc, SCSI device
<lvmer> what next?
<RoyK> smartctl -H ...
<lvmer> meh.
<RoyK> or smartctl -t short /dev/blah to start a short test or -t long to start a long test
<lvmer> permission denied
<RoyK> -t long shouldn't be needed very often, but if you haven't run any tests yet, it might be worth it
<lvmer> oh ops.. sudo lol
<lvmer> no fails, but errors :/
<RoyK> pastebin?
<lvmer> http://paste.ubuntu.com/1372945/
<lvmer> what do you think?
<RoyK> I think the drive has bad sectors
<RoyK> dmesg will probably give you some error messages
<RoyK> I/O sort of thing
<lvmer> .... too manyz
<lvmer> http://paste.ubuntu.com/1372956/
<RoyK> nothing there about I/O errors
<lvmer> ah good
<lvmer> yah I couldn't see until I checked the url
<lvmer> too squished
<RoyK> bunch of apparmor messages, but no I/O stuff
<lvmer> still thinking bad sectors?
<lvmer> or what?
<RoyK> snartctk says si
<RoyK> so
<RoyK> ops
<RoyK> smartctl says so
<RoyK> # 1  Short offline       Completed: read failure       90%     25545         6298162
<lvmer> :/
<RoyK> try -H on the other drives
<lvmer> fix attempt worth it?
<RoyK> you can't fix sectors
<lvmer> http://paste.ubuntu.com/1372961/
<RoyK> what you can do, is use redundancy to avoid data loss
<RoyK> seems you've started a long test on that one and it's still running
<RoyK> Total time to complete Offline
<RoyK> data collection: 		(  430) seconds.
<lvmer> possibly a long time ago
<lvmer> before installing ubuntu
<RoyK> you can stop the test and run a short test
<RoyK> or just try to initiate a short test
<RoyK> might do it
<RoyK> lvmer: really, finding a 120GB drive unused somewhere shouldn't be much of a problem, I guess people are throwing those away regularly these days.... better get a new one (or three), convert to raid-5 and sleep well at night
<RoyK> or even better, get a new box and setup raid-5 on sata drives from the start
<lvmer> ...................................... the information stored here is superfluous. I'm done this troll storm.
<RoyK> ?
<RoyK> troll storm???
<lvmer> I told you from the start the information stored on the hdd's is redundant and useless.... why would I care if they fail?
<RoyK> well, ok, just saying that at least one of your drives are dying
<lvmer> eta?
<RoyK> and it's less hassle to just use raid-5 in the first place to avoid recreating everything
<RoyK> ETA is not possible for drives
<RoyK> sometimes they die without notice
<RoyK> sometimes they give you a warning with S.M.A.R.T.
<RoyK> that warning usually means something is bad, but the drive may live another month or even a year after that
<lvmer> have you ever rebuilt a raid 5 array? the build time is ridiculous
<lvmer> I'd rather use 1
<RoyK> no, it's ok
<RoyK> I've rebuilt RAIDs of all known levels ;)
<lvmer> how long did the 5 take  / size?
<RoyK> for a 5x2TB RAID, about a day, perhaps a bit more
<RoyK> far less than restoring the lot
<lvmer> definitely more
<RoyK> with 120GB drives, a few hours
<lvmer> lucky you had 5x drives though
<lvmer> imagine 10tb with 3 drives
<lvmer> you'd be building forever
<RoyK> I wouldn't use RAID-5 with such amounts of data
<RoyK> I'd use RAID-6 so that it can take a second failure during rebuild
<lvmer> 5x2tb = 10tb............. * .8 = 8tb....
<lvmer> your not far off
<RoyK> currently 6 drives in RAID-6 in my home server ;)
<lvmer> that's a good setup
<RoyK> plus a spare
<lvmer> hard with without a raid controller though?
<lvmer> what mb?
<RoyK> just linux md
<RoyK> software raid
<RoyK> some cheap - sec
<RoyK> ASrock M3A UCC
<RoyK> with some PCIex SATA controllers I got off ebay cheaply
<RoyK> I've been working with storage long enough not to trust 'hardware raid' more than what can be done in software
<RoyK> it's software after all, even the 'hardware raid', the only difference is it's running on another chip
<RoyK> usually with less cpu power and with a narrow memory bus, meaning usually slower
<RoyK> I'd guess 90% of enterprise storage have 'software raid', only they hide it
<lvmer> good to know
<RoyK> A Dell EqualLogic controller take up to a minute to reboot - that's not hardware - it's its OS booting
<RoyK> and probably linux at the base, since Dell uses linux for most stuff these days
<RoyK> lvmer: even if you can restore quickly, using RAID-5 for this setup can probably teach you a few things about storage ;)
<SpaceBass> I'm trying to do an apt-get upgrade and keep getting an error that the MD hash for base-files is invalid â¦ or smiler, will paste binâ¦ this is the 3rd time this has happened and always results in needing a fresh install.
<SpaceBass> error: http://pastebin.ca/2253510
<sarnold> SpaceBass: check dmesg. I expect your hard drive is dying.
<SpaceBass> sarnold, thought that was the problem the first two times, so I've replaced it each time. This is new, fresh SSD (as were the others)
<sarnold> SpaceBass: oohhhhhhhhh.
<SpaceBass> although perhaps you are right sarnold, the drive doesn't look heathy http://pastebin.ca/2253514
<sarnold> SpaceBass: can you test the drive in a different machine or usb enclosure or something?
<SpaceBass> sarnold, in theory, but since this is the 3rd error on the same box, all with SSDs (different make/models), I'm not more suspicious of the motherboard or controller
<sarnold> SpaceBass: yes, I suspect your motherboard or controller are the problem instead of the harddrive, but putting the drive into something else may be easier than putting a new motherboard in :)
<SpaceBass> which sucksâ¦ b/c I'm starting to loath this kind of hardware supportâ¦. might be time to replace with a mac mini (data is on external raid anyway)
<SpaceBass> putting the ultimate solution aside, any tips on resurrecting this install and getting apt-get upgrade functioning?
<sarnold> SpaceBass: agreed, I spent a few weeks trying to track down data corruption problems and eventually found MCE events :/ horrible few weeks...
<SpaceBass> sarnold, there was a time I like that kind of troubleshootingâ¦.but I'm with you, horrible
<sarnold> _maybe_ you can fiddle wit hthe BIOS and change the way it uses the sata ports; change from 'legacy' to 'ahci' or the other way around.
<SpaceBass> sarnold, good idea, I'll test
<SpaceBass> it's on ahci now, I'll try legacy
<SpaceBass> (when i get home tonight, using SSH into that box  currently)
<RoyK> SpaceBass: a friend of mine had two SSDs dying on her rather rapidly, the third still works after half a year...
<RoyK> SpaceBass: try smartctl -H
<RoyK> check if the drive think it's bad
<SpaceBass> command not found :(
<RoyK> apt-get install smartmontools
<SpaceBass> can'tâ¦ apt-get fails
<SpaceBass> looks like another fresh install in my futureâ¦ not the end of the world, but not happy about it
<RoyK> SpaceBass: never good to see a drive failing - that's why I mirror things or use RAID-6 ;)
<koolhead17> thanks for all! happy appreciation day :)
<koolhead17> *2
#ubuntu-server 2012-11-21
<ruben231> hi guys i have Temporary failure resolving âgb.archive.ubuntu.comâ <-----------on my ubuntu server 12.04 LTS- any idea please
<sarnold> hrm, from two hosts I have easy access to, I get six ipv4 addresses and one ipv6 address..
<ruben231> hi guys where do i configure
<ruben231> the nameserver for 12.04 LTS..?
<sarnold> ruben231: /etc/resolv.conf or the resolvconf stuff if you're using resolvconf...
<ruben231> sarnold: i see resolvconf and under resolv.conf.d and i edit base but when done it still empty and tried apt-get update i get temporarly failure
<ruben231> sarnold:..? any idea please
<sarnold> ruben231: you probably have to kick off a run of resolvconf to get it to propagate those changes to /etc/resolv.conf -- i'd just manually add those to /etc/resolv.conf too
<ruben231> sarnold: resolv.conf - says------------------> # Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8)#     DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN
<sarnold> yeah, well, you made the chances to resolvconf to ensure that it'll be overwritten with the right data when that eventually happens
<ruben231> so i cannot edit from there
<sarnold> in the meantime you might as well fix the problem directly. :)
<lvmer> Does someone have an example file: $ /etc/pastebin.d  ? I'd like to change a few default settings like author / website / etc. & it appears I can do it in the global file, but I'd like to know the /etc/ file.
<lvmer> /etc/pastebinit.d   **
<lvmer> nvm it appears to be like html code
<hilarie> Okay, could someone point me in the right direction? I setup 12.10 server, have eth0 as external, eth1 as internal, installed webmin. managed to get squid going, which is how I was able to get here... I can ping eth0 eth1, and the modem from my netbook, but not an outside ip address
<hilarie> I can't figure out how to make it a gateway
<hilarie> Any idea where to look?
<qman__> !webmin
<ubottu> webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system.
<ScottK> qman__: It's not a webmin question.
<jotterbot1234> Hey guys, can someone look at my error I posted on server fault?
<jotterbot1234> http://serverfault.com/questions/450718/ubuntu-12-04-server-eth0-1gbps-nic-eth1-10gbps-nic-all-traffic-using-eth0
<qman__> ScottK, doesn't make it any less relevant or true
<ScottK> qman__: It's completely orthogonal to the question.
<pmatulis> hilarie: what address are you trying to ping?
<hilarie> 8.8.8.8
<hilarie> I found a tutorial
<hilarie> http://www.howtoforge.com/nat_iptables
<qman__> that tutorial does not apply to ubuntu
<qman__> it's redhat-based
<qman__> at least, the configs at the top
<qman__> and from the comments it's apparently very bad, I only skimmed it
<fleish> jotterbot1234: why are you trying to put 2 addresses on the same subnet split across 2 physical interfaces? I can't imagine that's going to work
<qman__> yeah, that's not going to work
<qman__> you need to bridge or bond instead
<fleish> can someone help me translate this EDAC info into a which DIMM is actually reporting errors? EDAC MC1: CE row 1, channel 0, label "CPU#1Channel#0_DIMM#1": Corrected error (Socket=1 channel=0 dimm=1) ... my manual/board labels the  DIMMs P1_DIMM{1,2,3}{A,B,C} & P0_DIMM{1,2,3}{A,B,C}
<bearly230> Hey all, looking for a good walk through for turning 12.04 lts server into an Internet router. Any suggestions?
<patdk-lap> heh?
<patdk-lap> install bare minimal install
<patdk-lap> install quagga
<patdk-lap> done
<patdk-lap> maybe install the bridge/vlan packages?
<lvmer> dns too?
<patdk-lap> he said router
<patdk-lap> router != dns
<lvmer> yah probably not worth it to cache stuff
<patdk-lap> heh?
<patdk-lap> a router shouldn't cache anything
<patdk-lap> it routes ip level traffic :)
<lvmer> I'm not talking about the router :/
<patdk-lap> or do you mean one of them home router/firewall/accesspoint devices?
<bearly230> Home router local dns etc
<lvmer> ty for clarifying I didn't feel like explaining it lol
<alex88> hi guys, I need the libtiff5 package in ubuntu 12.04
<alex88> is that available somewhere?
<Kartagis> apt-get install libtiff5
<b0ot> can someone recommend what they feel is the best distributed chat program with great clustering ability?
<jMCg> IRC?
<stgraber> jjohansen: hey, can you take a look at the last comment on bug 969299?
<uvirtbot> Launchpad bug 969299 in apparmor "apparmor prevents dpkg-divert and localedef from working in a container" [Undecided,Confirmed] https://launchpad.net/bugs/969299
<stgraber> hallyn: ^
<Daviey> jamespage: do you have views on rsyslog from experimental ?
<jamespage> Daviey, I think if we want it do it now
<jamespage> sounds like it could be quite wide impacting in terms of change
<jamespage> Daviey, and I think its probably a good idea - sounds like it has some nice new features...
<Daviey> jamespage: 5.x -> 7.x
<koolhead17> hola zul
<jamespage> Daviey, yep
<hallyn> stgraber: drat
<zul> koolhead17: hi
<koolhead17> zul: how have you been sir?
<zul> koolhead17: busy you?
<koolhead17> zul: same this side sir!!
<roaksoax> haha :)
 * koolhead17 gives hi5 to  roaksoax 
 * koolhead17 wondering if smoser `s work on zulfan site is still on
<roaksoax> koolhead17: o/
<alex88> koolhead17, oh, same here? :)
<alex88> btw, is normal that using md + high I/O creates an high load?
<hallyn> stgraber: but why is localdef running under lxc-start profile, not container profile?
<stgraber> hallyn: no idea :)
<koolhead17> alex88: :)
<hallyn> hm, no utlemming :(
<hggdh> rbasak: there? Question on armadaxp
<rbasak> hggdh: go ahead
<hggdh> rbasak: I am trying to automate installations on the armada, and found that I have to pre-set some env variables, and call pxe manually. This sort of breaks automation
<rbasak> hggdh: we have an expect script that does it
<hggdh> rbasak: ah
<hggdh> rbasak: can I have it also?
<rbasak> hggdh: pandakit supports arbitrary expect scripts :)
<hggdh> rbasak: so I could get it installed on magners, and use it?
<rbasak> hggdh: http://bazaar.launchpad.net/~racb/junk/pandakit/view/head:/armadaxp.expect
<bitfury_> hello, I compiled OpenSSL from source but would like to remove it now. I still have the source directory but when I try 'make uninstall' it gives me *** No rule to make target `uninstall'.  Stop.
<hggdh> rbasak: yeah. Do you have a package for PK?
<eagles0513875> hey guys does anyone have any good documentation to setup postfix + dovecot on a server for multiple domains?
<rbasak> hggdh: you should be able to build one out of that junk directory. There's a debian/ directory in there already.
<rbasak> hggdh: it does depend on cobbler still though. I never spent the time to remove that dependency. So it should probably go on a separate machine so that pandakit can own the cobbler installation.
<hggdh> rbasak: OK, will do. My setup also has issues with cobbler, so no biggie, I think. Thank you, and if I get stuck can I call you?
<rbasak> hggdh: sure
<rbasak> hggdh: sorry it's not better maintained. You know my reasons!
<hggdh> rbasak: indeed I do :-)
<eagles0513875> hey rbasak  :)
<rbasak> eagles0513875: erm, hello. Have we met?
<eagles0513875> no but you are the only one alive in the channel atm lol
<eagles0513875> rbasak: do you know of any good documentation in regards to setting up a server with multiple domains for emails using postfix + dovecot
 * hggdh builds a PK...
<eagles0513875> hggdh: ?
<hggdh> eagles0513875: sorry, I do not use postfix or dovecot
 * hggdh has not had a local email domain for ages...
<eagles0513875> i wasn't putting the ? for that but you building a pk
<eagles0513875> i can get them setup for a single domain
<eagles0513875> but not multiple domains
<hggdh> eagles0513875: a special test package for something I have to do, quite arcane, sorry
<eagles0513875> its ok
<eagles0513875> wish i could get my hands dirty with packaging would be able to package newer versions of stuff for my servers and patching things i still have tons to learn
<ikonia> eagles0513875: why are you STILL trying to run before you can walk
<eagles0513875> I'm not I'm just saying is all
<ikonia> it's so tedious to see you ask for yet ANOTHER guide on how to setup postfix/dovecot with multiple domains
<ikonia> you say you've done this many times and it's not a problem
<eagles0513875> i have setup single domains just fine
<eagles0513875> never setup multiple domains
<ikonia> Hmmmm
<eagles0513875> this is for a client
<ikonia> ooh there we go
<streulma> eagles0514875: I use postfix, dovecot, mysql, postfixadmin and roundcube :)
 * eagles0513875 goes back to googling
<ikonia> another paid for client where you have promised stuff you can't do and now expect the IRC community do it for you again
<urthmover> How do I best test the read/write reliability of a questionable hard disk?  I have created a 1.3TB file using dd almost filling the drive.  Now I'm dd if=bigfile of=/dev/null in  hopes that I'll get some console output if it fails to read.  Is my approach to this effective and/or  valid?
<urthmover> smartctl short and long tests are ok....but about 3000 hours ago  the y smartctl used to fail
<rbasak> urthmover: look into the badblocks and dd_rescue commands. Probably the former is more useful for you.
<rbasak> I've had lots of drives fail that smart says nothing about
<iliv> motd says there are 10 packages to be upgraded, when I run apt-get -s upgrade to see what those packages are some of them are being held back. I need those held back package to appear as Inst ready for scripting purposes. I know apt-check somehow does that, but after readying the corresponind ...
<urthmover> ah ok I forgot about those commands... I'll try them...and thanks for sharing about your smart experience
<iliv> ... python script I'm still clueless (python is all Greek to me). Tips?
<rbasak> iliv: have you tried dist-upgrade?
<ranjan> Hi all anyone who have tried Ubuntu Cloud Live?
<iliv> rbasak, no, I haven't
<iliv> perfect
<iliv> thanks
<Razique> hey there :)
<iliv> update-mot.d related question, distro version 12.04.1, motd doesn't say anything about available updates, whether normal or security, only states that the system needs to be restarted, but I can see with apt-get that there are 13 upgrades available. Why is that information not in motd message?
 * iliv is looking at checkrestart and shakes his head
<iliv> that thing isn't realiable at all
<iliv> unless you run it in verbose mode and read the output very closely
<iliv> dpkg: /var/lib/postgresql/8.4/main/pg_xlog/000000010000000100000072 (deleted) not found.
<iliv> a reason to restart postgresql? really?
<zul> jamespage: whee http://paste.ubuntu.com/1375343/
<lvmer> I've got a minor samba problem with my smb.conf ... I'm having trouble accessing a directory with 'spaces'. Write-able shared folder is at bottom: here is entire smb.conf: http://paste.kde.org/612368
<lvmer> ctrl+f  for : addfileshere
<lvmer> or:  'comment = add files here'    to find it faster
<lvmer> I should've just posted my problem:   path = /mnt/lv1/public/pictures\ \&\ videos/organize        $ instead of the whole file.
<RoyK> lvmer: add quotes around it
 * lvmer is stuck with spaces 'path-name-spaces'
<lvmer> royk: ty will do
<lvmer> royk: no dice
<lvmer> royk: error: probably misspelled file name     (is returned to me)
<RoyK> lvmer: don't escape the path inside the quotes
<lvmer>  "path = /mnt/lv1/public/pictures\ \&\ videos/organize"
<lvmer> ?
<lvmer> folder no longer shows up in win7 explore
<lvmer> o I should probably take out the back slashes... wow I'm an idiot
<sarnold> .. and move the " a bit
<sarnold> path = "/ugly/ path here"
<lvmer> sarnold: yah... I was just attempting to not escape the path for a 2nd test
<lvmer> royk: works perfect now, thanks for the help.
<lvmer> sarnold: works :)
<sarnold> woo :)
 * lvmer shall prefect user = security someday, but for now he is off to hang a 7ft tall christmas star 100ft up in a Poplar tree in his backyard. :) 
<mikeey> I may just be stupid, but how do I get the messages telling me about updating in my MOTD in ssh?
<mikeey> Talking about these messages: http://puu.sh/1sLmI/11226059e9a50a0ab2438d96c8484348
<mikeey> It seems to work on some servers, but not on all the ones I'm administering
<sarnold> mikeey: I believe that message is added by one of the landscape packages..
<sarnold> I've seen a similar, less informative, message on my non-landscape systems; I think it's handled via update-motd(5)
<mikeey> ah found it
<mikeey> its handled by the update-notifier-common package
<sarnold> mikeey: thanks :)
<mikeey> also if you want the sysinfo sarnold, you install landscape-common I think it was
<sarnold> mikeey: thanks ;) I always like getting answers about what worked
<mikeey> ay. i've been looking for a solution for this problem for a long time now
<mikeey> so finally sorted it :)=
<zul> adam_g:  for cloud-archive update http://paste.ubuntu.com/1375578/
<adam_g> zul: ah, cool! lgtm
<zul> adam_g: next http://paste.ubuntu.com/1375636/
<adam_g> zul: looks good
<zul> adam_g: finally http://paste.ubuntu.com/1375674/
<adam_g> zul: what about "Security fix for the Ubuntu Cloud Archive" ?
<zul> sure
<zul> adam_g: ill fix that up and upload
<adam_g> k
<stgraber> highvoltage, hallyn: http://paste.ubuntu.com/1375746/
<highvoltage> stgraber: nice
<highvoltage> ipv6 won't fit in that small field though :)
<highvoltage> (I guess it expands or something)
<ajmitch> looks nice :)
<stgraber> highvoltage: it expands
<stgraber> half the code I have in the script is to figure out the column width :)
<hallyn> nice :)
<hallyn> all right i've now wasted an hour or two messing around with pkg version numbers.  driving me up the wall.
<hallyn> i was sure z would be > -.  but nope.
<Daviey> roaksoax: did you see MAAS failed to migrate to release pocket?
<Daviey> auto package test failed
 * roaksoax looks
<roaksoax> Daviey: can't find it, can you provide link please?
<Daviey> roaksoax: https://jenkins.qa.ubuntu.com/view/Raring/view/AutoPkgTest/job/raring-adt-maas/lastFailedBuild/ARCH=amd64,label=albali/console
<tonyyarusso> Hi, I'm having some trouble with my SSH config and DNS search domains.  I'm trying to put public keys in different known_hosts files for certain domains so that if I have to delete one and start over I don't lose them for other domains.  So, I'm using for instance a "Host *.ties2.net" declaration, with "UserKnownHostsFile ~/.ssh/known_hosts.ties2.net".  However, I also have ties2.net set as a DNS search domain, so when I just do ...
<tonyyarusso> ... 'ssh aurora', DNS properly resolves it as aurora.ties2.net, but SSH sees the host as just being 'aurora', and doesn't honor the separate known_hosts file.  Thoughts?
<roaksoax> Daviey: seems apache2 issue: apache2: apr_sockaddr_info_get() failed for autopkgtest
<roaksoax> Daviey: related to ServerName
<sarnold> tonyyarusso: if it were me, I'd probably remove the dns search domains and rely upon tab completion in bash to fill in the full hostnames
<tonyyarusso> sarnold: How would I set up bash to do that?
<tonyyarusso> sarnold: (Note:  There are several domains here - one of the issues is I don't want to remember whether a host is on ties2.net, 1667-hq.ties2.net, or me.ties2.net, for example.)
<sarnold> tonyyarusso: funny thing is, bash just 'knows' all my hostnames, I didn't have to go any lengths to teach it...
<Daviey> roaksoax: erm
<sarnold> tonyyarusso: the place to start looking for that, if it doesn't already work, is perhaps /etc/bash_completion.d/ssh, 'shopt -u hostcomplete && complete -F _ssh ssh slogin autossh'
<Daviey> roaksoax: Setting up tgt (1:1.0.17-1ubuntu3) ...
<Daviey> start: Job failed to start
<Daviey> invoke-rc.d: initscript tgt, action "start" failed.
<Daviey> roaksoax: I'm pretty sure the apache thing is a noisey warning.
<roaksoax> Daviey: ack, I'll look into that
<roaksoax> Daviey: is it possible to get access to the machine where that test happened?
<Daviey> roaksoax: you should be able to reproduce locally?
<Daviey> roaksoax: run-adt-test -s maas
<roaksoax> Daviey: that's what i'm doing
<Daviey> roaksoax: hmm
<Daviey> zul: can nova-compute-xen switch to the xen metapackage, rather than the versioned one please?
<zul> Daviey: did it yesterday
<Daviey> (raring bumped the minor version number, but for consistency (and backportability)), we should use the metapackage for xen
<Daviey> zul: thanks! :)
<Daviey> Seems you chaps are way ahead of me, i might aswell go home
<zul> sounds like a plan
<zul> back later
<roaksoax> Daviey: so I have just installed raring, and i don't see the issue
<roaksoax> Daviey: seems to only be on the jenkings instance
<roaksoax> Daviey: i' wondering if this relates to what i'm seeing with rabbitmq on canonistack too
<roaksoax> which sometimes simply fails to start
<tjaalton> anyone here running cobbler on quantal?
<tjaalton> thought so, since it doesn't work :)
<tjaalton> got cobbler working on quantal, filing SRU
<tjaalton> nope, CSRF error after login.. sigh
 * lvmer wonders if sarnold is here.
<sarnold> hey lvmer :)
<lvmer> hey
<lvmer> :)
<lvmer> got another question xD
<lvmer> how do I get smb.conf to show capitals in windows explore folder name?  ie: http://paste.kde.org/612554/
<sarnold> lvmer: rename the directory to have capital letters?
<lvmer> shows up as 'add--files--here'   but if I use quotes it doesn't work xD
<lvmer> directory = capitals?
<lvmer> [(>--ADD--FILES--HERE--<)]
<lvmer> folder name in windows explore... except it's lowercase :/ xD
<sarnold> How about just [Add Files Here]?
<lvmer> that works
<lvmer> shows up as 'Add Files Here'
<lvmer> but when I turn it all caps - it goes lowercase xD
<lvmer> not a big deal lol if this is blasting your mind
<sarnold> oh.
<sarnold> I bet that's to work around HORRI.BLE old DOS.
<lvmer> yah
<lvmer> I bet. xD
 * lvmer shall brb to take pictures of giant light star
<janet_> Any body home
#ubuntu-server 2012-11-22
<keithzg_> resolvconf keeps appending "nameserver 127.0.0.1" to my server's resolv.conf, which breaks internal DNS resolution; is there any way to tell it to *not* append that line? I can't even work out exactly where it's entering from.
<Tact>  resolvconf keeps appending "nameserver 127.0.0.1" to my
<Tact>                   server's resolv.conf, which breaks internal DNS resolution;
<Tact>                   is there any way to tell it to *not* append that line? I
<Tact>                   can't even work out exactly where it's entering from.
<Tact> exit
<keithzg_> ...?
<ScottK> keithzg_: Might be dnsmasq.
<keithzg_> ScottK: That was my suspicion, but if so I'm unclear from where or if I could change it; /etc/dnsmasq.conf doesn't exist, and /etc/dnsmasq.d consists solely of libvirt-bin, which in turn is quite simple: "bind-interfaces    except-interface=virbr0"
 * keithzg_ is stumped
<ScottK> stgraber knows about this stuff.  Maybe he's around.
<sarnold> keithzg_: was it added via an /etc/dhcp/dhclient.conf 'prepend doman-name-servers' directive?
<keithzg> sarnold: I see "#prepend domain-name-servers 127.0.0.1;" so it's commented out
<sarnold> keithzg: has dhclient been restarted since that file was edited?
<keithzg> sarnold: looks like that was in September, so, yup ;)
<sarnold> keithzg: :)
 * lvmer ... is back. xD  :)
<lvmer> Anyone want to help me with a 'samba' problem?  I'm testing samba logins... but win7 is caching my passwords... and keeping me logged in under the same name. During testing I'm getting the msg, "multiple connections to a server or shared resource by the same user, using more than one user name, are not allowed."  Only way I know how to logout is to restart my win7 computer.... :/
<keithzg> you could always restart the "browser" service, or whatever it's called on Windows.
<noliverh> anyone willing to help me here?
<noliverh> im going to setup ubuntu server now....
<noliverh> which is best... SLT or 2.10
<sarnold> noliverh: do you want five years of support or 18 months of support?
<noliverh> sarnold: what is that all mean?
<noliverh> if i want a 5 year support... what's with it?
<noliverh> and what's with 18 months of support?
<noliverh> is there a rate of payment with regards to the support?
<lifeless> noliverh: things move very quickly
<lifeless> noliverh: the support spoken about is free. You can also get commercial support.
<lifeless> noliverh: so to deal with things moving quickly we do lots of releases (one every 6 months)
<sarnold> noliverh: the LTS release has five years of support; the 12.10 release has only 18 months of support. If you want five years of support, then the 12.04 LTS release is probably the better choice.
<lifeless> noliverh: but that makes its own problem, there are then lots of versions people want to get bug fixes, so we only promise to do that for 18 months per version.
<sarnold> noliverh: the 12.10 release will be supported for 18 months; you could also upgrade that machine every six months to stay more current, if you wish.
<lifeless> noliverh: and then finally because some people want to change their environment only every few years, once every 2 years we do a long term supported release, which gets 3 years on desktop, 5 on server.
<noliverh> lifeless: so that means it much better to have a fresh software every six months
<sarnold> some people prefer fresh
<sarnold> some people prefer no changes
<noliverh> i want to setup a server for our school
<sarnold> (see the popularity of windows xp :)
<noliverh> DNS
<noliverh> what should be the best?
<noliverh> LTS?
<sarnold> in that position I would probably pick LTS
<noliverh> sarnold: so i will choose LTS then...
<noliverh> is also better to have a Domain Controller and File Server on one machine?
<noliverh> what should be your recommendations sarnold?
<noliverh> :D
<sarnold> most network admins like to have their DNS servers do only DNS -- DNS is an extremely vital service, and without it very little else works properly -- so most admins try to reduce the chances of another service on the machine interfering with DNS
<sarnold> noliverh: but if your budget makes running dedicated DNS servers impossible, then yes, you can run multiple services on the machine
<noliverh> sarnold: ok... does the ubuntu server can also handle windows clients especially windows 7?
<sarnold> noliverh: yes, the samba server can serve files to windows clients
<noliverh> sarnold: thanks a lot!
<sarnold> noliverh: have fun :)
<noliverh> sarnold: question: can i have a Domain Controller in a sub-office asside of the whole office?
<noliverh> is mIRC can run on ubuntu also?
<sarnold> noliverh: no idea on domain controllers; I haven't really done windows in ages.
<sarnold> noliverh: you _could_ run mirc through wine, but I recommend against it. Use xchat or quassel or something else tolerable.
<qman__> it's possible, but why you would want to is unfathomable
<qman__> linux has a much better selection of IRC clients than windows
<noliverh> what irc that is better in linux?
<noliverh> qman__: what is the most commonly used irc in linux?
<noliverh> i just want to install it in my ubuntu
<qman__> you probably already have irssi, and xchat is also very common
<qman__> you may also already have that depending on what version you installed
<lvmer> why when I try to $ apt-get remove vim-common   .... does it say 'ubuntu-minimal' will be removed ?
<qman__> because ubuntu-minimal depends on vim-common
<qman__> or it depends on something else that depends on vim-common
<lvmer> qman_: so I can't remove it?
<lvmer> qman_: I'm pretty sure I removed it on another server, but I don't remember 'ubuntu-minimal' coming up.
<qman__> well, you can, but it's probably not a good idea
<qman__> not sure why you'd want to
<lvmer> qman_: but ^^ that's irrelevant
<qman__> actually it's quite relevant
<qman__> the point is to find out what your actual goal is
<qman__> and fish out any X Y problems
<hypergrove> hi all - newbie q: i have just created an instance of ubuntu server, have signed on wit putty, but I'm unable to perform apt-get -- can someone help get me started?
<lvmer> qman_: removing vim was my only goal, just for fun. & if I had a goal I would've stated it.
<hypergrove> i'm at aws sorry
<hallyn> hypergrove: what do you mean 'unable to perform apt-get' - did you do 'sudo apt-get update' ?
<qman__> lvmer, then the answer is don't do that
<lvmer> qman_: yah I don't have it on my other server. Who knows how important ubuntu-minimal is.
<hypergrove> I did sudo apt-get install apache2 mysql-server php5 php5-mysql
<hallyn> hypergrove: and waht did it say?
<hallyn> !pastebin
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imagebin.org/?page=add | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<lvmer> perhaps ubuntu-minimal came up because it was going to get altered? I don't get it.... apt-get show or w\e shows it as required & dependant on 'boot'.... but everything still works.....
<lvmer> not a fan of ubuntu scaring me like that.
<qman__> there's no such thing as altered
<hypergrove> http://paste.ubuntu.com/1376412/
<qman__> if it says it's going to be removed, it's going to be removed
<lvmer> yah it's not on the dpkg list, just a guess.
<qman__> ubuntu-minimal is a metapackage that depends on a lot of core packages
<lvmer> qman_: what should I expect it to affect? I already uninstalled it & rebooted... everything looks good.
<ScottK> hypergrove: That looks like a networking problem at amazon to me.
<hypergrove> ok i'll ask them about it, thanks
<hallyn> hypergrove: might be worth doing an apt-get update first...  but yeah the errors were weird
<hypergrove> something like https://lists.ubuntu.com/archives/ubuntu-cloud-announce/2012-April/000022.html?
<hypergrove> executed the apt-get update and manually disabled http pipelining, and then performed apt-get install apache and others... but when I do "ls" i see nothing.... what gives please?
<hypergrove> why am I unable to list /home or /home/ubuntu
<hypergrove> please see http://paste.ubuntu.com/1376453/ -- thanks!
<hypergrove> ah sudo ls ../..
<sarnold> hypergrove: perhaps you wanted 'ls -a', which also shows the usually-hidden dotfiles  ?
<noliverh> 1
<noliverh> 2
<noliverh> Â±
<noliverh> Â²
<noliverh> how can i switch to other channel?
<noliverh> im using irssi right now
<noliverh> 4
<sarnold> noliverh: /win 2
<sarnold> noliverh: alt+a will switch to 'active window'
<noliverh> kewl....
<noliverh> thanks sarnold
<lvmer> I'm having trouble forcing a directory remove
<lvmer> even when I --ignore.... blah blah blah
<noaXess> moorning
<noaXess> on a nfs share, how do i keep mtimes while file transfer from client to server?
<sarnold> noaXess: cp -a implies --preserve=all, which includes timestamps.. --preserve=timestamps if you don't care about the other preseved attributes
<noaXess> sarnold: so not a nfs problem?
<noaXess> i do syncs with rsync.. and it does not keep times
<sarnold> noaXess: rsync's --times option also says it'll preserve modification time...
<noaXess> -t you mean. ihave it.. but files are new created on nfs server while transfer
<noaXess> if i do a rsync -avz /source/dir/ /dest/dir/ it does not preserver times.. it only preserver perms
<noaXess> destination is on a nfs server
<abhishek> hey guys
<Guest32531> I have just installed ubuntu server and also setup webmin but I am having some issues with server so that people can access it publically
<Guest32531> can someone help me with this?
<Akendo> hi frozzenfire
<frozzenfire> hi Akendo
<Akendo> Can you define "publically"
<Akendo> Does that mean via a Public IP Address?
<frozzenfire> Ok current I can only access the server through internal network.  the IP address of this server is 192.168.1.5
<frozzenfire> so I need to setup in a way that if someone puts in a specific IP address anywhere in the world they would be able to connect to this local server i have setup
<frozzenfire> I am currently with Verizon Fios ISP
<frozzenfire> and I have 3 computers attached to this internet out of which 1 is the Ubuntu Server
<frozzenfire> its designed for development
<Akendo> I can recommand DynDNS for this, that will allow you to define a own Hostname. This will be dynamicly updated so that you can always can get to your home System. The next step is to configure your netowrk Router corretly
<Akendo> What kind of Route do you have?
<frozzenfire> The standard Verizon Fios router
<frozzenfire> 50MBPS Down 25MBPS Up
<Akendo> Then you have to connect to your Route and enable port forwarding. One thing first! This means you will forward Internet traffic into your loacl network. This can be dangours. Be sure that your local system are update and configure corretly. This can be give a attacker room
<Akendo> By Forwading ensure a) Only to forward the port with the right IP address
<Akendo> B) That this host is secured
<frozzenfire> I did all the port forwarding actually Akendo but its still not resolving
<frozzenfire> i have privately shared a link with you actually
<frozzenfire> you can see it as well
<Akendo> What Port did you forward?
<frozzenfire> http: 80
<frozzenfire> HTTP
<frozzenfire> TCP Any -> 80 to 192.168.1.5
<frozzenfire> HTTPS
<frozzenfire> TCP Any -> 443 to 192.168.1.5
<frozzenfire> oh wait
<frozzenfire> it worked this time
<frozzenfire> seriously now? lol
<frozzenfire> ok so check this
<frozzenfire> 108.53.20.129
<frozzenfire> this is forwarding to the server
<frozzenfire> however
<frozzenfire> i have webmin installed
<frozzenfire> so https://108.53.20.129:10000 should go to webmin CP
<frozzenfire> and its now
<Akendo> Great ;-)
<noaXess> any idea, why rsync don't preserve times on a nfs share, even if this options are used? rsync -rptogzv
<Akendo> Sometime route take some time to enable the forward port
<Akendo> frozzenfire, Still working ;-) ?
<frozzenfire> OHH yea :)
<frozzenfire> im enjoying this :)
<frozzenfire> Thanks a lot bud! :)
<Akendo> Nothing to thank for, you did the work
<Daviey> jamespage: We need a better way of announcing changes to the cloud archive.  I was thinking a cloud-archive-changes@lists.ubuntu.com list?
<frozzenfire> btw does cPanel support Ubuntu?
<mvp> frozzenfire afaik no
<frozzenfire> dam
<jamespage> Daviey, would that be all package uploads? or just release/milestone announcements?
<Daviey> jamespage: i was thinking a raring-release style list
<Daviey> each package, as it hits proposed and updates
<jamespage> Daviey, raring-changes right?
<Daviey> uhh, yeah
<jamespage> Daviey, I think that would be great
<jamespage> cloud-archive-announce would be useful as well
<jamespage> lower volume stuff
<Daviey> jamespage: right, thanks for confirming :)
<jamespage> Daviey, any chance you can flush the missing bits of ceph into the folsom cloud archive - http://no-carrier.net/ca-versions
<Daviey> jamespage: Yes, i will do that shortly
<jamespage> Daviey, ta muchly
<jamespage> Daviey, I'll probably add something to http://pad.daviey.com/grizzly-ppa-email to that effect as well
<Daviey> jamespage: can you confirm what process you did for the walinuxganet?
<Daviey> agent*
<Daviey> Ie, how did you upgrade test?
<jamespage> utlemming provided me with some instances to test on
<jamespage> I built the packages locally, then uploaded and upgraded using dpkg
<jamespage> I also tested in a schroot using an local apt repository and some simulated data to ensure it stayed intact during the upgrade process
<jamespage> Daviey, ^^
<Daviey> jamespage: sounds good, if you upload now, i'll sru process it.
<jamespage> Daviey, hmm - not yet; there is a second issue related to ssh public key re-generation I don't really understand as yet; utlemmings branch did some additianl sed -i munging which looks awkward to me
<Daviey> jamespage: I did have to itch my head if it should be > binaryversion for the predepend
<Daviey> oh
<Daviey> jamespage: hmm, should we overload ubuntu-cloud-anounce for CA annoucmentments?
<Daviey> (i think we should)
<jamespage> Daviey: OK with me
<Daviey> supe
<Daviey> r
<Daviey> jamespage: do you know if adam made any progress with his CA tracker?
<jamespage> Daviey, its functional again
<jamespage> http://no-carrier.net/ca-versions
<Daviey> jamespage: i wanted to get it on http://reports.qa.ubuntu.com/reports .. but looks like he didn't quite get it ready for merging to the bzr tree
<jamespage> Daviey, he's only been back two days :-) I asked him to sync up the lab charms with trunk which he worked on yesterday
<Daviey> jamespage: oh sure.. i just wondered if you knew if it had been done :)
<Daviey> jamespage: can you see any reason why grizzly pocket of cloud archive shouldn't be seeded with the contents of folsom pocket?
<jamespage> Daviey:  I think that makes a huge amount of sense
<jamespage>  and is what I did for the lab PPA's
<Daviey> ok, thanks
<arpu> hello what is the recommend vm solution for 12.04 lts ? openvz kvm ? for webserver hosting
<arpu> or maas (openvz) and juju ?
<Akendo> Hello jamespage,  i found my issue with the authx problem
<Akendo> I didn't add the keys of my client corret to the keyring. So there could access to corret to the Cluster
<Akendo> cound't
<jamespage> Akendo, \o/
<jamespage> if names don't match the keys won't work - I discovered that the hard way to!
<alex88> hi guys, is possible that md arrays generate lot of load in case of high i/o
<alex88> ?
<jamespage> zul, https://github.com/openstack/nova/commit/d3fd05b1f8889d9f39b8eb5be3f7e7798d648206 just broke the lab
<jamespage> zul, removing a default for a flag in stable seems like a really bad idea to me
<jamespage> zul, never mind - I see adam_g already proposed a fix - he must have noticed it while testing the charms last night
<Akendo> The only thing that is not working, glance image-list is not working
<Akendo> Even the images can be used normaly
<Akendo> Spwaned VM's
<Akendo> No problem
<Akendo> Only listing them is a problem
<jamespage> Akendo, OK - ceph 0.48.2 just landed in the cloud archive for folsom
<Akendo> :)
<jamespage> I'll spin it up with openstack in the CI lab and see if I can reproduce
<jamespage> (although I happen to know that nova is borked in stable/folsom atm - see above)
<jamespage> but I can still test glance!
<zul> jamespage:  yeah you are a bit slow
<jamespage> zul, as always :-)
<jamespage> zul, can you get that landed? or does it need someone else's magic approval
<zul> adam_g: said he wanted someone from the community to look at it
<jamespage> Daviey, when do you think the lists will be up and running?
<jamespage> *list
<zul> jamespage: but yeah we can apply the patch before it gets applied upstream to get things going again
<Daviey> jamespage: they are now
<zul> jamespage: i temporarily added adam_g patch so you can get tests going again
<jamespage> zul, coolio
<Daviey> zul: erm
<Daviey> i just landed it?
<zul> Daviey: the upstream fix?
<Daviey> yeah
<zul> oh..
<zul> crap...just a sec
<zul> i did say it was temporary :)
<Daviey> heh
<Daviey> zul: the tests are running now
<zul> i removed it in the bzr branch
<jamespage> Akendo_, I'm not seeing the same issue you are - glance image-list and nova image-list are correctly returning the information stored in glance/ceph
<TJ-> Are there any known internal limits with large numbers of NICs? Not so much kernel, but in admin tools?
<TJ-> I'm presuming there may be some throughput issues with gigabit interfaces in some circumstances but that's not an issue (provided they don't become 10BaseT !)
<Daviey> zul: what do you make of https://review.openstack.org/#/c/16711/ ?
<zul> Daviey: im good with it
<zul> Daviey: want me to +1 it?
<zul> Daviey: wait a minute jenkins failed im just pushing it through jenkins again
<Daviey> zul: that is what i was questioning :)
<zul> Daviey: ah ok...well i just sent it back
<Daviey> vcool
<zul> Daviey:  seems temporarmental passed now
<v0lksman> hello all!  I've got a really really weird problem I was hoping for some hints on:  http://dpaste.com/834822/
<v0lksman> it seems something is different when the installer enables a NIC than when I do it manually.  Does anyone have any insight as to what it might be?
<IdleOne> v0lksman: This channel is not as busy as #ubuntu, answers are not always immediate.
<IdleOne> just wanted to let you know before you got all nervous and stuff :)
<v0lksman> yeah that's fine.  I've been trying in #ubuntu all morning but no one seems to have any information
<v0lksman> best advice I've gotten is that it's a driver issue but that isn't 100% true as the OOTB driver works fine as long as the OS installer runs it.
<v0lksman> and I've installed 4.0.x of the driver and it makes no difference
<v0lksman> I'm sure this is a kernel flag thing of somesort.  or when the hardware gets initialized there is a flag being set, but I have no clue where
<TJ-> v0lksman: When you start the installer is that from a cold start of the system? And when (re)starting into the installed system is that only a warm-boot? I've seen problems where the hardware needs a cold boot to initialise correctly (Tulip and sky2 driver being one example)
<v0lksman> warm and cold boot.  doesn't seem to make a difference.  thanks for the suggestion though!
<v0lksman> also of note, as soon as the OS is out of the way (IE on POST or on shutdown) the port lights up.  It's only when Ubuntu starts up with a driver that it goes dark and won't come alive again (unless it was used during the install, then it works after reboots, power up etc)
<hypergrove> noobie q: i am able to browse to index.html. When I browse to a php file, it is supposed to execute it, but it opens the file in an editor. Any qwik advice for me anyone? thanks
<hypergrove> how do i cause index.php (or index.php5) to be executed not displayed? thanks much
<arpu> apt-get install apache2-mod-php5
<arpu> or something like that
<hypergrove> earlier i ran sudo apt-get install apache2 mysql-server php5 php5-mysql.... that won't do it i guess?
<hypergrove> sudo apt-get install libapache2-mod-php5 looks like it?
<hypergrove> (found at http://www.howtogeek.com/howto/ubuntu/installing-php5-and-apache-on-ubuntu/)
<hypergrove> ran that, but it indicated already installed. tried again from browser (http://54.../mediawiki-1.17.3/config) but still only displays index.php...
<hypergrove> oh i needed to restart apache
<TJ-> v0lksman: I'd suspect firmware issues. Sounds like it'd be worth exhaustively checking the hardware and firmware revisions
<TJ-> v0lksman: Having looked further into the igb, I'm wondering if the motherboard is using UEFI and if so, if the UEFI driver settings for the i350 are responsible for this
 * lvmer wishes: Happy Thanksgiving to everyone in the USA. :)
<lvmer> After getting my feet wet with 2x ubuntu servers, I'm looking to setup a LAN storage for movies / pictures that will be viewable on a living room tv. I also at some point might want to record a few tv shows for personal view (I'm guessing myth tv is best here?). What is the best way to do this? 1) Have a simple win7 computer next to the TV that connects to a LAN Samba storage server in the basement - funnels movie/picture files to 
<uvirtbot> New bug: #1080912 in qemu-kvm (main) "qemu-kvm must depend on udev" [Critical,Fix committed] https://launchpad.net/bugs/1080912
<uvirtbot> New bug: #1081701 in maas "The metadata address mentioned in the preseed is wrong." [Undecided,New] https://launchpad.net/bugs/1081701
<uvirtbot> New bug: #1081836 in nova "nova-compute (folsom) fails to start, compute_driver is None" [High,Confirmed] https://launchpad.net/bugs/1081836
<uvirtbot> New bug: #1081952 in squid3 (main) "squid 3.1.19 external_acl_type fail" [Undecided,New] https://launchpad.net/bugs/1081952
<uvirtbot> New bug: #1052301 in mysql-5.5 (main) "package mysql-server-5.5 5.5.24-0ubuntu0.12.04.1 failed to install/upgrade: el subproceso instalado el script post-installation devolviÃ³ el cÃ³digo de salida de error 1" [High,Expired] https://launchpad.net/bugs/1052301
<uvirtbot> New bug: #1081212 in maas (main) "The address of the API in pserv.conf (tftp/generator) is http://localhost/MAAS/api/1.0/pxeconfig/" [Critical,In progress] https://launchpad.net/bugs/1081212
<uvirtbot> New bug: #1081692 in maas/trunk "The value of 'next-server' in the dhcp config is wrong." [Critical,In progress] https://launchpad.net/bugs/1081692
<uvirtbot> New bug: #1081849 in apache2 (main) "package apache2.2-common 2.2.22-1ubuntu1.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/1081849
<uvirtbot> New bug: #1079713 in qemu-kvm (main) "failed to set sndbuf on VMs network interface" [High,Confirmed] https://launchpad.net/bugs/1079713
<uvirtbot> New bug: #1081660 in maas-enlist (main) "If maas-enlist fails to reach a DNS server, the node will be named ";; connection timed out; no servers could be reached"" [Critical,Triaged] https://launchpad.net/bugs/1081660
<uvirtbot> New bug: #1081786 in lxc (universe) "lxc-create doesn't take advantage of the apt proxy" [Medium,Triaged] https://launchpad.net/bugs/1081786
<uvirtbot> New bug: #1080910 in dovecot (main) "-m argument of sieve-test is ignored" [Medium,Triaged] https://launchpad.net/bugs/1080910
<uvirtbot> New bug: #1081495 in tgt (main) "E: Sub-process /usr/bin/dpkg returned an error code (1)" [Undecided,New] https://launchpad.net/bugs/1081495
<uvirtbot> New bug: #1081509 in freeradius (main) "freeradius + mysql fails to start" [Undecided,New] https://launchpad.net/bugs/1081509
<uvirtbot> New bug: #903276 in moonshot "gss-api plugins produce libdl error on linux at process exit" [Undecided,Confirmed] https://launchpad.net/bugs/903276
<uvirtbot> New bug: #1081379 in cron (main) "cron ignoring PATH from crontab" [Undecided,New] https://launchpad.net/bugs/1081379
<uvirtbot> New bug: #1080961 in python-setuptools-git (main) "Sync python-setuptools-git 0.4.2-1 (main) from Debian unstable (main)" [Undecided,Fix released] https://launchpad.net/bugs/1080961
<uvirtbot> New bug: #1080985 in cloud-init "'noblock' setting for resize_rootfs is broken" [Medium,Confirmed] https://launchpad.net/bugs/1080985
<uvirtbot> New bug: #1081037 in nova "python-nova: not region aware when used with quantum" [Undecided,New] https://launchpad.net/bugs/1081037
<uvirtbot> New bug: #1080685 in cloud-init (main) "raring cloud images: User 'ubuntu' cannot sudo (dup-of: 1080717)" [Undecided,New] https://launchpad.net/bugs/1080685
<uvirtbot> New bug: #1080717 in cloud-init "'ubuntu' user sudo not setup, does not use bash shell" [Medium,Fix committed] https://launchpad.net/bugs/1080717
<uvirtbot> New bug: #1080796 in quota (main) "package quota 4.00-3ubuntu1 failed to install/upgrade: Ð¿Ð¾Ð´Ð¿ÑÐ¾ÑÐµÑÑ ÑÑÑÐ°Ð½Ð¾Ð²Ð»ÐµÐ½ ÑÑÐµÐ½Ð°ÑÐ¸Ð¹ post-installation Ð²Ð¾Ð·Ð²ÑÐ°ÑÐ¸Ð» ÐºÐ¾Ð´ Ð¾ÑÐ¸Ð±ÐºÐ¸ 1" [Undecided,New] https://launchpad.net/bugs/1080796
<uvirtbot> New bug: #1080621 in openssh (main) "RequestTTY option is not respected when declared in .ssh/config" [Medium,Confirmed] https://launchpad.net/bugs/1080621
<uvirtbot> New bug: #1080681 in lxc (universe) "debian guests get different IPv4 at every reboot" [Undecided,New] https://launchpad.net/bugs/1080681
<uvirtbot> New bug: #1080744 in vm-builder (universe) "vmbuilder erases current directory with option '-o -d .'" [Undecided,New] https://launchpad.net/bugs/1080744
<uvirtbot> New bug: #1080609 in autofs (main) "autofs package is missing the lookup_sss.so module; negating autofs-enabled sssd functionality (automount fails)" [Undecided,New] https://launchpad.net/bugs/1080609
<uvirtbot> New bug: #1080677 in samba (main) "regression: smbclient fails to authenticate" [Undecided,New] https://launchpad.net/bugs/1080677
<uvirtbot> New bug: #1080683 in mysql-dfsg-5.1 (main) "package mysql-common 5.1.62-0ubuntu0.10.04.1 failed to install/upgrade: subprocess new post-removal-script returned error status code  2" [Undecided,New] https://launchpad.net/bugs/1080683
<bananapie> I installed cfengine and nagios. Any other suggestions of epic software packages I need to install ?
<bananapie> fail2ban was good, but it wasn't epic.
#ubuntu-server 2012-11-23
<genii-around> typo3 default database name of typo3-database causes problems when you try to do a mysql command like:   GRANT ALL ON typo3-database TO 'somebody'@'somewhere'   ...it chunks out because of the hyphen
<kjs> is anyone on amazon EC2 micro? I wonder if it's fast enough for a small blog? about 5k visitors a day?
<TheLordOfTime> i don't have 5k visitors a day but i dont see why it wouldnt be able to handle 5,000 visitors a day
<TheLordOfTime> i know a few ubuntu members with HUGE blog turnaround traffic-wise and they use EC2 micros.
<kjs> TheLordOfTime: but you're on a micro?
<kjs> ah ok, cool, if you don't mind me asking, how much does it cost you roughly per month?
<tonyyarusso> Is micro the one they'll give you free for the first year?
<TheLordOfTime> kjs, my blog's on a micro, but i'm in the free tier right now
<TheLordOfTime> my blog doesn't get 5k/day traffic though
<kjs> 5k is not a lot
<kjs> my blog is also static, so it should be fine... the free tier?
 * kjs goes to google about this
<TheLordOfTime> they have a free 1y micro tier for people
<TheLordOfTime> then after that year they charge you.
<tonyyarusso> Works out to about $15/mo, compared to $20 for the base Linode.
<TheLordOfTime> mhm
<TheLordOfTime> of course when my year's up i'm 'shifting data over to the cheaper server(s) i use for TrekWeb (which is a LOT higher data traffic)
<TheLordOfTime> (cheaper, yet higher data traffic... don't ask how i even achieve that)
<kjs> I am currently at Linode.
<tonyyarusso> me too
<kjs> might move to amazon for a year if it's free tho :P
<tonyyarusso> I should probably ask if I can run a server at work though and save the money.  Would be pretty easy.
<kjs> I know at work we have a bunch of VPS now + an old dedicated server, I wonder if I should setupa  server running openstack and run the vps's on that would save money... Single point of failure on that server then though...
<kjs> OVH are setting 2 x 120Gb SSD's, 32Gb of ram unlimited 100mbps for 59GBP
<tonyyarusso> My workplace has a full datacenter (a couple, actually), but I don't know if they'd let me colocate a personal system there.  Probably, but I don't know.
<tonyyarusso> might be worth a shot
<kjs> patch it in and find out ;)
<tonyyarusso> heh, no
<RoyK>  +++
<RoyK>  ++
<TheGuy> Hey everyone, happy thanksgiving
<TheGuy> anyone with eperience setting up multiple websites under one eternal IP address? Having difficulties setting it up properly
<patdk-lap> using what webserver?
<TheGuy> standard LAMP setup, apache2
<TheGuy> I have been looking into the virtual host setup guides and hve not been able to find one applicable or that will work
<patdk-lap> http://ubuntu-tutorials.com/2008/01/09/setting-up-name-based-virtual-hosting/
<patdk-lap> probably the simplest
<TheGuy> as is, it directs querries from both site domain addresses to one sites files
<patdk-lap> now your not making sense
<TheGuy> excuse me, when someone types one address, it goes to one site, they type the other address it goes to the same site
<patdk-lap> then you probably failed to setup the default catchall virtualhost for that ip
<patdk-lap> so that all unknowns go there
<patdk-lap> otherwise apache just picks one, or the first one, or whatever
<TheGuy> I will look through this site you linked me, looks like some good info, Ill keep that in mind
<TheGuy> hmmm, that guide did not work either, a lot of errors on the reload
<patdk-lap> it sounds like you have followed too many guides
<patdk-lap> and have made way too many changes that you dunno what they are
<TheGuy> no, i actually know the eact files that i have changed lol
<TheGuy> since it is only 1 that they tell me to change that is included
<TheGuy> which is the apache2.conf file, and that i should make the site-available files and then enable them
<TheGuy> the webserver is still more then operational and does show 1 site, but the other site is not shown when typing in its adress, it defaults to the first one
<TheGuy> there has to be something im missing, or that these guides are missing, since its all basically the same process minus one thing here and plus one thing there, i have not gotten any to work
<Akendo> Good Morning Guys, what a wonderful day!
<zul> Daviey: apparently you can download vm in openstack through bittorrent
<Daviey> zul: oh?
<zul> xenapi only though
<Daviey> interesting... it's how twitter do their code pushout aiui
<Daviey> zul: whilst i have you, yolanda is super keen to contribute.. Do you have anything that would be good th throw that way?
<zul> Daviey: are we talking packaging or upstream stuff?
<iliv> anyone familiar with policykit? I botched up sudoers file, and read it on the might Internet that pkexec visudo can help me, but it needs /usr/lib/policykit-1/polkit-agent-helper-1 running. however, trying to start that helper results in "polkit-agent-helper-1: wrong number of arguments. This ...
<iliv> ... incident has been logged.'
<zul> yolanda: ping
<yolanda> hi zul
<iliv> booting into recovery mode is least desired option, I'd love to do this with 0 downtime
<zul> yolanda: heya...python-glanceclient is ftbfs if you want to take a crack at fixing that, that would be cool otherwise there is a bunch of bugs folsom-backport-potential in launchpad at https://bugs.launchpad.net/bugs that could possibly be backported
<yolanda> checking
<yolanda> zul, ok, i'll take a look at it
<zul> yolanda: cool if you need any help lemme know
<yolanda> ok
<zul> koolhead17: you want some openstack stuff to do?
<koolhead17> zul, sure sir
<koolhead17> show me the way am all in
<zul> koolhead17: figure out why stable/folsom is ftbfs https://jenkins.qa.ubuntu.com/view/Openstack_Testing/view/Folsom/job/precise_folsom_nova_stable/664/console
<hallyn> stgraber: bug 1075917, I'm intendingn to mark it wontfix with a comment that it is a new feature, not a bugfix.  should if you disagree
<uvirtbot> Launchpad bug 1075917 in lxc "[wishlist] Support for lxc.network.gateway in precise" [Wishlist,Confirmed] https://launchpad.net/bugs/1075917
<stgraber> hallyn: yeah, sounds fine. I'm in the process of getting an official lxc backport to precise anyway
<yolanda> zul, here is a paste of the errors on glanceclient: http://paste.ubuntu.com/1379659/
<zul> yolanda: grr...ok we just might want to disable the tests or let the package to build even if the tests fail
<yolanda> i'll take a look
<hallyn> stgraber: cool, thanks
<chmac> What's the command to see which applications are using the network?
<chmac> Something on the machine is downloading ~1Mb/s and I can't figure out what it is.
<iliv> chmuri, try trafshow or iptraf
<uvirtbot> New bug: #1080995 in clamav (main) "package clamav-freshclam 0.97.6+dfsg-1ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 128" [Undecided,New] https://launchpad.net/bugs/1080995
<uvirtbot> New bug: #509647 in lxc (universe) "[MIR] lxc" [Undecided,New] https://launchpad.net/bugs/509647
<uvirtbot> New bug: #1080658 in ipsec-tools (main) "Overwriting proposal produces segfaults" [Undecided,New] https://launchpad.net/bugs/1080658
<jamespage> zul, I just noticed that all of the branch merges in the lab happen the wrong way around
<zul> jamespage: uh?
<jamespage> its not functionally impacting but it makes the bzr history look really odd
<zul> jamespage: how so?
<jamespage> bzr branch lp:~openstack-ubuntu-testing/nova/grizzly
<zul> right
<jamespage> bzr merge lp:~openstack-ubuntu-testing/nova/grizzly-precise
<jamespage> bzr push lp:~openstack-ubuntu-testing/nova/grizzly-precise
<jamespage> the changelog for the merge accmulates over time
<jamespage> I think it should branch the grizzly-precise branch; merge the grizzly branch and then push it
<jamespage> maybe
<jamespage> I need to take a look at it again
<zul> jamespage: that sounds right to me
<jamespage> zul, from the precise-grizzly branch atm its impossible to tell the lab builds apart from each other
<jamespage> lol
<zul> okies g1 uploaded
<yolanda> zul, if i build the package with the DEB_BUILD_OPTIONS=nocheck , it builds properly
<zul> yolanda: right because nocheck disables the testsuite, if you add || true where it runs the test then you should be ok
<yolanda> ok, just force the conditions for the nocheck always to be true, right?
<zul> right
<yolanda> ok
<yolanda> zul, it works, yes
<zul> yolanda: cool
<yolanda> where can i push the changes?
<zul> bzr branch lp:~openstack-ubuntu-testing/glance/grizzly
 * zul lunches
<yolanda> ok
<uvirtbot> New bug: #1073275 in python-glanceclient (main) "python-glanceclient has a bad version dep on python-prettytable" [Medium,Fix released] https://launchpad.net/bugs/1073275
<yolanda> zul, sorry, what version number should i set in changelog? the last one is 2013.1~g1~20121114.296.g517739f-0ubuntu3
<TheLordOfTime> wouldnt it be all that plus a .1 ?
<TheLordOfTime> for bugfixing at least.
<TheLordOfTime> new releases, different issue :P
<jamespage> yolanda, one sec - lemme check
<jamespage> yolanda, just add your changes to the changelog entry already present
<jamespage> its UNRELEASED so still open for additions prior to final upload
<yolanda> ok
<jamespage> yolanda, dch -t will add you to the current changelog entry
<yolanda> yes
<jamespage> adam_g, zul: I sorted out the swift stable/folsom builds - not sure why it had not been switched over from trunk but it is now
 * jamespage likes lots of green balls
<yolanda> zul, should i push it to same branch or i push to another that is mine and then we do the merge?
<zul> yolanda: just push it to the same branch we havent worked out the merge system yet
<yolanda> ok
<Daviey> jamespage: I think that should be added as a quote.
<jamespage> yolanda, you can raise a merge proposal but you currently then have to re-target it in launchpad to the correct branch
<zul> jamespage: can we add a table of contents to this page: https://wiki.ubuntu.com/ServerTeam/OpenStack im going to be adding some content as well me thinks
<zul> Daviey:  done and done
<jamespage> zul, feel free - but make it nice and pretty!
<yolanda> seems i'm having some issue with the push: bzr: ERROR: Cannot lock LockDir(http://bazaar.launchpad.net/~openstack-ubuntu-testing/glance/grizzly/.bzr/branch/lock): Transport operation not possible: http does not support mkdir()
<yolanda> i readed and says something about being identified with launchpad-login, but i'm in
<Daviey> yolanda: please can you work out where you are pushing?
<Daviey> seems you are pushing over http, not ssh.
<yolanda> seems i'm pushing to http, yes, but if i push by bzr+ssh it also fails with permission denied
<Daviey> yolanda: you are not in ~openstack-ubuntu-testing... you want to psuh to ~yolanda and request a merge proposal
<yolanda> i see
<yolanda> oh, my launchpad messed keys again :(
<yolanda> i cannot push event to my existing branches
<yolanda> sorry, even
<lvmer> I'm looking to setup a LAN storage for movies / pictures that will be viewable on a living room tv. What is the best way to do this? 1) Have a simple win7 computer next to the TV that connects to a LAN Samba storage server in the basement - funnels movie/picture files to the tv. 2) Are "smart" tv's available? Where I can just ethernet connect them and they will work with the samba server? 3) DLNA? 4) open to ideas?
<sarnold> lvmer: investigate mythtv
<digadvan> any of you setup a bind9 dns slave server before? are the zone files suppose to replicate from master to slave automatically?
<sarnold> lvmer: I've tried dlna to my ps3, damned thing is very picky about file formats though
<xnox> lvmer: mythbuntu is for you.
<lvmer> yah I was thinking either mythtv or a dlna like tvmobili
<lvmer> but I was definitely worried about formats
<sarnold> lvmer: but simple http to serve the files, copy them over to the ps3, and play them 'locally', works well enough for me for as infrequently as top gear is released....
<lvmer> sarnold: YOU ARE A TOP GEAR FAN?!
<lvmer> sarnold: omg mee too!!! I have every single episode / special
<sarnold> lvmer: of course. :) hehe.
<lvmer> sarnold: lmk if you ever need any,  'finalgear.com' is a great resource.... xD
<sarnold> lvmer: yeah, I'm thrilled for those guys, saves tons of time on irc, feels way less dirty than the Big Torrent Sites... :)
<lvmer> so for myth tv - I will need 2 computers right?  1 = NAS or samba storage   2 = vga to tv & sound to reciever?
<lvmer> because some of my blue ray rips from my brother (he is obsessed with blurays) are 7.1 sound. And I'm not quite sure how to get that in/out the tv or reciever
<sarnold> lvmer: I think there's a backend myth machine and a frontend myth machine; probably storage could be on backend or on a third machine
<lvmer> because vga = no sound connection && hdmi = stero
<lvmer> sarnold: ok, & which computer is the most important?
<sarnold> lvmer: dunno there, sorry. :)
<lvmer> because right now I have 2 old computers.... 1x = year 2000 & p4 - 2ghz, 2gb ram, IDE HDDS, other = laptop 2008, 3gb ram, duo-core.
<lvmer> my goal is to build a newer computer so I can use like 6x SATA HDD's
<lvmer> and I'm wondering... should this be the storage computer in the basement? or the computer with an old gpu connected to the tv?
<yolanda> https://code.launchpad.net/~yolanda.robla/glance/grizzly/+merge/135955
<yolanda> zul ^
<digadvan> any bind gurus online?
<lvmer> xnox: I appreciate the help.
<lvmer> sarnold: I appreciate the help.
<lvmer> /me is off to investigate mythtv & mythubuntu
<sarnold> digadvan: oh, right, slaves, got distracted. I _think_ the zone transfers need to be configured on both peers, to ensure the master allows the slave to request zone transfer
<digadvan> sarnold: I did configure the slave to see the master and allowed tranfer from master to slave.. but still no go.
<sarnold> digadvan: anything in the logs?
<genii-around> digadvan: You might have to bump the serial number in the zone file. eg: right under IN SOA  ns hostmaster (      is usually something like: 2012112200      ; serial number -- yyyyMMddss.
<genii-around> Otherwise it doesn't push the new records out
<uvirtbot> New bug: #1082429 in glance (main) "glance-client fails to build from source" [Undecided,Invalid] https://launchpad.net/bugs/1082429
<zul> yolanda: merged thanks
<yolanda> zul great
<zul> yolanda: np
<yolanda> leaving for today, have a nice weekend
<sh_t> hi everyone. has anyone here used Ubuntu precise with bonding mode 4 (LACP/802.3ad)? I'm unable to get any traffic past my gateway router.. but I can ping the gateway. everything in /proc/net/bonding/bond0 appears to be correct as if the bond was working but no traffic passes through the gateway.
<sh_t> I've attempted exactly what's described here https://help.ubuntu.com/community/UbuntuBonding as well as an older method where you put the configuration into /etc/modprobe.d/bonding.conf -- both behave the same
<sarnold> sh_t: does 'ip route show' show the gateway as a 'via nnn.nnn.nnn.nnn' entry anywhere?
<capitaninsaneoh> hello
<capitaninsaneoh> If I am adding iptables rules to the default input chain and I've opened up a service that uses UDP and TCP do I need to add a default drop rule?
<capitaninsaneoh> do I need to add - iptables -A INPUT -j DROP -p udp -i eth0
<capitaninsaneoh> ?
<Daviey> zul: grizzly staging populated with folsom now
<zul> Daviey: cool...still scheming
<Daviey> roaksoax: suck, the LP diff is flawed.
<sh_t> sarnold: sorry just a sec, tinkering to get it back to how it was :p
<roaksoax> Daviey: boomer, how so? any links?
<sh_t> sarnold: yes, it says "default via a.b.c.1 dev bond0 metric 100", next line "a.b.c.0/28 dev bond0 proto kernel scope link src a.b.c.10" where .10 is the servers IP
<sarnold> sh_t: then I'm out of ideas :( good luck :)
<sh_t> baha
<sh_t> fml
<Daviey> roaksoax: no, it was just the auto generated LP diff was broken
<roaksoax> ah, boomer
<Danawar> Hey #ubuntu server i host minecraft servers on my server and today we got to 30 people online and the network just droped out on the server bring eth0 down then up again resolved the issue but it happened again after we again got more people joining is there any reason why this would happen and is there any way i can find out why it happened and resolve it thanks in advanced.
<pmatulis> Danawar: check kernel logs
<Danawar> Sure pmatulis what am i looking for in the kernel logs?
<pmatulis> Danawar: anything suspicious.  how should anyone here know what problem you have?
<sarnold> when you say "the network just dropped out", do you mean that you had to use a physical console to run ifup / ifdown? or did your minecraft game stop working?
<Danawar> I have alot of  [UFW BLOCK] IN=eth0
<Danawar> and before any of that "eth0: no IPv6 routers present"
<sarnold> no ipv6 routers is normal unless you expected to be able to use ipv6 on your network :)
<sarnold> ufw blocking IN=eth0 might be normal things or might be abnormal, depending upon what was being blocked and your local configuration.
<Danawar> trying to remember the exact time it went down i should have noted it down ;/
<Danawar> because i use a kvm there is alot of spam from keyboard and mouse hooks where i flick back and forth
<Danawar> The only other abnormal thing i can see is ADDRCONF(NETDEV_UP): eth0: link is not rea
<Danawar> and below it : atl1c 0000:02:00.0: irq 46 for MSI/MSI-X
<Danawar> atl1c 0000:02:00.0: atl1c: eth0 NIC Link is Up<100 Mbps Full Duplex>
<sarnold> "link is not ready" looks like another ipv6-specific thing:
<sarnold> ./net/ipv6/addrconf.c:				pr_info("ADDRCONF(NETDEV_UP): %s: link is not ready\n",
<sarnold> but if it were going up and down due to something else, something unexpected, that's interesting. :)
<Danawar> It could be my poorly configured loopbacks
<Danawar> i did them a while ago
<Danawar> and never removed them
<Danawar> because i got lost with ip tables O.o
<Danawar> alot of firewall : SRC=0.0.0.0 DST=224.0.0.1
<Danawar> but before the server went down
<Danawar> lots of : SRC=78.70.170.191 DST=192.168.1.3 LEN=82 TOS=0x18 PREC=0x60 TTL=110 ID=16623 DF $
<Danawar> $ PROTO=UDP SPT=63804 DPT=49461 LEN=36
<guntbert> !paste | Danawar
<ubottu> Danawar: For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imagebin.org/?page=add | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<Danawar> Sorry guntbert
<guntbert> Danawar: no worries, keeping a paste in a pastebin just makes it easier to read - and doesn't clutter the channel :)
<Danawar> Could i have been spam with requests from 78?
<Danawar> like a ddos from one machine
<sarnold> what's listening on 49461, if anything
<Danawar> the requests have all different ports i believe
<Danawar> The one underneath it says : PROTO=TCP SPT=55177 DPT=5010 WINDOW=8192 RES=0x00 SYN URGP=0
<Danawar> one quick question is where are iptables stored?
<guntbert> Danawar: stored? you mean when you shut down your system?
<Danawar> guntbert: along time ago i was trying to take requests like plotme.lagcraft.co.uk on a certain port and forward them to port 5001 but since i have never removed them because i couldnt figure out how
<guntbert> !ufw | Danawar
<ubottu> Danawar: Ubuntu, like any other Linux distribution, has firewall capabilities built-in. The firewall is managed using the 'ufw' command - see https://help.ubuntu.com/community/UFW | An alternative to ufw is the 'iptables' command - See https://help.ubuntu.com/community/IptablesHowTo | GUI frontends such as Gufw (GNOME) and Guarddog (KDE from Lucid onwards) also exist.
<Danawar> Iptables is so confusing O.o tryed to list them but i cant see any of the ones the i remember adding i guess this is abit to complex for me at the moment =/
<sh_t> is there a simple way to prioritize traffic to certain ip's/ports on a network interface? i have a busy NIC sharing different jobs and connections to a mysql server are problematic.. was hoping to prioritize 3306 traffic for example
<sarnold> sh_t: do you know lartc.org ?
<webfox> Hello folks!
<MrTorque> Hi everyone!
<webfox> I am fcaing some hard time to use a version of Ubuntu Server as a client at a VirtualBox machine. I intend to use it as a Bridged client but I've heard it would be necessary to install hdcleint, is it true I need it and isn't it already pre-intalled?
<MrTorque> I want to set up ubuntu with DNS for small office. Do i need to configure it as "Caching Server" or as "Primary Master Server"? (referring https://help.ubuntu.com/community/BIND9ServerHowto )
<ScottK> MrTorque: Caching Server
<MrTorque> ScottK: Two more questions then: would you recommend to setup dhcp-server to give "fix" ip adresses to the clients?
<MrTorque> ScottK: Can i use Samba 4 with only caching DNS?
<patdk-lap> samba doesn't depend on dns
<patdk-lap> it helps yes, but not needed
<MrTorque> patdk-lap: for AD they strongly recommend it (they said a working dns would prevent much frustration...)
<patdk-lap> well for AD yes
<patdk-lap> but you didn't say AD
<patdk-lap> AD requires dns
<MrTorque> patdk-lap: what kind of dns? Is "Caching DNS" sufficient?
<patdk-lap> no
<patdk-lap> you need caching and server
<MrTorque> patdk-lap: hmpf... this thing is not easy for me.
<patdk-lap> well, it shouldn't be
<patdk-lap> you picked something that is not unix natice, and something relatively new
<patdk-lap> and attempting to peice all the parts together
<patdk-lap> it will take time, and lots of work
<MrTorque> patdk-lap: hm. How long do you think would it take to get samba 4 running on ubuntu server with AD support (without encryption, without any mailserver-stuff)?
<patdk-lap> no idea, never even wanted to attempt that myself :)
<patdk-lap> but your going need ldap, dns, kerberos, samba
<MrTorque> -.-
<patdk-lap> I've set them all up, but never attempting to join them all to imitate AD
<MrTorque> i hoped it would be easy nowadays...
<patdk-lap> it really is, install windows server
<patdk-lap> but then, I do believe in using the correct solution for the correct problem
<MrTorque> I just need to share folders with some data and be able to configure access-rights with windows-explorer
<MrTorque> Being able to reset the user-password on the server-side also would be nice
<ball> Do Ubuntu kernels come with SLIP enabled?
<patdk-lap> always
<ball> Thanks
<hallyn> stgraber: have you worked at all with the raring package?  I notice bug 1070914 for instance still needs to be fixed in raring.
<uvirtbot> Launchpad bug 1070914 in lxc "lucid containers don't start on quantal hosts" [High,Fix released] https://launchpad.net/bugs/1070914
<hallyn> (I'll just add it to what I push on monday,
<hallyn> but I want to make sure there isn't more still missing)
<stgraber> hallyn: I'm not using the distro packages. I use my daily builds of the staging branch :)
<stgraber> I'm planning to use my nexus7 to test the stock LXC but I need a new kernel for that
<hallyn> stgraber: ok.  i'll look through the quantal-proposed changelog on monday and make sure it'll all uptodate
<MrTorque> I am trying to set up bind9. but i get an error with: dig 100.168.192.in-addr.arpa. AXFR
<MrTorque> ;; connection timed out; no servers could be reached
<MrTorque> Where did i do a mistake?
<MrTorque> other checking-commands work: named-checkzone 100.168.192.in-addr.arpa. /etc/bind/db.192
<MrTorque> and named-checkzone yfm.lc /etc/bind/db.yfm.lc
<sarnold> MrTorque: do you know that the machine where you ran 'dig' from is allowed to contact the bind server on tcp port 53? that might be disabled in a firewall or configuration file
<MrTorque> sarnold: i followed https://help.ubuntu.com/community/BIND9ServerHowto . The machine with the dns-server is the same machein as the one with the dig-command
<MrTorque> iptables -L does not contain any rule (fresh installation of ubuntu server)
<sarnold> MrTorque: hrm, do you need to add the allow-transfer directive with 127.0.0.1 in that case?
<MrTorque> sarnold: i dont know.
<MrTorque> the how-to does not say to do so
<sarnold> MrTorque: indeed, the impression I'm getting is that bind9 is wide open until you add an allow-transfer directive...
<sarnold> MrTorque: can you telnet localhost 53 ?
<MrTorque> yes
<MrTorque> nmap localhost gives: 53/tcp open  domain
<MrTorque> ping yfm.lc gives ping: unknown host yfm.lc
<MrTorque> yfm.lc is the domain I did configure
<MrTorque> (or at least tried to)
<sarnold> MrTorque: hrm; does axfr work for reverse zones?
<MrTorque> how do i check? and btw what does axfr stand for? is it a special token/name?
<sarnold> MrTorque: axfr asks for the zone transfer
<sarnold> MrTorque: what does dig yfm.lc axfr do? does that work?
<MrTorque> yes, it does. i will pastebin it...
<MrTorque> http://pastebin.ca/2254686
<sarnold> that's axrf, not axfr -- what changes there? :)
<sarnold> damn I hate dns. :)
<MrTorque> hehe, and i do not yet understand it -.-
<MrTorque> anyway, i get with axfr: ;; communications error to 80.83.97.38#53: end of file
<MrTorque> http://pastebin.ca/2254688
<sarnold> o_O
<MrTorque> I added the new stuff at the top
<MrTorque> so don't be confused because of that...
<maswan> for dig:ing axfr:s you should specify the NS with @server.name.tld
<sarnold> I tried it myself and got this: $ dig @80.83.97.38 yfm.lc axfr
<sarnold> ;; communications error to 80.83.97.38#53: end of file
<MrTorque> maswan: but name resolution should work correctly by default, shouldn't it?
<sarnold> .. which I think means that my IP is not allowed to make that query. heh.
<MrTorque> sarnold: it is just a domain in the LAN, not a public one.
<maswan> MrTorque: zone transfers are a special case, and can only be served by an NS holding the zone, not a general recursive resolver
<MrTorque> maswan: I did create that zone (I think..., i followed https://help.ubuntu.com/community/BIND9ServerHowto  and they were able to ping exaple.com )
<maswan> is 80.83.97.38 your IP that you are setting up bind on?
<MrTorque> maswan: no, it is not. I am behind a router, just wanting to set it up in LAN
<maswan> MrTorque: then it doesn't make any sense to ask 80.83.97.38 for a zone transfer of yfm.lc
<maswan> MrTorque: you should do @the.nameserver.IP  (or name)
<MrTorque> maswan: I thought the system would search locally first (since I am setting up a DNS Server) and then fallback on NS of internet. Or did I misunderstand sth?
<MrTorque> i did upload my configuration files: named.conf.local http://paste.ubuntu.com/1380725/
<sarnold> when you're configuring zone transfers you need to specifically ask the master :)
<maswan> MrTorque: the system searches in whatever is configured in /etc/resolv.conf
<MrTorque> db.yfm.lc http://paste.ubuntu.com/1380726/
<MrTorque> db.192 http://paste.ubuntu.com/1380727/
<maswan> MrTorque: the resolving is totally decoupled from the serving
<MrTorque> maswan: cat /etc/resolv.conf gives: nameserver 80.83.97.38 \n nameserver 80.83.97.38 \n seach lan
<MrTorque> how do I tell my system to first search on localhost?
<maswan> MrTorque: yeah, you'd need to change that to nameserver 127.0.0.1
<MrTorque> how do i do that? and will I be able to resolve internet domains as well?
<maswan> MrTorque: if your local nameserver also resolves internet domains as well (for instance, if the "forwarders" section includes 80.83.97.38 80.83.97.38 like from the help.u.c page)
<MrTorque> maswan: i added a forwarder section with google NS
<maswan> MrTorque: DNS is not really very easy to just add some stuff locally, it fairly strongly assumes a global name tree. Making local additions can be done, but take a bit of work. I usually use a plain /etc/hosts for adding local stuff that isn't in a real zone.
<MrTorque> so how do set my ns to 127.0.0.1?
<maswan> MrTorque: yeah, that should work too.
<maswan> MrTorque: you can start by testing it out with dig @127.0.0.1 www.ubuntu.com
<MrTorque> maswan: that works
<maswan> MrTorque: and also dig @127.0.0.1 axfr yfm.lc
<maswan> to try your local zone
<MrTorque> maswan: my long-term target is to get samba 4 with kerberos running
<MrTorque> yes, that also
<maswan> MrTorque: then you change /etc/resolv.conf so that there is only one "nameserver" line, and that is "nameserver 127.0.0.1"
<MrTorque> I guess that is a good sign
<maswan> unfortunately if you have more than one, it'll just ask one of them. and then sometimes you'd know about your local name, and sometimes it would go "nope, no .lc, doesn't exist" when you hit the other IP
<maswan> it's actually much easier to do with a proper domain and a couple of public IPs
<MrTorque> grml...
<MrTorque> I sit behind a managed router
<maswan> but did changing the nameserver line work for you locally?
<MrTorque> And I do only have a ssh tunnel...
<maswan> hm. if you want to do samba 4 with kerberos you probably have more than one machine, so instead of 127.0.0.1 I'd probably put in the rfc1918 adress you have on the inside in resolv.conf, then you can have the same on all of them
<MrTorque> I did change /etc/resolv.conf. But i still can not ping yfm.lc
<MrTorque> dig yfm.lc works
<maswan> MrTorque: do you get an A record with an IP back from dig?
<MrTorque> http://paste.ubuntu.com/1380750/
<MrTorque> does not look like an A-entry
<MrTorque> A record
<maswan> yeah, that's a "yup, I can answer for yfm.lc, but there is no A-record there"
<maswan> can you ping ns.yfm.lc?
<maswan> or box.yfm.lc?
<MrTorque> yes, both
<maswan> then the dns setup works, just a matter of adding all the stuff you want to the zone
<maswan> oh, you could also check if reverse works
<maswan> I forget how to do that with dig, but the less precise but more user-friendly tool "host" can do that easily, just host 192.168.100.6
<MrTorque> dig ns.yfm.lc axrf?
<MrTorque> host 192.168.100.6 gives:
<MrTorque> 6.100.168.192.in-addr.arpa domain name pointer yfm.lc.
<MrTorque> 6.100.168.192.in-addr.arpa domain name pointer ns.yfm.lc.
<maswan> dig @ns.yfm.lc axfr 100.168.192.in-addr.arpa.
<MrTorque> http://paste.ubuntu.com/1380757/
<maswan> ah, that works then. even if it is a bit strange that that IP should have the name "yfm.lc" and the name "ns.yfm.lc"
<myhrlin> hi, is there a way to make PAM use multiple hash functions for passwords?
<maswan> MrTorque: anyway, looks like you have both zones working then for now. "just" a matter of adding the right stuff to them. :)
<MrTorque> but this still is only because I did manually edit /etc/resolv.conf
<maswan> MrTorque: yeah, since you're adding stuff that isn't in the main globally known tree, it will only be known to clients that have been explicitly configured to only ask your name servers
<MrTorque> which will forwad if he does not know either.
<maswan> MrTorque: yeah
<MrTorque> so far so good.
<sarnold> myhrlin: have you seen pam_unix and crypt(3) manpages yet?
<MrTorque> now i need to tell ubuntu to use 127.0.0.1 (himself (or herself?) rather itself...) to resolve names
<maswan> MrTorque: yeah, or 192.168.100.6. other hosts on the same network that also need to resolve yfm.lc also need to be configured to use 192.168.100.6
<myhrlin> sarnold: I have not, looking at them now and it looks like that's all I needed so far -- thanks!
<sarnold> myhrlin: excellent :)
<MrTorque> maswan: yeah, right.
<maswan> MrTorque: Now, I'm a bit hazy on how modern ubuntu does that though. might be something involving network manager or so.  On our server installs we ship custom resolv.conf:es that we've carefully written.
<sarnold> MrTorque: if all your networked devices get settings from dhcp, you could have your dhcp server tell them which dns server to use
<maswan> that's true, for a dhcp network that'd be the good place to configure it
<MrTorque> sarnold: that would be awesome! I would not need to configure all the clients manually :)
<MrTorque> can I somehow give prioritys for the nameservers?
<maswan> hm. maybe. "If  there  are  multiple  servers,  the  resolver library  queries them in the order listed.  " but I'm not sure on how reliable that is
<MrTorque> I added dns-nameservers 192.168.100.6 to /etc/network/interfaces but in resolv.conf the two NS from my ISP are on the top
<maswan> that's from the manpage of resolv.conf
<maswan> My experience is that you shouldn't mix
<MrTorque> maswan: yes, I experience that too. ohm, yes, and it tells to add dns-nameservers to /etc/network/interfaces :)
<maswan> anyway, there I'm not very experty and I'm also off for other things, 'later!
<MrTorque> maswan: thank you very much for being so patient with me and I have a working dns now :)
<MrTorque> sarnold: thank you also very much.
<sarnold> MrTorque: I'm glad maswan came around :) recent experience wins every time :)
#ubuntu-server 2012-11-24
<MrTorque> :)
<MrTorque> gn8
<sarnold> MrTorque: 'night :)
<myhrlin> sarnold: could you help me understand this crypt(3)
<myhrlin> oh woops, he's probably gone by now
<myhrlin> but if someone else could help me understand please; is the man page saying that salt is automatically used?
<myhrlin> I guess there's not a method for just char *crypt(const char *key) so it requires a salt
<xnox> myhrlin: the way I interpret the manpages is that: you should supply salt, which must be a two-character string from [a-zA-Z0-9./]
<myhrlin> ah ok
<myhrlin> then my next question is where do I do that? hehe.  I'm trying to modify pam so that passwords are hashed with a salt
<myhrlin> I've also got pam_unix opened up
<lvmer> What software would you guys use for a NAS? Unraid? or Ubuntu Server?
<lvmer> I'm leaning toward Ubuntu, because that is what I am comfortable with atm. & I don't see the server edition use much RAM or CPU time. My only worry, is scaling the processor with the # of drives and software RAID 5 or 6. I'm not sure how to predict the hardware requirements.
<sarnold> myhrlin: you supply the salt; if you install the manpages-posix-dev package, you can see an example program via 'man 3posix crypt'
<sarnold> (I strongly recommend installing the posix and posix-dev manpages, having The Standard at your fingertips is awesome.)
<myhrlin> sarnold: ok, so I have that installed and I see the program, but now I'm understanding that to add a salt goes beyond making a modifcation in /etc/pam.d/common-password and /etc/login.defs
<sarnold> myhrlin: if you're developing your own PAM module, you get to do what you wish, really.. ;)
<myhrlin> exactly what I didn't expect to have to do, but I wont complain, at least I get that option :)
<sarnold> myhrlin: what's your end goal, anyhow? :)
<myhrlin> oh just adding the salt is what I want to achieve
<sarnold> if it's to find out how pam works, this is one awesome way to do it, but there may be easier ways to do what you're aiming for if you just want something to work. :)
<myhrlin> at one point I thought to do both blowfish and sha512 hashing but that would be overkill I guess
<myhrlin> plus a salt ^
<sarnold> myhrlin: .. and require _both_ hashes to log in?
<myhrlin> I mean to apply both hashes to the password, not to have a two hashes of the password
<myhrlin> so do a sha512 on the password, then blowfish with salt
<sarnold> myhrlin: take a look at your /etc/shadow file; you'll probably notice entries like this: sarnold:$6$HMjuZ0yq$Q....
<sarnold> myhrlin: that HMjuZ0yq there is the salt
<sarnold> myhrlin: and the '6' asks for sha-512
<myhrlin> oh
<myhrlin> so it's actually in there
<sarnold> myhrlin: yeah
<myhrlin> I guess I can live with that :)
<sarnold> if you want to fiddle with something, the /etc/login.defs SHA_CRYPT_MIN_ROUNDS value is probably the one to change; maybe you want to raise that to 10000 or more, to try to make guessing passwords that much harder
<myhrlin> sarnold: sure, I might just do that instead.  I'll play a bit with john and see how it fares on what I have right now though
<sarnold> myhrlin: woo. :)
<Trixboxer> Hi, why does default 12.04 ubuntu 64bit kernel keeps big reserved space
<Trixboxer> My ubuntu VM has
<Trixboxer> Memory: 298196k/5767168k available (6561k kernel code, 448k absent, 5468524k reserved, 6642k data, 924k init)
<Trixboxer> my CentOS VM has
<Trixboxer> Memory: 2001680k/2097152k available (5085k kernel code, 388k absent, 95084k reserved, 7228k data, 1244k init)
<selje> Hi! I'm trying to setup a server for my company. The following things is what I want: Own place for user files, and a group file server. DHCP server, VPN server to access the files from all around. What packages do i need?
<selje> And ofcourse a webpage that can only be access through vpn(intranet page), but i think LAMP takes care of that with a CMS system
<Seveas> selje, isc-dhcp-server, apache2, openvpn, samba
<selje> Thank you Seveas
<selje> is there any gui for openvpn server manager?
<Seveas> on a server you don't want a gui :)
 * FauxFaux would suggest considering sftp over vpn+samba for file access, if it's intermittent and not home-drive style access.
<selje> Seveas: I want a gui :-)
<jpds> selje: You don't want a GUI on a server.
<selje> it's much easier when i don't know all the commands...and much easier to configure
<jpds> selje: Then, you'll never have a proper understanding of what's going on.
<jpds> selje: And when things break...
<selje> hmmm jpds: this is going to be a hard night i understand
<jpds> selje: We all were beginners at some point.
<selje> yeah jpds :-)
<jpds> selje: If you would like a systems management GUI, then there's http://www.ubuntu.com/business/landscape
<selje> hi! I need some help with installing ubuntu server 12.10
<selje> I'm coming to the part of partitioning my system, and last time i tried to install it, it came up as guided, but now i have to choose. When I choose and install, i just get up an error
<selje> what is the right way to do? I'm using a server with 2 RAID discs..
<selje> nobody have any idea about partitioning the system?
<uvirtbot> New bug: #1082699 in samba (main) "cannot copy to samba share" [Undecided,New] https://launchpad.net/bugs/1082699
<FauxFaux> selje: Please give actual information about the problem instead of saying "an error".
<selje> FauxFaux: I got a boot message...not sure what it said, but i wouldn't boot
<FauxFaux> Knowing what the problem is is an important stage of the diagnosis process.
<selje> yeah FauxFaux.. But I think the whole problem is that i don't understand the manual partitioning system
<selje> and then the boot process fail
<FauxFaux> I can't help you if you don't give actual error messages instead of saying "it failed", maybe someone else can mindread.
<selje> ok.. Thanks for your time FauxFaux
<samba35> how to reinstall some package to get that package repair
<uvirtbot> New bug: #1082707 in php5 (main) "package php5-common 5.4.6-1ubuntu1.1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 2" [Undecided,New] https://launchpad.net/bugs/1082707
<pretorianMale> hi
<pretorianMale> hi
<Iohnizer> Any virtualization guru around?
<selje> anyone have a good tutorial for setting up my vpn server?
<TJ-> openvpn?
<selje> yes
<TJ-> Have you looked at https://help.ubuntu.com/community/OpenVPN
<TJ-> Or how about https://help.ubuntu.com/12.04/serverguide/openvpn.html
<selje> Thanks TJ, sorry, my bad
<TJ-> I use openvpn routed  tun UDP with TLS auth
 * cwillu huggles openvpn
<mikeey> Could a "nf_conntrack: table full, dropping packet." error being spammed in my syslog be a sign of a DDoS? The server dropped from the internet when it happened aswell
 * stijndg is away (Stijn is out BNC logging messages)
#ubuntu-server 2012-11-25
 * stijndg is away (Stijn is out BNC logging messages)
<uvirtbot> New bug: #1082767 in nagios-plugins (main) "Configure-time ps command truncates command names" [Undecided,New] https://launchpad.net/bugs/1082767
<ariel__> does anybody know howto use the lamp server
<lickalott> anyone know the latest TCL package off the top of thier head?
<yolanda> morning zul, are you there?
<uvirtbot> New bug: #1081675 in mysql-5.5 (main) "ubuntu 12.04 mysql5.5 support utf8 problem" [Undecided,Invalid] https://launchpad.net/bugs/1081675
<selje> Hi! Today I have setup my VPN connection, and I have a question. I'm building a server for a small company, and are in need of having a place to store files as a group and as single user, how do i do this?
<selje> or is there a guide for this?
<selje> have to do a reboot..brb
<selje> and back :-)
<selje> Hi! I have added the users and the folders for each user and the group user. Can I somehow connect this to the VPN user connection?
<selje> and how do i mount and automount this directory on startup?
<selje> for each user
<addisonj_> hrm... so really strange situation here, on a remote host, I have inbound SSH but cannot get outbound internet access...
<addisonj_> getting an IP fine via DHCP, which is also setting default GW and the like, but its still not working. Would bad default gateway result in such behavior and would I be safe to tweak it without accidentally blowing up my SSH session and then being unreachable
<selje> i need some help with /etc/exports file
<selje> hmmm..i only get up this error when trying to mount directory from my server: rpcinfo -p
<selje> sorry
<selje> mount: wrong fs type, bad option, bad superblock
<selje> ntfs and portmap is running
<selje> how can i fix this error, any suggestions?
<yeats> selje: what is the exact command you're typing?
<selje> sudo mount 10.8.0.1:/exports/glselj/ /home/glselj/Skrivebord/glselj/
<selje> it's ubuntu server 12.04 and linux mint desktop
<selje> any idea yeats?
<yeats> selje: can you share the full error? (pastebin if multi-line)
<selje> mount: wrong fs type, bad option, bad superblock on 10.8.0.1:/exports/glselj/,
<selje>        missing codepage or helper program, or other error
<selje>        (for several filesystems (e.g. nfs, cifs) you might
<selje>        need a /sbin/mount.<type> helper program)
<selje>        In some cases useful info is found in syslog - try
<selje>        dmesg | tail  or so
<yeats> selje: have you installed nfs-common on the client machine?
<selje> yeats: i don't think so..maybe that is the solution
<yeats> selje: try installing that and trying again.  You might benefit from reading https://help.ubuntu.com/community/SettingUpNFSHowTo#NFS_Client
<yeats> selje: you can add a line to /etc/fstab to have it mount at boot
<yeats> !fstab | selje
<ubottu> selje: The /etc/fstab file indicates how drive partitions are to be used or otherwise integrated into the file system. See https://help.ubuntu.com/community/Fstab and http://www.tuxfiles.org/linuxhelp/fstab.html and !Partitions
<selje> on the client right yeats?
<yeats> selje: correct
<selje> thank you yeats
<yeats> selje: happy to help
<TheLordOfTime> i need to be able to restore software used on one server to a new server (both Ubuntu 12.04).  Is there a way I can create a list of currently installed packages on the one system and use that list to install on the other system?
<jcastro_> lishttp://askubuntu.com/questions/9135/best-way-to-backup-all-settings-list-of-installed-packages-tweaks-etc
<jcastro_> there you go!
<TheLordOfTime> jcastro_, thanks much
 * lvmer says, "hi."
<storrgie> I'm having some update issues: https://gist.github.com/295f139da093740f0ddd
<storrgie> does anyone have a moment to look at this with me?
<storrgie> I'm not sure what to do
<ScottK> storrgie: Try sudo apt-get remove libgnutls26:i386 then try to update again.
<ScottK> Then fix your system since you've got updates deactivated.
<damo22> i tried the ubuntu channel but i dont think im getting my point across
<damo22> i am looking for a server install of linux that can be configured to never pause for a keystroke during bootup inside grub
<TLoT> damo22, i think you just didn't word it right
<TLoT> all installs require the bootloader
<TLoT> the ubuntu-server image won't include a GUI
<TLoT> but it will still have GRUBN
<TLoT> GRUB *
<TLoT> and GRUB will typically pause for a second and wait for a keystroke to interrupt boot, but then boot to Linux normally
<storrgie> Anyone help me with dependency hell? https://gist.github.com/295f139da093740f0ddd#comments I'm not sure how to resolve this issue
<TLoT> storrgie, i'm assuming you missed this from earlier, so repost:
<TLoT> <ScottK> storrgie: Try sudo apt-get remove libgnutls26:i386 then try to update again.
<TLoT> <ScottK> Then fix your system since you've got updates deactivated.
<TLoT> damo22, and from what i can see in the #ubuntu logs, you want it to ignore errors on boot and boot anyways.
<TLoT> that's not going to happen, likely, because if there's a boot error such that GRUB can't handle it, you have to diagnose it anyways.
<storrgie> yeah i did miss that, sorry to need a repost
<storrgie> TLoT, also, already tried to remove it
<TLoT> and?
<storrgie> TLoT, lemme gist for you
<storrgie> https://gist.github.com/0ff09b0506dae464f371
<storrgie> TLoT, I installed from a deb on this particular package
<storrgie> now I don't know how to remove it
<storrgie> this is why its out of sync with the repos
<TLoT> storrgie, did you try: sudo dpkg --remove [package] ?
<storrgie> I have, but lemme gist for you
<TLoT> which is what you were going to do initially?
<TLoT> oh i missed a link :p
 * TLoT kicks his computer
<storrgie> nah, just a sec... I might have not included the :i386
<TLoT> sudo dpkg --configure -a <-- that's the last 'gist' data you put in
<TLoT> you didn't do the remove :P
<storrgie> https://gist.github.com/88d952bfe28284a3c7ea
<TLoT> first off, why are you pulling stuff for oneiric?  Ign http://www.ubnt.com oneiric InRelease
<storrgie> yeah, its a ppa for ubnt's airvision software
<storrgie> thats just the version they maintain
<storrgie> so yes, this is why its a problem for me
<damo22> TLoT: yes, but when there is a small brownout, it stuffs up and grub sits forever waiting for a keystroke
<TLoT> damo22, if there's a brownout you should put a backup power supply there
<TLoT> damo22, brownouts will damage your hardware.
<TLoT> badly.
<damo22> TLoT: yes, i know this, but still i want grub not to pause, i would rather it boot and auto fsck
<TLoT> you assume that's even possible.
<damo22> TLoT: yes, if it cannot, THEN stop
<TLoT> the whole reason GRUB halts booting on an error is because its usually a non-recoverable error that can't do normally
<TLoT> that's what it does normally, damo22
<TLoT> if its waiting for a keystroke after the fact, you're doing it wrong.
<damo22> FSCKFIX=yes is an option in ubuntu as well, or just debian?
<TLoT> the only reason it would wait for a keystroke is a nonrecoverable error, in which case it *does* halt booting
<damo22> TLoT: i have observed different behaviour than what you describe using ubuntu-desktop 10.10
<TLoT> i'm using 12.04
<TLoT> 10.10's EOL btw
<TLoT> and desktop's different than the server :P
<TLoT> !10.10
<ubottu> Ubuntu 10.10 (Maverick Meerkat) was the thirteenth release of Ubuntu. !End-Of-Life on April 10th, 2012, see http://ubottu.com/y/maverick for details.
<damo22> okay
<TLoT> server (1) has no GUI
<damo22> one last question
<TLoT> (2) usually isnt going to ask you for a keystroke, unless your system's weird.
<storrgie> TLoT, going to go snag some more tea, I'll be back in a moment. the most recent gist should show you more
<TLoT> (3) like normal grub, will halt booting if an error occurrs.
<damo22> can i install a server-like version of ubuntu with the 12.04.1 LTS desktop cd?
<damo22> considering i dont have enough data to dl a new cd
<TLoT> no.
<TLoT> well...
<TLoT> sorta... but you have to install GUI ubuntu, then uninstall the GUI part and add server packages...
<TLoT> you know you can use USBs as installation media right?
 * TLoT uses a LiveUSB for installing Ubuntu, and has one for Desktop, one for Server.
<damo22> yeah
<damo22> are you my neighbour? can i come and borrow it? lol
<damo22> i wish they would give me free access to ubuntu packages over my internet connection
 * TLoT ignores the last comment.
<TLoT> erm, what?
<TLoT> ubuntu is pretty much free, a lot of it's open-source...
<damo22> yea but they charge me for any bandwidth i use
<storrgie> TLoT, you got a moment to poke at my issue?
<TLoT> storrgie, balancing 3 issues plus one remote-tech-support right now, have patience (yours is one of the 3)
<storrgie> I'll keep the laptop up
<damo22> TLoT: please consider my issue now closed
<TLoT> damo22, i already have, i'm in several other channels, and some of the issues are non-IRC :PO
<damo22> :)
 * TLoT goes back to the other windows
 * TLoT looks back at storrgie's stuff
<TLoT> storrgie, i'm not sure where your issues are, because you're mixing/matching other repositories with the standard ubuntu ones
<TLoT> i can't tell from what you've provided what's coming from which repository
<TLoT> nor whether the higher versions even exist.
<TLoT> and given that i havent eaten, i'm igoing to finish the remote-tech-support session i'm doing, and then go get something to eat.
<Danawar> Hey would there be a reason that the internet on my server goes down when some one uploads an image to the forum?
<Danawar> Cant seem to find any thing in the kernel or the syslogs
<SpamapS> Danawar: "the internet on my server" is a little hard to understand
<SpamapS> Danawar: do you mean to say that after an upload, nobody can connect to your server?
#ubuntu-server 2013-11-18
<karamazov> Can anyone point me towards a resource to put a lamp stack on a unbuntu server on ec2
<jrwren> karamazov: ubuntu server guide?
<karamazov> jrwren: I've tried using it but I can't get apache to run...
<jrwren> karamazov: do you get an error? did you open port 80 in ec2 security group?
<karamazov> No error - does 80 need to be open for inbound or outbound?
<jrwren> inbound.
<jrwren> http://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-network-security.html
<karamazov> jrwren: thank you
<jrwren> yw
<hazmat> hallyn_, one oddness with btrfs and lxc (using clone) that i havent figured out.. btrfs-progs won't report the subvolume or snapshot usage, looking over btrfs-progs src, the main delta seems to be quota group related wrt to subvol creation.. just curious if you've run into this before.
<hazmat> i'm trying to use send/receive against the vols, but without btrfs-progs being aware, thats problematic
<hazmat> stgraber, ^
<hallyn_> hazmat: nto sure what you mean by 'run into before'.  i've not tried send/receive of vols.  I use 'lxc-clone -B btrfs' a ton every day seems robust so far
<hallyn_> (only caveat, in precise, is tha ti must use eatmydata to run dpkg and apt-get else it is dog-slow)
<hazmat> hallyn_, sure. but btrfs subvolume list /var/lib/lxc shows nothing.. with lxc-clone -s
<hazmat> hallyn_, i've got /var/lib/lxc setup as a btrfs mount, lxc-clone -s  seems to implicitly pickup btrfs.. as the resulting container takes roughly 7m
<hazmat> explictly specifying -B btrfs actually results in rather odd behavior compared to the implicit, either full copy or error (http://pastebin.ubuntu.com/6435693/)
<hazmat> likely cause its not a subvolume
 * hazmat tries with explicit btrfs on create
<hazmat> hallyn_, nevermind i think its user error. with dedup on the vol accounting for the minimal usage
<hallyn_> hazmat: ok - sorry i went quiet, my laptop went berzerk
<hallyn_> but why was precise-base not btrfs, if /var/lib/lxc is btrfs?
<hallyn_> that sounds like an lxc-create but
<hallyn_> bug
<hazmat> hallyn_, it was btrfs, just not a subvolume from lxc-create without the -B, what's also interesting is the implicit behavior with lxc-clone -s, its not the dedup, it is must be taking some form of snapshot i think as it completes in roughly the same time as a subvolume snapshot (0.09s)
<hazmat> but whatever form that is, doesn't get reported by btrfs-progs in saucy (currently building git head of those just to compare)
<yeti_> z
<figuringout> im trying to set up a ubuntu server for about 20 kids -- i want them to be able to ssh in, and make basic HTML pages. i have their usernames created -- how do i enable ssh for each one of them?
<chilicuil> figuringout: if they've an account in the system, ssh should work out of the box, make sure to install openssh-server
<basil_> Hi guys would anyone be able to help me troubleshoot using x11vnc to get access to a GUI on Unbuntu 12.04 from XenServer 6.2?
<jamespage> yolanda, well everytime you need to display that info you have todo an exec which is quite expensive on Java virtual machines
<yolanda> jamespage, a better alternative should be to parse the /etc/os-release file?
<jamespage> yolanda, I was trying to think of a way todo it in the init script and pass it in as a system property
<jamespage> "-Ddistribution=ubuntu"
<jamespage> that way its set dynamically on startup - but is then an in-memory read from that point onwards
<yolanda> so pass this var in the makefile?
<jamespage> yolanda, no - I'd look for a named system property in the Java code, and pass that in the tomcat7 init script
<jamespage> if it does not exist, then revert to current behaviour
<yolanda> well, we have the os.name but it should populate "Linux", setting that to Ubuntu could affect behaviour, right?
<jamespage> no - use a new property
<jamespage> yolanda - its trivial to set them on startup in the init script
<jamespage> other things might rely on os.name
<jamespage> and os is really owned by the JVM so you won't be able to change it anyway
<yolanda> ok, reading about that because i didn't know this about java, i see
<jamespage> yolanda, I'd probably add it to JAVA_OPTS in the catalina_sh function in the init script
<yolanda> jamespage, cool, i'll work on it
<jamespage> yolanda, great -thanks!
<yolanda> thx for the advice
<yolanda> jamespage, trying same build of couchdb for saucy
<yolanda> jamespage, it's problem with trusty, with saucy builds fine
<jamespage> utlemming, just looking at the walinuxagent proposals in the sponsoring queue - do they need to go to saucy still? or is trusty sufficient?
<jamespage> need todo the SRU dance if saucy is required.
<yolanda> jamespage, trying the tomcat patch. I pass to it properly: /usr/lib/jvm/default-java/bin/java -Djava.util.logging.config.file=/var/lib/tomcat7/conf/logging.properties -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager -Djava.awt.headless=true -Xmx128m -XX:+UseConcMarkSweepGC -Dos.distribution_name=Ubuntu -Djava.endorsed.dirs=/usr/share/tomcat7/endorsed -classpath /usr/share/tomcat7/bin/bootstrap.jar:/usr/share/tomcat7/bin/tomcat-jul
<yolanda> i.jar -Dcatalina.base=/var/lib/tomcat7 -Dcatalina.home=/usr/share/tomcat7 -Djava.io.tmpdir=/tmp/tomcat7-tomcat7-tmp org.apache.catalina.startup.Bootstrap start
<yolanda> but then using System.getProperty("os.distribution_name") in code returns null
<yolanda> am I doing something wrong there?
<jamespage> yolanda, you can't use os prefix
<jamespage> its reserved I think
<yolanda> catalina should be ok?
<yolanda> or just use something not prefixed?
<jamespage> I'd do that - not prefixed
<jamespage> distribution.name
<yolanda> ok, let me try this
<jamespage> that's java-ish
<yolanda> annoying thing of tomcat is that it takes ages to rebuild
<yolanda> jamespage, also dealing with couchdb that's written on erlang. Do you know if os::getenv("DISTRIBUTION") should work, if passing that as env var in makefile?
<jamespage> yolanda, it depends when that call is made
<jamespage> yolanda, if its runtime then that won't work
<jamespage> if its build time that should be OK
<psivaa> yolanda: jamespage: is ^ your discussion any chance related to tomcat daemon not running in the trusty server images? and making the smoke failures?
<jamespage> psivaa, its not - but that sounds important as well!
<psivaa> jamespage: ok, then i'll report a bug for that
<jamespage> psivaa, please do
<yolanda> jamespage, build time
<yolanda> so jamespage, something is wrong with our approach for Tomcat:-Ddistribution.name=Ubuntu - but then System.getProperty("distribution.name") returns null
<yolanda> i think that this var needs to be defined in catalina.sh script
<hallyn_> hazmat: ok, looking at the code, I have a vague recollection this was by design.  If you say 'lxc-create -B best' then it will use btrfs if detected, but if you don't specify -B at all, it uses dir.
<hallyn_> hazmat: note we *used* to always autodetect.  I'd have to check mail archives to remember why it was changed
<hallyn_> (Of course -B btrfs works too, but -B best lets you fall back to dir if you're not sure whether you'll be on btrfs)
<psivaa> jamespage: the reason for tomcat server issues in the smoke is http://bazaar.launchpad.net/~ubuntu-core-dev/ubuntu-seeds/ubuntu.trusty/revision/2183 according to cjwatson
<jamespage> psivaa, hmm - I thought doko was holding off on doing that
<psivaa> jamespage: do you still need a bug? and if yes against what pkg?
<jamespage> tomat7 please
<jamespage> with a c tho
<psivaa> ack :)
<psivaa> jamespage: bug #1252290
<uvirtbot> Launchpad bug 1252290 in tomcat7 "tomcat7 is disabled in the trusty server seeds starting from 20131115.1" [Undecided,New] https://launchpad.net/bugs/1252290
<psivaa> bug 1252290
 * jamespage waves at roaksoax
<roaksoax> jamespage: \0/
<jamespage> that was energetic
<roaksoax> ok, so merging kombu and by default is using librabbitmq for amqp instead of python-amqp
<roaksoax> so is this something we want to carry/make default
<jamespage> roaksoax, unless there is a good reason not to we should upstream align
<roaksoax> jamespage: yeah, just making sure we are not gonna affect openstack for some reason
<roaksoax> jamespage: i do think however, its use with kombu doesn't have ssl support
<zul> jamespage:  well that sucks
<zul> jamespage:  spent an hour with a broken nova testsuite on trusty (needed a newer migrate)
<zul> jamespage:  https://code.launchpad.net/~zulcss/nova/nova-trusty/+merge/195620
<jamespage> rbasak, zul, roaksoax, adam_g, smoser, yolanda: my find for the start of this cycle is dh-automake
<zul> jamespage:  yeah you told me :)
<jamespage> zul, I like to go on about stuff I like
<zul> jamespage:  hehe
<roaksoax> jamespage: doc pointer? :)
<jamespage> zul, re the MP above - trying to understand the impact of it
<zul> jamespage:  dropping of xcp?
<jamespage> roaksoax, apt-get install dh-autoreconf && man dh_autoreconf
<jamespage> roaksoax, http://manpages.ubuntu.com/manpages/trusty/en/man1/dh_autoreconf.1.html
<rbasak> jamespage: looks handy. Thanks!
 * rbasak gave up with dh-make years ago
<jamespage> rbasak, save the manual 1000's of line of autoreconf patch that is sometimes required (I used this for openvswitch)
<roaksoax> jamespage: yeah i meant more in the way of howto's or transition docs :)
<rbasak> jamespage: I use dh-autoreconf for that
<roaksoax> but yeah I saw dh_autoreconf efore and I think at least one package i touch used it
<rbasak> jamespage: I'm sure you must have sponsored my use of dh_autoreconf before :)
<jamespage> rbasak, yeah - sorry - I mean dh_autoreconf - not dh-automake
<jamespage> doh!
<jamespage> rbasak, probably but that is details....
<jamespage> :-)
<rbasak> :)
<jamespage> roaksoax, better guide - http://manpages.ubuntu.com/manpages/trusty/en/man7/dh-autoreconf.7.html
<roaksoax> jamespage: i've seen it been used before
<jamespage> jacalvo, hey - zul is working on poking samba @ 4.x into trusty, but its making zentyal uninstallable right now which is blocking migration to the release pocket
<jamespage> jacalvo, are you guys still actively maintaining package in distro? if so could you take a look and see
<jacalvo> jamespage, mmm, the problem is that the zentyal packages in universe are still using samba 3
<jacalvo> and the newer versions of zentyal that use samba4, are using a custom build of samba4 with bundled libraries...
<jacalvo> so I'm not sure which is the proper solution here
<jamespage> jacalvo, so the samba4 package will be disappearing - samba is/has been bumped to 4.0.something already
<jamespage> jacalvo, we need to unblock the migration - is this something you can work out in the short term? or should we remove zentyal from archive until you come up with a fix
<jamespage> ?
<jacalvo> jamespage, let me discuss this with the zentyal devs, I'll get back to you with news as soon as possible ;)
<jamespage> jacalvo, thanks - much appreciated!
<jacalvo> jamespage, so, the removal would be only from the trusty archive, right?
<jamespage> jacalvo, yes - thats correct
<jamespage> and we can re-introduce later once you have stuff sorted
<jacalvo> I think it's the safest option, we can guarantee a fix in the short term, because currently we depend not only on a custom samba4 package, we also have patched versions of bind9 and openldap :(
<jacalvo> s/we can/we can't/
<jacalvo> first thing to do would be to try to introduce those patches upstream and make it work with the non-bundled version of samba
<jamespage> jacalvo, agreed - OK - I'll request removal
<jacalvo> thanks!, and sorry for the inconvenience
<jacalvo> jamespage, anyway, maybe removing zentyal-samba is enough
<jamespage> jacalvo, np - its all just part of the dev cycle :-)
<zerick> Hi folks, any CPU stressing or benchmarking tool that you could recommend?  :)
<jamespage> zul, re the xcp removal stuff
<jamespage> I think running XCP on Ubuntu is not worth holding onto
<jamespage> but running against remote XenServer probably is
<jamespage> but thats the same model as VMware - for which we need a no-op hypervisor package for if that makes sense?
<zul> jamespage:  right but it doesnt get tested and we dont really know what state the package is in
<jamespage> zul, does it rely on the xcp packages?
<zul> jamespage:  it does
<zul> jamespage:  im more risk adverse for ltses
<DWSR> Anyone know of a Growl server that doesn't require x11? I just want a central location to forward/receive all my notifications to/from and the box in question is headless.
<jamespage> zul, OK - I don't think we need todo anything explicit anyway
<yolanda> jamespage https://code.launchpad.net/~yolanda.robla/ubuntu/trusty/tomcat7/add_distribution_static/+merge/195641
<yolanda> finally got it, i needed to take some fresh air and see it from another point of view
<yolanda> so i was testing the output locally with lynx, then i could not see the version in the footer, but with a normal browser i was able to test it
<jamespage> yolanda, \o/
<sarnold> zerick: compiling the biggest packages you can get your hands on is a decent way to stress a machine. it'll involve disk IO, memory IO, CPU churning.. I've found a lot of machine check exceptions on hardware an hour or two into a large compile -- on hardware I thought was problem-free for a few years.
<harsh> hello all. iwant to learn development of office purpose applications for ubuntu
<harsh> such that they shud work in lan
<patdk-wk> well, you are suppost to change your thermalpaste and remove the dust every few years :)
<harsh> which language shud i choose?
<harsh> for developing?
<sarnold> patdk-wk: I never noticed any thermal correlation, and I didn't want to get my hands goopy :)
<patdk-wk> heh, you don't do it enough, if you get it on your hands :)
<sarnold> patdk-wk: indeed. thanks to you and jeffpc, I spent the weekend looking at used thumpers on ebay and trying my best to justify buying myself such a beast... luckily for me, it looks like they require 220 AC input, which is enough hassle to keep me from "testing it out" :)
<patdk-wk> I just got my home rack fully functional
<sarnold> harsh: depending upon what you're trying to accomplish, that might be progamming a web application in ruby on rails or django or tomcat (eww java) -- or it might be programming "native" desktop clients using Qt or GTK with e.g. QML or Python or C++ or C or whatever you like. There's plenty of choices, maybe too many. :)
<patdk-wk> have 10gbe and 5x1gbe going to it, and two 240v@30amp power outlets
<sarnold> patdk-wk: ooh, 10gbe *drool*
<patdk-wk> ya, looking at going 40gbe at the datacenter
<patdk-wk> pricing of 10gbe vs 40gbe really isn't an issue
<patdk-wk> seems driver support is more an issue
 * patdk-wk wants sub .2ms network :)
<patdk-wk> or was that sub .2us
<patdk-wk> atleast I believe dropping network latency by tens of times, will make nfs work even better :)
<sarnold> patdk-wk: what kind of system do you use for your nas?
<harsh> sarnold: ok
<patdk-wk> dual e5649, with 20x1gig disks and 4 ssd cache drives
<sarnold> patdk-wk: I looked int othe backblaze stuff a little bit but was shocked they used 5-port expanders. I'm sure it's a great tradeoff for them, but seems less good for a smaller, hotter system
<patdk-wk> well, they have no data turnover
<sarnold> mmm, hexacore :)
<patdk-wk> everything will go a max of 200MB/sec for them
<sarnold> right. most of their systems are going to be idle most of the time, as far as I can guess.
<patdk-wk> well, not idle, but processing like 10mbit/sec :)
<sarnold> and 8 gigs of ram feels like penny pinching :)
<patdk-wk> heh, not really
<patdk-wk> my enterprise windows backup software, will only use 4gigs of ram
<patdk-wk> I have installed 32gigs of ram, cause I couldn't actually but the system with less
<sarnold> granted on their scale, pennies need to be pinched. but it doesn't feel like much left over after the buffer cache eats most of it
<patdk-wk> the buffer cache is pointless for them
<patdk-wk> they won't be rereading data
<sarnold> patdk-wk: well, sure, but that's windows land, where 3.5 gigs is the limit. hehe.
<patdk-wk> normally for them, data comes in, data gets stored
<patdk-wk> the only reading that should be happening is fs metadata
<patdk-wk> and that should be pretty small
<sarnold> again anothr decision that works out okay for them.. :)
<sarnold> patdk-wk: did you build your machine from parts? or buy a pre-made or mostly-pre-made system from somewhere? :)
<patdk-wk> both
<patdk-wk> currently, I'm going premade case + mb
<patdk-wk> and the rest custom
<patdk-wk> having a hard time to pick what I want for my new esx servers
<patdk-wk> 2u server, or a twin 2u server
<patdk-wk> the twins lack ram slots :(
<sarnold> :(
<sarnold> but otherwise that seems impressive density
<patdk-wk> and power savings
<patdk-wk> and still gives me 3 slots
<patdk-wk> a 2u per server, while optimal, is more slots/disks/... than needed for esxi
<patdk-wk> but great for standalone workhorses
<harsh> patdk-wk:  sorry to interrup ..hve been following the discussion..2u?
<patdk-wk> 2 units
<patdk-wk> http://en.wikipedia.org/wiki/Rack_unit
<harsh> patdk-wk: ok
<harsh> patdk-wk: thx for the link..wat is the overall capacity of the NAS u have built
<patdk-wk> just 9tb at work, only using 3tb
<patdk-wk> at home, running 13tb usable
<harsh> ok
<harsh> patdk-wk: i have worked for 2 yrs in NAS support
<patdk-wk> other one is made more for pure speed
<patdk-wk> it's running 6tb
<harsh> ok
<harsh> so u make these NAS urself
<patdk-wk> 6tb full of 300g disks in 3way mirrors
<harsh> ok
<harsh> is EMC market leader in Eu as well
<harsh> or its a different situation
<harsh> and do u do the NAS provisioning also
<harsh> for ur client
<patdk-wk> for my client?
<harsh> ok
<RoyK> patdk-wk: mdraid or zfs?
<sarnold> hey RoyK :)
<harsh> i thought u r hosting NAS boxes
<patdk-wk> roy, all zfs
<patdk-wk> harsh, yes, for *myself*
<harsh> patdk-wk:  thats gr8
<RoyK> patdk-wk: zfs on linux?
<patdk-wk> defently not
<RoyK> hehe
<RoyK> bsd
<RoyK> fbsd or illumos?
<patdk-wk> illumos, my own custom builds
<harsh> patdk-wk: did u modify the OS?
<harsh> for ur use
<patdk-wk> the kernel, yes
<harsh> ok
<harsh> patdk-wk: i have to learn it how shud i go about it
<harsh> how shud i start
<patdk-wk> learn what?
<harsh> learn to modify distros
<patdk-wk> heh?
<patdk-wk> that has nothing to remotely do with a distro
<patdk-wk> and hacking a kernel has nthing to do with a distro
<harsh> ok
<harsh> ok
<sarnold> harsh: I recommend reading Advanced Programming in the Unix Environment for everyone who wants to learn more about the internals. APUE is a fantastic introduction to the services provided by Unix-like operating systems. It would be difficult to learn kernel internals without knowing the interfaces exposed to userspace programs, and it is wonderful to know what is available easily vs what your programming environment -pretends- 
<harsh> sarnold: thx senior
<harsh> sarnold: also today i dwnlded the pdf for ubuntu server
<harsh> while configuring the server
<harsh> do i have to work on DM-server as well
<harsh> or i can skip it for now
<harsh> I am trying to installl a local server
<sarnold> harsh: what's the DM-server? (keeping in mind that I almost never actually see our installer..)
<harsh> ok
<harsh> ok
 * patdk-wk installs a lot, and dunno what dm-server is
<harsh> patdk-wk:  sarnold  ok
<harsh> patdk-wk:  sarnold:  ok
<harsh> ok thanks to both
<harsh> of u
<funkster> so i have a bash script thats run in xinetd on a port, its a simple echo scripts of heads, if i curl localhost:9999 is returns data, but if i curl it from outside, it just errors with no reply from host or connection reset by peer - here is the bash script, and xinetd script http://pastebin.com/Cyj3mayb - anyone have any insight?
<jParkton> I set up an ftp server but when I try to ftp in I get connection refused
<jParkton> 21 is open
<jParkton> how do I define users
<jkitchen> jParkton: depending on which ftpd you installed there are varying approaches, but generally you define users by giving people a unix account.
<jkitchen> you mention "21 is open" ... what do you mean by that?
<jParkton> my ftp port
<jkitchen> connection refused is generally "nothing is listening on this port, try again"
<jkitchen> yes, I know what port 21 is. what I'm saying is what do you mean by it's "open"
<jkitchen> if you're getting connection refused, chances are it's not "open"
<jkitchen> my definition of "open" is "something is listening on it"
<jParkton> root     20444 18235  0 15:51 pts/2    00:00:00 grep --color=auto ftp
<jParkton> it is running but I dont see it in netstat -a
<jkitchen> that's not an ftpd
<jkitchen> that's grep.
<jkitchen> what ftpd did you install, and how?
<jParkton> that is not an ftpd?
<jkitchen> no, that's grep
<jkitchen> 'ps aux | grep ftp'
<jParkton> hm
<jkitchen> is presumably what you did
<jkitchen> well, grep shows up in the process list
<jParkton> so that wont tell me if the process is running?
<jkitchen> it will
<jkitchen> but it will also tell you about grep
<jkitchen> :)
<jParkton> so that did not show me the ftp process was running?
<Pici> jkitchen: Did you install an ftp daemon, or are you assuming that Ubuntu came with one?
<Pici> jParkton: ^
<jParkton> I did apt-get install vsftpd
<jkitchen> jParkton: no, all that was was grep. there may have been other output, but I'm gonna assume that was the only line
<jParkton> and then I edited the vsftpd.conf
<jkitchen> jParkton: service vsftpd status
<jParkton> waiting
<jkitchen> it's not running. try starting it:
<jParkton> but I have restarted it twice
<jkitchen> service vsftpd start
<jkitchen> then check your logs, chances are your config is broken
<jkitchen> *or* maybe vsftpd has /etc/default/vsftpd and disables startup in there
<jkitchen> (which is likely)
<jkitchen> I don't have a scratch box handy or I'd install it to try
<jParkton> nothing in default
<Pici> I'd check the logs first.
<jParkton> nothing in logs
<jParkton> well nothing in /var/log/vsftpd.log
<blkperl> in saucy is gssd a new service that is required for nfs clients?
<blkperl> or is it only if your using kerby?
<blkperl> hmm maybe my issue is gssd refuses to start
<blkperl> because its disabled in /etc/default/nfs
<blkperl> so maybe saucy just wants it on?
#ubuntu-server 2013-11-19
<RoyK> hi7
<jkitchen> lo3
<RoyK> &
<RoyK> ?
<RoyK> Yeti_Sno: hi
<RoyK> kÃ¥te damer
<RoyK> hei
<RoyK> sg Xiaoqian hi
<Xiaoqian> RoyK: Hi
 * RoyK just can't wait for the chess game tomorrow
<thelamest> hi, if i do strings /dev/vda1 | grep something, is that equivalent to the best software undelete i can do? context: lost precious zone configuration
<ikonia> thelamest: this channel is for ubuntu support - not Centos 6.4 support, so please don't bring centos support here
<ikonia> thelamest: can you please confirm what distro this is on
<xnox> blkperl: i thought it's needed to be on from precise onwards.
<railsraider> hi i am trying to setup a custom prompt for all users , i put the PS1  in /etc/profile and it works if i source the file but not when i log out and back in
<ogra_> railsraider, did you read the file ?
<ogra_>     if [ -f /etc/bash.bashrc ]; then
<ogra_>       . /etc/bash.bashrc
<ogra_>     fi
<railsraider> i need to set it for all users
<ogra_> edit it there
<railsraider> somehow it gets override
<railsraider> i tried
<railsraider> only if i delete the users bashrc file it works
<ogra_> you said you edited /etc/profile
<railsraider> i have 30 users and creating new users
<railsraider> i tried that too
<railsraider> im not sure where i can set it for all users and for new users that will be created
<railsraider> i think that the local bashrc is setting its own PS1 after .bash.bashrc is loaded
<ogra_> well, ~/.bashrc gets copied from /etc/bash.bashrc on first login
<railsraider> always?
<ogra_> no
<ogra_> only when the user is new
<railsraider> ok
<railsraider> so that solves a new user
<railsraider> what about existing
<ogra_> for the existing ones you will likely have to script something to update their files
<railsraider> no other way around?
<railsraider> i can do that with  chef
<jdstrand> jml: Ubuntu prefers to ship the ufw profiles in the package that provides the service. deluge in Ubuntu does not currently ship a ufw profile
<jml> jdstrand: thanks. I guess this creates an opportunity for packagers to forget to include profiles.
<jdstrand> it does
<jdstrand> fyi, http://bazaar.launchpad.net/~jdstrand/ufw/trunk/view/head:/profiles/ufw-bittorent if you need it
<jdstrand> zul: hey, fyi, bug #1252722
<uvirtbot> Launchpad bug 1252722 in apache2 "apache2 ships ufw profile in wrong location" [Undecided,New] https://launchpad.net/bugs/1252722
<zul> jdstrand:  doh!
<jamespage> zul: your nova merge for icehouse - is that against master branch upstream?
<zul> jamespage:  it is
<zul> jamespage:  builds fine locally after you update sqlalchemy-migrate
<jamespage> zul, http://paste.ubuntu.com/6442884/
<zul> jamespage:  erm
<zul> jdstrand:  fixed
<jdstrand> zul: thanks!
<NaGeL> hello i seemt to got an issue with my mail server i configured like this told me https://www.exratione.com/2012/05/a-mailserver-on-ubuntu-1204-postfix-dovecot-mysql/ and seems like my mail server becomea spam server.
<NaGeL> and my mysql connections are maxed out as welll
<zul> jamespage:  http://bugs.python.org/issue19570
<jamespage> \o/
<NaGeL> can someone help me make my server  a nota sam servr and secure it against it?
<patdk-wk> nagel, use better instructions
<patdk-wk> those instructions tell you do to stuff that has never been recommended and is 10years out of date
<NaGeL> ugh.. than how should i set up my mail server?
<patdk-wk> dunno, don't know what you hvae now, and if you followed those instructions, they are really killing a lot of your diagnostic tools
<NaGeL> i folowed that so i have that
<NaGeL> but right now dovecot and postfix is turned of due to that  its spams andkills my mysql
<NaGeL> and I'm new to this server stuff( i got a VPS) so i dont think i havea diagnostic tool on it.. i installed webmin and Awstats thought.
<patdk-wk> it kills mysql?
<patdk-wk> how much ram do you have on that vps?
<NaGeL> by killing i mean it fills up all the connection to the mysql.
<NaGeL> and i increaded the max connections to 300 with mysql
<NaGeL> and it it eat t up in a few minutes
<NaGeL> with sleeping connections
<RoyK> staniel25: hi
<nerdcore> I've just installed cyrus-common2.4 and it does not have an init script, and neither does cyrus-imapd2.4. How do I *run* the cyrus IMAP server?
<izanagisan> hi all. I have an UbuntuServer IBM x3650 and one of its hard drives on RAID 5 failed
<izanagisan> I have a spare which is brand new (not formatted)
<izanagisan> do you think I can just hot-swap the drives and the RAID controller will take care of everything?
<izanagisan> more importantly: will the operating system just keep working normally?
<Free99> hi everyone, I am in the process of setting up a KVM system so that my CS students can experiment with linux for the first time without having to change their personal system. Because this is run on a school server, I need to limit what they can do with their VM on the network
<Free99> I was thinking of setting some iptables rules where traffic is allow to flow in to the VMs which are on the KVM's userspace net, but no traffic other than their current connection via SSH is allowed out
<Free99> trouble is, I cannot figure out the iptables rules. anyone have any pointers?
<xnox> izanagisan: depends if it is hardware, software or fake array, and if your server configured to have it hot-swappable. if it has already failed, pulling & plugging in new one should work.
<xnox> izanagisan: i don't know if it notice that it is "now fresh', it would probably need to be readded into the array.
<izanagisan> xnox: just came from server room
<izanagisan> it's hardware RAID
<izanagisan> and it seems like it accepted the disk (it's the same size and brand as the others) and immediately started to synchronize it with the array
<izanagisan> : )
<izanagisan> operative system didn't feel a thing. Webserver and other services are up
<Shockwave> Hi!
<Shockwave> how mount in server asterisk for the practice =??
<Shockwave> how mount in server asterisk for the practice =??
<Shockwave> how mount in server asterisk for the practice =??
<Shockwave> how mount in server asterisk for the practice =??
<Rory> Shockwave: Could you re-phrase that question, I don't think it makes sense
<Rory> Shockwave: Also, asking once would have been enough, no need to spam
<bean> Rory: he was spamming like that in #ubuntu too.
<Shockwave> Rory: chupamelaaaaaaaaaaaaaaaaaaaaaa
<Shockwave> Rory:  cueco,
<Shockwave> Rory: gay
<bean> Shockwave: this is an english language channel.
<Rory> bean: I know he was
<makara> apparently the tun kernal module is standard for 12.04, but I don't seem to have it. How to install/load it?
<rbasak> makara: it should get loaded automatically on first use. Are you sure you're using an official kernel, rather than a VPS provider's one? What does "uname -r" say?
<makara> rbasak, I'm using a VPS one
<makara> rbasak, what does that mean about it?
<makara> I'm worried now
<rbasak> makara: some VPS providers use their own kernel as a requirement on their virtualisation platform. Eg. I get the impression that providers using virtuozzo do this, though I'm not sure that it is a requirement.
<rbasak> makara: if they do, then provision of kernel modules is up to them.
<rbasak> makara: it might be worth you testing your situation on a local virtual machine or on AWS or something. If you can do it there, but not on your VPS, then you should raise the issue with your VPS provider.
<rbasak> If it does turn out to be a VPS provider issue, then the concept of that provider providing "Ubuntu" is also dubious IMHO.
<makara> rbasak, i thought modules could be loaded after startup
<makara> is that not the case?
<sarnold> iirc, module loading can be blocked after boot..
<rbasak> makara: they can, but Ubuntu ships modules that are built to work with the kernel that they ship. If your VPS provider does something custom, then they need to ship you your modules.
<makara> sarnold, how can I test?
<sarnold> makara: hrm, the only idea I've got off the top of my head is to do something like install lttng and run 'sudo lttng list -k' to list kernel probe points...
<sarnold> makara: though that's kind of ugly.
<makara> where is the kernel config file kept?
<sarnold> makara: normally /boot/config-`uname -r`
<sarnold> makara: it can be compiled into the ernel in /proc/config.gz but that is less common
<makara> i don't see it either place
<makara> boot is empty
<sarnold> you might be in a container rather than a VM..
<makara> i have access to SolusVM control panel
<makara> I've been alerted to the TUN/TAP checkbox on the panel
<makara> which is enough for me
<sarnold> woo
<pmatulis> enterprise desktop often interests server folks.  http://summit.ubuntu.com/uds-1311/meeting/21972/ubuntu-enterprise-desktop-roundtable/
<RoyK> hadde vÃ¦rt moro Ã¥ sett hva malin faktisk klarte Ã¥ gjÃ¸re nÃ¥
<jcastro> hey utlemming
<utlemming> jcastro: yo
<jcastro> why not just reuse the "hwe" term for cloud init? Since that term is already understood I was thinking it might be something to think about
<jcastro> the behavior seems to be mirroring what hwe is
<utlemming> jcastro: cwe was choosen to differentiate that it not for hardware but cloud. We modeled it after HWE FWIW
<jcastro> yeah I was just wondering why call it something else, it's basically hwe
<utlemming> mostly because we don't want to conflate cloudware with hardware
<jcastro> I like the idea you've proposed, +1
<jcastro> fair enough
<tc0nn_> On CentOS, if you build a box manually (non-automated) you get to keep a copy of the kickstart file. Does Ubuntu keep a copy of the recipe used so you can automate it later? Trying to get my custom partman config working...
 * tonyyarusso is being super confused by Amanda
<tonyyarusso> I don't understand the definitions for the tape changer stuff.
<RoyK> tonyyarusso: hehe
<tonyyarusso> RoyK: The docs are all like "yeah, tape tape tape!", and then the examples are vtapes on disk...
<Beatstreet> what's the best way to empty dmesg and syslog ?
<RoyK> x4
<RoyK> c4
#ubuntu-server 2013-11-20
<tc0nn_> Beatstreet: logrotate
<tc0nn_> or move the file, restart rsyslog
<sond> Howdy all.. has anyone here installed ScriptCase manually on a headless Ubuntu Server ?
<sond> * installed ScriptCase on a headless Ubuntu Server
<ancaster> Hi! I have a server with an external USB backup drive (flakey, I know). I'd like to mount it somehow so if the drive is removed, my backups don't fill up the disk where the mount point is.
<jkitchen> anyone else have issues with ganglia-monitor and upstart on 13.04?
<jkitchen> I would assume I need to have daemonize = no in gmond.conf for upstart
<jkitchen> but starting, stopping, whatever is just hanging there doing seemingly nothing.
<Carbon_Monoxide> Hi! I use USB thumb to install Ubuntu Server. The installation screen freezes on 'Language Selection' after I chose 'Basic Server Install'. It shows the language list but I can't move the highlight.
<Rory> Carbon_Monoxide: Do you have access to a PS/2 keyboard instead of USB?
<Carbon_Monoxide> Rory: Not yet. This is what I'm going to try tonight after I read one of the question in Stackoverflow
<Carbon_Monoxide> Rory: I was using a Thinkpad USB keyboard which is not really common. It has a trackpoint on it.
<Rory> I think there's some sort of bug with USB keyboards
<Rory> I remember reading one shortly after 13.10's release, but I can't remember what all the affected systems had in common, besides using a USB keyboard
<Carbon_Monoxide> Rory: Thanks for the hint!
<jamespage> rbasak, you got these on your list for merging? - http://paste.ubuntu.com/6447537/
<TazmainianDevil> hi all I need some help with running a program that is similar to git at startup.
<TazmainianDevil> I am having a problem with perforce I am running ubuntu 12.04 when I put the command /Perforce/p4d in the /etc/rc/local file the server starts but it does not start correctly. As in I cannot access the server although it is running. When log into the server and cd /Perforce and then ./p4d it works perfectly.
<gyre007> guys....when I use --verify-passphrase can I still use /etc/crypttab to automatically mount encrypted device on boot ? ie does it have any effect on crypttab ...I dont want to be entering password on every boot...
<TheOsprey> Hi all
<makara> do I need to restart an EC2 instance if I've added a port to the security group it is part of?
<rbasak> jamespage: they're both on the report. I will look at them, but probably not for a couple of weeks. yolanda: is https://code.launchpad.net/~yolanda.robla/ubuntu/saucy/libnss-ldap/debian_merge/+merge/174993 relevant here? Was that supposed to have landed?
<mardraum> makara: no, just apply the change to the security group.
<yolanda> rbasak, that's merge i did on summer and was approved, wasn't landed in the package?
<yolanda> i don't have permissions to do it, but i assumed it landed
<mardraum> makara: the security group is like a firewall in front of your instance, it has nothing to do with the instance itself.
<rbasak> yolanda: I don't think it did: https://launchpad.net/ubuntu/+source/libnss-ldap
<makara> mardraum, so it should be instantaneous?
<mardraum> when you apply the change, yes
<makara> because nmap shouldn't show the port I just opened
<mardraum> perhaps nothing is listening our your connection is filtering outbound to it?
<makara> when I nmap localhost from ssh it shows the open port
<yolanda> rbasak, looks strange. version in trusty i see is 264-2.2ubuntu4, but version in my MP is (264-2.5ubuntu1. Not only my change, but some others are missing then
<makara> minus the ports 110 and 21
<zul> jamespage:  i get to use dh_autoreconf today lucky me
<jamespage> zul,\o/
<makara> holy cow
<makara> mardraum, corporate firewall was blocking my nmap scan to that port
<makara> is there a script I can run to check which ports my firewall is blocking?
<Novato__> Hi people
<Novato__> i have big problem in my server ubuntu 12.04 : Not found Apache/2.2.22 (Ubuntu) Server at 192.168.5.188 Port 80
<Novato__> I canot enter to asterisk and zoneminder because always i have this error Not found Apache/2.2.22 (Ubuntu) Server at 192.168.5.188 Port 80
<Rory> Novato__: Where are you seeing that error?
<Rory> Novato__: Are there any errors in the apache error logs?
<Novato__> in my server ubuntu example: I want enter to zoneminder: http: ip/zm  =  Not found Apache/2.2.22 (Ubuntu) Server at 192.168.5.188 Port 80
<Novato__> Http:ip:8088  (asterisk)   =  Not found Apache/2.2.22 (Ubuntu) Server at 192.168.5.188 Port 80
<Novato__> Rory: is apache
<Novato__> ohh! so can repair this
<Novato__> IÂ´m  new in this
<Novato__> but I want to learn
<Rory> Novato__: That is probably a 404 error (page not found)
<Novato__> i want ubuntu because is the best
<Novato__> Rory:  helpm me please!
<Rory> Novato__: You say you're going to http://ip/zm - did you already configure zoneminder under a directory called "zm" ?
<Rory> Novato__: Can you please paste your apache error log files (found in /var/log/apache2)
<Rory> !paste
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imagebin.org/?page=add | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<Novato__> yes! iÂ´m installed zoneminder
<Novato__> Rory: http://paste.ubuntu.com/6448414/
<Rory> Novato__: Can you please paste your apache error log files (found in /var/log/apache2)
<Rory> Novato__: That what you showed me was an error from some web browser
<Novato__> ok! iÂ´m in my server
<Rory> Novato__: I need you to run "sudo apt-get install pastebinit"
<Novato__> in my server==??
<Novato__> why=?
<Rory> well i want you to pastebin your apache error logs
<Rory> I don't care how you do it lol
<Rory> That's just the easiest way
<Novato__> Rory:  ok
<Rory> Novato__: so a quick way to do that is this command
<Rory> sudo sh -c 'cat /var/log/apache2/*error*' | pastebinit
<Novato__> Rory: so first sh -c
<Novato__> wait please
<Rory> No, this whole command, copy and paste it
<Rory> that entire line:
<Rory> sudo sh -c 'cat /var/log/apache2/*error*' | pastebinit
<Novato__> my server not respond
<patdk-wk> if I get asked to witelist 10.10.x.x one more time!
<Novato__> Rory: http://imagebin.org/278036
<Rory> Novato__: i need the paste.ubuntu.com url that is produced by running the command above
<Novato__> Rory: http://paste.ubuntu.com/6448414/
<Novato__> this is error
<Rory> Novato__: I can't help you any more without that information
<Novato__> Rory:  but this is error:
<Novato__> Opera's connection attempt to 192.168.5.188 was rejected. The website may be down, or your network may not be properly configured.
<Rory> Novato__: Please can you install the "pastebinit" program (sudo apt-get install pastebinit) and then show me your Apache error logs with the command: sudo sh -c 'cat /var/log/apache2/*error*' | pastebinit
<Novato__> The requested URL /zm was not found on this server.  Apache/2.2.22 (Ubuntu) Server at 192.168.5.188 Port 80
<Rory> OK I'm done here :)
<Novato__> Rory: iÂ´m used wuindouxxxx
<Novato__> in my laptop
<Novato__> my server is ubuntu 12.04
<Novato__> Rory: http://paste.ubuntu.com/6448414/
<Novato__> Rory:  http://paste.ubuntu.com/6448475/
<Novato__> i canot enter to y softwares in my server ubuntu 12.04
<makara> why does htop show multiple PIDs for mysql for example
<Rory> makara: because it spawns multiple child processes
<ogra_> makara, it shows one line for each thread by default
<Rory> ogra_: Is that the case?
<Rory> ogra_: I thought they were actual real UNIX processes?
<ogra_> makara, go into the htop settings and disable userlan threads in the display options
<Novato__> Rory:  so=??
<Novato__> help me o no=?
<makara> ogra_, how to edit htop settings?
<Rory> Novato__: Please can you install the "pastebinit" program (sudo apt-get install pastebinit) and then show me your Apache error logs with the command: sudo sh -c 'cat /var/log/apache2/*error*' | pastebinit
<Rory> Novato__: Do the above on your server
<makara> ok
<ogra_> makara, see at the bottom ... "setup"
<Novato__> Rory: http://paste.ubuntu.com/6448508/
<Novato__> Rory: check the web =?
<Rory> ok Novato__ so I can see when you browse to "http://yoursite/zm" then Apache is looking in the folder /var/www/zm but that doesn't exist.
<makara> ogra_, should 8 Apache2 workers still be showing, cos I see them
<Rory> Novato__: how did you install zoneminder, were you following a guide?
<Novato__> Rory:  iÂ´m used guide for the other server is ok
<ogra_> makara, well, it will only switch off threads, if there are separately started processes they will indeed show
<Novato__> is teh same guide
<Rory> Novato__: Could you link me the guide so I can see?
<Novato__> Rory: http://www.zoneminder.com/wiki/index.php/Ubuntu_Server_12.04_64-bit_with_Zoneminder_1.25.0_the_easy_way
<Rory> Novato__: Did you follow every step? Could you please run the command "pastebinit /etc/apache2/conf.d/zoneminder.conf"
<Novato__> the diferent in the guide in the step of IP
<Rory> It looks like you probably missed at least one step. ignore IP
<Novato__> because my ip is dhcp not is IP
<Rory> yes that isn't the problem here
<Rory> The problem is that apache has no idea where zoneminder is. Can you run that command above so I can see the apache config file for zoneminder?
<Novato__> Rory:  tell me the command for repair the apache
<Novato__> o check the apache
<Rory> "pastebinit /etc/apache2/conf.d/zoneminder.conf"
<Novato__> Rory:  I dont have nothing
<Novato__> all is black jejeje
<Rory> Novato__: OK then you have missed a step from the tutorial
<Novato__> Rory: v
<Novato__> any words or numbers
<Rory> Novato__: It looks like you ran the command: ln -s /etc/zm/apache.conf /etc/apache2/conf.d/zoneminder.conf
<Rory> Novato__: But you need to run that with sudo, like this: sudo ln -s /etc/zm/apache.conf /etc/apache2/conf.d/zoneminder.conf
<Rory> and then "sudo service apache2 reload"
<Novato__> Rory:  http://paste.ubuntu.com/6448553/
<Novato__> this is ok!
<Rory> Novato__: Ok so now does it work?
<Novato__> wwwwwwwwwwwwwwwwwwwwwwwuuuuuuuuuuuuuuuuuuuuuuuuuuuueeeeeeeeeeeeeeeeeeeeeeeeeeee
<Novato__> yupi congratulations
<Rory> !yay
<ubottu> Glad you made it! :-)
<Novato__> Rory:  thnaks boy
<Novato__> thanks
<Novato__> wue wue
<Novato__> ;)
<Novato__> gracias!
<Novato__> danke!
<Rory> No problem
<Novato__> Rory:  so the asterisk is same
<xpistos> hey all. is there some way I can lighten the load on my home server. when I ssh in it says the load is higher than 2.0?
<Rory> Novato__: What is that?
<Rory> Novato__: again, you need to make sure there is a configuration file for it
<Novato__> ok! the asterisk I can install all ok but
<Novato__> error 404 dont found
<Rory> xpistos: if you run the "top" or "htop" commands do you see any processes using a high CPU% ?
<Novato__> the same error of zm
<Rory> Novato__: Are you following a guide to install it?
<Novato__> yes
<Novato__> wait please
<Novato__> Rory:  http://www.joseschenone.com.ar/2012/11/instalacion-de-asterisk-en-10-sobre.html
<Novato__> Rory:  if do you have other web site best that this !
<xpistos> Rory: init
<Novato__> o best guide!
<Rory> Novato__: Asterisk has its own web server it doesn't use apache. You need to go to http://yoursite:8080 not http://yoursite/8080
<Novato__> yes! mi http:ip/8088
<Novato__> Rory:  The requested URL /8080 was not found on this server.
<Novato__> Rory:  Apache/2.2.22 (Ubuntu) Server at 192.168.5.188 Port 80
<Rory>  You need to go to http://yoursite:8080 not http://yoursite/8080
<Rory> That is a : not a /
<Novato__> Rory: This webpage is not available
<Novato__> Rory: The connection to 192.168.5.188 was interrupted.
<Novato__> same
<xpistos> Rory: Also Landscape jumps ump and down as well
<Rory> Novato__: "sudo service asterisk restart"
<Novato__> : o with /
<Novato__> same error
<Rory> Novato__: What is the output of "sudo service asterisk restart" ?
<Novato__> Rory: http://paste.ubuntu.com/6448592/
<Rory> Sorry Novato__ it is http://ip:8088
<Rory> Novato__: From the guide: Para acceder al panel de administraciÃ³n web, ingresamos a http://ip_del_servidor:8088
<Rory> Novato__: You can see what port it is using by editing the file /etc/asterisk/http.conf
<Novato__> Rory:  hablas espaÃ±ol=?
<Rory> No
<Rory> !es
<ubottu> En la mayorÃ­a de los canales de Ubuntu, se habla sÃ³lo en inglÃ©s. Si busca ayuda en espaÃ±ol entre al canal #ubuntu-es; escriba "/join #ubuntu-es" (sin comillas) y presione intro.
<Novato__> ubottu:  no hablo contigo
<ubottu> Novato__: I am only a bot, please don't think I'm intelligent :)
<Novato__> ubottu:  family of kubot ahhhhhhhhhhhhhhh
<ubottu> Novato__: I am only a bot, please don't think I'm intelligent :)
<Novato__> Rory:  nothing
<Novato__> Rory:  iÂ´m reinstal astrisk ok
<Novato__> asterisk
<Rory> Novato__: "pastebinit /etc/asterisk/http.conf"
<Novato__> ok
<Novato__> Rory: http://paste.ubuntu.com/6448640/
<Rory> Novato__: i suppose you could try reinstalling asterix
<Novato__> Rory:  check the web of pastebin
<Rory> yes Novato__ I saw that
<Rory> Novato__: Can you double-check you are typing it properly, go to http://ip:8088
<Novato__> Rory:  so reinstall asterisk
<Novato__> how eraser the asterisk
<Novato__> because canot reinstall
<hispeed67> anybody know if there has been any success with wnda3100 v2 usb wireless working?
<Novato__> Rory: if install asterisk =  asterisk is already the newest version.
<Rory> Novato__: sudo apt-get install --reinstall asterisk
<Novato__> Rory:  you are genous
<Novato__> genious
<Novato__> jejeje
<Novato__>  ;)
<Rory> genius*
<Rory> And yes, yes I am
<Novato__> Rory:  in 15 minutes iÂ´m send the message
<Novato__> sotrry for my english
<Rory> it's OK
<Rory> try #ubuntu-es also
<gyre007> is it me or is LUKS simply BROKEN ?? https://gist.github.com/milosgajdos83/7565570
<gyre007> why is it giving me some NONEXISTENT UUID ?
<gyre007> arrghh
<xnox> gyre007: because symlinks are not updated by udev, when you reformat with cryptsetup?
<xnox> gyre007: and a new uuid is generated when you format it.
<xnox> gyre007: reboot and check again.
<gyre007> is there any way to reload udev then ?
<gyre007> without rebooting ?
<gyre007> this is confusing the hell out of me
<gyre007> also is that the UUID I should be using in fstab to mount the encrypted device automatically ?
<Novato__> Rory:  fail! the asterisk
<Novato__> dont up!
<Novato__> s down :(
<Novato__> kell me ! bum
<Novato__> Rory: where arledy=?
<gyre007> xnox: I found out that the mapper device after reboot totally disappears w00000t ?!
<ancaster> Hey all. I've got a server in our lab backing up to external USB drives and NFS shares (rsnapshot).
<gyre007> mapper device created by cryptsetup
<ancaster> Is there anyway to ensure the drives/shares are mounted before backup begins so that if not the drive they are mounted on doesn't fill up?
<ancaster> Flaky set up, I know.
<zerick> ancaster, maybe this could help http://stackoverflow.com/questions/17612004/linux-shell-script-how-to-detect-nfs-mount-point-or-the-server-is-dead
<ancaster> zerick: thanks. I just also found the 'mountpoint' utility. returns true if a path is a mount point.
<tonyyarusso> You could also start by reading /etc/mtab or the 'mount' output
<ancaster> zerick: I also considered placing the mount points in a tmpfs filesystem so that, worst case, the tmpfs filesystem fills up.
<ancaster> tonyyarusso: ... and just grepping it. yeah, okay that works too.
<novato> hi!
<novato> next of install ubuntu server what can doit in this server for segurity
<novato> fortinet o firewall=?
<novato> what='
<novato> recommendations please
<gyre007> anyone has seen that dm-crypt device would disappear after reboot ?
<novato> =?
<gyre007> thats basically the reason why my luks encryption isnt working
<gyre007> for some reason dev mapper device just disappears after reboot
<gyre007> w000t
<smoser> hallyn_, do you have thoughts on this:
<smoser> http://askubuntu.com/questions/376345/allow-loop-mounting-files-inside-lxc-containers
<hallyn_> smoser: can you get dmesg output by chance?
<smoser> I probably *can* :)
<hallyn_> smoser: the two first possibilities would be (a) apparmor and (b) the loop file is one with partitions.
<smoser> hallyn_, 'b' is not true
<smoser> i'll see if i can't reproduce
<hallyn_> smoser: so something has done an losetup i assume?
<smoser> well, 'mount -o loop,ro' does
<smoser> but, yeah.
<hallyn_> well at the end there is
<hallyn_> root@maaslxc2:~# mount /dev/loop0 /mnt
<hallyn_> mount: block device /dev/loop0 is write-protected, mounting read-only
<smoser> that was as a simple example
<hallyn_> man the messed-up syslog is really being a pain
<hallyn_> smoser: it's simply apparmor.  add a rule to allow mounting anything to /mnt to a custom profile, and it works.
<smoser> hallyn_, example ?
<hallyn_> smoser: well simplest is to just set lxc.aa_profile = unconfined,
<hallyn_> but you can also just add
<hallyn_> 'mount,' to /etc/apparmor.d/lxc/lxc-default-with-nesting
<hallyn_> or 'mount -> /mnt/**, mount -> /mnt/'.
<smoser> hallyn_, the /mnt confuses me.
<smoser> thats interpreted in the containerized namespace ?
<hallyn_> yes
<smoser> how is that even useful ?
<hallyn_> don't you want to be able to mount /dev/loop0 to /mnt in the container?
<smoser> well, i dont really care where it is mounted to. most likely i want to mount it into a tmpdir
<hallyn_> then you'll have to allow mounting to '/tmp/**'.
<smoser> it just seems odd to me that apparmor would interpret the targets from the containerized namespace
<hallyn_> it has pivot_root.  it's the pathname, period.
<hallyn_> *pivot_root()ed
<hallyn_> that means / in the container does not have a parent dir
<hallyn_> (if it did, then the classic chroot escape would work, barring LSM)
<gyre007> guys anyone knows why would luks dm-crypt device disappear after the reboot ?
<hallyn_> (and /proc/self/maps and related output would show the whole pathanme)
<gyre007> I just dont get it
<hallyn_> do you need to  load a module that isn't being autoloaded?
<smoser> hallyn_, "mount fstype=fuse.*,"
<smoser> isn't that generally a lot more dangerous than loopback mount ?
<smoser> and its enabled (apparently) by default
<hallyn_> smoser: any unprivileged user on host can use fuse, therefore it is not an escalation.
<hallyn_> smoser: the difference is, loopback mounts let you exercise the in-kernel superblock parser for all built-in filesystems
<hallyn_> fuse sb parsers are in userspace
<smoser> really?
<smoser> fuse is allowed by default?
<hallyn_> that's what i'm told.  stgraber ^ ?
<hallyn_> smoser: plus, what we absolutely positively want to avoid is /proc and /sys being remounted elsewhere (and debugfs, securityfs, etc).
<hallyn_> until we can specify per-fstype apparmor rules
<hallyn_> probably "mount fstype=ext*," would be safe to allow in containers, imo
<smoser> well, that is possibly/likely explolitable into kernel crash
<smoser> at least as i'm told such things are possible (if you can mount a bad filesystem, that checks are limited)
<hallyn_> smoser: yes, but i like to think that ext2/3/4 are safer than others.  maybe i'm delusional.
<hallyn_> somebody does need to vet those at some point!  :)
<stgraber> smoser: fuse sure is enabled by default, that's how all of the gvfs mounts on the desktop works and how sshfs and others work too
<jdstrand> hallyn_: apparmor.d tells me that fstype is supported in mount rules (I've not done it personally)
<jdstrand> hallyn_: man apparmor.d that it
<jdstrand> is*
<stgraber> jdstrand: yeah, that's already how we allow fuse mounts (fstype=fuse.*)
<hallyn_> jdstrand: yeah i wasn't saying apparmor doesn't allow it - *we* don't yet allow it :)
<hallyn_> (fstype = ext*, that is)
<sarnold> man, is fuse better than ext in that respect?
<sarnold> I've always worked under the assumption that fuse could wedge a machine solid, anyway. is that an incorrect assumption?
<smoser> sarnold, i kind of had that same feeling.
<hallyn_> i hope it's an obsolete assumption
<sarnold> obviously something that needs some investigating
<hallyn_> agreed.  i've not looked into it in years
<smoser> hallyn_, so what is the difference between
<smoser>  /etc/apparmor.d/abstractions/lxc/container-base
<smoser> and
<smoser>  /etc/apparmor.d/abstractions/lxc/start-container
<smoser> i understand (i think) the reason for such things
<smoser> but both are included from /etc/apparmor.d/lxc/lxc-default-with-nesting
<stgraber> start-container is the profile used for lxc-start, container-base is the profile used for the actual container
<sbeattie> smoser: can I ask what the need for loopback mounting is; is it a use case that wouldn't be satisfied by bsdtar?
<stgraber> with-nesting needs both as the container will also call lxc-start
<smoser> stgraber, so how is one profile chosen?
<hallyn_> lxc-default is the default, if you want to run nested containers then you must change it to lxc-default-with-nesting
<smoser> sbeattie, you're suggesting that bsdtar can read an ext4 filesystem in a file ?
<hallyn_> which is, obviously, much less sfae
<smoser> hallyn_, how do you change it ?
<stgraber> lxc.aa_profile in the config
<sbeattie> smoser: it can read iso9660, I can't remember if it can read ext4 (probably not)
<smoser> i didn't realize it could read iso9660, thats pretty neat. i'm not aware of any general user-space extX filesystem implementation.
 * hallyn_ chuckles, something about using qemu :)
<hallyn_> but obviously you really want to ship zfs, and use zfs-fuse in the container
<sarnold> blech please no zfs-fuse. yes it's an amazing accomplishment, no it isn't a replacement for ZoL. hehe.
<hallyn_> sarnold: ah, but zfs-fuse would be allowed by default in the container, is my point
<smoser> https://github.com/gerard/ext4fuse might be able to accomplish what i need. but fuse.
<sbeattie> smoser: there's also fsarchiver, which claims to handle ext4 and btrfs, but I've forgotten how it well works, and it also advertises itself as not being ready for production use.
<sarnold> hallyn_: ah. still. fuse.
<hallyn_> :)
<sarnold> :)
<sbeattie> oh hrm, not thinking very well, fsarchiver might not handle non-block devices
 * sbeattie really wants good solutions for pulling files from filesystems stored as images that don't require root privileges.
<sarnold> hear hear
<smoser> â« ls /var/lib/lxc/
<smoser> ls: cannot open directory /var/lib/lxc/: Permission denied
<smoser> is that expected ?
<smoser> sbeattie, libguestfs really is a good solution
<smoser> its just heavy
<jamespage> jdstrand, are you able to attend the juju -> main session right now?
<smoser> it uses really well tested filesystem drivers (inside the linux kernel!)
<smoser> hallyn_, ^.
<jdstrand> jamespage: no-- mdeslaur is there
<sarnold> jamespage: mdeslaur and I are attending
<jdstrand> jamespage: and sarnold
<smoser> is it expected that /var/lib/lxc is non-readable by non-root ?
<jdstrand> sarnold: hah :)
<jdstrand> smoser: yes, that is a recent change
<hallyn_> smoser: yes.
<hallyn_> smoser: you can change it once and lxc won't re-set it for you, but alas it sort of has to be that way
<hallyn_> the curse of setuid bit.  if only we could do away with it
<smoser> hm... /me just finds it easiest to 'chmod 4755 /bin/bash'
<sarnold> lol
<hallyn_> when i want information, i just get the username/password from any nsa employee willing to hand them over (which is most of them) and use their account to look at full history of, well, every bit xferred on the net.
 * hallyn_ grumbles something about millions spent on security evaluations by nsa, only to have their employees hand over pwds...
<hallyn_> (in other words, why NOT just chmod 4755 /bin/bash)
<sarnold> because bash defeats that. bash is no fun.
<hallyn_> lol
<smoser> it does ?
<hallyn_> yeah
<hallyn_> which really has messed me up in the past when i tried testing file capabilities wrt scripts.
<jrwren> smoser: i missed the cloud-images session :(  I wanted to share my list of packages which I find superfluous. aptitude, os-prober, ppp, rsync, tcpd, usbutils, wirelesstools, wpasupplicant
<sarnold> rsync? really?
<smoser> jrwren, thanks for the input. those are definitely useful input.
<smoser> aptitude was on my list.
<jrwren> one can always apt-get it. it certainly isn't needed for many cloud systems.
<smoser> apparently lots of people use it though.
<jrwren> i just wanted to share. some were strange to me, if not removed maybe some docs around why they are there. especially the wireless and wpa
<smoser> jrwren, the primary issue with just removing stuff is that cloud-image is superset of server. server is superset of standard ...
<smoser> thats where a bunch of them come in.
<smoser> we can do some things though.
<smoser> thanks for your input.
<smoser> (many things end up getting pulled in from 'recommends by default')
<jrwren> i see. i didn't know it was superset of server
<smoser> it always has been. there isn't a *huge* reason for that.
<jdstrand> jamespage: mdeslaur filled me in on the outcomes. sounds very reasonable. thanks! :)
<jamespage> jdstrand, np
<vlad_sta_> Question: Having Ubuntu 12.04.3 LTS. MD RAID 1. After reboot got this in syslog: "md1: detected capacity change from 0 to 999069384704" and "md1: unknown partition table". It waited awhile and then booted successfully. Is it a bug or anything I should worry about? Thnx.
<Rory> vlad_sta_: If it boots sucesfully from your RAID array, then it is obviously working. They're usually warnings, not errors
<Rory> vlad_sta_: If you really had an invalid partition table there wouldn't even *be* a syslog to read :)
<vlad_sta_> Rory: OK:)
<jamespage> mdeslaur, reflecting on the fact that 5.5 is support until 2018 makes me reticent to jump to 5.6 for 14.04
<mdeslaur> jamespage: yeah, I agree
<mdeslaur> jamespage: although...that would still leave us with a year without support possibly
<mdeslaur> 14.04 -> 19.04
<mdeslaur> problem is we have no idea what the security fixes are, so there's no way for us to backport them even if we wanted to during that year
<henkjan> jamespage: what are the arguments against 5.6?
<lifeless> 5.6 of? mysql?
<Novato> hi people
<Novato> how I can reinstall asterisk
<Novato> because when I write to terminal:  sudo apt-get install asterisk   =   asterisk is already the newest version.
<Novato> Rory: hi! how are you=??
<Novato> Rory: remember the command of reinstall  asterisk
<Novato> =?
<Novato> help me with asterisk in ubuntu please
<Novato> I need reinstall this software
<leecallen35> Greetings fellow ubuntunians...
<leecallen35> I am configuring some ubuntu servers for headless operation, for use in places where they cannot easily be accessed.
<leecallen35> What strategies can I use to minimize the chance of a corrupted filesystem throwing the system into maintenance mode?
<leecallen35> (besides booting from read-only media, which seems to be too onerous to set up)
<leecallen35> Okay I will start...
<leecallen35> What I can think of: separate partitions for / /boot /usr /home and data...
<leecallen35> use mirroring, and a fs like ext4 with journalling
<leecallen35> and zfs for my big data filesystem (which will be a media server)
<leecallen35> (oops left out /var -- definitely a separate partition for /var)
<Arrick> !lamp
<ubottu> LAMP is an acronym for Linux-Apache-MySQL-PHP. However, the term is often used for setups using alternative but different software, such as Perl or Python instead of PHP, and Postgres instead of MySQL. For help with setting up LAMP on Ubuntu, see  https://help.ubuntu.com/community/ApacheMySQLPHP - See also the Server CD installation process.
<tonyyarusso> So...does anyone understand the merits "UsePAM yes" vs "UsePAM no" in sshd_config?  It looks like "yes" is the default, but I'm having some things that don't work unless it's set to "no", and I don't understand PAM well enough to understand why.
<Arrick> ok... whats the LAMP-server package called today? trying to install it on 12.04 lts
<tonyyarusso> Arrick: By today, do you mean in 13.10?
<tonyyarusso> oh, no
<tonyyarusso> Reading fail
<Arrick> no, 12.04 lts
<Arrick> lol
<Arrick> I tried lamp-server and nada.
<Arrick> first two lines of https://help.ubuntu.com/community/ApacheMySQLPHP work... it shows the root of the server though.
<tonyyarusso> Arrick: lamp-server^ - the ^ apparently marks it as a "task".
<Arrick> ahh... Ok, I used the tasksel install lamp-server and it installs... but when I drop an info.php file into the root, it doesnt display when I point at it directly
<tonyyarusso> What does it do instead?
<Arrick> page cannot be displayed
<Arrick> 404 error
<tonyyarusso> huh
<tonyyarusso> I would think both ways should work the same...
<Arrick> lol
<Arrick> I forgot to change the default directory of the default site.
<tonyyarusso> ha
<tonyyarusso> That'll do it
<Arrick> hey tonyyarusso what command do I run to tell me the current permissions of a directory?
<tonyyarusso> Arrick: ls -ld /path/to/directory
<tonyyarusso> Drop the d if you want the permissions of the stuff IN the directory rather than the dir itself, or replace it with a if you want to see both at once
<Arrick> so... refresh my memory, what does this mean? drwxrwxrwx 47 root root 4096 Nov 20 15:57
<Arrick> root user, root group I understand...
<Pici> Which part is confusing?
<patdk-lap> 47
<Arrick> is that 755, or 777?
<Arrick> and what is 47
<Arrick> correct
<Pici> Thats 777, rwx for u g and o
<Arrick> ok
<Arrick> whats the 47?
<patdk-lap> inode?
<Pici> 47 is the number of links to the path.
<Pici> er, inode
<patdk-lap> links to the path, that is funny :)
<Arrick> ok
<TheLordOfTime> i see an "Out of memory: Kill process #### (processname) score 549 or sacrifice child" error, what does the score mean there, and how is that the deciding factor for the OOM kill?
<TheLordOfTime> (that message was in dmesg)
<Patrickdk> better than it used to be
<Patrickdk> OOM kill used to just pick one at random, or the one using most memory
<Patrickdk> bad idea to kill mysql, cause it uses a lot of memory, on a mysql dedicated machine
<sarnold> TheLordOfTime: http://lxr.linux.no/#linux+v3.12.1/Documentation/filesystems/proc.txt#L1366
<Rory> TheLordOfTime: or... or *sacrifice child*
<Rory> I'd just like to point out that interesting recommendation by oom-killer there
<joeyy> were is the 32bit server img at for usbstick install
<sarnold> joeyy: try this? http://www.ubuntu.com/download/server/thank-you?distro=server&bits=32&release=lts
<joeyy> was loooking for img for usb stick or can i just dd that img
<xnox> joeyy: all our .isos can be dd to usb-stick.
<xnox> joeyy: and they will work in both BIOS and UEFI and SecureBoot modes.
<xnox> (well you need 64-bit one for UEFI & SecureBoot)
<joeyy> ah ok
<joeyy> what would u recmmend 32 bit or 64 bit on atom d510 1.66ghz with 2 gig ram
<xnox> joeyy: well that processor is 64-bit and 64-bit images are our default. But since it's only 2 gig of ram, you will have lower memory usage if you go with 32-bit image.
<sarnold> .. but then you've got more restricted registers in the compiled code. I'd probably go for 64 bit just to keep parity with other 64 bit devices I've got, but wouldn't really care one way or another
<xnox> yes, I value keeping environment homogenious. all my machines are 64-bit regardless of RAM size, it means that i can self-compile / recompile software once and deploy to all machines.
#ubuntu-server 2013-11-21
<ElricStorm> got a question for you folks, i've recently installed a ew7811un wifi *stick*
<ElricStorm> i've tried every guide i can find online and cannot get it to connect successfully to my home wireless connection
<ElricStorm> i've even rebuilt the kernel module for it, and it will not connect to my wireless...i have no GUI installed on this box, so everything must be done via cli
<ElricStorm> le sigh
<makara> rreset
<makara> reset
<makara> dammit :)
<Chillaholic> How can i change a digit of a defined variable? SERVICE=$SERVICE$1 does not work.
<znf> Hello. Is there any way to install Squid 2.7 under Saucy? I can only find squid3 packages, and I kind of need squid2.7 :-/
<jamespage> zul, OpenStack virtualization session PM today = are you running that one?
<zul> yeah
<zul> i think
<moutaman> hey
<zul> jamespage:  http://docs.openstack.org/admin-guide-cloud/content//section_manage-logs.html
<rbasak> TheLordOfTime: I just filed https://bugs.launchpad.net/debian/+source/nginx/+bug/1253691. Do you have any interest in working on it?
<uvirtbot> Launchpad bug 1253691 in nginx "Specially crafted request URI permits security restriction bypass" [Undecided,New]
<rbasak> Filing the MIR for nginx is still on my TODO.
<rbasak> So I will do this first, unless you want to take it?
<tom___> hello
<tom___> I got a question about postfix
<tom___> ehlo diablo3post.com 250-vividgn.com 250-PIPELINING 250-SIZE 10240000 250-VRFY 250-ETRN 250-STARTTLS 250-ENHANCEDSTATUSCODES 250-8BITMIME 250 DSN auth plain 503 5.5.1 Error: authentication not enabled auth login 503 5.5.1 Error: authentication not enabled
<tom___> Im getting the error authentication not enabled
<tom___> when i have it enabled.
<michele> hi there. quick question. on /etc/crontab I have this row: 47 6    * * 7   root    test -x /usr/sbin/anacron || ( cd / && run-parts --report /etc/cron.weekly ) ; how come this machine executes cron.weekly every Thursday instead of Sunday (dow in crontab row is 7)
<TheLordOfTime> rbasak: absolutely, you'll notice my comments on the bug (via my phone)
<TheLordOfTime> rbasak: note that there's another nginx CVE that i also need to address and i need to get the changes from Debian first (they just issued release 1.4.4 so a merge of 1.4.4 from Debian to Trusty would fix two CVEs AFAICT.)
<rbasak> TheLordOfTime: great. Thanks! Please let me know how it's going and if you need any help.
<TheLordOfTime> rbasak: don't think there'll be an issue, after consulting with #ubuntu-hardened i'm settging confirmed/high other than that i'm just getting the source so i can debdiff it.
<TheLordOfTime> since apparently it went missing on my system
<TheLordOfTime> rbasak: since of course i'm not security team, i always consult with them before changing a security bug's status ;)
<TheLordOfTime> but first... coffee.
<TheLordOfTime> rbasak: the only thing i might not be able to do is a merge... #ubuntu-hardened suggests merging 1.4.4 from Debian to Trusty, but the last couple "merge" attempts I tried FTBFS locally
<TheLordOfTime> (I always build with sbuild to test that it actually builds)
<rbasak> TheLordOfTime: OK. If it fails, stick what you have in the bug and I'll take a look at it.
<TheLordOfTime> rbasak: the patch as is from upstream will fail to apply, because p0 patch
<TheLordOfTime> adding a/ and b/ to the beginning of the filepaths made it import.
<TheLordOfTime> then apply :)
<rbasak> Great!
<TheLordOfTime> thanks to -motu for that guidance on the fix
<Syphtah> Hello
<Syphtah> I need help with setting up a web-server for saving backups. It has to accept HTTP POSTs and save the files sent
<Syphtah> How would you reccomend going about doing it?
<TheLordOfTime> rbasak: feel free to check the debdiffs i put onto that bug if you want, but ultimately security has to upload them.
<TheLordOfTime> rbasak: and security would also have to approve them, so meh.
<TheLordOfTime> rbasak: and not sure if you saw in -motu, but cjwatson will merge 1.4.4 into trusty and that should take care of the CVE for Trusty.
<zul> hallyn_:  i just uploaded a new libvirt we should be ok when python-libvirt is split out
<TheLordOfTime> rbasak: as for other security bugs drifting around for nginx: CVE-2013-0337 still has no patch that I'm able to see just yet... and CVE-2011-4968 is still bouncing around the nginx-devel mailing list and has no solution yet as a result of that.
<uvirtbot> TheLordOfTime: The default configuration of nginx, possibly 1.3.13 and earlier, uses world-readable permissions for the (1) access.log and (2) error.log files, which allows local users to obtain sensitive information by reading the files. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-0337)
<uvirtbot> TheLordOfTime: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem.  When the candidate has been publicized, the details for this candidate will be provided. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-4968)
<TheLordOfTime> uvirtbot: you need to die
<uvirtbot> TheLordOfTime: Error: "you" is not a valid command.
<TheLordOfTime> sorry for general channel spam everyone :/
<rbasak> TheLordOfTime: I don't think that nginx users expect more from us than what nginx upstream provide. I wouldn't fret about those for now. Just leave the bugs be, and the security team can make a decision once I've filed the MIR.
<TheLordOfTime> rbasak: yep, i just put that there as an FYI
<TheLordOfTime> because i'm constantly on the lookout for those fixes
<TheLordOfTime> rbasak: note trusty won't have a fix until... monday i think cjwatson said...
<TheLordOfTime> (merge of 1.4.4 from Debian -> Trusty)
<TheLordOfTime> ... lol i just got spammed by launchpad, and it's all my changes xD
<hallyn_> zul: sweet
<airtonix> https://bugs.launchpad.net/ubuntu/+source/screen/+bug/574773?comments=all#yui_3_10_3_1_1385064379062_1839
<uvirtbot> Launchpad bug 574773 in screen "Cannot make directory '/var/run/screen': Permission denied (convert init to upstart)" [Medium,Fix released]
<Sling> just installed default lamp stack on fresh ubuntu 13.10, noticed it defaults to mod_php + prefork, is there an 'ubuntu' way of switching to event + php-fpm + mod_proxy_fcgid ?
<Sling> or should I just manually unload mod_php, load & configure mod_proxy_fcgid and switch MPM
<wam_> Sling: is this non-prefork stuff working meanwhile? A few years ago most php software didn't run on fcgi or other stuff.
<Sling> wam_: yup works fine
<Sling> about to setup an owncloud + zimbra install on it
<wam_> Sling: wtf? You won't need php for zimbra ;)
<Sling> well, for the webmail stuff
<wam_> zimbra is java
<wam_> and has its own hosting
<Sling> oh
<wam_> which is perfectly fine
<Sling> well then ill be reverse proxying to it
<wam_> good product
<Sling> whatever :)
<wam_> don't
<Sling> because?
<wam_> run zimbra on a dedicated vm.
<wam_> because you'll have a lot of trouble sharing this.
<Sling> this vm wont be doing any webhosting or w/e
<wam_> zimbra even brings its own nginx
<Sling> which can listen on any port
<wam_> sure
<wam_> prepare for evil things ;)
<wam_> zimbra has LOTS of things to configure if you want to do it yourself.
<Sling> im trying to ditch gmail ;)
<wam_> Sling: btw: zimbra brings its own webdav and cal.
<wam_> so no need for owncloud
<wam_> which doesn't work either.
<Sling> ill be using owncloud across desktops/machines for my documents
<wam_> Sling: look at seafile and be happy
<wam_> instead of crying every day because webdav just sucks
<Sling> i wasnt planning on using webdav
<wam_> plus you get client side encryption
<Sling> but yeah im not here to discuss every piece of software im going to install, was just wondering about the mpm/fpm stuff
<Sling> :)
<wam_> M)
<wam_> You will have to go through all this yourself ;)
<Sling> thats fine
<wam_> sure
<wam_> I had to do it too
<jkyle> heya
<jkyle> I'm getting periodic errors form apt-cacher-ng like "storage error [500 Server reports unexpected range], last errno: Operation now in progress" and "storage error [500 Server reports unexpected range], last errno: Resource temporarily unavailable"
<jkyle> having trouble figuring out what the root cause might be
<jkyle> from the source, http://git.fsinf.at/apt/apt-cacher-ng/blobs/d656c645d99ac99b0045e663492f0824d8cfee2e/source/fileitem.cc, it looks like it might be an upstream mirror problem where it's not giving me a complete header response
<rostam> HI we have recently ported all of our applications and drivers from redhat to ubuntu (RH6.4 to Ubuntu 12.04 update 3) . We see some slowness while applications open the device drivers, any idea why and how to tackle this? thx
<fishcooker1> i want to encyrpted  my home folder.. and i've plan to put some apps on it that will run after the user login
<PryMar56> rostam, are you running ubuntu-server? should be empty -> dpkg -l | grep xserv
<PryMar56> rostam, what is your pkg count? dpkg -l | grep -c ''
<PryMar56> full ubuntu with GUI is bloated at 1300 pkgs or more
<sander^home> Do anyone know how I can mount a remote directory using webdav with digest authentication?
<sander^home> I'm using the command: mount -t davfs http://xxxx/webdav /home/USER1  and I got: Digest mutual authentication failure: request-digest mismatch
<tonyyarusso> sander^home: No, but my first guess would be that you need to provide the credentials in the URL, eg http://user@xxxx:password/webdav/
<tonyyarusso> sander^home: Ah, looking at the man page, it looks like you're supposed to give -o username=someuser, then the password is read from stdin
<tonyyarusso> sander^home: http://linux.die.net/man/8/mount.davfs
<tonyyarusso> sander^home: For use in fstab, looks like you're supposed to put that information in a special secrets file.
<Corey> Bah, false hilights. I blame tonyyarusso. :-p
<tonyyarusso> Corey: ha, what did you hilight on there?
<sander^home> tonyyarusso, I get promted for the username and password
<sander^home> tonyyarusso, I think the problem is that the server requires digest autentication..
<Corey> tonyyarusso: I'm cquinn at die.net
<tonyyarusso> sander^home: Digest and basic should be the same as far as the client is concerned...
<tonyyarusso> Corey: ooooh, neat.
<tonyyarusso> sander^home: are you using a secrets file already?  I see the format is (sort of) explained in the "Examples" section.
<sander^home> tonyyarusso, long time ago.. I had the same problem.. ending up changing to basic authentication.. then it worked. But in this case I cant change.
<sander^home> tonyyarusso, im not. Let me see
<tonyyarusso> Corey: what's the story behind the domain name?
<Corey> It predates me; it's a friend's.
<sander^home> tonyyarusso, Im not using a secret file.
<tonyyarusso> What happened to Ubuntu Orchestra after precise?
<sander^home> tonyyarusso, tried to be using it now..but failed.
<sarnold> tonyyarusso: I think you're looking for 'juju' now
<tonyyarusso> sarnold: ah, could be
 * tonyyarusso hasn't kept track of all of the pieces and funny names over the years; trying to figure out what they do these days
<tonyyarusso> In short, should I set up a Puppet server, PXE/TFTP server, and APT cache manually, or use a prepackaged deal.
<fishcooker> i've got error there is message.. so that i have to check /var/log/syslog on virtual console 4
<fishcooker> many error don't know how to start
<fishcooker> ...
<fishcooker> ext4-fs.. errors=remount-ro
<sarnold> tonyyarusso: that's a tough call; juju and maas are pretty slick, but it feels like they shine when you're either using a public cloud provider or have plenty of machines for an internal private cloud (maas or openstack).. juju can deploy to specific machines these days, which is neat, but it isn't really where it's awesome.
<tonyyarusso> sarnold: I'm working with probably one or two dozen physical machines, and then a few dozen more virtual ones that are in VMware, so as far as I see them very similar to physical since I can't do magic with VMware in the same way.
<tonyyarusso> sarnold: Right now we have an "initial setup checklist" that we do by hand on ALL servers, which is getting too long and tedius, 20 of the virtualized servers should have the same packages, some of the same settings, etc. (they all run the same app, just for different clients/domains), but currently differ in ways unknown, and I have no good way of changing the "master" (non-LDAP) user's password on all machines at once.
<sarnold> tonyyarusso: oh, man, that sounds like something that would benefit greatly from puppeting or juju charming
<tonyyarusso> Yeah, it definitely needs SOMETHING along these lines - just a question of what exactly.
<sarnold> since your machines mostly exist as-is, I'd be tempted to go down the puppet route. if at some point in the future you've got an openstack setup or juju grows a vmware provider that can make new instances, you can still use those puppet recipes in juju charms to pipe everything together; it's not entirely a one-way decision
<tonyyarusso> true
<tonyyarusso> As for the "exist as-is" part, we do have several machines that need to be rebuilt right now, and we just lost the second sysadmin this quarter, leaving just me, so it's a great opportunity to push hard on any automation I can.
<tonyyarusso> I found a server the other day running 6.06 still...
<Rory> tonyyarusso: My favourite release! \o/
<Rory> tonyyarusso: Wait, a live server?
<Rory> tonyyarusso: Regarding automation, I've used Puppet and Salt, they're both fine
<sarnold> tonyyarusso: yikes :)
#ubuntu-server 2013-11-22
<tonyyarusso> Rory: Yes, a live, production server.  Running our backups.
<tonyyarusso> One of the previous sysadmins doesn't belive in doing updates
<rostam> PryMar56, dpkg -l | grep xserv is not empty,  I originally installed ubuntu-server but I needed  xwindow  for our gui applications, this is exactly how I did for RH. Does xserver adds something to slownes? thx
<rostam> PryMar56,  pkg counts is 666
<sarnold> X does take memory and processing power. both of which might be better used on your applications instead. but the drain is usually pretty low..
<PryMar56> rostam - any python/perl depends in your apps?
<rostam> PryMar56,  no python/perl
<PryMar56> rostam, pkg count looks similar to ubuntu-server.. and networkmanager is unused? all NIC configs are manual?
<rostam> PryMar56,  we have two CPU (AMD 5000) we do configure them manually, the same we do for RH.
<PryMar56> rostam - check locale, i18n configs in /etc/default against what shows in ENV
<rostam> PryMar56,  Env you mean echo $Env? the output is empty
<PryMar56> rostam, IOW - login as user, type env, and see if LANG, language, etc looks OK
<PryMar56> rostam , also login as user, type groups <---- huge difference with RH if the user is admin
<rostam> PryMar56, we are running our apps as root. do you see any issue there as far as performance??
<PryMar56> rostam - no..but that is not exactly the ubuntu way
<PryMar56> rostam, if go through steps like this.. you might find weaknesses of faults
<PryMar56> or faults
<PryMar56> rostam in RH you have /etc/sysconfig in deb/ubuntu there is /etc/default
<rostam> PryMar56,  ok I will look for any differences between env and /etc/default setting, if I donot find it what else I should look for? thx
<PryMar56> rostam - loaded modules (lsmod).. I doubt kernel differences will matter: RH is 2.6.32 and Ub is 3.0.1x
<rostam> how about apparmor /
<rostam> ?
<PryMar56> rostam, apparmor is off in my server
<rostam> PryMar56,  How could I disable it?
<PryMar56> rostam, thats an FAQ , but memory says something with purge... google it
<sarnold> in the most pessimistic of testing, apparmor adds less than 0.5% overhead; if you're having performance problems, apparmor is probably not involved :)
<sarnold> rostam: if your hard drives have 4k sectors (or larger, as some ssds do) you can sometimes see a gigantic slowdown if partitions are not aligned on 4k blocks, but rather on the older 512 byte boundaries -- every write might involve then a read, modify, write cycle, which would be significantly slower
<jjohansen> rostam: there are several ways to disable
<jjohansen> apparmor=0 on the grub kernel command line, do it in grub, or permanently in /etc/defaults/grub and then update-grub
<jjohansen> rostam: you can purge the apparmor package, the kernel module will still be enabled but not policy will be loaded
<sarnold> rostam: what exactly is _slow_ in your configuration? can you narrow it down to a specific sequence of system calls or function calls?
<rostam> opening devices (video encoder/decoder card) takes about 1 sec while in RH takes about 1 msec.
<sarnold> rostam: oh, interesting. any chance you can try your redhat with a newer kernel or your ubuntu with an older kernel? you can't just drop one kernel onto the other :/ but similar era kernels would be a worthwhile starting point
<sarnold> rostam: it might be that the kernel driver might have treated an open() request without checking the hardware or without allocating resources, but now it may
<rostam> sarnold,  valid points, let me dig more into the open call. Thank you all for helping me. I got lot us of good points.
<guzzlefry> Is there a way to test sshd settings without looking my current sessions? I'm trying to avoid getting locked out.
<guzzlefry> s/looking/losing
<sarnold> guzzlefry: changing ssh settings won't influence existing connections
<sarnold> guzzlefry: now, changing _firewall_ settings is where you've got to be very careful :)
<guzzlefry> sarnold: even when restarting the daemon?
<guzzlefry> service sshd restart
<sarnold> guzzlefry: yes, the daemon has spawned off children processes to handle logged in users
<guzzlefry> ah, good to know
<guzzlefry> thank you :)
<sarnold> guzzlefry: have fun :)
<guzzlefry> Oh, one more question actually. I've looked around, and it seems like the only way to lock a user to sftp and chroot them is to set root as the owner of the chroot directory. Has that situation changed at all?
<sarnold> guzzlefry: well, that's a tricky thing. chroot was never intended as a real security mechanism
<guzzlefry> ah, that would explain all of the breakages I've heard about it.
<sarnold> guzzlefry: you could try using an lxc container; I haven't tried that yet myself, but I think it ought to work. another option is confining the user with apparmor, though it isn't as convenient as one might like: sec-saucy-i386
<sarnold> guzzlefry: http://wiki.apparmor.net/index.php/Pam_apparmor_example
<sarnold> sorry about the mispaste, juggling too many things at once :)
<guzzlefry> no problem, thanks again for your help
<fishcooker> is it right that ubuntu-server 12.04 installation need internet connection?
<guzzlefry> Well, this is interesting...
<guzzlefry> $ sudo ssh-keygen -i -f id-rsa.pub > authorized_keys
<guzzlefry> -bash: authorized_keys: Permission denied
<sarnold> fishcooker: I believe it'll download and install updates while installing, if you wish
<sarnold> guzzlefry: the > authorized_keys is handled by the shell _before_ it executes sudo
<guzzlefry> doh
<guzzlefry> thanks
<guzzlefry> It might be time to call it day. ;)
<sarnold> always a good idea to call it a day before you fat-finger something and wreck your tomorrow, hehe :)
<fishcooker> so without internet connection ubuntu server will not be installed, sarnold?
<Ghostx562> hello, i am trying to setup a server for local file storage, is this possible using ubuntu server?
<pmatulis> Ghostx562: what do you mean by 'local file storage'?  every computer has local file storage
<fishcooker> i have unregistered board .. i've tried install ubuntu server many times and failed
<Ghostx562> pmatulis, store files on an old desktop with a 1tb drive, move files between that and my laptop
<Ghostx562> sort of file storage
<pmatulis> Ghostx562: laptop running what OS?
<Ghostx562> fishcooker, installing from CD?
<Ghostx562> pmatulis, win7/ubuntu
<pmatulis> Ghostx562: study samba
<pmatulis> fishcooker: what is "unregistered board"?
<Ghostx562> pmatuils, will do thanks
<pmatulis> !samba | Ghostx562
<ubottu> Ghostx562: Samba is the way to cooperate with Windows environments. Links with more info: https://wiki.ubuntu.com/MountWindowsSharesPermanently and https://help.ubuntu.com/12.04/serverguide/C/windows-networking.html
<pmatulis> but it works with ubuntu too
<fishcooker> nope i installed from usb flashdisk
<fishcooker> this is my lshw on previous ubuntu remix 10.10
<Ghostx562> fishcooker, try cd better results that way
<fishcooker> http://paste.debian.net/67115/
<fishcooker> i don't know why CD would be better than USB,  Ghostx562
<ns5> I'm installing ubuntu server 12.04.3, I want to partition the disk manually, but I can't find fdisk.  Any idea?
<lifeless> the installer will step you through it
<lifeless> has anyone else had all their LXC's stop working recently? They DHCP request on the bridge, but then don't acccept the response.
<lifeless> I can see DHCP outputting
<lifeless> send(3, "<30>Nov 22 07:29:48 dhclient: No DHCPOFFERS received.", 53, MSG_NOSIGNAL) = 53
<lifeless> but I can also see dhcpd
<lifeless> Nov 22 20:28:50 lifelesshp dnsmasq-dhcp[1688]: DHCPDISCOVER(lxcbr0) 00:16:3e:9f:6e:06
<lifeless> Nov 22 20:28:50 lifelesshp dnsmasq-dhcp[1688]: DHCPOFFER(lxcbr0) 10.0.3.214 00:16:3e:9f:6e:06
<lifeless> in the host
<ns5> how can I configure static IP for an interface
<ns5> where is the configuration file?
<Sling> ns5: /etc/network/interfaces
<ns5> Sling: thanks
<ns5> the python-protobuf package in my Ubuntu server 12.04.3 is too old, how can I update it?
<Rory> ns5: sudo apt-get update && sudo apt-get install python-protobuf
<ns5> Rory: the latest version is still too old...
<Rory> ns5: What version is installed, and what version do you need?
<ns5> 2.4.1-1ubuntu2, I need >=2.5
<Rory> !info python-protobuf precise
<ubottu> python-protobuf (source: protobuf): Python bindings for protocol buffers. In component main, is extra. Version 2.4.1-1ubuntu2 (precise), package size 75 kB, installed size 452 kB
<Rory> ns5: There is no later version packaged, even in saucy
<Rory> ns5: You'll have to get a later version from the upstream developers and install it yourself
<Rory> !info python-protobuf
<ubottu> python-protobuf (source: protobuf): Python bindings for protocol buffers. In component main, is extra. Version 2.4.1-3ubuntu2 (saucy), package size 74 kB, installed size 452 kB
<ns5> Rory: thanks, I'll try to install it manually
<Rory> i can't help you with it because I dont even know what it is :P but if you're getting errors or something when installing put them on paste.ubuntu.com and I will look
<fishcooker> why installation of the server from usb always fail?
<Rory> !md5sum | fishcooker
<ubottu> fishcooker: To verify your Ubuntu ISO image (or other files for which an MD5 checksum is provided), see http://help.ubuntu.com/community/HowToMD5SUM or http://www.linuxquestions.org/linux/answers/LQ_ISO/Checking_the_md5sum_in_Windows
<fishcooker> the hashes is match
<fishcooker> Rory:
<Rory> fishcooker: How do you know it fails? Do you get an error?
<fishcooker> this box is minipc from china
<fishcooker> stuck on retrieving libpcre3-udeb
<fishcooker> btw
<Rory> fishcooker: is it connected to the internet during installation?
<fishcooker> yess
<fishcooker> connected
<fishcooker> stuck on 20%
<Rory> fishcooker: Could you try the installation without a network connection?
<fishcooker> it always be stop
<fishcooker> on mirror
<Rory> yes so there might be a problem with your connection, try installing while you are not connected to the Internet
<fishcooker> but it always stop on mirror/ repo thing
<Rory> fishcooker: Reboot the machine without a connection, and start the installation completely again
<fishcooker> ok i will
<fishcooker> how about ubuntu mirror country?
<fishcooker> no network here
<fishcooker> Rory there is no possibility when you are not connected to the internet
<fishcooker> the installation will be fail
<Rory> fishcooker: That isn't true, I installed ubuntu server on a machine with no Internet this morning
<fishcooker> now i am facing this problem
<fishcooker> which iso do you use?
<fishcooker> im using 12.04.3
<Rory> ubuntu-12.04.3-server-amd64.iso
<fishcooker> yes
<fishcooker> the same here
<fishcooker> with the same hashes
<rbasak> fishcooker: are you checking the hash from the USB stick itself, or from the ISO file you downloaded?
<rbasak> fishcooker: best to verify the boot media itself, if you're not already doing that.
<fishcooker> i will follow your direction
<fishcooker> which file rbasak?
<fishcooker> my prediction that this box doesn't support ubuntu
<fishcooker> this my cpuinfo http://paste.debian.net/67143/
<fishcooker> the last installed os here is ubuntu remix 10.10
<fishcooker> on this box
<fishcooker> netbook
<maxb> Everything that has been said above seems to just indicate there was a problem with the network or mirror, rather than any problem with the installer or system
<aokmanga> salve
<aokmanga> sto cercando di configurare un vps con ubuntu server ed apache ma non riesco a vederlo dall'esterno anche se ho configurato iptables in modo che DOVREI vederlo
<aokmanga> qualcuno mi da una mano?
<aokmanga> premetto che non ho accesso al sistema grafico
<zul> aokmanga:  english please
<aokmanga> ops sorry :P
<aokmanga> i'm trying to setup a vps with ubuntu server and apache ma i can't connect to it from outside
<aokmanga> i tried to change settings in iptables but it seems not to work, i can't access to the graphical server
<Arrick> !php-gd
<Arrick> ok... .ubottu doesnt know anything about php-gd... I need it for a part of my moodle install on ubuntu 12.04 LTS, server version... anyone know the package name for it?
<Arrick> got it nevermind, php5-gd, lol
<remix_tj> Arrick: php5-gd?
<remix_tj> :-D
<rbasak> aokmanga: Ubuntu Server is not graphical.
<aokmanga> rbasak: ok does it has an X server or not?
<aokmanga> only for curiosity because anyway i've no access to it :D
<Pici> aokmanga: not by default.
<aokmanga> thank you
<rbasak> aokmanga: you could install one, but then it sounds like you really want Ubuntu Desktop.
<aokmanga> understood
<aokmanga> anyway i installed apache mysql and so on
<rbasak> aokmanga: generally the access mechanism to Ubuntu Server is ssh.
<aokmanga> configured iptables
<aokmanga> i made everything through ssh
<aokmanga> but i can't access to it from outside
<aokmanga> i don't know why
<aokmanga> i think it's a problem of the iptables settings
<aokmanga> but i can't find it
<Pici> Outside what?
<aokmanga> i'm setting a vps
<aokmanga> and i was looking to find the apache web page from my home pc
<aokmanga> browsing the ip on the browser
<Pici> So you can access it from inside the network where it is located? but not from outside?
<aokmanga> i don't know if i can access from inside the network because i'ven't got the server physically :P
<aokmanga> it's a little free vps hosting
<Pici> Can you connect to it with ssh from where you are right now?
<aokmanga> yes
<aokmanga> but they gave me ssh with an ipv4
<aokmanga> but i've only access (except for ssh) to ipv6
<aokmanga> i set ip6tables in fact
<Pici> For the most part, you shouldn't need to touch iptables for things to work properly.
<aokmanga> i tried to touch it because it wasn't visible :/
<aokmanga> maybe i made some mistakes
<aokmanga> anyone can help me to solve this problem?
<Pici> I'd make sure that apache2 is actually listening on port 80 locally first, and then attack iptables.
<aokmanga> how can i do that?
<aokmanga> netstat?
<Pici> aokmanga: yep.
<aokmanga> thanks for the support, i'm trying to learn :)
<rbasak> mdeslaur: is anyone working on CVE-2013-4164 for ruby? Should I file a bug on it?
<uvirtbot> rbasak: ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem.  When the candidate has been publicized, the details for this candidate will be provided. (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4164)
<mdeslaur> rbasak: no need to file a bug, we track CVEs in our tracker
<mdeslaur> rbasak: it will appear in today's tracker update
<rbasak> mdeslaur: OK, thanks. I looked in the tracker; didn't know it updated daily.
<mdeslaur> rbasak: adding new cves is a process we do 2-3 times a week
<mdeslaur> usually on mon-wed-fri
<mdeslaur> thanks for the ping
<rbasak> I see. np, sorry for the noise.
<mdeslaur> no need to apologize, I'm glad you told me about it in case we missed it
<Arrick> hey all, I have php5-xmlrpc installed on my 12.04 server, but I cant figure out how to enable it... any pointers?
<zetheroo> I moved a raid1 array (2 disks) from one server and placed them inside another .. "mdadm --detail /dev/md127" shows me the Name as the being the former server this array was in - how can I change this to the name of the new server?
<aokmanga> hi all again
<aokmanga> i need to make my web server apache visible outside the internal network, i checked iptables and everything seems fine... there are no rules so everything can go in and out
<aokmanga> netstat says that httpd is working and listening on the port 80
<aokmanga> but!!!
<aokmanga> if i try service httpd restart it says
<aokmanga> (98)Address already in use: make_sock: could not bind to address [::]:80
<aokmanga> this is what i have with netstat
<aokmanga> tcp        0      0 0.0.0.0:80                  0.0.0.0:*                   LISTEN      860/httpd            tcp        0      0 2a02:4780:1:1::1:b39:80     :::*                        LISTEN      860/httpd
<pmatulis> zetheroo: maybe /etc/mdadm/mdadm.conf
<aokmanga> i'm trying to connect through ipv6 entering in the browser http://[2a02:4780:1:1::1:b39] but it doesn't work
<aokmanga> is there something does i have to activate ipv6 protocol?
<Rory> aokmanga: Can you ping that IP?
<Rory> aokmanga: nvm i can ping it, it's up
<aokmanga> how do you ping it?
<Rory> aokmanga: ping6
<aokmanga> i tried ping 2a02:4780:1:1::1:b39
<aokmanga> ok thank you :)
<aokmanga> does it work to you on the browser?
<Rory> no
<Rory> aokmanga: Can you please paste the output of this command: sudo netstat -anp | grep ":802"
<Rory> !paste
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imagebin.org/?page=add | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<Pici> aokmanga: Which release of Ubuntu are you using btw?
<aokmanga> 12.04 Pici
<Rory> sorry aokmanga:  netstat -anp | grep "80"
<Rory> I have a very sticky shift key on this keyboard
<Pici> I just don't recall us having httpd be the name of the apache2 daemon in some time (if ever)
<Rory> Sorry aokmanga ignore me completely about netstat, I just read above
<aokmanga> http://paste.ubuntu.com/6459041/
<Rory> aokmanga: What's the output of: cat /etc/issue
<Pici> Rory: well, that was interesting
<Rory> Centos 5.3 \n \l
<psivaa> jamespage: Floodlight smoke tests fail with today's trusty images.
<psivaa> reported bug 1254096
<uvirtbot> Launchpad bug 1254096 in floodlight "Floodlight Debug Port not found (6655) with trusty server images" [Undecided,New] https://launchpad.net/bugs/1254096
<jamespage> psivaa, thanks - i think
<jamespage> :-)
<psivaa> np :)
<zul> jamespage:  keystone has switched over to testr by the way
<jamespage> \o/
<jamespage> smooth
<Arrick> hey all, I have php5-xmlrpc installed on my 12.04 server, but I cant figure out how to enable it... any pointers?
<jamespage> psivaa, well this is like turning over the rock and finding the cochroaches
<DeltaHeavy> Hey, when I run the command 'chkconfig --level 345 ssh on' it tells me '/sbin/insserv' isn't a file or directory.
<sarnold> DeltaHeavy: ubuntu has used the 'upstart' init replacement for a while. It's quite different, even thogh there are some sysv-init compatibility efforts in place. it'd be worhtwhile to skim through the upstart cookbook: http://upstart.ubuntu.com/cookbook/
<DeltaHeavy> Ok, thanks!
<ikonia> it's pointless trying to use chkconfig on run levels as ubuntu only uses run level 2
<ikonia> and uses upstart
<sarnold> DeltaHeavy: in general, if something is installed, upstart will try to start it. if you want to stop it, you can do that easily with an override file: http://upstart.ubuntu.com/cookbook/#override-files
<sarnold> s/to stop it/prevent it from starting/
<DeltaHeavy> Didn't know Ubuntu was so different. I'll look into it. Thanks!
<ikonia> DeltaHeavy: you've been asking this sort of stuff for a while on ubuntu and keep being told it's differences, not sure why it's not sinking in
<DeltaHeavy> ikonia: Uh, this is the first time I've been in this channel. Are you getting me confused with somebody else?
<sarnold> yes, parallelizing the init and running tasks based on when dependencies were satisfied drastically cut down on boot time, and once the override files were added, it became a -lot- easier to administrate than the old pile of a hundred symlinks. :)
<ikonia> I've seen you in #ubuntu a few times
<DeltaHeavy> Yeah, I've never used Ubuntu before. I don't apprichate your snippy attitude.
<DeltaHeavy> Ubuntu server*
<ikonia> ubuntu server works the same as ubuntu
<DeltaHeavy> I've only used Ubuntu as a desktop, no fancy stuff. I've never been told about this so you should learn to be a little bit more sociable and understanding.
<ikonia> so the differences that have been explained to you on ubuntu will be the same on ubuntu server
<DeltaHeavy> No they havn't
<DeltaHeavy> I don't even know what Upstart is
<ikonia> i didn't say you did
<DeltaHeavy> Learn some respect or I'm just going to /ignore you.
<ikonia> I'm pointing out that just trying to do things the same as other distros as you have done in ubuntu before isn't working
<ikonia> so instead of rushing in - try to look at the differences, as you've been explained before, there are some significant differences and something the same as other distros
<sarnold> ikonia: please just drop it...
<DeltaHeavy> Is he always like this?
<ikonia> DeltaHeavy: I'm just trying to save you from making a mistake that can cause damage,
<sarnold> DeltaHeavy: no, most times he's quite helpful :)
<DeltaHeavy> ikonia: I apprichiate it it just comes off as confrontational when you're "not sure why it's not sinking in" when I havn't used Ubuntu in well over a year, and I'm not experianced in it or asked for much help in #ubuntu or anything of hte likes at all.
<jrwren> remember, http://www.ubuntu.com/about/about-ubuntu/conduct
 * patdk-wk forgets
<GomoX> Hello
<GomoX> What's a good config file based alternative to ufw? ufw is a pain to use with configuration management
<sarnold> GomoX: I've heard good things about ferm, never used it myself though
<GomoX> sarnold: will look into that
<aerokid240> check of csf
<aerokid240> *out
<GomoX> aerokid240: not packaged for Debian it seems?
<Beatstreet> I have a 6 drive RAID 5. The RAID failed and box locked up. When I got the box back up I tried to recover but the recovery failed and now I was a failed drive and a spare drive and 4 active
<Beatstreet> not enough to start the RAID
<Beatstreet> any thoughts on how to get this RAID back up?
<xkernel> surprisingly I found mysql down, how can I figure out what happened?
<Sling> xkernel: usually it will log to /var/log/mysql/error.log
<fishcooker> im on ubuntu server installation now im on install grub boot loader on hard disk section.. the err message is grub-pc package failed to install into target
<fishcooker> i see that the hardisk mount properly on /target
<fishcooker> what should i do .. skip it or?
<CptBley> I am trying to boot ubuntu server 12.04 from a DVD - RW and I select it in the boot menu but all that happens is a blinking _  then it asks whether I want to boot from windows or Ubuntu 12.04 which I have previously installed
<CptBley> please help
<CptBley> anyone
<aokmanga> hi all
<aokmanga> i've a question for you
<aokmanga> can i use a dns name server to use a text address on internet too or only in a private network?
<sarnold> aokmanga: I'm sorry, I don't understand your question, can you rephrase it/
<DeltaHeavy> aokmanga: Only in your local domain.
<aokmanga> thank you DeltaHeavy
<aokmanga> sarnold i asked if i set a dns name server on my machine
<aokmanga> can i use the name that replace my ip on internet? or only in a private network? anyway DeltaHeavy replied you can only use it internally so i'll skip it
<DeltaHeavy> aokmanga: You can edit your /etc/hosts file to have any string of text represent an IP address, in your local network or not.
<aokmanga> in your local network or not? so if i set a string of text to replace my ip and you enter it in your browser with apache running you get my page?
<sarnold> aokmanga: if you edit your /etc/hosts file to assign names to IPs, those names will work on that machine -- but only that machine. you can give any name and any IP address that way
<aokmanga> sarnold: ok, this is what i thought :)
<aokmanga> thank you
<sarnold> aokmanga: that's sometimes useful if you want to prevent a specific annoying advertiser from blinking at you in webpages, add their name and 127.0.0.1 to /etc/hosts, and your browser will contact your local webserver instead :)
<ausjke1> ls -l /var/lib/hugetlbfs pagesize-16MB or pagesize-16777216 I normally see 16MB but why is it 16777216 on ubuntu?
<ausjke1> qemu complains no pagesize-4MB found for example
<ausjke1> it ignores pagesize-4194304 which should be just pagesize-4MB
<sarnold> can you make symlinks from one to the other?
<ausjke1> hmm forgot that , Friday afternoon that is, let me try, thanks
<sarnold> hehe, well, it's reasonable to expect it to work out of the box :) I'm just hoping some symlinks will get you moving again..
<ausjke1> yeah that symlink 'fixed' it
<ausjke1> :)
<sarnold> woo :)
#ubuntu-server 2013-11-23
<guzzlefry> Quick question, is the default httpd.conf for apache2 supposed to be blank?
<guzzlefry> derp, apache2.conf :P
<sarnold> guzzlefry: yes
<sarnold> oh you foud it :)
<basil_> any chance of advice on troublesooting vncserver on Ubuntu 12.04 64bit server?
<fishcooker> my installation failed on "grub install on hardisk step".. i've done this # mount /dev/sda1 /mnt then # grub-install --root-directory=/mnt /dev/sda".. finished and no error reported
<fishcooker> but when i reboot.. i only get "grub> "
<maccam_> Hey all â I'm trying to get a handle on permissions and file ownership for my web server.  Any of you care to offer some guidance?
<_root_> hello
<maccam_> Hey all â I'm trying to get a handle on permissions and file ownership for my web server.  Any of you care to offer some guidance?
<guzzlefry> What specifically do you need help with?
<_root_> for these PHP scripts like SMF; they ask in various times to access the htdocs via FTP to change the file permissions; For this Job should I install an FTP server or Just tweak my ssh configurations?
<maccam_> I need to get a handle on file permissions and ownership.  The default install of ubuntu assigned /var/www/ to root:root.  I set up new users, gave them sudo capabilities, and now when we try to sftp in (it works) we don't have permission to write to the web directory
<maccam_> I'd like to know what steps I must take to get everything locked down, secure, and safe, starting with enabling the users write permissions in the /var/www/ directory when sftping in
<_root_> maccam_: it seems more like the problem with your sshd config file
<_root_> maccam_: http://blog.srmklive.com/2013/04/24/how-to-setup-sftp-server-ftp-over-ssh-in-ubuntu/
<_root_> maccam_: oh you want to make an ftp server ok
<maccam_> we can sftp in.  we were doing it as root just fine, but I'd much rather only allow users to sftp in as themselves
<maccam_> _root_ noting against root  ;)
<vedic> Hello friends, is it possible to find if somebody has tried logging into the server via Live CD? or single user mode?
<vedic> I tried "last reboot|less" and it says that few days back somebody had restarted the server. I want to know if he was successful in logging in by any means
<vedic> I have ssh access to it and server is located at remote place
<guzzlefry> maccam_: sudo just lets users execute things as root when they call the command. You don't want that when using sftp anyway, too easy to make a big mistake.
<guzzlefry> maccam_: What I do is create a group called developers and add the users to that. Then set whatever directories to be owned by the developer group, and also add write permissions for group owner.
<vedic> is it possible to find if somebody has tried logging into the server via Live CD? or single user mode?
<vedic> I checked "last reboot|less" and it says that few days back somebody had restarted the remote server. I want to know if he was successful in logging in by any means
<tbird> i want to point http://mydomain.com to localhost in the hosts file. how do i do this?
<tbird> what is the correct syntax?
<fishcooker> http://paste.ubuntu.com/6464264/
<geoffmcc> I am trying to install ModSecurity in 13.10 server, but i am missing mods-available/mod-security.conf in apache directory. Does anyone have any experience with this?
<Rory> geoffmcc: How did you install ModSecurity?
<geoffmcc> Rory: apt-get install libapache-mod-security
<Rory> geoffmcc: Why do you think the config file should be in mods-available?
<Rory> geoffmcc: Do you have anything in /etc/modsecurity ?
<geoffmcc> Rory: because i need to sudo a2enmod mod-security
<Rory> geoffmcc: Can you please pastebin the output of "sudo apt-get purge libapache-mod-security && sudo apt-get install libapache-mod-security"
<Rory> !paste
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imagebin.org/?page=add | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<geoffmcc> Rory: http://paste.ubuntu.com/6465032/
<geoffmcc> Rory: I should also say, I purged it prior to you asking to do it that why says not installed
<Rory> geoffmcc: OK now can you do your a2enmod ?
<geoffmcc> Rory: ERROR: Module mod-security does not exist!
<geoffmcc> Rory: everything i read says it should be there.. I think i might try to git it rather than apt-get
<Rory> geoffmcc: Does the file mod-security.conf exist in /etc/apache2/conf.d ?
<Rory> geoffmcc: If it does, you could try moving it out of there into /etc/apache2/mods-available/
<geoffmcc> Rory: Yeah, i read that somewhere but  /etc/apache2/conf.d: No such file or directory
<Rory> geoffmcc: Can you do "sudo updatedb && locate mod-security.conf"
<geoffmcc> Rory: No results.... I think something changed from 12.04 to 13.10
<geoffmcc> Rory: I should probably run 12.04 anyways until the next LTS so maybe i will start again. I am working with a fresh install right now so it wont take me long
<Rory> I'd go with 12.04 probably
<Rory> That's what I use on servers
<geoffmcc> Rory: Yeah, i started to get it and then thought i would check out the latest as i have been away for a while. Thanks for trying though
<lifeless> hallyn_: around by any chance?
<lifeless> rbasak: hey
<lifeless> rbasak: I'm not sure they are dupes; since one is talking about running dhcpd *in* the container, the other is talking about the containers own ability to get connectivity.
#ubuntu-server 2013-11-24
<maccam> Hi, I'm wondering how to enable permissions for users to write into the www sub-directories over FTP
<maccam> can anybody help?
<dividebyzer0> help
<dividebyzer0> --?
<dividebyzer0> ahh nevermind, still trying to figure out this client
<maccam_> Hi all.  I have added new users to my ubuntu install so they can FTP into the machine.  The sub-directories under /var/www/ are owned by root:root.  The users do not currently have write permissions when FTPing in.  How do I fix this?
<andol> maccam_: Put the selected users in a designated group, and give that group write permission to the subfolder in question. After that you might also want to replace FTP with SFTP.
<maccam_> thanks andol.  We're actually using SFTP already, sorry
<maccam_> So since the directory /var/ and all contents are owned by root:root, how do I go about giving them group write permission to the folder?  I understand file permissions ok, but it's the group permissions that's hanging me up since I'm not as familiar with that
<eeureebz> hello all, Please, lost a whole day, ubuntu-desktop install hangs after a while in vbox (windows 7 x64) thx
<techkid6> Hey, why can't I get certain packages (No installation candidate) on Server 10.04LTS (like git) but can get them on 13.04 desktop.... I know lucid used to have git....
<andol> techkid6: In the case of git that package would have been named git-core in lucid, due to an historical naming conflict.
<techkid6> Ok, thanks
<andol> techkid6: In other cases it could simply be that those packages hadn't been packaged yet.
<techkid6> Oh, ok, thanks so much
<knoxy> Hi all... When I try to upgrade to kernel 3.2.0-56 I get this message http://paste.ubuntu.com/6470615/ Where I get these libraries?
<bekks> knoxy: Which ubuntu do you have?
<gdos> how can i configure leafnode for a local network (or ssh tunnels)?
<gdos> i do not want to subscribe to the 'BIG 8' news groups...just create my own.
#ubuntu-server 2014-11-17
<dominic1134> Hi guys, just want to inform you about a new open source email communication gateway project for ubuntu.  check it out www.openas.org  /  feel free to join us in #openas
<ProfessorKaos64> what do I need to do so I can ping / ssh by hostname on my ubuntu server instead of IP?
<maswan> setup DNS
<pmatulis> ProfessorKaos64: implement "hostname resolution" - (â  local file like /etc/hosts or â¡ a local OR internet-based mechanism like DNS)
<pmatulis> ProfessorKaos64: things to know: will you want others to do the same (or just yourself) and whether your server is internet-based or not
<ProfessorKaos64> just local LAN
<newbieubuntu> sup
<pmatulis> ProfessorKaos64: simplest is a local file then
<pmatulis> (/etc/hosts)
<newbieubuntu> anyone can help me with dovecot/postfix/thunderbird for lan-only email system ? I'm been looking and following guides for 2 weeks all over the net with no solutions because they all need MX and FQNS.
<ProfessorKaos64> I know of /etc/hosts, but this typically isn't an issue for my other computers, this is what I have in /etc/hosts
<ProfessorKaos64> 127.0.1.1	test-smb.192.168.11.100	test-smb
<fingertips> Does the 10.04.4 LTS server come with a private cloud solution?
<pmatulis> ProfessorKaos64: state the problem you're having in simple terms
<ProfessorKaos64> my archbox machine can only ping my newly created ubuntu server box by IP
<ProfessorKaos64> Normally I can see all client PCs on other distros, so I figured I just needed to add something
<fingertips> I ask here because I see it is not where ubuntu pr is pointing.
<pmatulis> ProfessorKaos64: what is the IP address and what name do you want it known by?
<ProfessorKaos64> 192.168.11.155 test-smb
<pmatulis> ProfessorKaos64: normally you want a FQDN for the name as well as just the hostname
<ProfessorKaos64> I mean, yea I could set this on ddwrt, but I normally don't have to
<pmatulis> 192.168.11.155 test-smb.example.com test-smb
<ProfessorKaos64> That would go in the hosts file of my Arch machine or the ubuntun server?
<pmatulis> the one doing the pinging
<pmatulis> (ping sender)
<ProfessorKaos64> ok
<pmatulis> what IP address does the sender have?
<ProfessorKaos64> 192.168.11.130
<pmatulis> ok
<ProfessorKaos64> works now thanks, so why normally is this not needed? is it because the ubuntu server doesn't typically report the hostname in the same way regular ol' ubuntu 14.04 LTS would?
<pmatulis> ProfessorKaos64: i don't follow.  is what not needed?  the above is needed to resolve the hostname to an address
<pmatulis> unless you use another method such as DNS
<ProfessorKaos64> normally, I can just ping any other PC on my network, I only had to add the ubuntu server. Perhaps the hostname is just not advertised the same. I can check my ddwrt setup
<fingertips> It looks like the desktop is not accessing the /etc/hosts file.
<pmatulis> to ping by name you MUST have some kind of name resolution set up
<fingertips> It is attempting to resolv a name that is in the file, why is this?
<pmatulis> fingertips: huh?
<pmatulis> fingertips: what problem are you having?
<fingertips> I have just stated the problem.
<pmatulis> fingertips: what is attempting to resolve a name that is in what file?
<fingertips> firefox and nslookup for example
<fingertips> They are attempting to resolve a name that is in /etc/hosts
<pmatulis> fingertips: so?
<pmatulis> fingertips: are you using DNS?
<fingertips> Does the software not look for it in /etc/hosts before contacting a dns server?
<pmatulis> fingertips: it depends how the host is configured (nsswitch.conf)
<pmatulis> fingertips: but some tools, and i believe nslookup is one of them, are strictly DNS thingies.  the host tool is one of them
<JanC> nslookup, host & dig only use DNS, IIRC
<fingertips> I take it firefox is using an internal resolver then?
<JanC> it uses the system (C-library) resolver
<JanC> there is some diagnostic tool that uses that too, but I forgot its name  :)
<newbieubuntu> anyone can help me with lan-network(intranet) mail postfix-dovevot ?
<pmatulis> !ask | newbieubuntu
<ubottu> newbieubuntu: Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<JanC> fingertips: are you familiar with any scripting language like Python or Perl?  most such languages have functions that call the "system resolver" function
<JanC> PHP probably has it too
<fingertips> familiar with shenanigans
<LinStatSDR> ^
<fingertips> Something funny is going on with firefox.
<JanC> fingertips: see 'man getent'
<JanC> more specifically the "*hosts*" related databases
<fingertips> looking
<JanC> that should show how most applications resolve domain names
 * JanC off to bed now
<fingertips>  HexChat: 2.9.6 ** OS: Linux 3.5.0-17-generic i686 ** Distro: Debian wheezy/sid ** CPU: 2 x AMD Phenom(tm) II P650 Dual-Core Processor (AuthenticAMD) @ 800MHz ** RAM: Physical: 7.7GB, 91.3% free ** Disk: Total: 5.3GB, 56.7% free ** VGA: Advanced Micro Devices [AMD] nee ATI RS880M [Mobility Radeon HD 4200 Series] ** Sound: HDA-Intel - HDA ATI SB1: HDA-Intel - HDA ATI HDMI ** Ethernet: Realtek Semiconductor Co.,
<fingertips>  Ltd. RTL8101E/RTL8102E PCI Express Fast Ethernet controller ** Uptime: 17h 38m 16s **
<newbieubuntu> anyone can help me with lan-network(intranet) mail postfix-dovevot ? i've followed this youtube video https://www.youtube.com/watch?v=1yKwIWRL97Q   but i cant login from the windows client to the squirrelmail login page
<newbieubuntu> its like this, I want to set up a mail system so that 5 of the windows clients in my home can email one another, but through lan and not internet.
<fingertips> newbieubuntu, just use postfix
<newbieubuntu> fingertips, is there any guide i can follow ?
<fingertips> the man pages
<pmatulis> newbieubuntu: just google 'postfix dovecot ubuntu'
<fingertips> you don't need dovecot or squirrelmail
<fingertips> you can just use postefix and the ip address or setup a wins name
<cryptodan> dovecot would be incoming IMAP or POP3 unless they want to use another POP3 server
<fingertips> newbieubuntu, that is not for internal home email systems
<newbieubuntu> what, guys
<newbieubuntu> so postfix is sufficient
<newbieubuntu> do i set up all the login mail accts from ubuntu itself ?
<newbieubuntu> googling "postfix dovecot ubuntu" shows up all the setting require QNDS, Domains, MX records
<cryptodan> newbieubuntu: what is it that you are wanting to do
<newbieubuntu> cryptodan, i want to set up a ubuntu mail server from scratch, make a mail system that allows the windows clients on my lan network to mail each other using thunderbird
<cryptodan> then you will need dovecot and postfix and that is it
<cryptodan> if you install Ubuntu Server 14.04LTS you can accomplish this
<newbieubuntu> i had it install
<cryptodan> did you do a sudo tasksel?
<cryptodan> and select mail server
<newbieubuntu> it will not be using internet connection, because i dont have a FQDN
<cryptodan> that can be anything like yourlan.lan
<cryptodan> setup a local DNS Server for that youlan.lan
<pmatulis> you don't need DNS
<newbieubuntu> ... ...
<newbieubuntu> i have make this mail.mail.local
<newbieubuntu> following https://www.youtube.com/watch?v=1yKwIWRL97Q
<newbieubuntu> confusing d....
<pmatulis> DNS for mail provides a MX record.  this tells a sender (usually an MTA) what next MTA to send mail to.  here, tbird will send directly to the ubuntu postfix server which will be the final destination so it won't need to do a MX lookup to send somewhere else
<pentagon_> newbieubuntu, all you need is postfix and use the ip addresses as mail addresses
<newbieubuntu> is there any simple guide i can follow. those i gets from google, i simply cut &paste the command changing the IP but its so confusing
<pmatulis> whaaaat?
<cryptodan> pentagon_: he wants incoming as well
<cryptodan> read what he wants
<pmatulis> windows (tbird) --> SEND --> ubuntu (postfix/MTA)
<pmatulis> windows (tbird) <-- RETRIEVE <-- ubuntu (dovecot/IMAP)
<pmatulis> in tbird you can choose your MTA (SMTP server).  so that's where the SENDER points to
<pmatulis> and same for retrieving.  you choose your IMAP server
<bugs_bugger> hi. im trying to set up 2 apache vhosts on one machine (one ip, 2 dns). but im not getting apache2 to use different root paths for the two domains. i followed the instructions here https://httpd.apache.org/docs/2.2/en/mod/core.html#virtualhost and had a look at the examples here https://httpd.apache.org/docs/2.2/vhosts/examples.html ... to no avail. what might i be doing wrong
<newbieubuntu> cryptodan, pmatulis, pentagon_ @ hmmm
<pentagon_> newbieubuntu, keep it simple
<newbieubuntu> or should i learn how to set up a dns server first
<pmatulis> newbieubuntu: why?
<newbieubuntu> it doesn't help if im just following onlien guides blindly
<newbieubuntu> can you guys tell me, what basic concept i should grasp first ?
<pentagon_> newbieubuntu, keep it simple
<pmatulis> newbieubuntu: i just told you the basics.  go from there
<pentagon_> gandi.net uses vhosts
<bugs_bugger> pentagon_: sorry, was that referred to me?
<pentagon_> It looks like this system has avahi. Does avahi act as a client and caching server?
<pentagon_> I resolve to call her up.
<pentagon_> avahi
<pentagon_> Does dnsmasg rely on avahi?
<pentagon_> dnsmasq
<pentagon_> Ubuntu is not designed to work well with a firewall.
<pentagon_> Wasn't there a kid looking to add firewall rules earlier?
<pentagon_> Where are the logs.
<pentagon_> There is some loopy fiasco going on with the DNS setup.\
<pentagon_> Wrong channel it was in #ubuntu.
<lotuspsychje> you guys have a package to manage upstart system services in /etc/init easily? or you still use the service.override trick?
<The_Tick> pentagon_: "not designed to work well with a firewall"?
<pentagon_> The_Tick, It never was.
<The_Tick> I'm not really sure exactly what that's supposed to mean though, I mean it's just linux
<The_Tick> is there some modification to the stack that's horribly different than the standards?
<pentagon_> horribly?
<qman__> the logs are wherever you decided to log to
<qman__> by default there are none
<qman__> just as by default there are no rules
<The_Tick> it's still iptables right?
<qman__> yes
<qman__> and optionally ufw
<The_Tick> ya that's not bad
<qman__> logging traffic by default is a surefire way to fill up disks unexpectedly
<The_Tick> is there some gui to help configure the rules and optionally log the specific rules?
<The_Tick> agreed, that'd be dumb
<lordievader> Good morning.
<qman__> I don't know if there are any GUI frontends for ufw. There are numerous ones for iptables and I can't recommend any of them.
<lordievader> Gufw ;)
<lordievader> Though it keeps its own tables...
<The_Tick> qman__: ya just thinking for people with a lot of rules sometimes it's nice
<The_Tick> but I don't understand the claim about it not being designed to work well with a firewall
<qman__> a well written shell script is vastly superior to any GUI tool for iptables
<qman__> ufw works a little different and it may work better there
<The_Tick> eh a gui is nice for seeing it all
<The_Tick> shell script could do that but it'd be fairly complicated, and iptables -L isn't utterly great sometimes
<The_Tick> regardless my point wasn't about that, whatever you do to admin it is fine
<lordievader> Each admin has their own tools they prefer, eh ;)
<faylite> java
<faylite> Wrong window ^^
<lordievader> faylite: No swearing :P
<Prezident> welcome dhill5156
<dhill5156> Hi all, my 12.04 server edition of Ubuntu doesn't detect my RAID5 array on my HP Gen9. What driver do i choose/need to use to resolve this???
<dhill5156> or is there a way of upgrading the 12.04 kernel to detect this array?
<dhill5156> the only array controller drivers on HP's site are under the windows sections
<dhill5156> and i put it onto a usb
<dhill5156> but 12.04 doesn't like it
<ReScO> hey people
<ReScO> i'm running three domains on my server, what is my FQDN?
<killall> Hello i have a problem
<killall> I establish a ssh tunnel to a remote machine B with -L 1234:C:5678 and i dont receive the response since the third machines C send the request to a port that is not forward, how can i fix it?
<pmatulis> ReScO: well, what are the hostnames and what are the domain names?
<ReScO> i've figured it out
<ReScO> i've called my machine deltapi
<ReScO> and i've set my PTR to pushforward.nl
<ReScO> so my fqdn is deltapi.pushforward.nl
<ReScO> right?
<pmatulis> ReScO: as long as your /etc/hosts file agrees with that then yeah.  test with 'hostname -f'
<adam_g> hallyn, any chance you know if sgabios known to work okay on trusty ?  trying to set <bios useserial='yes'/> for a domain, and see it passing the expected '-device sga' to qemu, but not getting anything from early boot on the serial
<hallyn> adam_g: haven't looked into it.  the pkg hasn't changed in ubuntu or debian since dec 2013
<adam_g> hallyn, actually i just found the issue, apparmor is denying libvirt's open of /usr/share/misc/sgabios.bin
<ReScO> i'm completely stuck trying to set up postfix+dovecot+mysql
<ReScO> http://paste.ubuntu.com/9060045/ postfix conf
<hallyn> adam_g: oh, feh.  pls file a bug and i can push that at least to vivid today
<adam_g> hallyn, will do
<hallyn> thanks
<jjohansen> ReScO: could you try linux-image-3.16.0-22-generic_3.16.0-22.29+jj_amd64.deb it has a bug fix for an issue that seems to be triggering with postfix
<ReScO> jjohansen: why would i need to install a package when i'm having configuration issues
<jjohansen> ReScO: oh, I missed that. I saw apparmor rejection and postfix when doing a quick scan
<jjohansen> I know the bug can trigger apparmor rejections with post fix
<sarnold> ReScO: do you have any DENIED lines in dmesg or audit log?
<sarnold> ReScO: it might yet be related :)
<ReScO> sarnold: i'm trying to set up postfix
<ReScO> but i'm having trouble
<ReScO> i have three domains
<ReScO> one has a SSL cert
<ReScO> the others don't
<ReScO> but, the domain with ssl is not the main email address domain
<ReScO> (api1.nl is the SSL domain, pushforward.nl is the important domain to catch email for)
<ReScO> i'm also stuck at how to set up such a server, the MySQL part is working and verified as working
<bantone> any way I can automatically update the repo lists in /var/lib/apt/lists/ instead of having to manually do 'sudo apt-get upgrade'?
<bantone> i am getting a lot of alerts on servers im managing about stale apt-cache
<bantone> of course apt-get update resolves it
<bantone> sorry not apt-get upgrade
<sarnold> bantone: if you're getting tired of manually managing your apt-get upgrades .. you could use the unattended-upgrades package, or you could use landscape.canonical.com
<sarnold> ReScO: sorry, I'm not postfix expert, I just know that some newer versions of apparmor had unexpected influence on postfix. but if you don't have any DENIED messages from apparmor, it's unrelated, and that's the limit of my knowledge :(
<jjohansen> ditto
<bantone> sarnold: awesome
<adam_g> hallyn, https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1393548, there y'ar.
<uvirtbot> Launchpad bug 1393548 in libvirt "libvirt's apparmor profile denies access to sgabios.bin" [Undecided,New]
<hallyn> adam_g: thank you sir
<shredding> Do i have to do something to start /etc/cron.hourly?
<shredding> it looks like my job does not run (though im not totally sure)
<qman__> The scripts in it must be exectable to runai you can check /var/log/syslog to see if it's running
<sarnold> shredding: any errors in logs?
<qman__> A non intuitive limitation, it won't run any scripts named with .sh on the end
<shredding> i have something like this
<sarnold> o_O
<shredding> http://pastebin.com/DgUyt6pk
<sarnold> interesting
<qman__> /etc/cron.hourly/myscript works, /etc/cron.hourly/myscript.sh does not
<shredding> my script ist just named âfetch_followersâ
<shredding> $ run-parts --test /etc/cron.hourly
<shredding> return â/etc/cron.hourly/fetch_followers"
<sarnold> can you read that email sent to root? I bet it contains the stderr of your job..
<shredding> how would i do that?
<shredding> Iâm root
<shredding> i guess the main problem is that iâm root and not someone with knowledge ^^
<sarnold> lol
<sarnold> mutt or pine or mail or less /var/spool/mail/root or something similar
<shredding> found it.
<shredding> http://pastebin.com/8UD3bAmn
<shredding> not sure what it means, though
<shredding> oh
<shredding> first line of my script is #/bin/bash
<shredding> is that a problem?
<shredding> #!/bin/bash would look better
<JanC> obviously :)
<qman__> Make sure you set PATH in your script if needed, cron runs with a minimal one
<JanC> I'm pretty sure the "hash" instead of "hash-bag" was te problem
<JanC> "hash-bang"
<shredding> cool
<shredding> thank you all!
<tkeith_> If I can SSH into a machine on an internal network, what's the easiest way to set up a VPN such that I have NAT access to that network through the machine via SSH?
<sarnold> tkeith_: I've seen an ssh+ppp "vpn" thing before, dunno if it's really the easiest way to get there though
<tkeith_> sarnold: I mean, I can get "almost" there with SOCKS tunneling, it seems like there must be a tool to make it easy to just get full NAT! But I could be totally wrong...
<jhobbs> sshuttle?
<jhobbs> tcp only though
<tkeith_> jhobbs: That should do the job... thanks!
<tafa2> anyone something as easy to use as newrelic servers but that is self managed? (but not cacti, naggios, zabbix, zenoss)
<JanC> tafa2: what's "newrelic"?
<tafa2> http://newrelic.com/server-monitoring
<JanC> so what's wrong with the 4 you named compared to them?
<JanC> what features do you need they don't offer?
<tafa2> ive tried all 4
<tafa2> and all are good and stable
<tafa2> but so heavy
<tafa2> resource intensive
<JanC> that probably depends on configuration also, dunno
<tafa2> probably
#ubuntu-server 2014-11-18
<storrgie> I've got a 13.04 box, when I do an update it's getting 404s... are updates not available for 13.04?
<teward> !crosspost > storrgie
<ubottu> storrgie, please see my private message
<Patrickdk> storrgie, defently not
<Patrickdk> 13.04 expired awhile ago
<Patrickdk> oh actually, a long time ago
<linocisco> hi all
<linocisco> I have installed ubuntu 14.0401 amd64 on HP Elite 8200 CMT with 8GB RAM. after installation, I found the fonts are so small
<linocisco> like big resolution
<linocisco> how could we fix that?
<linocisco> "sudo apt-get remove libpam-smbpass" fixed my problem. thanks anyway . thanks google
<linocisco> small fonts on ubuntu server CLI? why always? it didn't happen with CentOS or other non-debian linux. Is ubuntu server NOT ok with good resolution graphic cards?
<lordievader> Good morning.
<linocisco> good afternoon here
<linocisco> small fonts on ubuntu server CLI? why always? it didn't happen with CentOS or other non-debian linux. Is ubuntu server NOT ok with good resolution graphic cards?
<lordievader> Hey linocisco, how are you?
<linocisco> lordievader, busy
<linocisco> small fonts on ubuntu server CLI? why always? it didn't happen with CentOS or other non-debian linux. Is ubuntu server NOT ok with good resolution graphic cards?
<linocisco> wget http://downloads.asterisk.org/pub/telephony/dahdi-linux-complete/dahdi-linux-complete-current.tar.gz does NOT work. but apt-get WHATever wrok
<linocisco> wget never works
<linocisco> apt-get always ok
<Tm_T> how wget does not work?
<Tm_T> does "wget http://www.google.com/" work?
<linocisco> Tm_T, no
<lordievader> linocisco: Do you get errors?
<Tm_T> linocisco: for font size, you can change it atleast with "sudo dpkg-reconfigure console-setup"
<linocisco> lordievader, no error. just small fonts
<Tm_T> linocisco: you say wget doesn't work, so how it doesn't work?
<linocisco> Tm_T, Encoding to use on the console: currently selected UTF-8. what should I choose?
<Tm_T> UTF-8 is perfect choice
<lordievader> linocisco: I was talking about the wget issue.
<linocisco> Tm_T, character set =?, currently #Latin1 and Latin5 -western Europe and Turkic languages
<linocisco> lordievader, wget said network failed
<Tm_T> linocisco: if you want to change only font size then the choices are fine it has already
<linocisco> Tm_T, Font for the console,(Fixed, Terminus, TerminusBold, TerminusBoldVGA, VGA, Do not change the boot/kernel font) what to choose ?
<Tm_T> linocisco: whatever you want, I think I usually go with Terminus myself
<linocisco> Tm_T, currently default selected 16, i will try to choose 20x10
<Tm_T> linocisco: interesting issue you have there, I usually have to go to smaller than default
<linocisco> Tm_T, how about font type like (Arial, Ms-Sansif or something we can choose?) i found none
<Tm_T> linocisco: tty console doesn't work like that
<linocisco> Tm_T, u made my life easier . thanks
<lordievader> linocisco: About the wget issue, can you ping 'www.google.com'?
<linocisco> lordievader, no
<ObrienDave> you have internet access and can't ping anything?
<lordievader> linocisco: What is the output of 'ip r' and 'cat /etc/resolv.conf'?
<lordievader> !paste | linocisco
<ubottu> linocisco: For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imgur.com/ !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<delinquentme> $ nc -v -z salt.master.ip 4505 im supposed to be able to run this and have salt.master.ip resolve as a var for my salt master ... I was told to edit the /etc/resolv.conf ... however the internals of that file say NOT to edit by hand ... so where should I be editing this?
<lordievader> delinquentme: If you just want to add one host /etc/hosts is the way to go.
<maxb> delinquentme: You need to supply more context, we don't know enough about your environment to make useful suggestions on what you've said so far
<White_Cat> Can anyone help me resolve this tiny problem? I am trying to redirect port 80 to port 8069. Which I can do but it is overwritten on reboot.
<White_Cat> I use iptables -t nat -A PREROUTING -i venet0 -p tcp --dport 80 -j REDIRECT --to-port 8069 for this
<White_Cat> I have ufw installed - if that matters
<lordievader> White_Cat: Did you forget to save the rules?
<lordievader> White_Cat: Iptable rules are not saved automatically. You need to manually save them to a file and load them again on bootup.
<White_Cat> no I save them
<White_Cat> and they work
<White_Cat> until I reboot the server
<White_Cat> I use sudo iptables-save
<lordievader> White_Cat: Do you save the output of that command somewhere?
<White_Cat> lordievader as in?
<White_Cat> I dont save it anywhere beyond iptables-save
<lordievader> What I usually do is save them to /etc/firewall/$HOSTNAME.fw with "iptables-save > /etc/firewall/$HOSTNAME.fw" and load them by adding " iptables-restore < /etc/firewall/$HOSTNAME.fw" to /etc/rc.local
<lordievader> White_Cat: So you don't save the rules ;)
<White_Cat> http://pastebin.com/FgiPJxSr
<White_Cat> this is in /lib/ufw/user.rules
<White_Cat> lordievader seems like that way... :D
<White_Cat> shoud I add it into it?
<lordievader> White_Cat: What? To /lib/ufw/user.rules? No.
<White_Cat> okay so... where else? /etc/iptables.rules ?
<lordievader> Likely you want to grab only the part about the port forward and load that at boot.
<White_Cat> well, yes
<lordievader> White_Cat: I've already told you how I do it.
<White_Cat> I forward port 80 and 443
<White_Cat> I am very hesitant to touch this as I am uncomfortable messing with the firewall
<White_Cat> can you specify the filename for me?
<White_Cat> I dont want to break something because I am relly new to this and I have been reading through documentation since friday
<lordievader> What I usually do is save them to /etc/firewall/$HOSTNAME.fw with "iptables-save > /etc/firewall/$HOSTNAME.fw" and load them by adding " iptables-restore < /etc/firewall/$HOSTNAME.fw" to /etc/rc.local
<White_Cat> yes I read that
<White_Cat> is $hostname.fw the name of the file?
<White_Cat> I never seen $ in filename before
<White_Cat> sounds rich :p
<lordievader> White_Cat: No, it is a variable... Multiple hosts ;)
<White_Cat> lordievader okay
<White_Cat> so I did sudo iptables-save > /etc/iptables.rules becuase -bash: /etc/firewall/vps109053.fw: No such file or directory
<White_Cat> where should I put iptables-restore < /etc/iptables.rules ?
<lordievader> White_Cat: Err, you can also simply create the dir /etc/firewall ;) Anyhow I stick it in /etc/rc.local, but better would be to write an upstart script for it.
<Thumpxr_> is it possibly to notify me via mail when my server restarts/goes down/boots/has peaks in cpu/ram/etc?
<lordievader> Thumpxr_: Yes, that is called monitoring. (Zabbix, nagios, etc)
<Thumpxr_> lordievader: thanks. was on the tip of my thounge
<Thumpxr_> lordievader: do i need another server therefore? that wasn't my plan..
<lordievader> Thumpxr_: Not necessarily.
<DenBeiren> lordievader: are you here? i've got some new info on my samba problem
<lordievader> DenBeiren: Sure ;)
<DenBeiren> do you remember my situation or do i need to sum things up real quick?
<lordievader> DenBeiren: Please do.
<DenBeiren> i have two shares,.. test 1 and test 2
<DenBeiren> test 1 should be acc. for group "gebruikers" and group "directie"
<DenBeiren> test 2 should be acc. for group "directie
<DenBeiren> the usergroups make, change and store files in these dirs
<DenBeiren> strange thing is that when user a from usergroup "gebruikers" puts an existing file there, they all can make changes and use it as they would need to use it
<DenBeiren> but when they make a new file,.. only the user that made it can open it
<DenBeiren> the other users can change the name of the file, but they can't open it
<DenBeiren> is this making any sense to you?
<lordievader> DenBeiren: Yes, I remember asking what the user and group was of newly created files.
<DenBeiren> newly created files seem to be username:username
<DenBeiren> i changed ownership of existing files to user:groupname,.. and they are fine
<DenBeiren> new ones are username:username
<lordievader> As I figured, did I hint at acl's?
<DenBeiren> yes, but tbh i don't nderstand :s
<lordievader> DenBeiren: https://wiki.archlinux.org/index.php/Access_Control_Lists
<lordievader> I've never dabled with it myself, but I do understand that the acces control goes further than the standard unix file permissions.
<DenBeiren> seems like when a puts a file, and b changes the name, it changes ownership to the usergroup
<lordievader> DenBeiren: http://www.calculate-linux.org/main/en/setting_filesystem_acl
<caribou> utlemming: question regarding sosreport on cloud images
<caribou> utlemming: how could I correctly identify that I'm on a cloud image ?
<caribou> utlemming: any package that is specific to a c-i
<caribou> ?
<rbasak> caribou: /etc/cloud/build.info et al?
<caribou> utlemming: rbasak just mentionned /etc/cloud/build.info
<rbasak> caribou: looks like other files in /etc/cloud/ come from cloud-init, but build.info doesn't belong to a packge.
<rbasak> Not sure if that's "official" though, and will be maintained.
<tafa2> can anyone advise on how best to secure sysctl.conf and fstab? I've got this so far: http://pastebin.com/E6ESQNdh
<caribou> rbasak: sosreport already collects cloud-init.log & cloud-init-output.log
<rbasak> caribou: sosreport should probably collect build.info anyway actually, so you know which cloud image was in use
<caribou> rbasak: yeah, the idea is to build a cloud-image specific plugin & I'm looking for things to collect
<caribou> rbasak: so I'll start with that & bring an example of the plugin results here for you people to review
<xcyclist> So, I'm looking for a general reference on configuration and reporting for open files.  I am only familiar with lsof, and it appears ulimit won't work on some typical sudo access configurations.
<xcyclist> Asking also on #linux.
<caribou> rbasak: looks like the output of ec2metadata could be useful
<mfisch> zul: are you guys going to start packaging python-openstackclient?
<kyle__> Is there something special with how ubuntu-server does ulimits?  I've tried setting them like I have on other systems, but it doesn't seem to be taking.
#ubuntu-server 2014-11-19
<ruben23> hi guys , i have issue with my ubuntu server 12.04 LTS, when i boot it wont directly boot instead i need to select first then on the booting process and loading it just freezed on the boot process part ---->http://s17.postimg.org/6k37qen7j/20141119_081525.jpg
<ruben23> any idea guys..?
<ojeq> @find ubuntu 12 lts
<ojeq> !ping me
<lordievader> Good morning.
<blackyboy> In our Production server i can't login, Its a Ubuntu VM
<blackyboy> While i login its login and immediately log-outs
<lordievader> blackyboy: Tty or a gui?
<blackyboy> What may be the issue, Even i have tried recovery mode its giving some error
<blackyboy> lordievader: no its CLI server
<lordievader> "its giving some error" what error?
<blackyboy> wait 1 min sir let me take the error a screenshot
<lordievader> !screenshot
<ubottu> Screenshots can be made with the [PrtScr] button. Want to show us a screenshot of your problem? Upload an image to http://imgur.com/ and link the created page here.
<blackyboy> lordievader: http://i57.tinypic.com/2drvt6o.png
<blackyboy> imgur site not working now. so uploaded in tinypic
<lordievader> blackyboy: Do you have a backup?
<blackyboy> yes i have a backup
<blackyboy> But now i have copied this vm to other server
<lordievader> blackyboy: Good :) Grab a live-cd and check the drive. It looks to me like the disk is a bit broken (or the fs on it ofcourse).
<blackyboy> oh ok let me try sir thankyou
<blackyboy> lordievader: i have booted using a live cd, while i try to edit my network interface the file was reonly even i have executed this command , mount -o remount rw / and / have been mounted so i can't run fsck -y -C too
<blackyboy> Any idea ?
<lordievader> blackyboy: Err, you don't need to mount the install's /, so you can fsck it.
<blackyboy> lordievader: i got these following Device to use as root file system menu
<blackyboy> /dev/sda1
<blackyboy> /dev/sda5
<blackyboy> /dev/arrweb-vg/root
<blackyboy> /dev/arwebs-vg/swap
<lordievader> !paste
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imgur.com/ !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<blackyboy> assemble RAID Array
<blackyboy> lordievader: http://i.imgur.com/BgdmAc1.png
<blackyboy> after choosing do not use root im getting this http://i.imgur.com/FCg4e6y.png
<lordievader> Yeah, I suppose that first option is okay. What you want is a shell in an environment where you can check the filesystem on the harddrive.
<blackyboy> yes i have choosed it and which executing the command fsck.ext4 /dev/sda5 its says cannot continue aborting
<blackyboy> is in use
<lordievader> blackyboy: You want /dev/arrweb-vg/root
<caribou> rbasak: is the cloud-guest-utils package systematically in our cloud images ?
<caribou> well rbasak or anyone who can answer
<soren> caribou: cloud-guest-utils is part of the cloud-image task, so yes.
<caribou> soren: thanks
<soren> caribou: Since August 2013: http://bazaar.launchpad.net/~ubuntu-core-dev/ubuntu-seeds/ubuntu.vivid/revision/2156
<blackyboy> lordievader: can't fit :(
<blackyboy> Three vms recoverd just i have moved those vm to other host
<lordievader> blackyboy: Can't fit? Can't fit what?
<blackyboy> using live cd you told me to fix the filesystem
<lordievader> blackyboy: Yes...
<blackyboy> when ever using fsck -y -C it saying resource busy
<lordievader> blackyboy: What is the exact command you are using?
<blackyboy> lordievader: now i ran the this command fsck.ext4 /dev/arrwebs--vg-root and it said clean
<lordievader> blackyboy: Okay that is good :)
<blackyboy> let me restart the vm and check whether  its work now
<blackyboy> oh no
<blackyboy> my login screen came, while entering the username and password its just kicking me out
<neurotus> 2014 Nov 19 14:15:51 vps74689 PAM service(sshd) ignoring max retries; 6 > 3
<neurotus> what is this ?
<neurotus> keeps popping up on terminal now constantly
<Vladislav> exit
<Vladislav> quit
<Vladislav> quit
<neurotus> between few seconds
<neurotus> someone bruteforcing ?
<lordievader> neurotus: Is your sshd accessible from everywhere?
<neurotus> lordievader: yes
<lordievader> Then likely, yes.
<neurotus> it just started. have been having this server for years.
<neurotus> well all idents are not usernames
<lordievader> Then you've had them for years, install fail2ban.
<neurotus> some one is trying to root-login
<neurotus> from 122.225.109.196
<neurotus> gonna disable it
<lordievader> That is the most common username ;)
<neurotus> okay, knows my usenames
<neurotus> which it cant
<neurotus> because the idents are different than usernames
<neurotus> no. that was just cron-job
<neurotus> panic just made paranoid
<lordievader> As I said, install fail2ban.
<neurotus> i just made root-login disabled
<neurotus> lordievader: gonna do it
<mardraum> it is by default anyway.
<neurotus> wasnt able to read clearly
<neurotus> 14:18:40 user=root authentication failure
<neurotus> havent seen anything after that in auth.log
<neurotus> all logged users are from known ip's
<neurotus> so everything is fine
<neurotus> fail2ban log somewhere ?
<neurotus> 2014-11-19 14:25:28,483 fail2ban.actions: WARNING [ssh] Ban 122.225.109.196
<neurotus> nice
<neurotus> banned
<lordievader> neurotus: Err, you can also let it email you.
<lordievader> It can include whois info too.
<neurotus> i prefer tail -f /var/log/auth.log
<neurotus> one terminal for that :)
<neurotus> always ready
<neurotus> retired so have the time
<neurotus> that ip-range is from china
<neurotus> is there a tor-filter ?
<neurotus> and known public vnp's :)
<neurotus> would like to disable those
<lordievader> Firewall the subnet ;)
<neurotus> fail2ban already made fail2ban-ssh chain
<neurotus> so its enough for me
<neurotus> bruteforcing root :P
<neurotus> its possible but needs alot of luck :)
<neurotus> in theory
<phix> hi
<lordievader> o/
<phix> \o
<phix> what's up?
<phix> so how about that open source, pretty left wing right?
<nunizacu> bttter turn off root loogin
<nunizacu> and change shell to /bin/true
<nunizacu> just in case
<nunizacu> and use geoip to block all cn
<yossarianuk> hi - is anyone aware how long packages are supported for from the mysql.com apt repo ?
<yossarianuk> i.e http://dev.mysql.com/downloads/repo/apt/
<lordievader> yossarianuk: That is up to Oracle.
<yossarianuk> lordievader: thanks - I guess the version in the normal ubuntu repo is guaranteed till 2019 (the 14.04 packages anyway)
<yossarianuk> if I am upgrading from Mysql 5.0 -> 5.6 - should I upgrade from 5.1 -> 5.5 -> 5.6 or can a just from 5.0 -> 5,6 ?
<lordievader> !info mysql-server
<ubottu> mysql-server (source: mysql-5.5): MySQL database server (metapackage depending on the latest version). In component main, is optional. Version 5.5.40-0ubuntu1 (utopic), package size 12 kB, installed size 123 kB
<lordievader> yossarianuk: Err, 5.6?
<yossarianuk> lordievader: ubuntu 14.04 has in its normal repo MySQL 5.5/MySQL5.6 + mariadb 5.5
<yossarianuk> i.e - http://packages.ubuntu.com/trusty/mysql-server-5.6  - http://packages.ubuntu.com/trusty/mysql-server
<lordievader> !info mysql-server trusty
<ubottu> mysql-server (source: mysql-5.5): MySQL database server (metapackage depending on the latest version). In component main, is optional. Version 5.5.40-0ubuntu0.14.04.1 (trusty), package size 12 kB, installed size 123 kB
<lordievader> !info mysql-server-5.6 trusty
<ubottu> mysql-server-5.6 (source: mysql-5.6): MySQL database server binaries and system database setup. In component universe, is optional. Version 5.6.19-0ubuntu0.14.04.1 (trusty), package size 5331 kB, installed size 48118 kB
<lordievader> Ah, check.
<lordievader> yossarianuk: http://dev.mysql.com/doc/refman/5.6/en/upgrading-from-previous-series.html
<yossarianuk> lordievader: thank you.
<yossarianuk> and by all accounts I should be able to go from 5.0 -> 5.6 ...
<jvwjgames> hi
<jvwjgames> i need help
<jvwjgames> I did a distribution upgrade from 13.10 to 14.04
<jvwjgames> and my websites that used to live at /var/www is gone
<jvwjgames> and now 14.04 uses /var/www/html
<jvwjgames> how do i switch it back to /var/www
<jvwjgames> or migrate my site to /vaw/www/html
<nunizacu> ln -s
<nunizacu> or edit apache2.conf
<jvwjgames> ok
<nunizacu> 000-default in enabled sites maybe
<jvwjgames> just wondering
<jvwjgames> whitch is better ln -s symlinking or editing apahe2.conf
<nunizacu> whatever you like
<nunizacu> but i think path is in enables-sites/000-*
<lordievader> jvwjgames: http://httpd.apache.org/docs/2.4/upgrading.html
<jvwjgames> found it
<jvwjgames> 000-default.conf reads DocumentRoot /var/www/html
<jvwjgames> :)
<jvwjgames> i fixed it yay thanks guys
<jvwjgames> i don't have ssl on apache
<jvwjgames> how do i enable my website for ssl
<jvwjgames> cause i have an ssl cert
<lordievader> jvwjgames: https://www.digitalocean.com/community/tutorials/how-to-create-a-ssl-certificate-on-apache-for-ubuntu-14-04
<lordievader> jvwjgames: You can skip step two ;)
<jrwren> jvwjgames: didn't debconf ask you about overwriting those files in /etc/apache2 ?
<jvwjgames> yes
<jcastro> utlemming, hey the vagrant boxes are 14.04, not 14.04.1, who do I ping?
<jvwjgames> i fixed the problems thanks everyone
<jvwjgames> my website and ssl are fixed
<jvwjgames> why must updates change everything
<jvwjgames> one last problem to be fixed
<jvwjgames> url rewrite is deactivated
<jvwjgames> i need it other wise my websites goes no where
<qwaserdf> sudo a2enmod rewrite
<lordievader> jvwjgames: You upgraded from 13.10 to 14.04, change should be expected.
<jvwjgames> Module rewrite already enabled
<jvwjgames> but still not working
<qwaserdf> sudi service apache2 restart
<qwaserdf> sudo*
<jvwjgames> you guys can check for your self http://jvwjgames.net
<jrwren> jvwjgames: next time when debconf asks, just say "no" to replacing config files :)
<jvwjgames> ok
<jrwren> jvwjgames: the conf files will still be written along side the functioning conf files, but with a dpkg-dist file extension. Then you can diff and merge as you see fit.
<jrwren> with zero downtime.
<jvwjgames> ok
<qwaserdf> https works I guess
<jvwjgames> should apache have been updated to latest version when i updated to 14.04
<jvwjgames> cause this site is reporting that i have outdated apache software http://sitecheck.sucuri.net/results/jvwjgames.net/
<lordievader> !info apache2 trusty
<ubottu> apache2 (source: apache2): Apache HTTP Server. In component main, is optional. Version 2.4.7-1ubuntu4.1 (trusty), package size 85 kB, installed size 462 kB
<lordievader> jvwjgames: Do you have 2.4.7?
<jvwjgames> yes
<jvwjgames> but just to make sure how do i check
<lordievader> jvwjgames: apt-cache policy apache2
<jvwjgames> Installed: 2.4.7-1ubuntu4.1
<jvwjgames>   Candidate: 2.4.7-1ubuntu4.1
<jrwren> jvwjgames: that site is using FUD to sell you firewalls.
<jvwjgames> hmm
<jvwjgames> i wish the websit web of tust didn't use that site then
<jvwjgames> cause my site is being evaluwated by a web of trust site
<jvwjgames> and this is what they had to say
<jvwjgames> https://www.mywot.com/en/forum/51594-jvwjgames-net
<jrwren> jvwjgames: odds are that they are reading Server line out of HTTP headers. Use the ServerTokens directive to limit the information you leak there.
<jrwren> jvwjgames: https://httpd.apache.org/docs/2.2/mod/core.html#servertokens
<jvwjgames> ok
<patdk-wk> I hate stupid websites like that
<patdk-wk> making you think your *secure* cause your on bleeding edge
<patdk-wk> and everything else is crap
<jrwren> patdk-wk: +1 on the hate. Really sad that a 3rd party is using that to verify something.
<patdk-wk> more sad they are using it to *sell* something :)
<jrwren> patdk-wk: That is all it is, is a sales tactic.
<jrwren> "Look, you aren't secure. Buy our magic pixie dust."
<jvwjgames> lol
<jvwjgames> good one
<jrwren> my previous job was in the security industry. I quickly learned that it is a racket.
<patdk-wk> I would guess restricting version info works
<patdk-wk> cause it doesn't detect mine is HORRIBLE old :)
<patdk-wk> jrwren, worst yet is, 99% of security companies, distribute their software over http, without protection
<jrwren> patdk-wk: we did not. :)  We used SSL and even used client certificate authentication.
<jvwjgames> nice
<jvwjgames> i still need my rewrite to work otherwise my site is broken
<patdk-wk> heh?
<patdk-wk> what rewrite?
<jrwren> jvwjgames: oh, your old conf files should be there with a .dpkg-old extension if you would like to compare them or put them back.
<mgz> smoser: review please! https://code.launchpad.net/~gz/simplestreams/setup_user_install/+merge/242248
<smoser> mgz, done
<mgz> smoser: ta!
<jvwjgames> jrwren: where is the old conf located
<jrwren> jvwjgames: apache config is in many files. find /etc/apache2 -name '*.dpkg-old'
<jvwjgames> ok irestored old config
<jvwjgames> but apache fails to start
<jvwjgames> [Wed Nov 19 11:37:17.907774 2014] [ssl:emerg] [pid 10365] AH01892: Illegal attempt to re-initialise SSL for server (SSLEngine On should go in the VirtualHost, not in global scope.)
<jvwjgames> i have it in virtual host
<jvwjgames> nevermind i fixed it
<jvwjgames> ewrite is still deactivated
<teward> jvwjgames: you might have to turn on the rewrite mod...  a2enmod rewrite
<jvwjgames> still not working
<jrwren> confirm that rewriteengine on is where you think it should be?
<jrwren> grep -iR rewriteengine /etc/apache2/
<jvwjgames> error
<jvwjgames> when typing that command
<jvwjgames> but no listings
<jvwjgames> jrwren: any ideas
<jrwren> jvwjgames: i don't know about the error. If you get zero results, then you must enable turn on the rewrite engine somewhere.
<jvwjgames> ok
<jvwjgames> ok i got rewrite working parshaly
<jvwjgames> i edited the file apache2.conf and added server tokens prod and serversigniture off but it is still there
<jvwjgames> and yes i did a restart and reload of apache
<jrwren> jvwjgames: i just changed mine and it works for me. You must not be editing the correct files or correct virtual hosts.
<miccheck> hi. i'm new to linux and recently setup a vps running ubuntu to host a web blog. i'm running UFW. is that good enough for a simple blog server? i also don't have a IDS installed. is that necessary?
<sarnold> miccheck: ufw is good, there's no real need for an IDS though it never hurts to keep an eye on your logs
<lordievader> miccheck: Do you have an sshd running on it? If so fail2ban might be a nice addition.
<miccheck> ok, cool. yeah, i setup fail2ban as well.
<teward> lordievader: he could also restrict SSH to his IPs, `iptables -A INPUT -p tcp --dport 22 -s HISNET -j ACCEPT` or something, but still.
<teward> only owrks if you have a static set of IPs.
<teward> (not the case in most instances)
<miccheck> i'm a bit nervous maintaining my own vps without knowing much about it, but sounds like i'm doing some of the right things
<lordievader> teward: True, but with ssh I like to apply blacklisting as I use a few different dhcp addresses in different locations.
<lordievader> miccheck: One learns it somewhere ;)
<teward> lordievader: indeed.  'Course, in my case, my VPSes are key-auth-only which helps a bit
<miccheck> yep, in the process now! coming along. i'm really digging linux and the command line stuff, although not sure what i'm doing completely yet
<Kartagis> teward: speaking of which, when do we need -m tcp in iptables?
<teward> Kartagis: `-p tcp` implies `-m tcp` i believe
<Kartagis> I've got iptables -A INPUT -s my.ip.add.ress/32 -p tcp -m tcp --dport 8983 -j ACCEPT. is -m tcp extra here?
<gbkersey> Kartagis: no it is not.
<teward> gbkersey: it's not extra, but it's implied as part of `-p tcp` - for instance, this rule I added with `iptables -A INPUT -p tcp --dport 18333 -j ACCEPT`: A INPUT -p tcp -m tcp --dport 18333 -j ACCEPT
<miccheck> here's another one. suppose i want to write a script to copy files from my mac to my ubuntu vps via ssh. how is that done given that ssh will ask for a password when running the ssh user@vpsIP part?
<teward> at least, afaik it's implied by -p tcp
<Kartagis> man says -m is match
<miccheck> i've tried to do it manually via scp and sftp and keep getting permission denied errors when trying to copy directly into my site directory
<miccheck> i think i've got the wrong permissions
<gbkersey> teward: you are correct, it is implied...
<sarnold> miccheck: feel free to chown -R your site's htdocs directory to your user account, just be sure to keep the permissions such that the web server can read the files
<teward> Kartagis: you're right, it does mean match.  However, in the case of -p tcp, -m tcp is implied.  it's not extra, but it is implied with just `-p tcp`
<teward> gbkersey: right, that's what I thought :)
<Kartagis> k
<teward> TBH i'm far from an iptables expert, my firewall on my networks is a pfSense appliance, the only system with its own iptables ruleset is this one laptop I take offsite
<teward> but for my uses i know what i need to know :)
<miccheck> ok, thanks. it's running nginx, so different directory structure, but i think same process
<miccheck> what about for running a copy script that uses ssh, will the terminal just ask for the vps login when it gets to that part?
<sarnold> miccheck: it's worth setting up ssh keys and running a local ssh agent so you don't have to supply login passwords all the time
<teward> ^
<miccheck> hmm, i thought i did that and that's what allowed me to ssh into the vps in the first place, but it does still ask for a password. hmm.
<K4k> The new way of configuring networks in 14.04 really confuses me... I've got a if-up.d config that sets the static route for eth0 but with I ifup eth0 && ifdown eth0 I receive and error 2 on that file. If I try to run the ip route add command manually I receive "RTNETLINK answers: File exists" but there is no route currently set for eth0
<K4k> What am I doing wrong here?
<rbasak> Details please. What's the error exactly? What's the command that fails exactly? etc.
<K4k> The whole error is "RTNETLINK answers: File exists" The command inside the if $IFACE = "eth0" in the if-up.d file is `ip route add 192.168.1.0/255.255.255.0 via 192.168.1.1 dev eth0`
<K4k> when the if-up.d script runs as part of `ifup eth0` I receive a return code 2
<K4k> which I assume is because `ip route add ...` fails
<rbasak> Your route to 192.168.1.0/24 is via 192.168.1.1? How do you expect that to work?
<rbasak> Are you sure you got that right?
<K4k> er... not 100% sure
<rbasak> That's a recursive route.
<rbasak> How do you get to 192.168.1.1?
<K4k> that's the gateway for the network this system is on
<K4k> but because of the puppet module I'm using, I can't set a gateway in /etc/network/interfaces
<K4k> I have to set it in as a route
<rbasak> Maybe you want a default route.
<K4k> which I thought was kind of dumb but I'm trying to go with it
<rbasak> What you're asking it for makes no sense.
<K4k> I didn't think so but that follows the example on the module README
<rbasak> Probably best to fix your puppet module though.
<rbasak> Sounds like the README is wrong then.
<K4k> :) glad we've come to the same conclusion about that
<K4k> now that I know how it's translating what I put into the class into the if-up.d script I think I can make it work. Thanks!
<jvwjgames> is there a way for a device to emit a cetain hostname
#ubuntu-server 2014-11-20
<miccheck> hi. i'm trying to ssh into a remote vps server from a mac. i've setup the keys and was unable to ssh in as a given user without always entering my password. i finally got it to work without a password using the following format: ssh -i pathToPrivateKey -p portNumber user@vpsIP. Is this the right and necessary way to do this?
<sarnold> miccheck: you ought to be able to use an ssh agent on os x somehow, you could add keys to it via ssh-add -t 3600  (for a key that expires in an hour)
<sarnold> miccheck: you can configure things in the ~/.ssh/config file using per-host matches if you wish to e.g. use different keys for different hosts
<sarnold> or use different login names for different hosts
<miccheck> oh, ok. i'm new to linux, so didn't know that. thanks!
<miccheck> another one. if i run sudo apt-get update && sudo apt-get upgrade, do i run the risk of taking down my system and causing issues?
<sarnold> miccheck: that really should be fine. in ~17 years of using debian and ubuntu I've only once had an upgrade break something "badly"
<sarnold> miccheck: we test updates before publishing them, and while mistakes happen, by and large they should be safe.
<miccheck> great, thanks! this channel is so useful!
<sarnold> :)
<miccheck> do you recommend dist-upgrade instead?
<sarnold> I use dist-upgrade but that's only because that's what my fingers learned when I used debian unstable daily
<sarnold> it shouldn't be necessary to use dist-upgrade for 99% of your upgrade needs but it also shouldn't hurt anything
<miccheck> sarnold: thanks again!
<sarnold> miccheck: you're welcome ;) have fun
<lordievader> Good morning.
<fingertips> does ubuntu have a script to reset the FQDN?
<fingertips> where is the script?
<blackyboy> Hi, My ubuntu production vm got one problem, It's not getting inside my VM username and password are right, Issue was when everr i login its getting kick out from login.
<kevindf> If you have the following network address: 192.168.1.0/24 and you need 9 subnets from tesame size (classfull) you would need 192.168.1.0/28 if i'm correct?
<liveuser> What DNS server options are there?
<andol> liveuser: As in an authoritative dns server or as in a dns resolver?
<liveuser> Something that I can use to rename/name sites.
<liveuser> /etc/host doesn't work well with these vhost servers.
<liveuser> Why does lspci persist in reporting the wrong model for the wireless chip? This happened after loading a non working kernel module driver. Before loading it no model number was reported.Now, after unloading it the wrong model persists to be reported.Is this a sign that wrong firmware was sent to the chip?
<liveuser> ApplesInArrays: Why does lspci persist in reporting the wrong model for the wireless chip? This happened after loading a non working kernel module driver. Before loading it no model number was reported.Now, after unloading it the wrong model persists to be reported.Is this a sign that wrong firmware was sent to the chip?
<liveuser> eeprom
<liveuser> wolf
<liveuser> where is daisy
<liveuser> daisy
<liveuser> whats this cherufe and wolf vostek
<liveuser> the wolf on what movie
<liveuser> these things watch themselves
<liveuser> What is it atreyu
<liveuser> andol: do you read?
<fingertips> andol: respond
<fingertips> andol: you in I know
<fingertips> mdeslaur: What is stack smashing?
<fingertips> Wrong eeprom
<caribou> rbasak: you're the last one that merged libnss-ldap (a while ago)
<caribou> rbasak: I've worked on the merge since there is a critical bug tied to it : LP: #1387594
<caribou> rbasak: would you by any chance have time to review my merge work & sponsor ?
<rbasak> caribou: I can try, but realistically I'm in a sprint in Austin at the moment, am on vacation next week and I have too much to do this week and too little time :(
<rbasak> caribou: is it in the sponsrship queue?
<rbasak> caribou: I have a topic at the sprint this week about keeping up with this sort of thing. It is a concern to me that I can't do this. I should be able to. Sorry.
<caribou> rbasak: yes it is. no worry infinity has already offered to help
<caribou> rbasak: but he's on vacation. As long at they don't rebuild the archive we're safe
<caribou> rbasak: so no worry; I only thought about the sprint after asking :-)
<rbasak> caribou: I've put it on my TODO if I do get to it. The libnss-ldap delta is pretty extensive though and I've never merged it before.
<rbasak> In fact I was a bit surprised I have upload rights to it :)
<poseidon> Anybody here have hhvm on ubuntu 14.10?
<ubuntu-studio> my server's motherboard died. My HDD is good (some corruption, but not anything important) Is anyone available to help walk me through saving my MySQL databases and migrating them to a new install?
<johncarp> I've got 2 servers running, 3 PC's and about 5 wireless devices. I also got 2 routers, In order for all the devices to be able to communicate like it would be a single network i should subnet it?
<teward> johncarp: you can do that, but that gets tricky if it's standard consumer-grade routers - they don't like multi-subnets.  you'd still need a L2 device to handle the communication across subnets.
<teward> (I have a similar setup, but with 8 different LAN segments here at home, and I have a pfSense device acting as the L2 device)
<johncarp> teward Oh i see, I will be doing some research :) thanks for letting me know
<johncarp> teward i'm using dd-wrt on my second router
<kpettit> Can you run PHP and Ruby on Rails on the same server on port 80/443?
<kpettit> I want to have one virtualhost that is PHP/WOrdpress then another virtualhost that is Rails
<sarnold> kpettit: yes, often times someone will run apache, nginx, or haproxy on port 80/443 for "their website" and it'll reverse proxy to the servers running php or ruby on rails or python or whatever on the system or other computers
<kpettit> ok cool.  I'm good with LAMP stuff, but the rails stuff is new too me.  Trying to make sure I can host the customers PHP and Rails stuff like I wanted
<ApplesInArrays> I set up this 'crontab -e': "*/1 * * * * /var/www/html/contentCron.php". If I run it in browser ,I can see the change in the database, but after waiting a few minutes, I don't think it's running. How can I diagnose this?
<sarnold> ApplesInArrays: does /var/www/html/contentCron.php have the execute bit set? is php set as the interpreter in the #! line?
<sarnold> ApplesInArrays: are there any error messages in root's mail?
<ApplesInArrays> rw-r--r-- 0644 ok?
<sarnold> try 755
<ApplesInArrays> Nobody had execute rights according to 644, right?
<sarnold> correct
<ApplesInArrays> When i visit the site through a browser, why does it run?
<ApplesInArrays> apache serves it, but nobody had execute rights. Does apache read/interpret it?
<sarnold> because the web server has been configured to send php files through a php interpreter
<ApplesInArrays> but crontab -e would be literally executing the php script?
<sarnold> probably via mod_php or fastcgi or similar
<sarnold> yeah
<sarnold> you could also do something like /usr/bin/php /var/www/html/contentCron.php   in the crontab
<ApplesInArrays> what you just wrote is the same as me typing 'php /var/www/html/contentCron.php' in terminal, righT?
<ApplesInArrays> maybe crontab just doesn't have... 'namespace' like I do in terminal?
#ubuntu-server 2014-11-21
<sarnold> ApplesInArrays: well, your shell will look up 'php' via the PATH environment variable; cron's PATH is usually not the same as your PATH :) so give full pathnames to things in crontab entries to make your life easier
<ApplesInArrays> when I type in /var/www/html/contentCron.php it doesn't work in termainl.
<ApplesInArrays> This means that my crontab -e won't work, either without /usr/bin/php, right?
<sarnold> setting the execute bit on /var/www/html/contentCron.php is just one step; for that to work, you also need #!/usr/bin/php     as the first line of your file
<ApplesInArrays> */1 * * * * #!/usr/bin/php /var/www/html/contentCron.php now
<ApplesInArrays> alright, and it looks like it just ran.
<ApplesInArrays> #! is to summon namespace?
<sarnold> ApplesInArrays: d'oh, sorry, the #! piece of the advice is specific to interpreted files..
<sarnold> ApplesInArrays: so you'd either put #!/usr/bin/php   as the very first line of /var/www/html/contentCron.php   or you'd just use /usr/bin/php /var/www/html/contentCron.php   in the crontab
<ApplesInArrays> I see
<sarnold> ApplesInArrays: check out a file in /etc/init.d/, like /etc/init.d/console-setup  -- note the first line is #!/bin/sh
<ApplesInArrays> sure, let me take a look
<sarnold> ApplesInArrays: that tells the kernel when you execute /etc/init.d/console-setup that it needs to run /bin/sh and give the file to /bin/sh to execute
<ApplesInArrays> /bin/sh is shell
<sarnold> yeah
<ApplesInArrays> So that means it's using the same namespace I'm using?
<sarnold> yeah, by default everything runs in the same filesystem namespace; it's still an area of active research and development to change filesystem namespaces for different processes
<ApplesInArrays> I could type out that document line-by-line in terminal and it'd work?
<sarnold> it should
<ApplesInArrays> sarnold: thanks. You didn't just walk me through it, you may have actually taught me something.
<sarnold> ApplesInArrays: excellent :)
<fingertips> Why does lspci persist in reporting the wrong model for the wireless chip? This happened after loading a non working kernel module driver. Before loading it no model number was reported.Now, after unloading it the wrong model persists to be reported.Is this a sign that wrong firmware was sent to the chip?
<evo> hi! my sevrer's motherboard died. i tried following directions on how to recover mysql from old hdd to new install from ubuntu forums but when i try to start the mysql service, the service fails to start. can anyone help walk me through?
<evo__> hi! my sevrer's motherboard died. i tried following directions on how to recover mysql from old hdd to new install from ubuntu forums but when i try to start the mysql service, the service fails to start. can anyone help walk me through?
<sarnold> hey evo__, you didn't miss anything while you were gone
<evo__> k
<evo__> thanks
<grendal_prime> i got a werid situation with a router.
<grendal_prime> so trying to build an internet filter that uses iptables
<grendal_prime> basically an iptables router with nat, and then i just deny all port 80 traffic accpet for the domains i want.  it works for some domains..but others they just never make it though.
<grendal_prime> im using he forwarding ruleset to do the accept and drop everything else rules.
<grendal_prime> works for like mobymax.com and www.discoveryeducation.org but like www.pbs.org..its a nogo.
<fingertips> I am guessing that the ip is being masqued, but it worked before.
<fingertips> I cannot ping the other machine.
<fingertips> How does one show routes?
<fingertips> show routes
<fingertips> Yes it needs lemike
<fingertips> So I can just say "show routes"
<LeMike> pardon?
<fingertips> LeMike: This machine cant ping my ubuntu server.
<LeMike> Whatever you meant fingertips - I just joined the room, said nothing and can't remember the topic. Sorry!
<caribou> rbasak: well Merge-O-Matic says that you have touched it last, which is why I pinged
<caribou> rbasak: I'll forward the email I sent to infinity about it
<lordievader> Good morning.
<fingertips> morning
<fingertips> lordievader the dpk-pkg scrpt failed
<lordievader> fingertips: Err, background?
<fingertips> compiling the kernel
<lordievader> fingertips: Why?
<fingertips> code 2
<lordievader> fingertips: I have no idea what you are talking about...
<fingertips> compiling the kernel
<lordievader> fingertips: This doesn't explain anything, start with the beginning...
<fingertips> compiling the kernel results in dpk-pkg error code 2
<lordievader> Still doesn't explain why you are compiling a kernel in the first place.
<fingertips> to add the domain name in kernel
<lordievader> That can simply be configured. Compiling a kernel for that is a really bad idea.
<fingertips> along with other things lordievader
<fingertips> wireless drivers
<fingertips> skynet
<lordievader> Along with [1], I haven't seen any reason for compiling it yourself. [1] http://ubuntuforums.org/showthread.php?t=1966386
<lordievader> Let me put it differently, you know that Ubuntu does not support running custom compiled kernels?
<fingertips> :-D
<fingertips> lordievader this is for the real skynet
<fingertips> lordievader firmare
<Cloudman> Hi are Ubuntu updates altering grub time outs and causing boot problems?  -1 for example!
<qman__> Cloudman: not that I'm aware of, you may be running into this: http://askubuntu.com/questions/178091/how-to-disable-grubs-menu-from-showing-up-after-failed-boot
<Cloudman> qman__: ty, I think my server provider is fobbing me off
<caribou> rbasak: FYI, seb128 has done the merge for libnss-ldap so you don't have to worry about this one
<rbasak> caribou, seb128: thanks!
<koolhead17> hello all
<lordievader> o/
<jak3000> hi all
<jak3000> i do this: ifconfig eth1 192.168.0.162/24 up  and then:  route add default gw 192.168.0.254   how to make this changes permanently (when i rebooth the server, again need type these 2 commands) for enable the network thanks
<lordievader> jak3000: Define the interface in /etc/network/interfaces.
<jak3000> lordievader thanks
<jak3000> testing
<funcoland1> Hey guys/gals.. I was trying to install a newer version of the Ubuntu 3.13 kernel as I'm doing the install from CD for 14.04.1.. is it possible to have debconf install the newer version instead of the stock one?
<funcoland1> Or, a method that will install the kernel via preseed as a preseed late_command would work.. if anyone can help that would be awesome
<jak3000> lordievader done!! worked thanks
<jak3000> how to upgrade my pakages for install ubuntu-server the lastest version?
<lordievader> jak3000: sudo apt-get update&&sudo apt-get dist-upgrade
<jak3000> lordievader done
<jak3000> thanks
<joren> Hey, I'm trying to figure out how to add some packages to the ubuntu server initrd but am running into problems because of how minimal it is (no dpkg.) Is there a good way to go about this? Is there a "Live Server" image available somewhere that includes the debian installer components?
<bekks> joren: the initrd is designed to contain required modules only.
<bekks> joren: What are you actually trying to do?
<jrwren> joren: initrd is designed to be minimal to get the rest of the system up. pivot_root, IIRC. What do you need?
<joren> I'm thinking I might just try with a livecd, strip out the gui and whatnot
<joren> networking died on me, not sure if I missed more lines from bekks
<kyle__> I'm curious, does anyone actually use the intel matrix-raid for their boot device.  On a server?
<jrwren> joren: if you need to add kernel modules to your initrd, add to /etc/initramfs-tools/modules and rerun update-update-initramfs
<joren> ah, I meant the initrd.gz on the ubuntu-server iso. I'd like to add more packages to the installer enviroment
<kyle__> joren: You mean to be installed by default, or available durring the installer?
<joren> kyle__, available during the installer.
<kyle__> joren: I think that'sin the in initrd.gz, but I haven't done that in ages, so wiser heads are needed.  Sorry
<joren> yeah, that's were I need to put them. I just can't really figure out an easy way to install packages to that enviroment.
<joren> I'm sure I'll get it eventually.. :)
<gbkersey> joren: so the installer environment doesn't have networking?
<joren> it does, but there's no dpkg or apt
<joren> (I was just chrooting into the initrd)
<gbkersey> you can load udebs from the network...  I do this with a preseed.cfg file...
<maxb> joren: You should give some more details about what exactly you're trying to achieve
<maxb> Also if you specifically mean the d-i (debian-installer) installer environment, make sure to say that and not just initrd, since initrds are using in various contexts, and it matters quite a lot to how you might go about adding stuff
<joren> gbkersey, interesting, thanks. maxb, I'd like to have dell's server tools available during the install, I was hoping to find a way to install those packages and their dependencies to the d-i's initrd image
<bekks> joren: Whats the issue behind all that? What are you trying to do besides getting the commands dpkg or apt-get?
<joren> I'll look around at the udebs a bit though, they look like they might do the trick
<bekks> Ah, the Dell server tools - what do they do?
<maxb> If you can build an udeb of what you need, that's a way to start, however the tricky bit is likely to be merging the udeb into the APT repository being used for early d-i setup
<joren> set bios settings is the main one I'd like to use, firmware upgrades too though. Would be nice to do all of that during the install
<maxb> It seems to me you'd have an easier and more maintainable setup if you just did that sort of stuff as something that ran on first boot of the real installed OS
<joren> I was starting to think exactly the same thing just as I started getting some responces in here. :)
<maxb> Could you give me something to Google for how to set Dell BIOS settings from a tool in Ubuntu? Sounds like something I could make good use of :-)
<joren> another thing is getting the service tag to use for a hostname, but I think I can do that via dmidecode
<joren> maxb, yeah, just a sec.
<maxb> 'dmidecode -s system-serial-number' is what you want for the service tag
<joren> maxb, it depends on the idrac version you have. we've got idrac6 enterprise cards so I'm using syscfg (via syscap.sh and sysrep.sh) from the dell dtk. Racadm is supposed to be able to do it on the idrac7 cards. (would be nice 'cause then I could just set them all remotely before even powering on the servers)
<maxb> OK, I have 5s, 6s, and 7s so there will be useful things to do some reading on
<joren> I really wish mine were 7s
<joren> no dmidecode on the installer env either :(
#ubuntu-server 2014-11-22
<mofies> have any of you guys played around with an ejabberd installation?
<mofies> . . .
 * bogusboxen waves
<sarnold> bogusboxen: it tends to work best to keep the same nickname after asking a question, otherwise people not just check "oh, mofies is gone" ..
<bogusboxen> did I ask the same question twice? my bad. . .
<bogusboxen> My question was to elicit discussion
<sarnold> bogusboxen: "mofies" asked the question :) hehe
<bogusboxen> true enough
<bogusboxen> I've never had a permanent(semi) nick before
<bogusboxen> sarnold: in your experience, are most of the lurkers bots, or are they people who just leave their chat running but don't prefer to talk?
<sarnold> bogusboxen: dunno. a great many people join plenty of channels but set up highlights on a few things the ycare about, and then hide the channel. I'm in dozens of channels that I never actually -look- in them unless I'm highlighted..
<sarnold> bogusboxen: most people tend to work ~ten hours a day, leaving the other 14 hours asleep or doing other stuff, so there's another 60% of potential respondents missing at any given time..
<bogusboxen> sarnold: That's what I figured
 * bogusboxen googles highlights
<sarnold> irssi spells it 'hilight', I just can't bring myself to type that though :)
<bogusboxen> Yep
<bogusboxen> It seems that pidgin doesn't have that feature by default. . .
<kyle__> I'm curious, does anyone actually use the intel matrix-raid for their boot device.  On a server?
<sarnold> kyle__: I know a business that relies upon it extensively for windows desktops and their (severely under-budgeted) windows servers
<sarnold> kyle__: I suspect folks running linux use mdadm instead :)
<kyle__> sarnold: Wow.  Although I don't know the quality of the windows software raid system...mostly cause I don't use windows servers voluntarily.
<kyle__> sarnold: Yeah, that's what I thought.
 * kyle__ sighs
<kyle__> I never considered the bios-raid suitable for production servers, but it's been so long since I've looked at it, I was wondering if I was prehaps holding an outdated opinion
<gbkersey> kyle__: I definitely would not use bios-raid...
<ChrisP> Evening Scott, easy as pie setup
<ScottK> Hello ChrisP.
<ScottK> rbasak: ChrisP is interested in learning about packaging, in particular he's keen to help out with clamav.
<brianw> Hello!
<lordievader> Good morning.
<Alina-malina> how to run qemu ubuntu server inside another ubuntu-server?
<lordievader> Alina-malina: What do you mean exactly?
<Alina-malina> well i have ubuntu server host, i want to run another guest ubuntu-server inside qemu
<merovingian> not suráº¹. here to learn :)
<Alina-malina> well, i know how to do that, i am just wondering if it will work, or i need the host ubuntu to be a GUI based one?
<lordievader> Alina-malina: Install virt-manager, it'll make it easier.
<Alina-malina> what is that?
<lordievader> All things can be done with virsh but virt-manager is ofter easier to someone new to kvm.
<lordievader> !info virt-manager
<ubottu> virt-manager (source: virt-manager): desktop application for managing virtual machines. In component universe, is optional. Version 1:1.0.1-0ubuntu2 (utopic), package size 851 kB, installed size 7242 kB
<Alina-malina> what is the difference between qemu and virt-manager? why would i prefer one to another?
<lordievader> Alina-malina: Qemu is a hypervisor, virt-manager is a frontend for libvirt/qemu.
<Alina-malina> hmmm things got complicated for me :-/ which one is virtual machine here?
<lordievader> That is running under the hypervisor.
<Alina-malina> so installing .iso image inside qemu directly? aint that better?
<lordievader> You could do everything manually, but it is so much easier to use a front end like virt-manager or virsh.
<Alina-malina> eh i dont get it, i think a tutorial would be nice :-/
<jak3000> hi all, cant connect remotely to my server i get this error: http://pastie.org/9736666     i do this: iptables -A INPUT -p tcp --dport 3306 -j ACCEPT  but continue cant connecting any advice why?
<strikov> Hey guys. Both 12.04 and 14.04 use mdadm 3.2.5 but it seems to be cooked differently in these releases. 12.04 has a lot of logic inside initramfs hooks to handle degraded boot and ask user if he wants to boot from degraded array or not. 14.04 silently boots from degraded array. Is it something we planned to have?
<jrwren> jak3000: -A adds the rule at the end of the table, but if you have a DROP or REJECT higher in the table, that rule won't be reached.
<miccheck> hi. do i have to restart my ubuntu vps after running sudo apt-get update && sudo apt-get upgrade?
<strikov> miccheck: yes, the most straightforward reasoning is that the kernel might be updated and you definitely want to run it instead of the old one
<jrwren> miccheck: only if you want a new kernel, which, given the type of VPS, you may not even get.
<lordievader> It'll tell you if you need to restart or not, but usually ony with a kernel update.
<lordievader> Oeh and by the by, apt-get upgrade will not install new kernels ;) Dist-upgrade will though.
<strikov> lordievader: good point, didn't know that
<miccheck> awesome everyone, thanks!
<ScottK> lordievader: upgrade will get you non-ABI breaking kernel upgrades.  They don't all require dist-upgrade.   They all do require a reboot however.
<tafa2> My server says: 10 packages can be updated. 10 updates are security updates.
<tafa2> But apt-get update && apt-get upgrade only show 4 packages to be updated?
<lordievader> tafa2: Try apt-get dist-upgrade ;)
<tafa2> lordievader thanks
<jak3000> jrwren how to add then? or how to disable iptables?
<ice9> do-release-upgrade on 14.04  say that i have the latest
<lordievader> ice9: Check if it only allows LTS -> LTS upgrades.
<ice9>  lordievader: where to find this?
<lordievader> ice9: /etc/update-manager/release-upgrades
<brianblaze420> can someone tell me if it matters what order the DirectoryIndex files are in /etc/apache2/mods-enabled/dir.conf
<Blinkiz> Hello. I having a weird network speed problem. I can not come over 380 Mbit with iperf (or anything else) on my Ubuntu 14.04 server. How can I troubleshoot this? The server is a virtualization host, I have the same upper speed limit between host and guest.
<brianblaze420> NAT, bridged hows it connected Blinkiz
<Blinkiz> brianblaze420, for external networking, p4p1, 82574L Gigabit Network Connection. No bridging on this one, static public IPv4-address directly including public IPv6-address.
<Blinkiz> brianblaze420, against virtual guests on the machine is a standard linux brigde where all guests are attached and "em1" network card for external access, 82579LM Gigabit Network Connection
<RoyK> Blinkiz: wierd
#ubuntu-server 2014-11-23
<ChrisP> Scott, should I go and give it a try building 0.98.5 for 14.04.LTS
<ScottK> ChrisP: Yes.  Go for it.
<ChrisP> Just one probably important question Scott, will it have the .deb extension?
<ChrisP> Should say is it correct to have the .deb extension? I ran the example as per the pbuilder link you sent and it appears to have worked correctly
<jrwren> jak3000: you get those iptables rules sorted?
<lordievader> Good morning.
<rbasak> ScottK: sorry, I didn't have my away status set. I don't see ChrisP online right now. I'm not going to be in much over the next two weeks - on holiday, then moving house, swap days from the Canonical sprint I've just come back from, etc.
<rbasak> But I'd be happy to work with ChrisP on this channel or joining Hangouts etc to train more people up for server packaging when I'm back.
<lnxmen> Would I ask about creating virtual host in Apache2?
<lnxmen> I followed this tutorial - https://www.digitalocean.com/community/tutorials/how-to-set-up-apache-virtual-hosts-on-ubuntu-14-04-lts
<lnxmen> But step 7 gives me "Host not found".
<lordievader> lnxmen: In step 6 is it pointing to an existing ip address?
<lnxmen> Yes.
<lnxmen> This address in web browser redirects me to /var/www/html/index.html
<lnxmen> If default host is enabled.
<lordievader> lnxmen: What is the output of 'host <vhost>'?
<lnxmen> Host example.com not found: 2(SERVFAIL)
<lordievader> lnxmen: Could you pastebin your /etc/hosts file?
<nunizacu> ops i hit 404
<lnxmen1> I had delay in internet access. Did you write anything?
<lordievader> lnxmen: Could you pastebin your /etc/hosts file?
<lnxmen1> surely
<lnxmen1> here you are: http://pastebin.com/QhCeZLCi
<lordievader> lnxmen1: There is no example.com in there?
<lnxmen1> Host plikoshare.com not found: 2(SERVFAIL)
<lnxmen1> It should be.
<nunizacu> couse it is not on any dns server
<nunizacu> /etc/host is local
<lnxmen1> So then, why OVH control panel shows appropiate preview od domain?
<lordievader> Hmm, I thought host did check /etc/hosts...
<nunizacu> did you register plikohare.com domain ?
<lnxmen1> yes
<lnxmen1> It's already in my OVH control panel.
<lnxmen1> I may change anything I want.
<lnxmen1> But preview is quite good.
<nunizacu> wierd, dig shows no soa record
<nunizacu> no A record
<lnxmen1> It shows html file I created while following the tutorial
<nunizacu> wait a second
<lordievader> I don't think this is a "real" domain...
<nunizacu> seams it is registered
<lordievader> Why else would it be defined in /etc/hosts...
<lnxmen1> I do not know.
<nunizacu> wait wait i check it in few more ways
<lnxmen1> I added these lines.
<lnxmen1> (as it's shown in tutorial)
<nunizacu> they arent needed for anything
<nunizacu> maybe for shortcuts or internal networking
<lordievader> lnxmen1: Did you reboot after adding the line to /etc/hosts? It might be that it is loaded once at boot.
<lnxmen1> No.
<lordievader> nunizacu: It's there for testing the vhost.
<nunizacu> for domains you need registered domain and dns server with proper records
<lnxmen1> I have registered domain.
<lordievader> nunizacu: For testing purposes /etc/hosts is just fine.
<lnxmen1> DNS server provides OVH, I think.
<nunizacu> how much time ago?
<lnxmen1> about 2 days.
<nunizacu> well, i check it on many many dns servers and none sees it, ill check registration
<nunizacu> you shure its plikoshare.com ?
<nunizacu> no typo?
<lnxmen1> Absolutely.
<lnxmen1> plikoshare.com // copied from OVH panel.
<nunizacu> if dns around the world doesnt see soa record it wont work
<lnxmen1> What should I do, then?
<lnxmen1> I may add, that it worked yesterday.
<lnxmen1> But I reinstalled server to Ubuntu 14.10
<nunizacu> well for me it looks like dns problem
<lnxmen1> But reinstalling server should not affect dns...
<nunizacu> domain IS registered thats for sure ill check ns servers
<lnxmen1> Do you want dns entries?
<nunizacu> rather dns server names
<nunizacu> and check if domain is pointed to those dns
<lnxmen1> NS entries?
<nunizacu> NS enteries means what dns servers has info about domain
<lnxmen1> DNS management: vps116055.ovh.net , sdns2.ovh.net
<lnxmen1> Both are active.
<nunizacu> this dns doesnt heard of your domain
<lnxmen1> Is it a matter of time? Or I did something wrong?
<nunizacu> looks like your domain points do dns that have no idea of your domain
<nunizacu> wait a second
<lnxmen1> Really strange, because it had idea yesterday.
<nunizacu> this is vps or dedicated?
<lnxmen1> vps
<lnxmen1> I found something.
<lnxmen1> DNS server is not supported by OVH.
<lnxmen1> That's a message I can see.
<nunizacu> well i just foud out you should use different dns
<nunizacu> those dns u use are for dedicated servers
<lnxmen1> So, what DNS should I add?
<lnxmen1> http://imgur.com/I4ZfveE
<nunizacu> proper dns are ns108.ovh.net and dns108.ovh.net
<nunizacu> for vps
<nunizacu> u use dns for dedicated server
<lnxmen1> Okay, it was added by OVH.
<lnxmen1> I did not change it before.
<nunizacu> wierd thing
<nunizacu> i dont use ovh so i can only be so much helpful
<lnxmen1> I am immensely grateful. Thank you.
<nunizacu> well problem is your domain doesnt point to any dns and have no soa record
<nunizacu> but if it has wrong dns provided it wont have it
<lnxmen1> If I have NS records, so DNS servers should not be the same?
<lnxmen1> ns110.ovh.net. and dns110.ovh.net.
<lnxmen1> You provided 108 *
<nunizacu> ovh site states 108 is proper dns for vps
<nunizacu> ns108 and dns108
<lnxmen1> Yes, I added them in DNS management.
<nunizacu> first clean up dns management
<nunizacu> or use some sane dns service like cloudns
<nunizacu> i have reaally lot of entries there, they probide much geolocated dns server, are fast and cheap
<lnxmen1> DNS Management operations are pending.
<lnxmen1> It's not my choice what DNS server should I use.
<nunizacu> well, someone is point a gun at you and say use ovh dns for your domain?
<nunizacu> i had ovh servers and never use their dns and never bought domain from them
<nunizacu> you can buy cheper and for the rest buy better dns service
<nunizacu> btw for file hosting you should rather look for hosting not vps
<lnxmen1> Next time I won't do the same mistake.
<lnxmen1> I know. It's testing site.
<nunizacu> somthing with lot of space and bandwidth
<nunizacu> not to mention they are cheaper
<nunizacu> i got plenty of TB of storage and this is not even close for serious file hosting
<lnxmen1> As I said, it's only testing site.
<lnxmen1> Design, user space...
<lnxmen1> 7 GB free space. ^
<nunizacu> even thou i have servers in england, poland, germany, sinapore, rpa, germany, lithuania, vietnam, japan
<nunizacu> oh and china
<lnxmen1> "Welcome to ClouDNS!", let's see.
<nunizacu> its very googd service
<nunizacu> it has problem with unusual domains but so i have to run my own secondary for those, but anyway i never had any problem with it
<lnxmen1> Is there support for PayPal?
<nunizacu> i dont remember, i think i used credit card
<nunizacu> but for one site free service should be enough
<nunizacu> i think free serveice has 10 zone or entries limit or someting
<nunizacu> enoguth for fileshare.com and www.fileshare.com
<nunizacu> but for serious hosting look for something other than vps, those arent meant for hosting
<nunizacu> unless you run torrent or rsync server
<lnxmen1> Okay, I will keep it in mind.
<nunizacu> not to mention they usualy have more bandwidth and space and are cheaper (sometime free)
<nunizacu> and there are a lot of fileshare services
<nunizacu> i dont know what exact pupose of your service is
<nunizacu> if you want another rapidshare be prepared for thousands bucks per month for start
<lnxmen1> When do you think OVH DNS will be refreshed?
<nunizacu> 1-2 days
<nunizacu> domain dns take some time to propagate
<nunizacu> if you have some bucks in pocket just trasfer your domain to cloudns
<nunizacu> you will have peace for lifetime
<ScottK> rbasak: Great.  I've been giving him some help as his particular interest to start with was clamav, but any help you can give would be great.
<nunizacu> but really, what exactly you want to host?
<lnxmen1> Peace in IT is boring.
<nunizacu> fileshare have petabytes of storage
<lnxmen1> I want to host testing site.
<lnxmen1> I got project, VPS and domain and I have to code some PHP files.
<nunizacu> i think i dont understand you
<lnxmen1> Just code.
<nunizacu> so either i dont get what are you doing, your domain name or your pupose
<nunizacu> plikoshare sound like fileshare
<nunizacu> wich is public file hosting service wich you wont compete if you arent using 500 euros as toilet paper
<lnxmen1> Yep.
<lnxmen1> I am pretty aware of that./
<nunizacu> they dont use vps, they have own datacenters, gigabytes of unlimited bandwith and petabytes of storage
<lnxmen1> Yep, you're right.
<nunizacu> so i dont gont know what are you trying to do
<lnxmen1> What if it's just shape?
<lnxmen1> I am trying to fulfill someone's expectations.
<nunizacu> i dont wont to be pain in the ass but what you want it to be?
<lnxmen1> Rewrite PHP modules, create new HTML/CSS design. That's all.
<nunizacu> maybe you will host few files, quickly run of space and bandwidth
<nunizacu> it's cheaper to do it on home server
<lnxmen1> Yes, you're right.
<nunizacu> but why buy domain for that?
<lnxmen1> This VPS and domain is just for provide actual process of `developement`.
<lnxmen1> I really do not know.
<lnxmen1> I did not buy, I just got it.
<lnxmen1> For me, localhost is sure enough.
<nunizacu> so you dont pay for the service?
<lnxmen1> No.
<lnxmen1> That's the point.
<nunizacu> yeard of of localtunnel.me ?
<lnxmen1> Nope.
<lnxmen1> Wait a minute. Brb
<nunizacu> its good for developement on home server
<nunizacu> works evern if you dont have domain of puplic ip
<nunizacu> whatever i wouldnt help some madman who want to make another fileshare
<nunizacu> there is so many file hosting services with a lot of money there is no point unless you are a billionare
<nunizacu> even if i have free everthing excluding current, only one of my server takes 1000 wats
<nunizacu> another 2x750
<nunizacu> my bill for power usage is enormous
<nunizacu> add 5 isp's
<nunizacu> so i have some redundancy
<nunizacu> i already pay lot for everything and im closed alpha state
<nunizacu> but having server with 64k bogomips costs
<lnxmen1> I am a madman!
<nunizacu> well, i can be such madman for a price
<nunizacu> but waste my time for free... im to old for that
<nunizacu> i start doing that when i will be at least 85 yo
<lnxmen1> nunizacu: Give me your PayPal mail then, I will send you some bucks for beer.
<nunizacu> what did i do you want to send me money?
<lnxmen1> You helped me.
<lnxmen1> At least I think you helped me.
<nunizacu> well, im very gratefull but i maybe recosider it when it will start working
<nunizacu> i feel wierd someone wants to buy me a beer just for some minior help
<lnxmen1> Okay. That's honourable.
<lnxmen1> Why is it weird for you?
<nunizacu> i didnt get a penny for helping yet
<lnxmen1> yet.
<lnxmen1> It's a matter of time.
<nunizacu> most of peple consider themself such gurus they think helping them is privilage
<lnxmen1> Although Ubuntu is Open Source and most of help is for free.
<nunizacu> well, i help anyone for free if i can but sice most peple appriciate helping by treating me like idiot i dont even tell that i work as natwork admin and promgramist for bout 17 years and im after 2 univeristies
<nunizacu> so i pretend idiot, it makes my life more calm
<nunizacu> i have enough to do in work
<lnxmen1> Wow, enormously great experience.
<lnxmen1> Pretending idiot makes life more calm in general.
 * ktosiek never mastered that trick
<lnxmen1> It's hard to do.
<lnxmen1> nunizacu: He said, that his system/idea has great earning possibilities, so it will be quite popular.
<nunizacu> tell him i have great possibility to be president of the universe
<nunizacu> i have great idea and system to do it
<lnxmen1> I asked three/four times about it.
<lnxmen1> Is there any point doing it more?
<nunizacu> i just need 2 bilion people sign my petition to start my campain
<lnxmen1> I mean, I do not want to twist him. It's his, personal, decision.
<lnxmen1> And, what is more important, his money.
<lnxmen1> I may do it first.
<nunizacu> well, im glad its not my problem
<lnxmen1> Not mine too.
<lnxmen1> At least now.
<nunizacu> well, working is always a problem, especialy on stupid ideas
<nunizacu> it may be only worthwile if you paid good
<lnxmen1> Yep, that is the point.
<nunizacu> i might consider doing such stupid things for at laest 100$ for beggining, if its not much work
<nunizacu> if it wasnt stupid i mith do it for free
<lnxmen1> What about 350$ for beginning?
<nunizacu> well, i can be an idiot for that much for a while
<lnxmen1> Only first milestone...
<teward> !offtopic
<ubottu> #ubuntu is the Ubuntu support channel, for all Ubuntu-related support questions. Please use #ubuntu-offtopic for other topics (though our !guidelines apply there too). Thanks!
<teward> i think you're starting to venture off the point of the channel, guys
<lnxmen1> teward: sorry
<nunizacu> just msg me if you want to venture bout that
<lnxmen1> kk
<nunizacu> thanks for remainding i forgot what channel is this
<Kutakizukari> http://virtualmin.com/node/35338#comment-140719
<rio_zenta> Hello
<pmatulis> hello
#ubuntu-server 2015-11-16
<stochastix> what is the best tool for managing packages right now? aptitute, apt-get ?
<tarpman> apt-get is more actively maintained and doesn't have aptitude's tendency to propose outlandish depsolver solutions.
<tarpman> aptitude still has more powerful features for searching and querying, though
<tarpman> personally I use aptitude for deciding what to do and apt-get for doing it
<tarpman> stochastix:
<RoyK> (or apt)
<maxb> That said, aptitude's interactive curses mode can be a very comfortable way to do things that can be painful with a pure command line
 * RoyK prefers the commandline
<maxb> It depends on the task at hand
<RoyK> maxb: no, it doesn't :P
<stochastix> tarpman: thanks, that helps a bit.  I did notice aptitude ENJOYS removing deps when uninstalling something.
<stochastix> Had to reinstall a few things. :)
<tarpman> stochastix: if you're talking about auto-remove, that's an option in both, aptitude just has it enabled by default. you can turn it off
<stochastix> yea, ok. It is a nice way to not have stuff laying around.
<nodist> Hello, I am trying to add a int.d script it works when you use the service s start but not on boot
<nodist> I also have it set to defaults
<nodist> no errors in the boot.log
<portalBlock> Hi, I have an Ubuntu server instance running on Proxmox VE and I resized the disk (+200GB) from the panel there but in Ubuntu the disk still shows as 32GB. Can I expand it without data loss and if so, how?
<stochastix> I got rid of php5-fpm and just installed php5.  is there a service that i am supposed to run?
<stochastix> the only service i see in there is still php5-fpm ?
<tarpman> stochastix: sounds like you removed php5-fpm but didn't purge it, so the conffiles are still there
<tarpman> stochastix: php5 is AFAIK just a metapackage, it doesn't include any service directly. if you didn't specify an implementation, it probably dragged in libapache2-mod-php5, so apache
<stochastix> I see,
<stochastix> purge with apt-get ?
<tarpman> right
<tarpman> you can do "dpkg-query -l | grep ^rc" to see packages you have removed but still have conffiles around for
<stochastix> tarpman:  thanks
<lordievader> Good morning.
<zamba> i'm looking for a tool that can monitor a remote host and alert me (by using an external script) if the node is down
<lordievader> zamba: Check out Zabbix.
<zamba> zabbix sounds like overkill for just monitoring one host
<lordievader> Perhaps. But most monitoring tools are made for many more hosts than one.
<zamba> i was thinking about just running collectd
<Chrncle> where do i find Tasksel > Basic ubuntu server install what packages contain in that option ?
<Chrncle> hmm i cant get my ssh open to my public ip address
<Chrncle> nevermind, forget to press add in my router table
<arcsky> hey guys there has been an issue today with my pico/nano editor.
<arcsky> Unable to create directory /home/arcsky/.nano: Permission denied
<arcsky> It is required for saving/loading search history or cursor positions.
<hateball> arcsky: make sure you're the owner of the file and not root
<arcsky> hateball: i try just with pico test123
<arcsky> i did reboot it and it works now
<lordievader> arcsky: I'd check the permissions of your home dir.
<zolder> Can i change my 192.168.1.1 to like a dns name, Router or whatever?
<lordievader> zolder: Yes. Do you want that network wide or just for the localhost?
<zul> jamespage: http://paste.ubuntu.com/13299217/
<jamespage> zul, not sure you need the < >
<zul> jamespage: fixed
<zul> jamespage: going to upload this
<jamespage> zul, pls test it first
<zul> jamespage: tested sucessfully, uploaded
<jamespage> zul, https://bugs.launchpad.net/ubuntu/+source/nova/+bug/1516652
<ubottu> Launchpad bug 1516652 in nova (Ubuntu) "'lxd' is an unsupported hypervisor type" [Undecided,New]
<jamespage> fun fun fun!
<zul> jamespage: damn it
<zul> jamespage: gimme a sec :)
<jamespage> zul, I'm not asking you todo that one :-)
<zul> jamespage: i know how to fix it though :)
<jamespage> zul, so do it :-)
<zul> jamespage: fine :)
<jamespage> zul, how does that look:
<jamespage> https://review.openstack.org/#/c/245811/
<zul> jamespage: thats what I would have done
<jamespage> zul, hmm something else is still blocking the scheduling of the instance correctly
<MelRay> clear
<zul> jamespage: anything in the logs?
<jamespage> zul, yes
<jamespage> 2015-11-16 15:28:21.389 5127 DEBUG nova.scheduler.filters.image_props_filter [req-f57e15c7-d8ce-478f-8da2-7f5707c7edc9 3e44cc43a4014d1f95dfc1525e798ca8 ea01071b589c47cba451e066d9073bb4 - - -] Instance contains properties {u'hypervisor_type': u'lxd', u'architecture': u'x86_64'} that are not provided by the compute node supported_instances [[u'i686', u'lxc', u'exe'], [u'x86_64', u'lxc', u'exe']] or hypervisor version 11 do not match _in
<jamespage> stance_supported /usr/lib/python2.7/dist-packages/nova/scheduler/filters/image_props_filter.py:95
<zul> jamespage: host.py in nclxd needs to be updated as well
<jamespage> zul, the existing 'lxc' valid value will work ok for now, but yes it does need to be updated.
<zul>  [[u'i686', u'lxd', u'exe'], [u'x86_64', u'lxd', u'exe']]
<zul> jamespage: when your nova patch gets merged ill update it
<Yossarianuk> hi - where can I find out how long the default kernel is support for in the LTS versions ?
<Yossarianuk> i.e originally 14.04 shipped with kernel 3.13 - when you install the latest .iso (14.04.3) you get v 3.19 - where can I find out info about kernel support ?
<jamespage> zul, huh - but I have to set:
<jamespage> nova flavor-key m1.tiny set capabilities:hypervisor_type=lxd
<jamespage> not
<jamespage> nova flavor-key m1.tiny set capabilities:hypervisor_type=lxx
<jamespage> nova flavor-key m1.tiny set capabilities:hypervisor_type=lxc rather
<jamespage> love consistency
<jamespage> Yossarianuk, https://wiki.ubuntu.com/Kernel/LTSEnablementStack
<Yossarianuk> jamespage: thank you
<jamespage> np
<zul> jamespage: lol
<zul> jamespage: i cant fix that :)
<jamespage> zul, that feels broken
<jamespage> zul, I think the extra specs should be matching into the advertised capabilities of the hypervisor right?
<zul> jamespage: yes
<jamespage> like the image properties filter does
<MelRay> Quick question I'm learning how to configure virtual hosts. Can I add additional ServerAlias directives on the same line seperated by a space or do I need to create an individual entry for each alias?
<MelRay> for like www, mail, ftp, etc.
<omps> ls -l
<omps> oops
<uaa> Hi, I've usb 3.0 4TB external harddisk. when I connect it to an Ubuntu server I get this in logs and it's not recognized afterward http://paste.ubuntu.com/13300481/
<teward> I/O error sounds like hardware failure, does this device work on other machines?
<uaa> It was working well on USB 2 but after I enabled USB 3 in the server the problem started
<uaa> Thank you for responding quickly
<sarnold> do any other usb devices work in that port?
<sarnold> is there sufficient power for the device?
<uaa> I used the same port last week with other device but USB3 was not enabled
<uaa> The only difference now that I got usb 3.0 extension cable and enabled usb 3.0 from motherboard
<hallyn> arges: going to have time to merge libvirt this week?
<uaa> the server is remote but I would like to know if can do something before I have to go there to figure it out
<uaa> and to try other things on that port
<teward> uaa: only thing you can do is physically go there and poke at it.
<teward> see if it works on other ports, and test if something else is on that port and works or not
<sarnold> I guess you could try booting into a newer kernel, e.g. one of the HWE kernels, to see if it might have been a bug that's been addressed or a device needing some additional driver support
<sarnold> but switching to one of the hwe kernels means you'll have to deal with the kernels again when the HWE kernels hit EOL before the rest of the system.
<uaa> sarnold, thanks for your suggestion but I do not think that playing with kernel would be an option on that server.
<teward> that leaves physically going to the system :p
<uaa> teward, I'll try that when I can
<omps> uaa: it looks like the problem is with xhci_hcd kernel driver for usb3.0
<uaa> but I wonder why It was mentioned as sdb in the log then disappeared. I can not see in /dev/sdx or using fdisk or any disk tool that I used
<arges> hallyn: its on my list
<omps> uaa: i found this article on net hope this can help you
<omps> http://www.pcl-developers.org/xhci-hcd-I-hate-you-USB-3-0-and-Primesense-Asus-Xtion-td5707949.html
<uaa> omps, I'll check if xhci driver is lastest version
<uaa> thank you for helping
<arcsky> how can i list my ntp servers my ubuntu use ?
<SCHAAP137> arcsky: check in /etc/ntp.conf
<tarpman> arcsky: also, ntpq -p
<rco> Is there a most popular option for a local DNS cache on ubuntu 14.04?
<dasjoe> The default cache would be dnsmasq
<rco> Is it part of the distribution?
<dasjoe> It's installed by default, iirc at least on desktop systems. Unsure about server
<rco> Yeah, that's what it looks like.
<dasjoe> rco: see http://packages.ubuntu.com/search?keywords=dnsmasq&searchon=names&suite=trusty&section=all and https://help.ubuntu.com/community/Dnsmasq
<rco> Thanks.
#ubuntu-server 2015-11-17
<Sonu> hi
<Sonu> Hi , i am unable to copy my data from ubuntu to my yureka android mobile. http://imgur.com/6zX990u
<Sling> hmm security.ubuntu.com doesn't seem to be reachable over ipv6?
<henkjan_> 2001:67c:1562::17 and 2001:67c:1562::16 are not working for me
<zolder> Hi, im currently setup an sftp server and ssh with a custom port etc.. its running from the inside and outside, only i dont know where i need to change the root directory where the sftp starts
<zolder> when i login into it :)
<RoyK> zolder: http://www.cyberciti.biz/tips/howto-linux-unix-rssh-chroot-jail-setup.html perhaps?
<RoyK> zolder: if you don't use chroot, it should normally be secure enough anyway unless you do something exceedingly stupid
<RoyK> zolder: using rssh is always a good idea for sftp if the users won't need full ssh access
<zolder> i just use it for personal use
<zolder> im confused by the man sftp-server
<zolder> Subsystem sftp /usr/lib/openssh/sftp-server so that rule in my sshd.conf, do i need to put the -d command there ?
<RoyK> zolder: sftp is enabled by default
<RoyK> zolder: with all ssh servers
<zolder> its running
<zolder> but when i login
<zolder> i need to set a home directory where it begins
<RoyK> zolder: default PWD after login is /home
<zolder> so i was told to typ,  MAN sftp-server
<zolder> so in the first line i read -D or -d
<zolder> To set my start directory
<zolder> i want to set my staret directory to /var/www/downloads
<RoyK> zolder: not sure, but I *guess*
<zolder> and not to /home
<RoyK> Subsystem sftp /usr/lib/openssh/sftp-server -d /var/www/downloads
<zolder> yeah thats what i have to put in the rule then
<zolder> i was not sure how to put it
<zolder> sftp /usr/lib/openssh/sftp-server what does that part do then ?
<zolder> cant i just delete that ?
<RoyK> uh?
<zolder> so if i do Subsytem sftp-server -d /var/www/downloads
<RoyK> zolder: you don't want two lines with 'Subsystem sftp'
<zolder> no i understand
<zolder> but why do i need the first part of that subsystem
<RoyK> I have this in my sshd_config
<RoyK> Subsystem sftp /usr/lib/openssh/sftp-server
<zolder>  yeah me too atm
<RoyK> just add '-d /whatever' to that line
<zolder> ok
<zolder> cool
<RoyK> might even work ;)
<zolder> I read on a tutorial that someone changed that line to sftp-internal or something
<zolder> but im not sure what it all is doin
<zolder> to newb for that :P
<RoyK> just testet - works
<zolder> ok
<zolder> cool
<RoyK> but it doesn't chroot anything
<RoyK> so if you need chroot, see the link above
<zolder> is chroot something like chown ?
<zolder> il click the link
<zolder> lol
<zolder> chroot locks a user into  a directory
<zolder> sounds legit
<zolder> pretty complicated
<zolder> damn
<RoyK> yeah, better lock users to /home or something and set permissions to only allow users to access their own dir
<RoyK> chmod go-rwx /home/*
<RoyK> or something
<RoyK> then you probably won't need chroot that much
<zolder> chroot seems so much effort
<zolder> damn
<RoyK> we're not using it anymore for our servers, with 20k users ;)
<zolder> it doesnt explain enough
<zolder> why create the things and all the folders
<zolder> its just like follow this and you will be ok
<RoyK> zolder: because if something is chrooted, the actual process is also chrooted, and it needs access to some libs and devices etc
<zolder> omg 20k users... so much fun to setup :P
<zolder> but i guess u use a script for that?
<zolder> ahhh
<RoyK> for what? the chroot thing?
<zolder> so you create your personal root..
<RoyK> yeah, something like that
<zolder> lot of setting with that then
<RoyK> and that makes it rather hard to break out of it
<zolder> ok
<RoyK> zolder: better chroot users to just /home instead of $HOME - no need to have a chroot evironment in every homedir
<RoyK> zolder: or just drop it - if file permissions are ok, there's no need to restrict things any further
<zolder> so i type like chroot username:groupname and then ?
<RoyK> chroot /somedir
<zolder> and that applyÅ to the user im logged into ?
<RoyK> or yeah
<zolder> home is fine, only crap in there so
<zolder> its just if someone gets onto my sftp i dunno how, but still
<zolder> he cant go to my systemfiles
<zolder> just to be a little bit more safe.
<zolder> Do you suggest to put PAM on or off ?
<RoyK> well, they won't be able to read the important bits
<RoyK> disabling PAM is *not* recommended
<zolder> ok
<zolder> and allowDNS off ?
<RoyK> the default config is fairly secure as it is
<zolder> ok good to know
<zolder> i see people making a lot of changes on one say pam on or off, the other say something else
<zolder> the tutorials are not always clear
<zolder> thanks man for helping
<RoyK> if you're not a linux wiz, just don't touch anything you don't know ;)
<zolder> thats what i want to do
<zolder> else i never learn it
<RoyK> then test in a VM
<zolder> i try do to everything from the terminal
<zolder> im 2 days in linux, and got a cups server, sambaserver, lamp server, sftp,
<RoyK> that's very wise
<zolder> but i all set it up by terminal
<RoyK> very good indeed :)
<zolder> 10 years ago i used a Distro called Trustix Secure linux, it was only terminal commands
<zolder> i learned the command mdma that time
<zolder> had so much fun with that :), so thats why i picked it up again
<RoyK> zolder: I've been using linux since late 1994 and even though I had a short period abusing webmin, I gave up on that rather quickly and went back to the commandline ;)
<zolder> hehe
<zolder> f you understand the cli
<zolder> you gonna understand linux
<RoyK> you will
<zolder> the dekstop is not doin much for me
<zolder> l;azyness
<zolder> because when people install stuff, and they used desktop and they find a problem, they cannot fix it, because they dont know how to use the console
<RoyK> zolder: if you want to test things like chroot or with/without PAM with ssh, I'd suggest installing kvm/libvirt/virt-manager and creating a VM or two to test things there
<zolder> i can install kvm on top of my mint ?
<RoyK> yeah
<zolder> can i make the VM bootable too so i start in fullscreen ?
<RoyK> and install virt-manager - it's a GTK GUI thing for managing them
<RoyK> zolder: no need, really, just install sshd on them and do the rest from there
<zolder> k
<zolder> i will look into that later i write it down
<RoyK> apt-get install kvm libvirt virt-manager # ta-taa!
<zolder> whats the tataatata ?
<zolder> just a syntax after its installed?
<RoyK> # is "comment symbol"
<zolder> kk
<zolder> i know from the config files, but didnt know can use it this way hehe
<zolder> hmm i cannot use chroot command
<zolder> do i need to be su ?
<zolder> ahh i need to use chown
<jamespage> coreycb, finally got to my sweepup of packaging vmware-nsx + networking-l2gw from last cycle
<jamespage> coreycb, uploaded to debian unstable for NEW queue review
<jamespage> but also in ppa:james-page/xenial
<RoyK> zolder: you need a chroot environment
<RoyK> zolder: did you manage to get kvm/libvirt running?
<zolder> no not yet
<zolder> i was doin some  http://www.techrepublic.com/blog/linux-and-open-source/chroot-users-with-openssh-an-easier-way-to-confine-users-to-their-home-directories/
<zolder> im locked i nmy directory now
<zolder> thats good
<zolder> i onyl need to change my permission so i can upload files
<paule32> hello, someone there with squid knowledge?
<Sling> I know they have ink
<RoyK> zolder: nice - didn't know that :)
<RoyK> !ask | paule32
<ubottu> paule32: Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<meekrat> Is samba and winbind still the preferred method to join a Linux box to a Windows domain in Ubuntu Server 14.04LTS?
<hateball> meekrat: https://help.ubuntu.com/community/LikewiseOpen
<meekrat> hateball: That's 3rd party?
<meekrat> hateball: and it looks to be not activly maintained
<meekrat> Is this still preferred?   https://help.ubuntu.com/14.04/serverguide/samba-ad-integration.html
<hateball> meekrat: hmm yes it does look abandoned. my bad for going off memory
<meekrat> No problem....just trying to see if something out of the box or actively supported (and/or stable) exists
<RoyK> meekrat: isn't sssd the preferred nowadays? or is that just on rhel/centos?
<meekrat> RoyK: don't know.  I'mm going throught the Samba Winbind docs not - just doing it like old school days back in 1999....I'm just creating a linux member server to an existing windows domain
<meekrat> Crossing fingers it'll work.
<RoyK> meekrat: it will
<RoyK> meekrat: using AD?
<zolder> royk you learn everyday :P
<davidic654> more rebbots I see
<davidic654> reboots
<RoyK> more rabbits
<davidic654> when will Ubuntu stop the need to reboot twice a week
<davidic654> my deb servers are like every 3 motnhs
<davidic654> months
<RoyK> which version of ubuntu?
<davidic654> 12.04 and 14.04
<RoyK> davidic654: ubuntu usually requests restarts after kernel or libc is updated
<RoyK> davidic654: with 4.x kernels, automatic kernel upgrades will be dynamic (when that work's done), so you won't need a reboot
<davidic654> any way around these frequent reboots, I manage upto 50 servers and its a pain
<davidic654> ty
<RoyK> but for libc, you'll need to restart most processes (or all) meaning a reboot is easier
<davidic654> less reboots is a great selling point I would have thought
<RoyK> davidic654: even if ubuntu requests a reboot, check /var/run/reboot-required.pkgs
<davidic654> ty
<davidic654> less reboots and a great EOL and its a winner :)
<RoyK> seems my old 12.04 server has a bunch of new kernels :P
<davidic654> :)
<pmatulis> meekrat: https://help.ubuntu.com/14.04/serverguide/sssd-ad.html
<RoyK> I'm also waiting for this http://www.zdnet.com/article/no-reboot-patching-comes-to-linux-4-0/
<RoyK> pmatulis: it works without sssd too
<davidic654> yeah its an obvious issue they are looking at
<davidic654> ty for that RoyK
<davidic654> less than ever ;)
<davidic654> its like twice a week with Ubuntu at the mo
<davidic654> One reason to love Linux on your servers or in your data-center is that you so seldom needed to reboot it :) Really
<davidic654> I like Ubuntu because of its great EOL and compatibility with the CP I use for clients, but sod these frequent reboots, hope all improves soon
<davidic654> apt-get update apt-get upgrade apt-get autoreove apt-get autoclean reboot, story of my life at the moment :)
<davidic654> autoremove
<davidic654> the 5 commandments :)
<davidic654> see you sorted the grub timeout issue with headless servers, well done
<davidic654> just in libxml2 vulnerabilities, needs reboot, geeeeez
<davidic654> 3 hours of my life gone tomorrow
<mdeslaur> davidic654: there's nothing special about ubuntu that would require more reboots than any other linux distro
<mdeslaur> davidic654: it's pretty much only kernel updates
<davidic654> I use Debian and Ubuntu but Ubuntu reboots are over the top
<davidic654> Ubuntu has a lot more kernel updates
<mdeslaur> davidic654: if you're fine with waiting three months between kernel updates, then just reboot every three months
<mdeslaur> davidic654: we publish kernel updates pretty much every three weeks
<davidic654> actually can I ask a Q I have a few servers with hetzner and I never have a kernel update just the dev part is that normal?
<davidic654> they running a special kernel or something
<mdeslaur> debian does a kernel update every 4-6- weeks
<davidic654> I mean for security reasons, so and so found tthat etc
<mdeslaur> davidic654: sorry, don't know anything about hetzner
<davidic654> all my kernel updates are because of security
<davidic654> so and so found etc
<mdeslaur> so ubuntu only has about 1.5 more kernel updates than debian
<davidic654> I guess the expoits are very sophisticated but I like to keep servers secure
<davidic654> exploits
<davidic654> maybe I worry too much
<davidic654> http://www.ubuntu.com/usn/
<davidic654> looks like they are looking at the issue anyway
<jpds> davidic654: Looking into the issue?
<davidic654> the new kernel
<davidic654> I think reboots are annoying a lot of people
<jpds> You know that you don't HAVE to reboot when you get a new kernel?
<davidic654> for security issues?
<jpds> No
<jpds> You can look at the changelog and see what exactly has changed
<RoyK> davidic654: use && between them
<davidic654> why does Ubuntu say that you have to reboot for the changes to take effect
<jpds> If all that's changed is that some kernel module that you never use, you don't need to reboot
<RoyK> davidic654: libc changes makes you have to restart all processes - kernel changes makes a reboot needed unless you use some hotpatching thing
<davidic654> its always a security thing tho
<davidic654> hangon
<RoyK> davidic654: mostly "reboot required" only means "it would be nice for a reboot because some things may have changed"
<davidic654> ok
<RoyK> davidic654: https://xkcd.com/1328/
<RoyK> davidic654: see the mouseover ;)
<davidic654> USN-2803-1: Linux kernel vulnerability is specifically for KVM hypervisor for eg, so you only need to update the kernel if running that
<jpds> davidic654: Exactly
<davidic654> got it
<davidic654> geez now I can go on holiday :)
<RoyK> davidic654: you'll get an email tomorrow that a new critical fix is on the way :D
<davidic654> maybe Ubuntu should say if its a core file or something??
<jpds> davidic654: Define core file
<davidic654> minimal install?
<jpds> davidic654: The whole kernel's part of the minimum install
<davidic654> I just run webservers
<davidic654> I think I may have been rebooting for things not on my servers maybe
<davidic654> so maybe my fault
<jpds> davidic654: Some obscure kernel module that it's used by a network card may be core for someone, but maybe not for me and you
<davidic654> thanks all for the input :)
<rickbeldin> caribou_:  You around for a quick question?
<caribou_> rickbeldin: hey sure
<eneko> hi ubuntu-server team, got an apache2 conf question
<davidic654> fire away
<eneko> thanks!
<rickbeldin> caribou_: see private chat.
<eneko> i have two DNSs that point to the same ubuntu 14.04/apache.2.4 server. Lets say http://example1.com and http://example2.com resolve to this one ubuntu box.  My ubuntu server has only one server (a LAMP running Drupal).  One of the addresses resolves in miliseconds ($time curl example1.com) and the other in 9seconds. What could be at play?  Im the authoritative for one of the DNS, and Network Solutions is the other (for example2.co
<eneko> My apache conf includes the directives in 000-default.conf, which I tried w/o ServerName and ServerAlias, but I also tried with both directives, no difference
<rbasak> cpaelzer: join #ubuntu-meeting for the server team meeting please?
<cpaelzer> rbasak - busy with jgrimm joining
<cpaelzer> rbasak - thanks for notifying
<smoser> anyone want to help ?
<smoser> http://paste.ubuntu.com/13314598/
<smoser> Odd_Bloke is often helpful for me in such situations.
<Odd_Bloke> smoser: https://docs.python.org/3/library/functools.html#functools.lru_cache ?
<Odd_Bloke> Py3-only; I'm sure I've seen a Py2 one somewhere.
<smoser> huh. thats neat.
<smoser> but what am i doing wrong... http://stackoverflow.com/questions/6268278/modifying-global-variables-in-python-unittest-framework seems to say it should work
<smoser> is mock getting in my way ?
<jamespage> coreycb, do I remember correctly that it was planned to update the python version in 14.04?
<coreycb> jamespage, hmm?
<game0> guys, I'm not able to use apt-get in my server
<game0> E: Unable to fetch some archives, maybe run apt-get update or try with --fix-missing?
<coreycb> smoser, don't you need to declare 'global __lsb_release' before being able to write to it in test_expected()?
<game0> this is the message that I'm recieving
<game0> how can I solve this problem
<game0> ?
<smoser> coreycb, well i'm trying to write to it via its module namespace.
<smoser> shoudlnt that work?
<jamespage> coreycb, we did some fixes in openstack to support python 2.7.9 which I think got backported right?
<coreycb> smoser, I'm not positive but I thought you had to do it the same way you do in reset_lsb()
<coreycb> jamespage, are your referring to bug 1403068?
<ubottu> bug 1403068 in OpenStack Identity (keystone) juno "Tests fail with python 2.7.9" [Undecided,Fix committed] https://launchpad.net/bugs/1403068
<jamespage> coreycb, yeah that's the one - lemme check with doko
<coreycb> jamespage, bug 1434575
<ubottu> bug 1434575 in neutron (Ubuntu Trusty) "[SRU] OpenStack test updates to support PEP 476" [Medium,In progress] https://launchpad.net/bugs/1434575
<jamespage> coreycb, right
<jamespage> coreycb, this is the one causing zul and i headaches right now:
<jamespage> https://bugs.launchpad.net/ubuntu/+source/python2.7/+bug/1443704
<ubottu> Launchpad bug 1443704 in python2.7 (Ubuntu) "Support for TLS 1.2 not present (added in 2.7.9)" [Undecided,Confirmed]
<zul> jamespage: we can probably get a newer version placed in backports maybe?
<coreycb> jamespage, yuck, but yeah maybe the python upgrade would fix it
<smoser> coreycb, well, http://stackoverflow.com/questions/1301346/the-meaning-of-a-single-and-a-double-underscore-before-an-object-name-in-python
<smoser> thats what it is.
<smoser> the __ makes was causing name mangling.
<SCHAAP137> what is preferable: sudo reboot, or sudo shutdown -r now ?
<SCHAAP137> or is it exactly the same?
<smoser> SCHAAP137, there might be some difference, but i'm not aware of one.
<TJ-> reboot is often a symlink
<TJ-> depends on the init-system as to what it links to
<coreycb> smoser, ah good to know, thanks
<davidic654> reboot is a very popular command these days ;)
<smoser> coreycb, http://paste.ubuntu.com/13315248/
<SCHAAP137> cool, thanks smoser, TJ-
<TJ-> reboot should be a symlink to /bin/true :)
<SCHAAP137> i just saw the same question appear in #openbsd, and i curiously thought, would it make a difference in Ubuntu?
<SCHAAP137> i have an issue with nginx. When nginx starts during the boot process, not all of my IPv6 addresses are up yet. How can I make it start later in the boot process?
<SCHAAP137> my workaround now is to kill nginx and restart the service manually, after boot is completed
<sarnold> SCHAAP137: you can use an .override file for the upstart configuration to change the 'start on' line; you'd need to make sure that the service that sets up the ipv6 addresses emits a signal of some sort, or you 'manually' emit the signal yoursellf, see http://upstart.ubuntu.com/cookbook/#ordering and some of the following sections for a better sketch of this
<SCHAAP137> cool, i will read that, thanks sarnold
<SCHAAP137> i'm just using /etc/network/interfaces to set up the addresses
<sarnold> hmm, it feels like that should work better :/
<sarnold> teward: around? :) ^^^
<SCHAAP137> i'm assigning one address statically, and use 'up /sbin/ifconfig eth0 inet6 add [addr]' twice within that same block, for adding a few extra ones
<SCHAAP137> the nginx error is about one of those
<sarnold> yeah, I'd expect that to work, hehe :)
<SCHAAP137> yeh me too
<sarnold> granted, there's funny delays with ipv6, DAD and all
<SCHAAP137> now i got that wacky workaround in my /etc/rc.local, which is not pretty ;P
<sarnold> indeed, no :)
<SCHAAP137> restarting ssh service from there as well, because tun0 and tun1 aren't up yet when ssh starts
<sarnold> a better workaround, if a proper fix is just too hard to get working, is to use the 'manual' method of starting it, and then keep your /etc/rc.local change to -start- nginx, rather than restarting it :) that at least saves a useless start and stop
<sarnold> e.g. http://upstart.ubuntu.com/cookbook/#override-files
<SCHAAP137> hmm, clever thinking... i should do it like that indeed
<jetsaredim> does anyone in here know how to fix a broken systemd?
<jetsaredim> I recently upgraded from 14.10 to 15.04 (on the way to 15.10) and when I rebooted the system just hangs on "systemd[1]: Freezing execution"
<antix> https://bugs.launchpad.net/maas/+bug/1446699
<ubottu> Launchpad bug 1446699 in MAAS "After upgrade to 15.04, unable to boot with maas installed running systemd" [Critical,Fix committed]
<antix> jetsaredim: ^
<antix> I don't know if that's relevant
<jetsaredim> i don't know if i have maas installed
<jetsaredim> i actually commented on that bug (the last comment)
<jetsaredim> according to the description of maas, it seems like some sort of cluster provisioning front-end and I certainly don't have that sort of environment
<jetsaredim> the issue I have is that I can't even boot the system to attempt any fixes
<sarnold> if you can't get the "single" or "rescue" things to work, you can always boot with init=/bin/bash
<jetsaredim> it's not really even clear from that bug report what I'd need to fix
<jetsaredim> sarnold: looks like maybe the real bug is...
<jetsaredim> https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1491658
<ubottu> Launchpad bug 1491658 in linux (Ubuntu) "systemd[1]: Failed to insert module 'kdbus': Function not implemented" [Medium,Expired]
<sarnold> jetsaredim: yikes, if that message is correct that's _really_ annoyuing
<sarnold> jetsaredim: .. fedora pulled kdbus entirely the other day so the authors could work on it further
<sarnold> jetsaredim: head into #ubuntu-devel and poke pitti with that bug number -- unforutnately it'll be a few huors before pitti's around but this feels like it needs his input
<jetsaredim> fun times
<jetsaredim> sarnold: I see what part of the issue is...  I have an mdadm device listed in my fstab file without "nofail" and it seems to not be correctly starting the device on boot
<jetsaredim> I have to go in and manually update it
<teward> sarnold: ping
#ubuntu-server 2015-11-18
<sarnold> hey teward :)
<teward> sarnold: you pinged earlier
<teward> :)
<sarnold> teward: yeah; a user was having trouble getting nginx to start late enough, ipv6 addresses added via /etc/network/interfaces weren't up yet, so he had to hack up a restart..
<teward> ah
<teward> sarnold: there's a known 'race' condition there, where if networking isn't up it breaks
<teward> not sure if there's a workaround
<sarnold> teward: I was curious if you'd seen that, knew a good upstart workaround, or knew if the nginx guys had switched to whatever that magic socket option is that allows binding to addresses that aren't upyet..
<teward> sarnold: i don't think there's a 'magic socket option' implemented :P
<teward> I *think* there's a way with systemd, but...
<teward> not 100% certain
<teward> that'd be a question sent upstream though
<teward> to Debian or nginx upstream
<sarnold> teward: aha!
<sarnold> teward: that poked the neuron that knew that magic socket option: IP_FREEBIND, last paragraph of http://www.freedesktop.org/wiki/Software/systemd/NetworkTarget/
<teward> sarnold: the tricky part is we ahve to have some kind of network dependency - preferably network-online.target possibly, but not 100%.  That'd be a systemctl level command, I believe.  And if v4 but not v6 is up, you're still stuck in the "Not Configured" state
<teward> unless systemd has separate v6 networking state commands
<teward> what makes it a little trickier is trying to get that working *earlier* in the boot process
<teward> sarnold: unless upstart has a way to specifically schedule process startup to after all networking is configured?
<sarnold> teward: heh, good question. :/
<teward> AIUI there wasn't a way for that in upstart.  And AIUI currently, there's no way to differentiate v6 from v4 in 'network is up' state...
<teward> but that's beyond my current knowledge set
<teward> and just my basic understanding
<sarnold> thanks teward :)
<Capprentice> What do you use to scan open ports aprt from netstat -tunlp ?
<Sling> nmap
<Sling> or lsof -i locally
<Sonu> Hi ... i am facing a Curl issue on my server.. Curl is enabled but not working ...http://awesomescreenshot.com/0445exek37
<Sonu> Failed to connect to  port 80: Connection timed out..  when using curl
<caeve> hello everyone, I was referred to here from ubuntu channel for my question. would using gpt (GUID) partition table on external drives have any drawbacks with existing file systems or OSes? I never used it, and apparently it is preferrable to MBR, but I wish to avoid any unsafe, outright risky situations such as problems recognizing existing data or partitions..
<TJ-> caeve: no issues :)
<TJ-> caeve: The only area you might face problems is for older Windows versions not recognising GPT. I think 64-bit XP is OK, not sure where Vista/7 stand. Windows BIOS installs require MBR, but I *think* they can read GPT for data devices
<caeve> TJ- I understand..thank you!
<quantic> caeve: If compatibility is your concern, GPT has been supported since Windows XP for both boot and storage devices.
<quantic> caeve: Actually, scratch that. Vista and above.
<caeve> quantic, there has been mbr in OSes and other devices, so I wanted to be sure things like partition being overwritten because of having been unrecognized or considered free space or similar wouldnt happen
<rbasak> GPT uses something that things that don't understand GPT will see as a single big MBR partition.
<quantic> caeve: Windows XP (potentially) and prior (definitely) will pose that problem. Any Linux/Unix release that's at all recent, and Mac OS X can recognize and read GPT disks. That said, if the partition is formatted with an FS that some other OS doesn't recognize, it may treat it as unformatted and ask to format it itself.
<TJ-> caeve: as long as you write either a protective or hybrid MBR GPT will be OK
<rbasak> https://en.wikipedia.org/wiki/GUID_Partition_Table#Legacy_MBR_.28LBA_0.29
<rbasak> That page has compatibility information too
<TJ-> caeve: the *gdisk tools can all do that
<caeve> quantic, yes, as it happens every time when ext4 drives are inserted in windows
<caeve> TJ-  sorry, I couldnt understand the part 'as long as you write either a protective or hybrid MBR'
<caeve> do my existing mbr systems need to have these qualities?
<TJ-> caeve: the GPT tools can write an MBR. Either protective (it has a single partition that covers the entire disk) or hybrid (it has up to 3 partitions - more usually up to 2 - that map onto partitions in the GPT
<TJ-> caeve: No. The purpose of protective/hybrid MBR when using GPT is to prevent MBR tooling that is not GPT-aware from blindly overwriting/allocating space on the disk that GPT has allocated
<caeve> TJ- I am confused as I am not technical enough to understand these terms fully. maybe I should stick with mbr
<chris_123> hello everybody
<caeve> so is it safe to use gpt or not, with my systems being mbr?
<patdk-wk> one should not use mbr, unless they are using it for a boot drive on an old bios
<caeve> because the extended partition thing os mbr did enough harm
<caeve> of mbr*
<caeve> patdk-wk, my OS is on an mbr drive, but it is an external drive that I consider using gpt
<caeve> on
<patdk-wk> if the disk is <2tb, mbr is ok
<patdk-wk> if it is >2tb, you should use gpt
<caeve> patdk-wk, the question is, is it safe to use gpt with the disk <2tb when the OS on hdd is mbr?
<patdk-wk> if you want >4 partitions, gpt could be easier too
<patdk-wk> it makes no difference
<caeve> patdk-wk, having >4 partitions is the reason why I see gpt as more convenient
<patdk-wk> that is like asking, is it safe for me to install water in my house? cause the house down the road has a well
<Capprentice> caeve: For HDDs over 2TB in size, its mandatory to use GPT.
<caeve> Capprentice, no, this is not the case for me
<Capprentice> I have used mixed mode.
<caeve> so all I want to know is that my OS, which runs on a mbr drive, would not mess any of the partitions or data on the GPT-formatted external drive
<patdk-wk> there is no way we can know that
<patdk-wk> that will depend on the os
<caeve> uncertainty prevails
<patdk-wk> but any sane os won't do that, anymore than if you asked it to format your disk
<patdk-wk> or if you get a virus
<caeve> patdk-wk, it is the latest ubuntu LTS, so I hope it would be reliable?
<patdk-wk> yes, it won't touch it, unless told to
<patdk-wk> like, you using fdisk/gdisk/sdisk/parted/...
<caeve> patdk-wk, ok, I'd like to count on that
<caeve> thank you everyone, for your insights and help!
<Pwnna> does anyone here know how to check the disks assigned to md0?
<lordievader> mdadm --detail --scan /dev/md0 (or something along those lines)
<lordievader> Check the man page ;)
<Pwnna> yeah just got that too. it's very far down the man page
<Pwnna> thanks!
<Delta706> Does this channel cover general ubuntu hosting?
<hallyn> smb: well never mind, the patch in trusty-proposed is kvm-only, so my qrt runs wouldn't test anything
<hallyn> or do they?  hm
<hallyn> nope.  might be worth augmenting qrt for that
<smb> hallyn, must admit I am not sure right now. might be somewhere in the area of keeping qemu's world in sync with the kvm apic
<hallyn> i looked at the patch, seems ok
<hallyn> anyway i'll do a testrun anyway, but i don't see how it could test regressions in this case :)
<hallyn> but then if i could foresee it, i wouldn't need tests
<smb> very true indeed :)
<DefunctProcess> guys, my deluged daemon simply wont run, starting it with $sudo service deluged start seems to work, but status indicates its not running, and web gui shows it offline
<DefunctProcess> is there a way to get debug log or somethign from the daemon?
<sarnold> DefunctProcess: check /var/log/upstart/ and /var/log/syslog
<DefunctProcess> nope
<DefunctProcess> ok
<DefunctProcess> i think i figured out how to get logs
<DefunctProcess> now it seems upnp is broken all of a suggen
<hallyn> smb: huh, actually got a qrt failure.  on a nic test
<hallyn> now i need to revert and see if i can reproduce
<hallyn> or if it was a fluke
<hallyn> smb: d'oh, yeah, it's an actual regression.  holy schnickities
<preseeder_> I am trying to preseed a mini iso with 15.10 downloaded from here -> https://help.ubuntu.com/community/Installation/MinimalCD . This is my preseed file -> http://hastebin.com/jukiyelanu.hs and these are the forms of txt.cfg i have tried -> http://hastebin.com/haquzuzuru.mel So far the mini iso will not use the preseed file for some reason.Does anyone have an idea why? is it not supported with mini iso's?
<teward> sarnold: ping
<sarnold> afternoon teward :)
<teward> sarnold: good evening!  with regards to the thing a few days ago, upstart's 'network up' check only requires one (either v4 or v6) to be up, I think, which means there's still a race condition
<teward> and I was poking at systemd and came to a similar conclusion
<sarnold> thanks :)
<teward> so unless Upstart is being revamped to have a v4 and v6 specific option, (same with systemd) that's... blah
<teward> couldn't find anything on IP_FREEBIND upstream though
<teward> so maybe you want to propose that to nginx on trac
 * teward has his hands full with a server migration
#ubuntu-server 2015-11-19
<hallyn> zul: ping, pls to comment on bug 1513367
<ubottu> bug 1513367 in libvirt (Ubuntu) "qemu-system-x86_64/kvm-spice failed to boot a vm with appmor enabled" [High,New] https://launchpad.net/bugs/1513367
<nayKang> NFS client cause high load average low cpu usage
<lordievader> High IO-wait?
<zingz0r> Hi!
<zingz0r> I'd like to backup my server with rsync and I like to know which folders should i backup before upgrade server?
<rbasak> zingz0r: I would back up *everything*. Makes a rollback really easy.
<rbasak> (well, relatively)
<rbasak> zingz0r: see /proc/mounts and the rsync -x option.
<rbasak> You'll want to grab every real filesystem on your system, but not the virtual ones.
<zingz0r> okay
<zingz0r> thank you
<hateball> zingz0r: fwiw, I tend to clone the entire disk (clonezilla) before making big changes. Or snapshot if virtual
<hateball> less headache than missing that one vital file
<zingz0r> rsync -aAXv --exclude={"dontneeded folders","1","2"} /* /backup
<zingz0r> its okay? dsnt?
<lordievader> zingz0r: You could also checkout dirvish, it uses rsync underneath.
<coreycb> jamespage, can you promote ceilometer from trusty-kilo-proposed?  testing is complete.
<coreycb> jamespage, can you also promote python-saharaclient from trusty-liberty-staging?  testing is  complete for that too.
<T3DY> :)
<T3DY> dw1.xyz
<jamespage> coreycb, ack on it now
<AtuM> when will Ubuntu get teaming for network? I can't find packages for "libteam" or "teamd".. but I can create a team using ip tools..
<dw1> aww ye
<rbasak> cpaelzer: in https://git.launchpad.net/~ubuntu-server/dpdk/commit/?h=ubuntu-xenial&id=b5b9a5d95a9ee17fff1642f41c78e112a0aabbc4 why add /usr/bin to the PATH if the goal is to avoid dependency on /usr?
<rbasak> AtuM: back in April, apparantely. https://launchpad.net/ubuntu/+source/libteam
<rbasak> No idea if it works though.
<AtuM> I've tried to install in on 14.04.3.. probably need to wait for the next lts
<rbasak> Well, 14.04 was released before last April.
<rbasak> If you don't want to update to the latest release (understandable for LTS-ness), then a consequence is that you don't generally get to enjoy the latest features.
<cpaelzer> rbasak
<cpaelzer> rabasak, sorry for prematurely pressing enter :-)
<cpaelzer> rbasak, the intention after some disussion was to avoid the same bug showing up again in case one doesn't remember some day and adds a piece to the init script
<rbasak> cpaelzer: is there any way we can test directly instead, say using dep8?
<cpaelzer> rbasak, the reason why we not "just added the path" alone was that others suggested /usr could not be mounted in rare cases
<cpaelzer> rbasak, once we have a way to safely derive all binaries called from a shell script the rest would likely be easy
<rbasak> cpaelzer, smb: would it be possible to have a dep8 test that requires virt isolation, checks that there is exactly one mount, restarts the service and checks that there is exactly one mount again?
<smb> rbasak, maybe...
<cpaelzer> rbasak, but that test would only cover one specific symptom of the underlying issue
<rbasak> cpaelzer: what's the underlying issue?
<cpaelzer> rbasak, that referring to /usr/ binaries needs a PATH to there set, and even if it is it could sometimes break if /usr is not yet mounted at the time being executed
<rbasak> cpaelzer: I disagree. I'd say that the underlying issue is that the service start is supposed to make sure that hugetlbfs is mounted, and it doesn't. That's the functionality expected, so we should test for that.
<rbasak> cpaelzer: similarly we should test any other functionality we add in packaging if we can.
<cpaelzer> rbasak, ok from a "function test" POV thats right
<rbasak> cpaelzer: it's true that if /usr isn't mounted then that could fail
<rbasak> As in false negative
<rbasak> As the dep8 test won't be unmounting /usr
<rbasak> And I admit that that is a case that probably isn't worth testing as it's too convoluted to test easily.
<rbasak> But we should be able to test the basic functionality.
<cpaelzer> rbasak, from your suggestion I'd even say start with no hugepages mountpoint and execute the init sript two times
<cpaelzer> it should be there after the first call
<cpaelzer> and it should still be there but only once after the second
<rbasak> Yeah that would be fine. It depends on how you orchestrate the test.
<rbasak> If you add the package as a test dependency, then the test running framework will already have run the postinst and thus the init script once I think.
<rbasak> OTOH you could choose not to list it as a test dependency and install it manually.
<cpaelzer> rbasak, to sum things up for the review of smb's upload request - do you want us to add such a test before accepting it?
<rbasak> cpaelzer: yes please.
<smb> bugger
<rbasak> Does that hold anything up?
<jamespage> coreycb, is the ceilometer update in vivid as well?
<smb> rbasak, It holds up my getting rid of it for Xenial
<cpaelzer> it holds up smb getting rid of it :-)
<cpaelzer> and dpeending on how long it takes the MIR processing
<cpaelzer> but I guess they trust us when we say dependency gets remove
<cpaelzer> d
<smb> cpaelzer, Also it becomes a little more complicated to properly do now that git is pushed with tags
<rbasak> smb: don't worry about the tag. It's nowhere official yet. You can delete the tag with git push --delete
<smb> cpaelzer, More or less open a new version and create the upload in a way containing both version changelogs
<smb> rbasak, also in lp git?
<cpaelzer> smb, I really think this can just be another spin of ..ubuntu2
<rbasak> smb: even in lp git. It's just a random repo currently, not official anything. Nothing git is officially tied to packages yet anyway.
<coreycb> jamespage, no.  arges, can you promote ceilometer from vivid-proposed today?
<smb> rbasak, for some reason I assumed lp git makes it hard to delete tags
<jamespage> coreycb, I normally gate on the main SRU process completing first...
<smb> rbasak, if that is possible then it might be just a respin
<coreycb> jamespage, yep, I'll ping you when it's in vivid-updates
<rbasak> smb, cpaelzer: everything else looks fine to upload in the current tree, assuming it all works. I haven't tried a test build to see the result of https://git.launchpad.net/~ubuntu-server/dpdk/commit/?h=ubuntu-xenial&id=0c85a8e0d245f7d0d32999489b088b559c40153e so I'm assuming it's OK too.
<smb> rbasak, I did build the tree version
<smb> rbasak, in both xenial and wily
<rbasak> smb: it's really easy to delete git tags. So yes you should be able to update the proposed ubuntu2.
<smb> though I won't backport the font change to wily
<smb> rbasak, normal git yes, I just was not sure about lp's implementation there
<rbasak> lp doesn't seem to object to any kind of force push.
<rbasak> It seems to work as if I had a remote ssh server with no surprises.
<rbasak> Though it would be nice if I could restrict force push to team admins or something to prevent accidents.
<smb> rbasak, ok, have not tried. maybe we use a stricter set of rules for the kernel. just remember hearing it being said to be hard. Not tried that either
 * smb wonders whether cpaelzer would volunteer for the dep8 thing since he did all the discussion on it already (and I am currently tied up in something else)
 * cpaelzer is willin to start a battle who is more tied up with smb
<cpaelzer> smb is there an online app for drawing straws?
 * smb checks the appstore
<cpaelzer> smb it seems it isn't today or tomorrow for either of us - lets discuss monday morning
<smb> cpaelzer, maybe we can quickly sync on the busy state tomorrow and see
<smb> or that
<cpaelzer> we can even make remote hangout straw drawing if we want
<jamespage> coreycb, saharaclient -> proposed for liberty
<coreycb> jamespage, thanks
<rbasak> roaksoax: it looks like freeipmi quite badly needs a merge this cycle. I know MAAS has been involved with it. Will this impact you?
<rbasak> Or do you want to take on the merge?
<roaksoax> rbasak: no shouldn't impact me at all
<rbasak> roaksoax: OK thanks
<rbasak> matsubara: around? I'm looking for the test case reviews I was asked to do but I can't seem to find them. The URLs from the meeting 404.
<matsubara> rbasak, they might have been deleted.
<matsubara> rbasak, would have to ask psivaa and om26er
<matsubara> rbasak, I asked psivaa in #ubuntu-devel.
<jge> Hey guys, good morning. I'm trying to install a specific version of nginx with 'nginx=version' but I get a bunch of umet package dependencies, it will always try to install the most recent candidate version for dependencies. Any way of telling apt to grab the necessary versions to meet these dependencies without doing it manually?
<rbasak> jge: installing old versions means that you're effectively opting out of security updates and installing a vulnerable deployment. Is that really what you want?
<rbasak> jge: I'm not sure how exactly to get apt to do that, but adjusting pinning and scores might be able to achieve it, I'm not sure.
<jge> rbasak: well, what I do is install the version I want then bring this version up to the most latest security version out there.
<jge> I only do security updates
<rbasak> You won't get security updates if you have to force apt around.
<teward> ^ that
<Yossarianuk> hi - in order to get mkhomedir with freeipa-client working in Ubuntu I have to edit the fie -> /etc/pam.d/common-session and add the line - session required      pam_mkhomedir.so  skel=/etc/skel umask=0022
<Yossarianuk> this is ok however is there a danger my change will be overwritten ?
<Yossarianuk>  (on a update, etc)
<Yossarianuk> ts odd though - that file was brought in via the freeipa-client package (or dependency) but dpkg -S /etc/pam.d/common-session shows no package ...
<Yossarianuk> dpkg-query: no path found matching pattern /etc/pam.d/common-session
<Yossarianuk> why is that ?
<jge> rbasak: so just to be clear, if I use apt-get install package=version and then try to use unatendded-upgrades with only security updates allowed it wont work?
<Yossarianuk> same for ->  dpkg -S /etc/sssd/sssd.conf
<Yossarianuk> dpkg-query: no path found matching pattern /etc/sssd/sssd.conf
<jge> and by working I mean, will no longer get security updates
<Yossarianuk> (these packages are in the default Ubuntu 14.04 repo)
<rbasak> jge: I can only say that it may not work. I can't say for certain that it won't. But it isn't a supported path to use anything but the latest version of a package visible to apt.
<rbasak> jge: if you have some reason to use an older version, then we should address that, rather than trying to plaster over it.
<rbasak> Yossarianuk: policy says that upgrades should never stomp on changes you make manually in /etc. However there could be a bug in implementation of course.
<rbasak> Yossarianuk: you may need to manually merge changes during an update though, since scripts can't generally automatically work out what you mean and apply that to a newer version of the file.
<rbasak> Yossarianuk: not all files in /etc will be known by dpkg. There is default handling, but packages can also generate and manage files themselves in maintainer scripts and in that case dpkg doesn't see them.
<rbasak> jge: put another way, security updates bump the version number to one higher than all previously published in a given series. So if there is some reason to have an old version, that is already lower than a future security update.
<rbasak> jge: so it makes no logical sense to have an older version and also expect security updates.
<rbasak> Security updates are applied on the latest version for a given series.
<jge> rbasak: hmm ok, so how come I'm seeing this security update on the last version? https://zerobin.net/?a5b3111921fb5a1e#ovjqbTtQT0x62l64nqvirXQEVFVCGcNVGUrkEuIqTY4=
<teward> ehehehehe
<teward> jge: trusty-security is the security updates
<teward> trusty-updates is the 'updates' that happen to fix bugs
<teward> (non-security in nature)
<teward> if you want only security updates then you should not have -updates enabled
<teward> but you will miss bug fixes and other issues
 * teward would know the nature of that package since he is the 'maintainer' of it in Ubuntu now
<jge> Yeah I'm aware of this
<jge> i do not have updates enable, I use unattended-updates with security origins only allowed
<jge> enabled*
<jge> maybe I'm not explaining myself all that good :D
<jge> let me try it again..
<rbasak> jge: start with explaining why you are installing an older version.
<Yossarianuk> rbasak: thanks for the explanation
<Yossarianuk> still unsure why the line isn't added by default -  it is in the Fedora/rhel packages.
<Yossarianuk> I guess backing up the files regularly will be a good plan.
<rbasak> Yossarianuk: it's reasonable to expect that install a PAM module will enable it automatically. I'm not sure that's necessarily a good idea though; it's fraught with danger.
<rbasak> Also you might be installing a PAM module for a particular case but not want it in the general case, in which case adjusting common-session would be the wrong thing to do.
<rbasak> For example I use libpam-google-authenticator but only with ssh and not common-session.
<jge> rbasak: I would like to keep a consistent version across all servers, I wouldn't like someone to build a server and just install the latest out there. This will cause different versioning of software cross our fleets, so my idea was to install a base version shipped with 14.04 LTS and then bring this version to the latest security version
<jge> hope that makes better sense :(
<rbasak> jge: that's a reasonable thing to want to do.
<Yossarianuk> rbasak: cheers again !
<rbasak> Yossarianuk: no problem! I hope that was helpful.
<rbasak> jge: an easier way might be to install without -updates or -security enabled at all.
<rbasak> jge: and *then* enable -security only if you wish.
<jge> yep that's what I currently do
<Yossarianuk> aside from having to modify that and /etc/sssd/sssd.conf (to add sudo to services) the ipa-client package works fine in the default ubuntu package (in 14.04 at least)
<rbasak> So then you shouldn't need apt to force versions?
<jge> rbasak: thing is that when I build a new box, and use apt-get install nginx, it will always install the latest (candidate) version
<rbasak> jge: not if it doesn't have -updates or -security enabled.
<rbasak> jge: then it'll install the release pocket version only.
<rbasak> jge: when I say "enabled", I mean "visible to apt via sources.list".
<jge> rbasak: that's what I thought too, I did a fresh install last night and checked the candidate version and it has 3.3 as candidate
<jge> which is the latest
<jge> maybe because I did a apt-get udpate?
<rbasak> I don't think you have tuned your sources.list
<rbasak> Look at the output of "apt-cache policy" and it'll tell you where it is picking up 3.3 from.
<rbasak> 3.3 is in trusty-updates only, therefore you must have it enabled.
<teward> ^ that
<teward> (which is what I was saying xD)
<jge> hmm ok, I see what you're saying
<jge> let me check
<teward> though I strongly recommend using the version *in* updates... if only because there's a fairly huge initscript pidfile extraction fix
<teward> it didn't qualify as a security bug, but it was a fairly huge issue
<teward> (lots of bugs on it)
<jge> damnit, I thought during the installation there was a prompt to turn updates off
<jge> i have them enabled :*
<teward> jge: there's the problem then :)
<teward> though keep in mind what I did just say - there's a pidfile extraction fix in the initscript, so if you have complex regex or such in the nginx configurations it can completely fail
<jge> YESSSS now i see candidate only coming from trusty-security which is the same version I have in production
<jge> i'm wondering now why you would use unattended-upgrades with only security updates enabled, when you can just disable regular udpates on your sources.list?
<rbasak> You might want an attended update from -updates :)
<jge> that's true.
<jge> so now that only security updates are allowed, if I run "apt-get upgrade" on this box it will only do security updates correct?
<jge> or in this case candidate version from trusty-security
<teward> right
<teward> but you won't be able to install from -updates, now
<teward> even manually
<teward> (because the system now doesn't realize there's items in that repository)
<jge> understood
<jge> rbasak, teward: you guys are great, thanks for your help.
<rbasak> No problem.
<teward> that's what we're here for :)
<teward> rbasak: FYI: nginx merge stalled, i'm running into package conflicts that are headaches (the fact I have to do it from source packages directly rather than a nice VCS / UDD approach for it is causing headaches)
<teward> manual pushes later won't be an issue, it's just the initial merge to the 1.9.x branches that're giving headaches :/
<rbasak> teward: I use git: http://www.justgohome.co.uk/blog/2014/08/ubuntu-git-merge-workflow.html
<rbasak> (for merges)
<teward> *steals*
<teward> rbasak: thank you kindly!  (bzr != option because the Xenial code branches aren't available... which hampers those of us who use the UDD process)
<rbasak> jcastro: ^
<rbasak> teward: let me know if you need any help with that
<rbasak> teward: the future will be dgit I think. See https://lists.ubuntu.com/archives/ubuntu-devel/2015-November/039010.html
<jge> so now I'm stuck with an ansible playbook which does not support "apt-get upgrade", only supports aptitude. Someone suggested using the "hold" parameter to achieve the same behavior, but I'm not familiar with aptitude. Anyone know how this can be done?
<grendal_prime> ok im trying to set up an email server..."zimbra" to be exact...i aparently have totally lost all understanding of how dns works?
<grendal_prime> the zimbra server is behind a linux software router using iptables. I have opened ports 110 25 and995 and forwarded those ports to the zimbra server.
<grendal_prime> I have pointed my mx record at netsol to my ip address
<trippeh_> mx has to point to a name
<trippeh_> then name points to ip address
<grendal_prime> when i run the config for zimbra it complains about DNS ERROR - none of the MX records for mail.mydomain.com resolve
<grendal_prime> ok..so if my domain is mydomain.com...and it points to the correct ip..
<quantic> MX records cannot point to an IP. They must point to an A or AAAA record.
<teward> grendal_prime: DNS entry: mail.mydomain.com A yourip
<teward> MX points to mail.mydomain.com
<teward> but note if the IP is dynamic and on a residential provider you may get blacklisted
<teward> so then mail isn't sent/received
<teward> (and your ISP may block as well)
<quantic> (almost definitely.)
<grendal_prime> oooo ok im pointing it to mail.mydomain.com and i just have an a record of mydomain.com
<teward> grendal_prime: yeah, wheverver the MX points must resolve
<teward> for example..
<grendal_prime> no its b2b comcast
<quantic> Also, an MX record cannot point to a CNAME. It MUST be an A record.
<teward> 'b2b' = ?
<teward> quantic: or AAAA
<grendal_prime> comcast built 4 business..
<quantic> teward: I figured that was sort of implicit. :P
<grendal_prime> sorry b4b
<teward> ah
<teward> quantic: :P
<grendal_prime> if i run a test from http://www.websitepulse.com/help/testtools.mx-lookup-test.html it does resolve...werid
<quantic> grendal_prime: what's the domain name in question?
<grendal_prime> quantic sent to you prvt
<grendal_prime> cause its a secret...just kidding...
<quantic> grendal_prime: current records look OK.
<grendal_prime> ya i just changed them
<trippeh_> local dns cache may be outdated then
<grendal_prime> now here is the thing, it use to be a gmail hosted domain
<grendal_prime> if i send something to that account now though and i log into it, it never comes through so im assuming thats not working anymore
<grendal_prime> ok
<grendal_prime> so the zimbra install is trying to resolve booksnmore.com but it is aparently unable to do so because it just comes back to say it cant do this.
<grendal_prime> if i log into the box second ssh session and ping from there it resolves correctly ..
<grendal_prime> host name of the email server would need to be "booksnmore.com" correct?
<grendal_prime> so hosts file would be.... firstline 1127.0.0.1 localhost.localdomain localhost  second line 192.168.100.100 booksnmore.com
<RoyK> grendal_prime: 1127.0.0.1 seems like a rather wierd address ;)
<grendal_prime> sorry two many 1s...thats its really just 127
<grendal_prime> zimbra gives examples of zimbra.booksnmore.com
<RoyK> grendal_prime: do you have a DNS entry for that server?
<grendal_prime> i have one for booksnmore.com
<RoyK> grendal_prime: then you should not need a hosts entry
<quantic> RoyK: iirc, zimbra demands that they exist.
<grendal_prime> do i need to create another a record of like...zimbra.booksnmore.com  and then point the mx record to that?
<RoyK> quantic: yeah
<sarnold> does zimbra demand that forward and reverse lookups need to match?
<RoyK> sarnold: no
 * RoyK uses zimbra without a reverse
<sarnold> aha
<grendal_prime> ok RoyK
<RoyK> grendal_prime: there may be more help in #zimbra - last I checked, zimbra isn't packaged with ubuntu
<grendal_prime> so if i have booksnmore.com and it resolves for all other services..i should be able to make an mx record for just booksnmore.com correct?
<RoyK> booksnmore.com.		7200	IN	MX	10 booksnmore.com.
<RoyK> ooks ok
<RoyK> looks ok to me
<grendal_prime> ok
<grendal_prime> what do you use to check that by the way..
<RoyK> dig mx yourdomain.com
<grendal_prime> im using a service but i would like to just ping it somehow
<grendal_prime> oh it is dig ok thanks
<grendal_prime> ok so at my router then i need to forward ports...25, 110  to the zimbra sever
#ubuntu-server 2015-11-20
<RoyK> and possibly 587 and 993
<RoyK> and 80/443 for web access and 7071 for admin access
<grendal_prime> im just trying to get the install script to work...i cant even get it to resolve
<window95> anyone know if possible to set up a twitter stream on my server? (that can be monitored through terminal)
<sarnold> bitlbee is the usual answer but twitter does have an API available that you can probably call easily enough using event machine or libev or something similar
<window95> excellent thanks going to look into this :]
<teward> though their API will lock you out if you make a ton of calls
<teward> (just keep that in mind)
<window95> oh the thing i was looking at was RainbowStream    i think its more meant for like Ubuntu or Mac OSX but am just trying to install it on a temp server to see how it all works
<window95> i'm wondering if this RainbowStream would maybe overload the API too?
<window95> it is not the one i HAVE to have, but just looked the easiest to install on first inspection. I'm going to look into this bitLbee too
<grendal_prime> alright so basically i need to set up a dns server
<grendal_prime> RoyK,  i would really just like to install zimbra and try it out first but..i cannot get this thing to work
<arooni> is it stupid to add my ssh user to the www-data group (that's used for nginx)?  im messing around with wordpress files and i get tired of forgetting to open a vim editor as sudo.
<arooni> well just did that and still i cant create new files with sudo even when in a directory where i have group rights
<grendal_prime> dood
<grendal_prime> set up a distributed key for your local user...
<grendal_prime> who naturally owns those files?
<Magic815> if i'm interested in getting a ZFS filesystem set up on Ubuntu server, what are some good articles/tutorials for me to take a look at? i'm new to Ubuntu, so the more noob friendly, the better :)
<grendal_prime> zfs. is that mac?
<grendal_prime> i just use ciffs for my fillers, everything understands it and its fast enough
<Magic815> https://en.wikipedia.org/wiki/ZFS
<Magic815> it's apparently a well regarded filesystem for servers
<Magic815> FreeNAS uses it. apparently it can be used in Ubuntu as well
<grendal_prime> hmmm ya i had a few bad experiences with off the wall file systems
<grendal_prime> i dont know man...nothing im familar with.  toughest fillers ive ever seen are netapps..
<tonyyarusso> ZFS is hardly "off the wall"
<grendal_prime> ok...good point
<grendal_prime> im just uneduacted i guess..
<grendal_prime> i build small fllers for power companies. I couple them with vpn concentrators.  they have to work every day all day.  and if they go down i have to  have anther one ready.  Ive never had more than  2 hours down time on a filer ever.
<grendal_prime> I just have to go with what is easy to deal with and does the job.
<theptr> Hi i want to backup my full vps i only have ssh access so no panel . u used rsync to backup everyhting to a local folder called backup . now i want to copy that folder over to my new server . Will that work
<theptr> ?
<qman__> theptr: yes, though you need to format the new partition(s) and reinstall the bootloader
<qman__> And also make sure fstab is correct for the new setup
<theptr> qman__, would there be an easyer way to migrate my mail server ?
<qman__> Probably not, those steps are quite easy
<qman__> Create new filesystem, rsync over, chroot in, grub-install, update fstab, reboot
<theptr> qman__, Yeah so i change the /etc/netwok/interfaces file with the new one ? and overwrite everything and then i do grub , and fstab ?
<qman__> Only need to update interfaces if he IP is changing
<theptr> qman__, I hope everything goes smooth because there was a lot of work in that server .
<theptr> qman__, yeah thats going to change because im going to change to an other vps provider.
<qman__> If you have a problem with the network showing as eth1 instead of eth0, em /etc/udev/rules.d/70-persistent-net.rules
<qman__> rm
<theptr> qman__, okay thanks
<jamespage> coreycb, https://bugs.launchpad.net/ubuntu/+source/python-oslo.concurrency/+bug/1518016
<ubottu> Launchpad bug 1518016 in python-oslo.concurrency (Ubuntu Vivid) "Nova kilo requires concurrency 1.8.2 or better" [Critical,Triaged]
<jamespage> coreycb, we need to be real careful when upstream rev to a new point release like that - it indicates a bug or feature that is required
<jamespage> we have a MRE for oslo packages so this should not be a problem
<jamespage> arges, if you have 5 mins today - https://bugs.launchpad.net/cloud-archive/+bug/1518016
<ubottu> Launchpad bug 1518016 in python-oslo.concurrency (Ubuntu Vivid) "[SRU] Nova kilo requires concurrency 1.8.2 or better" [Critical,In progress]
<jamespage> is fairly urgent...
<jamespage> missed during the last kilo update
<lordievader> Good afternoon.
<coreycb> jamespage, ok.  zul, see jamespage comment about the kilo release^
<coreycb> jamespage, any idea where we store a list of MREs these days?
<zul> coreycb: doh
<coreycb> jamespage, I bumped oslo.concurrency to 1.8.2 in lp:~ubuntu-server-dev/nova/kilo.  do you want to SRU that as well?
<jamespage> coreycb, that might make sense
<coreycb> jamespage, ok I'll upload it
<jamespage> coreycb, make sure you raise a bug task for nova on that bug then
<coreycb> jamespage, ok
<jamespage> coreycb, its really a common sense approach these days and is up to the SRU team
<jamespage> https://wiki.ubuntu.com/StableReleaseUpdates#New_upstream_microreleases
<jamespage> but we did have one - https://wiki.ubuntu.com/StableReleaseUpdates/MicroReleaseExceptions?action=recall&rev=59
<coreycb> jamespage, thanks, I aslo asked pitti if there's still a list, in #ubuntu-devel
<jamespage> coreycb, it was that ^^
<jamespage> but was deprecated and deferred to the SRU team I think
<coreycb> jamespage, I see
<coreycb> arges, can you also review nova along with oslo.concurrency in the vivid upload queue?
<Haris> hello all
<coreycb> jamespage, ceilometer is in vivid-updates now, can you promote to trusty-kilo-updates?
<Haris> what is multiple server install with MAAS ?
<Haris> can I have maas and multiple servers installed on the same machine ?
<Haris> stupid Q. but still asking
<Haris> guys, anyone around ?
<hateball> !patience
<ubottu> Don't feel ignored and repeat your question quickly; if nobody knows your answer, nobody will answer you. While you wait, try searching https://help.ubuntu.com or http://ubuntuforums.org or http://askubuntu.com/
<rbasak> Haris: try asking in #maas
<Haris> why does ubuntu installer look for a cdrom, when I started install from usb ?
<Haris> since it can't find an installation cd, its returned to the menu
<Haris> I can't proceed witht the install
<jrwren> it calls it a CD, but I think it really means apt file source. It might mean that it isn't able to mount your usb device?
<Haris> I started the install from usb
<jrwren> I think I had a similar issue recently, but in my case I was using a bad usb flash drive.
<Haris> that's not the case here
<Haris> it takes me to the installation process menu. where I'm stuck. since there's nothing to do with cd or cdrom
<Haris> but it wants to detect and mount one
<rbasak> Like jrwren says, when it says CD, it means CD or USB or from wherever else it can find the data.
<Haris> there's nothing for me to do for this installation step. I'm just stuck
<rbasak> The problem you need to solve is why it can't find the data, not that it's looking for a CD.
<Haris> I created this bootable 14.04 lts usb from rufus on windows
<Haris> from
<Haris> ubuntu-14.04.3-server-amd64.iso
<Haris> is tehre a debug/log window I can see errors on ? to get a clue on what went wrong
<jrwren> alt-f1-8 toggle through various virtual terminals. One should have console output.
<Haris> on alt-f4, it says
<jrwren> root no password on any terminal and check /var/log/syslog too
<Haris> searching for ubuntu installation media... devices /dev/sr0 /dev/sdb1 and then 3 lines with cdrom mount failed for sr0, sdb1
<Haris> what other way can I prepare this usb for ubuntu install
<Haris> such that it doesn't look for cdrom
<Haris> why can it not find the data ?
<jrwren> It will always look for cdrom. it also will always look for other disks. Ignore the cd rom search failures. They are a red herring
<jrwren> what is mounted?
<Haris> nothing. the box has just the usb I started install with
<Haris> and a 1 tb hdd
<jrwren> the boot process mounts things. Something must be mounted.
<Haris> libc-udeb doesn't exist ?
<Haris> it searches for ubuntu install media in sr0 and sdb1 and then tries to mount cdrom and that's it
<Haris> with failure errors
<jrwren> sdb1 sounds like your usb media. why did it fail to find that?
<Haris> mount: mounting /dev/sdb1 on /cdrom failed: devices or resource busy
<jrwren> what is mounted to /data ?
<Haris> executed a shell. checked df output. there's no /data
<Haris> executed a shell from ubuntu install process menu
<jrwren> I'm not an installer expert. Sorry.
<Haris> when using rufus to make ubuntu bootable usb, for install, should one use image mode or dd mode for preparing usb
<Haris> I used image mode (default, recommended by rufus)
<arges> coreycb: was off yesterday. Did those already get reviewed?
<coreycb> arges, no, not yet
<coreycb> arges, python-novaclient is also in the vivid queue if you can get to that.  it's not as critical as the others though.  they're all fairly trivial.
<Haris> centos installer worked just fine off of usb. what's wrong with ubuntu 14.04 lts iso
<Haris> or with the usb preperation for install
<arges> coreycb: did you just re-upload nova?
<arges> coreycb: and can you (or bryan) add SRU template to bug 1499510
<ubottu> bug 1499510 in python-novaclient (Ubuntu Vivid) "Fix Typo in socket attribute name in TCPKeepAliveAdapter" [High,Fix committed] https://launchpad.net/bugs/1499510
<coreycb> arges, no I just uploaded it once, but yeah I don't see the diff
<arges> coreycb: i'll construct manually then
<coreycb> arges, thanks. 1499510 is updated.
<arges> coreycb++ thanks
<arges> coreycb: ok should be all taken care of
<coreycb> arges, thanks!
<jamespage> coreycb, ceilometer promoted
<coreycb> jamespage, thanks
<jamespage> smoser, hey - any opinion on https://code.launchpad.net/~james-page/simplestreams/multihypervisor/+merge/278127 ?
<jamespage> I'm thinking we might want to have a flag to turn that on rather than it being the default....
<smoser> seems reasonable
<smoser> wrt flag, you're saying because as it is rignt now, this woudl start uploading lxc images ?
<coreycb> jamespage, oslo.i18n is bumped to >=1.3.0 in the juno stable release, so I'll do that as part of the release
<jamespage> coreycb, yuck but ok
<jamespage> coreycb, thats 1.0.0 -> 1.3.0
<jamespage> really?
<coreycb> yeah
<jamespage> coreycb, juno will go direct to UCA right?
<coreycb> yes
<Magic815> If I'm looking into setting up zfs on Ubuntu server, is http://zfsonlinux.org/faq.html basically the main resource?
<Magic815> Any other links worth my reading?
<coreycb> jamespage, and oslo.utils was bumped to 1.4.0 in juno
<jamespage> coreycb, lets dig into why that is
<coreycb> jamespage, looks like a legitimate bug that affects i18n and utils, https://bugs.launchpad.net/oslo.i18n/+bug/1492951
<ubottu> Launchpad bug 1492951 in oslo.i18n "Juno keystone installation fail to import oslo_i18n" [Undecided,In progress]
<coreycb> although perhaps it doesn't affect us
<coreycb> jamespage, I think you might need utils 1.4.0 and i18n < 1.3.0 to hit it
<roaksoax> win 12
<coreycb> jamespage, I don't think we need to bump our oslo's after looking some more.  they were bumped due to gate issues with uncapped requirements which wouldn't affect us.  bug 1446847
<ubottu> bug 1446847 in OpenStack-Gate "stable/juno gate is busted on Oslo releases on 4/21" [Undecided,Fix committed] https://launchpad.net/bugs/1446847
<jamespage> coreycb, we need to check that we don't get plugin/endpoint loading issues like we got with ceilometer
<jamespage> but yes Ithink you are correct
<telldrak> Hello
<telldrak> Looking for some assistance with getting Sendmail set up and configured properly for Ubuntu 14.04 on Digital Ocean.
<telldrak> I have Apache2/MySQL/PHP5 running, and three domains hosted.
<telldrak> Need to get mail working for two of them.
<telldrak> I would appreciate any suggestions and resources you have to share
#ubuntu-server 2015-11-21
<RoyK> telldrak: sendmail?
<RoyK> telldrak: I haven't used sendmail for 10+ years
<RoyK> telldrak: try postfix
 * sarnold shivers
<RoyK> Savemech: is that sendmail abstience, sir?
<sarnold> RoyK: I've been clean and free from sendmail for 17 years sir, and I'd like to keep it that way. I'm really looking forward to my 20 year chip.
<RoyK> hehe
<RoyK> :)
<patdk-lap> heh, I don't get the whole m4 stuff in sendmail
<patdk-lap> sendmail is great at what it does, but being simple is not one of it's things
<patdk-lap> but I do use sendmail, for things postfix cannot do, but that is pretty rare
<JanC> what would that be?
<patdk-lap> identd uucp mainly
<patdk-lap> but sendmail.cf is just a scripting language, so it is infinitely adjustable, to completely non-smtp standards
<sarnold> funny enough, I think the last time I used sendmail it was to bridge between uucp and mmdf.
<patdk-lap> use it on customer webservers, for ident support :) makes tracing abuse much easier
<patdk-lap> most of the time that is overkill, as the from is left to the default
<sarnold> hah :)
<telldrak> thanks for the feedback, guys
<telldrak> looking into postfix instead
<lordievader> Good morning.
<balintx> hi, I'm using ubuntu server 14.04 and Apache 2.4.16 from the repository. the problem is I get an email every 5 minutes from cron daemon stating * Starting web server apache2
<balintx> anyone met this?
<bekks> Check your cron configuration.
<grendal_prime> ok who has time to look at an email server config with me?
<grendal_prime> better yet..who is familar with zimbra?
<grendal_prime> I got the install done and the server is working...just werid things....
<Sling> yeah I used zimbra for about a year, but got fed up with the heavyweight stack
<Sling> and now just run postfix+dovecot
<grendal_prime> sling, ya i need something with calendaring built in
<grendal_prime> so you got some time to help me wrap my head around a few things..im getting close but the whole email server thing and how i get it worked in with dns is starting to make me a little crazy.
<grendal_prime> here is the layout.  I have a domain and a software router that handles the front door on that.   software router is doing its thing via iptables.  I also have a dhcp server on there and two seperate networks. One is a virtual host with about 20 servers running on it.
<grendal_prime> its on say...192.168.108.0 and the second network is for staff its on 192.168.16.0
<grendal_prime> my zimbra server .."zimbra" is running on the 108 subnet.
<grendal_prime> now.  I set up a bind9 dns server and it seems to be working right now.  I have a zone for each of the subnets and one for the domain "booksnmore.com"
<grendal_prime> zimbra server is accesible on local network as zimbra.booksnmore.com
<RoyK> grendal_prime: and then?
<grendal_prime> so i set up a mx record that was zimbra.booksnmore.com with nesol.
<RoyK> nosol?
<grendal_prime> and i was able to send email to my gmail account and back to admin@zimbra.booksnmore.com.
<grendal_prime> network solutions ..sorry
<grendal_prime> thing is ..i need the email address to be just booksnmore.com
<grendal_prime> so..admin@booksnmore.com
<RoyK> that's a zimbra config
<RoyK> quite easy in the admin web
<grendal_prime> ok...i guess i just dont get this..
<grendal_prime> i have an a record
<grendal_prime> then i create the mx record ...it points to the a record.
<grendal_prime> do i need to create an A record that matches the mx record?
<grendal_prime> so i have an A record of booksnmore.com   and an mx record of zimbra.booksnmore.com   thats it thats all i need at network solutions correct?
<vacho> hey guys, I am installing a web server and I just deployed an ubuntu 14.04 image... I remember there are two recommended commands to run that will update everything to latest secury and stable, anyone care to help?
<patdk-lap> autoupdates :)
#ubuntu-server 2015-11-22
<lordievader> Good morning.
<OnTheRocks> hello
<OnTheRocks> how can i monitor cpu temp in nagios in a server via snmp?
<billxtn> i need help i am trying to conneect to an open wifi with mac filter it worked just fine until yesterday it show me my ip in ifconfig but im not connected in iwconfig
<lordievader> Static ip? (Besides rather use iproute2 instead of ifconfig)
<billxtn> iproute2?
<lordievader> Yes, or the binary name 'ip'.
<lordievader> http://manpages.ubuntu.com/manpages/trusty/man8/ip.8.html
<billxtn> thanks it worked
<billxtn> now i'm trying to to add my open wifi essid to the /etc/network/interfaces file
<billxtn> can i use wpa-ssid for an open wifi?
<lordievader> What do you mean? WPA is an encryption method. Not really sure what you mean with wpa-ssid...
<billxtn> or i use wireless-essid
<lordievader> Ah, now I see what you mean.
<lordievader> Do you control the wifi network by the way? If so, why ain't it encrypted?
<lordievader> I suppose just defining wpa-ssid should work.
<billxtn> well i controle it
<billxtn> there but am using mac filter because of things didn't go well in the biginning
<billxtn> well if i put wpa-ssid with open wifi it ork?
<lordievader> I suppose, yes.
<lordievader> Anyhow you do realize that anyone with a wifi antenna can see your traffic right?
<lordievader> A mac filter is also trivial to subvert.
<billxtn> ow thanks for the information
<billxtn> i have to change it
<lordievader> Yes, that is strongly advisable ;)
<lordievader> Go with wpa2.
<billxtn> ok thanks again
<window95> hey   i have a fresh ubuntu server here and am looking for the inetd.conf    doesn't seem to be anywhere
<lordievader> Is inetd installed?
<window95> i don' tbelieve so it seems (from what i'm reading) theres something called xinetd that is more common
<window95> wasn't sure if i was able to use inetd instead   ftr huge noob if it isn't obvious so please forgive
<jrwren> what are you trying to do?
<window95> trying to run bitlbee
<window95> and i need to edit this inetd file or xinetd or something
<bekks> window95: You should use nvidia-prime instead, since bumblebee is deprecated.
<window95> bitlbee is not the same as bumblebee bekks
<bekks> GEez, nevermind, totally misread it :D
<window95> bitlbee is a thing that lets you integrate other chats/IM services into your iRC client (so I can have like a twitter stream channel)
<window95> lol nm
<window95> np
<lordievader> Bitlbee doesn't need inetd does it?
<lordievader> Ah, that is one of the modes. Why not use the ForkDaemon mode? That is what I use.
<window95> lordievader   yeah i was actually gonna ask about that
<window95> i was on the bitlbee channel they are helping me a bit there. Seems for my purposes ForkDaemon is best. What do you use it for if you don't mind me asking? Im mainly gonna use it for Twitter i think
<lordievader> Facebook and gtalk. Zabbix pings me through gtalk ;)
<window95> nice
<window95> ugh
<window95> If you read this, you most likely accidentally started BitlBee in inetd mode on the command line. You probably want to run it in (Fork)Daemon mode. See doc/README for more information.
<window95> how to i stop it... lol i can't do anything else now it seems
<lordievader> kill <pid>?
<window95> lordievader thnx stopped a while ago on its own accord lol
#ubuntu-server 2016-11-21
<jasonbbb> okay new question got mailgun set up to my forums but mailgun requires my dns to authenticate which i use my IP address as the url name and server so how do i configure mailgun to shake hands with my server directly instead of domain host
<teward> jasonbbb: wait, so your site is *hosted* somewhere, not on a server you maintain?
<jasonbbb> no i host my site on my desktop at my house lol
<jasonbbb> to be completely out there
<jasonbbb> i set up everything going by basic settings using lamp server and other installs to make my MYBB forums to work.
<jasonbbb> then ported and used no-ip for domain name which they would charge me $$ to do a relay so i wanna do this as free as possible.
<jasonbbb> so my website is accessible and you can register , chat yada yada but when it comes to sending emails out to users it wont because for some reason with the gmail smtp the mysql shows error that connection was refused.
<jasonbbb> so i dont know if it is a gmail thing or if maybe i have to configure my /etc/postfix/ configuration file to see if thats the problem
<teward> jasonbbb: i'd configure postfix to send to the mailgun service.  then configure your site to just use 'mail' or 'sendmail' at the computer, which will give it to postfix, which gives it off to mailgun.
<teward> configuring that, i'm not sure about
<jasonbbb> but mailgun requires a dns check so what would i have to do to make it shake with my server and connect
<jasonbbb> i dont use a hostname besides my ip address and no-ip redirect
<teward> that might be hard, then.  The other option is to create an account at GMail and configure Postfix to send via that account.
<teward> or something
<teward> but mass-mail will trigger some limits in GMail likely
<jasonbbb> i have an account with gmail for all my devices how would i set the smtp up for it
<jasonbbb> because thats what im trying to do now and no luck
<lamont> it's possible that the isp is blocking the traffic... can you connect to port 587 or port 25 on the gmail servers?
<cpaelzer> jamespage: hi, the last libvirt update hangs on migration on a failing nova dep8 test
<cpaelzer> jamespage: since the only libvirt "changes" in this happen to be allowing more in the apparmor profile I wonder
<cpaelzer> jamespage: also I've seen there is a nova 15 in proposed already which happens to fail on the same thing
<cpaelzer> jamespage: fails are in nova-compute-daemons test like at https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-zesty/zesty/amd64/n/nova/20161118_130704_51433@/log.gz
<cpaelzer> jamespage: so before I debug - is any of that known, WIP or such a thing already?
<cpaelzer> jamespage: I see somebody kicked a retest on the x86 which now worked, only ppc left
<cpaelzer> jamespage: is anybody already working on that (the nova test fail)
<jamespage> cpaelzer, not me - more likely zul or ddellav
<Pjusur> Morning good folk, is it possible to use maas as a pxeserver?
<zul> cpaelzer: yes im working on it
<cpaelzer> zul: thanks zul - good to know
<xperia> hi all. i need to make free space on my ubuntu server running on a certified cannonical google cloud instance with 10 Giga bytes HD. How can i trim down my ubuntu server to avoid getting out of disk space. at the moment also my mysql /var/log directory use quite a lot of space nearly 50% or 5GB and i need to get rid of the old log files but dont know how. my mysql server fails to start...
<xperia> ...becouse of no disk space availble. please help me with this problem!
<emora> Anyone have experience sharing large disks (24Tbyte) with Samba ?
<coreycb> ddellav, fyi neutron built ok over the weekend for the uca so all good there
<maswan> xperia: configure logrotate to be more aggressive in cleaning up old logs
<ddellav> coreycb awesome, good news
<coreycb> ddellav, yup
<zul> coreycb/ddellav: someone got swift and manila?
<jonah> hi can anyone help with UPS advice? I have a ups that failed last night and I think it is due to it not being PFC compatible... I'm looking for a powerful ups to run linux servers on that is good value and works well with NUT?
<ddellav> zul i was about to pickup manila but you can take swift
<zul> ddellav: im working on something else can you take it
<ddellav> zul absolutely
<xperia> maswan: i have configured it to be more aggresive. when you sync from a exisiting mysql server with dozens of GigaByte the log expiration settings does not help as you are not able to delete logs older than a day on aubuntu server!
<xperia> my ubuntu server is getting knocked down by mysql becouse mysql is too stupid to delete old non used log files while the replication ! crazy!
<maswan> that seems like a pretty stupid piece of software, have you tried using another database instead?
<xperia> does anybody know some kind of tool to get rid of this mysql log files? i am not even able to start for the moment mysql as it fill all the disk space on my ubuntu server immediatly after ths start and shuts down!
<maswan> I have no mysql experience
<ddellav> xperia are you talking about the binary logs for replication or simple text logging?
<xperia> ddellav: i am talking about the binary logs for replication yes! maswan: yeah it is really stupid. perocan server has a special configuration settings to limit the amount of log files it creates and by this controlling how much disk space is used on the server see => https://www.percona.com/doc/percona-server/5.5/flexibility/max_binlog_files.html "Maximum number of binlog files can now be...
<xperia> ...restricted in Percona Server with max_binlog_files. his variable can be used with the existing max_binlog_size variable to limit the disk usage of the binlog files." This functionality is missing in mysql and becouse of this it knocks all ubuntu servers down by filling all the disk storage ...
<ddellav> xperia https://dev.mysql.com/doc/refman/5.5/en/replication-options-binary-log.html
<ddellav> xperia additionally: http://serverfault.com/questions/405726/max-binlog-size-log-bin-size
<coreycb> zul, any chance you could take a look at the liberasurecode backport failure?
<zul> coreycb: nope...i been working on other things
<xperia> ddellav: thanks a lot for your tips even they are non working. the suggestion solution is to use purge bin command inside mysql but mysql breaks down when started as it fills up all the disk space! and expire days does also not help becouse the data is fetched and the disk is filled in less than a day and the minimum experation time for logs is > 1 day.
<ddellav> coreycb zul manila done lp:~ddellav/ubuntu/+source/manila getting test failures on swift, looking into it.
<binia> hi
<binia> anyone around to help with weird problem on ubuntu 16.04 server?
<binia> i had problem with php7 not upgrading, couldnt remove it, purge... nothing
<binia> managed to fix it and actually purge everything
<binia> then i installed same packages and thats where it gets tricky. apt-get upgrade will throw errors but that said, everyhting is working, php7.0 and all modules are working
<binia> http://i.imgur.com/vAxqdli.png
<binia> but all the web sites work, all php modules appear to work
<binia> websites
<ddellav> binia if you're using apache then you're likely using the apache php module so removing php wouldn't stop that from working.
<binia> php module was also removed
<ddellav> i don't know about the new php7 situation but in the old days the module was stored in the libapache2-mod-php package
<binia> apache was showing php errors on subsites
<ddellav> oh you said they worked, i was confused
<binia> sub pages even
<binia> websites, subpages worked but did throw an error where php suppose do the magic
<binia> once i magae dto purge everything and install fresh with apt-get
<binia> it go weird
<binia> because apt shows nothing works but it does
<binia> i guess gonna get another server, migrate everything and reinstall this
<binia> in centos
<binia> and use this server as SAN
<binia> i do admit it was my script problem
<ddellav> binia according to the screenshot you posted there was an issue setting up the common package. I would focus on why that was
<ddellav> dpkg-reconfigure php7.0-common
<binia> somehow it managed add user daemon requested by my dev and then it allowed to remove that user when he finished testiong :P
<binia> dpkg-reconfigure php7.0-common
<binia> sec
<binia> heh
<rbasak> binia: maybe just reinstall into a container? That would be much easier. "lxc launch ubuntu:xenial".
<binia> seriously
<rbasak> Then you get a fresh 16.04 server to play with inside your current one.
<ddellav> ^^ good suggestion if you're app is container capable
<binia> the weird thing is all works as it should on websites, all modules appear to work
<binia> its when i do apt commands it shows it dont work
<binia> i even reinstalled dpkg
<rbasak> Even if it isn't (container capable), it may be a useful playground to decide how you want the system configured, then do it on bare metal at the top.
<ddellav> true
<binia> rbasak, this is 24Tb server with almost 17TB used
<binia> cant see it migrating to a container :P
<ddellav> binia the issue is with configuring the package, the files are there as far as i can tell, so some things will work, it just wasn't able to create config files. It looks like it might be due to some existing config that wasn't cleaned out during a previous attempt (though it should handle that properly anyway)
<ddellav> binia you'd only migrate your workload to the container, it would still have access to the large drives
<binia> fuck it, thanks for help but i think its better to get new server, migrate data and just reinstall this one
<rbasak> binia: you could bind mount the space you're using into the container. Then your data would only be stored once.
<binia> yeah got ya
<binia> hmmm
<binia> what if i purge again but this time properly
<binia> maybe it didnt purge all configs
<binia> i did many commands due to errors on each of them
<binia> i didnt check did it purge, remove or whatever
<ddellav> i would try the reconfigure command first
<binia> tried
<ddellav> see what errors it kicks back and handle those
<binia> dpkg-reconfigure php7.0-common
<binia> /usr/sbin/dpkg-reconfigure: php7.0-common is broken or not fully installed.
<binia> but it works
<binia> thats the funny part
<binia> so wtf
<ddellav> then apt-get install php7.0-common
<rbasak> "apt-get -f install" is the general form to tell apt/dpkg to fix up broken stuff. If it fails, then you should be able to see what exactly is failing to cause that situation.
<ddellav> that as wel
<ddellav> *well
<coreycb> ddellav, manila pushed/uploaded
<ddellav> coreycb swift is done, it builds fine in my ppa but not locally for some reason, looking into it but it should be good to go lp:~ddellav/ubuntu/+source/swift
<zul> coreycb/ddellav: horizon is in the pipe
<coreycb> zul, ok i'll get it
<coreycb> ddellav, taking a look at swift, and will make sure it builds ok
<ddellav> coreycb thanks
<zul> coreycb: rebuilding keystone with keystone as a suggests then ill upload an ubuntu2
<coreycb> zul, ?
<zul> coreycb: damn it...pyldap as a suggests
<rbasak> smoser: gce-compute-image-packages is in universe but is part of the yakkety dailies on GCE. Does this seem wrong to you?
<rbasak> Shouldn't it be in main, or partner, or something?
<rbasak> Also, it's unseeded.
<smoser> rbasak, i dont really know what hte policy is supposed to be on that.
<smoser> having a package in partner that is in universe (inherited from debian) does not seem useful in itself.
<smoser> and any package in the cloud image default (downloadable) should definitely be in main
<smoser> but i dont know what to think about CPC provided images.
<teward> rbasak: just to sync up with the team, i won't be at the meeting.  i've got a small snag on the merge (something about 'new' dependencies being added that shouldn't be) so I'm having to do a little more review of the code.  In any case, testable merge candidate within 2 weeks, for review and testing (I'll send on the mailing list as soon as it's available)
<teward> (for nginx)
<teward> in case anyone cares or it needs to be known
<ndboost> hey so im trying to run a git clone on ubuntu xenial and getting the error "Problem with the SSL CA cert"
<coreycb> ddellav, zul, jamespage: b-o-m should be fixed up now for ocata
<zul> coreycb: sweet
<zul> where are the patches that we apply again?
<coreycb> zul, https://git.launchpad.net/~ubuntu-cloud-archive/ubuntu/+source/ca-patches/
<theGoat> is there a way i can specify what interface nfs listens on?
<sarnold> theGoat: it's started via the nfs-server.service systemd service file; that appears to read /run/sysconfig/nfs-utils for configuration information; that's probably populated via /etc/default/nfs-kernel-server
<theGoat> sarnold: i am running ubuntu 12.04
<sarnold> theGoat: aha, then ignore all that systemd stuff :)
<sarnold> theGoat: probably /etc/default/nfs-kernel-server is still there though, look in /etc/init or /etc/init.d/ to see how the variables are used
<theGoat> yeah i am not that much of a fan of systemd...still trying to learn it
<sarnold> it's not all bad but damn there's a lot of typing.
<RoyK> theGoat: keep in mind thta 12.04 only has a few months left - 14.04 doesn't use systemd either, and will be supported till 2019-04
<theGoat> if i do a do-release upgrade, it will only take me to 14.04, correcT?
<RoyK> yes
<theGoat> cool......
<RoyK> theGoat: usually such an upgrade is pretty straight forward, give or take a conflict or five, but rarely anything serious
<theGoat> this is a pretty straight forward install i have nothing big.  i jsut did 12.04 cause i had the cd already made.
<sarnold> :)
<genii> So long as your /etc/update-manager/release-upgrades has Prompt-lts it will go 12.04->14.04
<genii> Promtp=lts
<RoyK> then it really shouldn't be much work - that is - last time I did such an upgrade, it was with a 12.04 that originally was a lubuntu something with X and all on a pair of slow HDDs, one of them 5k4rpm IIRC - so it took a few hours :(
<RoyK> reinstalled the PoS with a fresh debian without all the desktop stuff instead... (debian being my preferred distro on servers - no - I'm not starting a distro war)
<theGoat> yeah last time i didn't an upgrade, i think i had to make some changes to my apache configs, and taht was about it.
<sarnold> fwiw 14.04 -> 16.04 will require apache changes, and php was upgraded from 5 to 7, so be ready for that one too
<med_> Just ran across this gem from the launchpad time machine:
<med_> James Page (james-page) wrote on 2012-10-12:	#6
<med_> I'll work on doing that as my first code contribution to OpenStack!
<rbasak> med_: missing text, and now I want to know!
<rbasak> I found an ancient bug where I interacted with zul long before I was involved with Ubuntu or Canonical.
<med_> rbasak, https://bugs.launchpad.net/ubuntu/+source/nova/+bug/1065883
<ubottu> Launchpad bug 1065883 in nova (Ubuntu) "ceph rbd username and secret should be configured in nova-compute, not passed from nova-volume/cinder" [Undecided,Fix released]
<med_> rbd usage in nova
<zul> really?
<zul> god i feel old
<med_> rbasak, are you still at (C)?
<rbasak> zul: bug 302004 :-)
<ubottu> bug 302004 in samba (Ubuntu) "Please add a samba-dev package" [Wishlist,Won't fix] https://launchpad.net/bugs/302004
<rbasak> med_: yes. Long time! How are you doing?
<med_> doing well. Still working for an evil American CableTV/Internet Company
<med_> (Charter Comms)
<med_> been here since I left (C)
<zul> rbasak: geez....coming up 9 years in jan
<coreycb> zul, did you fix that nova autpkgtest?
<zul> coreycb: almost ;)
<coreycb> zul, ok
<coreycb> ddellav, swift pushed/uploaded
<ddellav>  coreycb ack
<coreycb> zul, is keystone b1 ready to upload?
<zul> coreycb: yeah you should be able to grab it from git
<coreycb> zul, ok i'll upload it
<zul> coreycb: just about to upload nova
<coreycb> zul, ok
<zul> coreycb: just taking care of python-openstackclient
<Kerd> kerding
<Kerd> ups, sorryy
<mrtAkdeniz> howdy!
<mrtAkdeniz> Guys I have problem about chmod and chown..
<mrtAkdeniz> I've nginx installed and /var/www folder has chown -R myuser:www-data
<mrtAkdeniz> and chmod 755 on it
<mrtAkdeniz> but it keep saying that problems about permissions.. I tried to add my user to www-data with "usermod -a -G www-data myuser" and changed chown to www-data:www-data but no luck
<mrtAkdeniz> this time i can't modify these folders..
<sarnold> mrtAkdeniz: did you log out and log in again? or use newgrp? or sg?
<mrtAkdeniz> sarnold, i fixed the problem with "sudo chmod -R g+w /var/www/project"
<mrtAkdeniz> or w+g don't remember :(
<mrtAkdeniz> thanks!
<sarnold> I never figured out the symbolic modes, hehe
#ubuntu-server 2016-11-22
<znf> Hello.
<znf> How would I change the ethernet address (mac address) on a ubuntu server 16.04?
<znf> I tried the "old" way of passing hwaddress ether in /etc/network/interfaces under the specific ethernet port, but that just left me with an unaccesible box
<znf> now I need to do it on a 2nd server, and I'm kind of scared to try the same thing
<NickNackName> Hi everyone! I am having an issue that is preventing server 16.04.1 from starting on my ThinkServer RS210. I believe it might be an issue with it's older uEFI, but I see no option to enable legacy BIOS only. 14.04 works perfectly, as well as Proxmox 3.3. I was wondering if anyone had success running 16.04 on this model of server, or had any pointers to help diagnose the issue. Thank you.
<sarnold> NickNackName: was this an upgrade from a working 14.04? or a fresh installation? (I'm not sure which I would expect to work better, I'd really expect both to be fine..)
<sarnold> NickNackName: what happens when it tries to boot?
<NickNackName> I tried both fresh and upgrade. When it tries to boot, it gets to the HDD and just restarts like a boot manager is not installed.
<NickNackName> (Yes, I selected install grub to the correct disk on install.) I've tried with an external boot manager (grub on a USB) and selected "boot from first hdd" and the same behavior occurs.
<NickNackName> sarnold: Any ideas?
<fluvvell> I'm trouble shooting a zone transfer issue between two ubuntu servers, I can manually force the transfer by restarting bind on the slave, but its getting denied when the master restarts
<fluvvell> allow-transfer seems to be ok, its set to the ip of the master
<patdk-lap> fluvvell, that seems backwards
<fluvvell> patdk-lap, tell me about it
<patdk-lap> why would you allow-transfer to the master? the master is the master
<fluvvell> wait
<fluvvell> I've mis-typed,
<fluvvell> allow transfer is set on the master to the ip of the slave
<patdk-lap> both ipv4 and ipv6 addresses?
<fluvvell> and on the slave, the master is listed correctly as the ip of the master
<fluvvell> only ipv4
<fluvvell> but restarting the master does not push updates out to the slave. Should it?
<patdk-lap> no
<patdk-lap> why should it?
<patdk-lap> the slave only requests them, to make sure it's not outdated when it starts
<fluvvell> because I've update it
<patdk-lap> the master has no idea what the slave has, or cares
<patdk-lap> you restarted the master though, how does it know?
<fluvvell> oooh oh.
<patdk-lap> you did use nsupdate to update it right?
<patdk-lap> and you do have notify turned on?
<patdk-lap> you do not just EDIT the files, use nsupdate
<patdk-lap> not if you want it to notify your slaves
<fluvvell> I've just been reading about notify
<fluvvell> It would appear not.
<fluvvell> oh, nsupdate.
<fluvvell> wow, I've hand edited for years.
<fluvvell> {bow} thank you, reading https://debian-administration.org/article/591/Using_the_dynamic_DNS_editor_nsupdate
<fluvvell> now
<fluvvell> patdk-lap, where does notify go ?
<fluvvell> I was reading about allow-notify, which is not what I'm wanting is it?
<patdk-lap> allow-notify goes in the slaves
<patdk-lap> then notify yes, in the master
<fluvvell> I'm pretty much using the same two nameservers for all my zones, can it be in the opening stanza rather than in each zone?
<patdk-lap> yes
<fluvvell> warnings in the nsupdate manual about not editing by hand... am I going to screw up if I switch to nsupdate?
<fluvvell> I mean when
<hades007> Hi, I need help with apparmor
<cncr04s> ask the question
<hades007> I need to put a profile in complain mode but I don't have aa-complain
<hades007> I use ubuntu core 15.04 thats why
<hades007> I tried this sudo  apparmor_parser -rC /var/lib/snappy/seccomp/profiles/lxd_lxc_2.0.5-1 but it doesnt work
<hades007> sudo  apparmor_parser -rC /var/lib/apparmor/profiles/click_lxd_lxc_2.0.5-1 I mean
<seyeongkim> Could somebody please sponsor this LP? https://bugs.launchpad.net/nova/+bug/1298061 Liang Chen quit. found  nobodt touched long time.
<ubottu> Launchpad bug 1298061 in nova (Ubuntu Trusty) "nova should allow evacuate for an instance in the Error state" [Medium,In progress]
<coreycb> jamespage, zul:  i'm starting to wonder if we should backport debhelper 10 to the ocata uca
<zul> coreycb: it probably would make life easier for us
<zul> coreycb: btw happy birthday ;)
<coreycb> zul, oh thanks :)
<coreycb> zul, ok going to try backporting that
<zul> coreycb: do it locally first just in case things dont blow up
<coreycb> zul, it'll land in the staging ppa first so it's sort of a testing grounds anyway
<zul> coreycb: im going to spend some time to  get things updated again and make sure things are deployable
<coreycb> zul, going to start some early testing with the charms?
<zul> coreycb: yep
<coreycb> zul, sounds good, thanks
<cpaelzer> rbasak: thanks for clearing the dovecot-antispam permissions
<EmilienM> jamespage, coreycb: do you have an ETA for ocata packages in http://ubuntu-cloud.archive.canonical.com/ubuntu/dists/xenial-updates/ocata/ ?
<coreycb> EmilienM, probably next week
<EmilienM> coreycb: ack
<coreycb> jamespage, zul: fyi trying to figure this out.  http://paste.ubuntu.com/23516859/  related commit - https://github.com/openstack/xstatic-bootswatch/commit/49c0d56698bc14ae5e5c18cc00c3f2e290d2e724
<coreycb> seriously an entire release in one commit
<zul> coreycb: erm...:)
<jamespage> coreycb, zul, ddellav: http://reqorts.qa.ubuntu.com/reports/ubuntu-server/cloud-archive/ocata_versions.html is kinda working - something is wonky with the UCA pockets for Ocata
<coreycb> jamespage, \o/
<jamespage> coreycb, I did however revert your upstream version tracker commit
<jamespage> will deal with that separately
<coreycb> jamespage, :(
<coreycb> jamespage, btw IS installed python-git
<jamespage> coreycb, yeah on wrong server
<coreycb> jamespage, lol
<rbasak> cpaelzer: you're welcome! I've also been working on the strongswan review. I've done one pass badly. Now I'm figuring out a better process to do merge reviews and then I'll do it again :-)
<rbasak> This is probably just about the most complex thing to merge I've seen :-/
<cpaelzer> rbasak: yeah it is an ugly one
<cpaelzer> rbasak: but it got better this time and last time
<cpaelzer> so progress - \o/
<cpaelzer> rbasak: I tried to do it as linear as possible (like following changelog and such)
<cpaelzer> rbasak: let me know if you think I can help with this particular merge (not so mcuh with your review process)
<coreycb> jamespage, zul, the horizon issue may be due to python-django and python-django-compressor not being at upper-constraints
<ddellav> coreycb zul networking-ovn is updated. Has a depwait in xenial on debhelper lp:~ddellav/ubuntu/+source/networking-ovn
<coreycb> ddellav, ok thanks, i've backported debhelper 10.2.2 to xenial-ocata
<coreycb> ddellav, networking-ovn pushed/uploaded
<ddellav> coreycb ack
<coreycb> jamespage, zul: not sure what to do, i almost just want to open a bug since we're within the g-r range: http://paste.ubuntu.com/23517114/
<zul> coreycb: do it
<coreycb> zul, jamespage going to try testing with compressor 2.1 first
<rbasak> cpaelzer: the strongswan merge is spread out across 9 terminal windows, 4 editor buffers in 3 editor windows using all six of my monitors! :-/
<rbasak> First time I've usefully used all six for a single task I think.
<mdeslaur> rbasak: oh, geez, is that the one where we carry a zillion binary packages and debian doesn't?
<jgrimm> nacc, ERROR:Failed to create local branch (debian/sid). Does it already exist (pass -f)?
<jgrimm> nacc, I don't recall seeing that before, this is fresh usd pull, and fresh clone/merge
<jgrimm> rharper ->  [paelzer] Enable AIO backend for tgt: DONE
<rharper> cool!
<jgrimm> indeed!
<rbasak> mdeslaur: yes. I have a note to talk about that with you, BTW. We'd like to lose that delta too.
<mdeslaur> rbasak: me? not sure what I have to do with that :)
<mdeslaur> rbasak: losing the delta seems like a sane thing to do
<rbasak> mdeslaur: because I wonder if we're enabling plugins unnecessarily, and what the security quality of those plugins might be. But it's still just a note to myself - it may be fine and I haven't looked yet.
<mdeslaur> oh, hrm
<jgrimm> rharper, nacc, smoser, magicalChicken, rbasak, powersj , caribou: irc meeting
<smoser> o/
<frickler> coreycb: jamespage: please have a look at https://bugs.launchpad.net/openstack-ansible/+bug/1624791 if you will, it does not relate to Ansible (we deploy with Chef), but I'm not sure whether to target it to Ubuntu packaging or Horizon upstream
<ubottu> Launchpad bug 1624791 in openstack-ansible "Horizon randomly fails to connect to the service APIs" [High,Won't fix]
<jgrimm> caribou, i forgot to ask about https://bugs.launchpad.net/ubuntu/+source/sosreport/+bug/1614052  in meeting
<ubottu> Launchpad bug 1614052 in sosreport (Ubuntu Xenial) "SOSREPORT need to collect OPAL msglog" [High,In progress]
<coreycb> ddellav, it looks like swift is blocked on pyeclib autopkgtest failures, if you can shed any light on that:  http://people.canonical.com/~ubuntu-archive/proposed-migration/update_excuses.html
<ddellav> coreycb ill take a look
<zul> coreycb: just uploaded a fix...libisasl2 is not available on non amd64
<coreycb> zul, ok thanks.  ddellav ^
<ddellav> coreycb zul ack
<zul> coreycb: ceilometer hasnt cut a b1 release yet?
<coreycb> zul, i don't know
<zul> coreycb: it looks like they havent
<zul> coreycb: ping
<coreycb> zul, you can just ask your question :)
<zul> coreycb: its more of a thought than a question...since you backported debhelper this morning it makes sense to bump xenial compat levels in the openstack packages on zesty so things can get built again
<zul> :)
<coreycb> zul, i dropped all the ca-patches that lowered debhelper <= 9
<coreycb> zul, so either we can rebuild them if they have issues now, or next time they get backported they'll use debhelper 10.2.2
<zul> coreycb: yeah but im seeting stuff like this http://pastebin.ubuntu.com/23518079/
<coreycb> zul, hmm apache2-dev and dh-systemd weren't patched in ca-patches
<zul> i think you might need to backport that as well but dont quote me on that
<coreycb> ddellav, zul, jamespage: tracking the horizon/xstatic issue in bug 1643964
<ubottu> bug 1643964 in XStatic-bootswatch "compressing static assets fails with xstatic-bootswatch 3.3.7.0" [Undecided,New] https://launchpad.net/bugs/1643964
<coreycb> I was able to recreate it from source so hopefully will get some attention now
<zul> coreycb: sweet
<zul> coreycb/ddellav: swift should be coming out of proposed soon
<coreycb> zul, ok
<coreycb> zul, i think the debhelper issues should be fixed up now.  there was a 10.* version recently backported to xenial-backports that was conflicting with the version in xenial-ocata.
<zul> coreycb: ok
<zul> coreycb: well see ;)
<coreycb> zul, yeah
<zul> coreycb: xenial seems to be building again
<coreycb> zul, \o/
<showaz> hi, how can recovery user/owner ?
<showaz> chown -hR www-data:www-data /var/www/.*
<showaz> .* (non bsd .git .composer )
<showaz> rsync 2 tree ?
<nacc> showaz: sorry, what do you mean 'recover'?
<showaz> nacc: chown -hR www-data:www-data /var/www/.* (../../****)
<showaz> nacc: dpkg --configure -a
<showaz> linux /.* glob ./**/* regex / bsd based only \.(*) objects
<nacc> showaz: sorry, it's still not clear to me what you are asking or doing.
<nacc> showaz: you recursively changed ownership on /var/www (why are you specifing .* if you are specifing recursive?)
<nacc> showaz: also waht does (../../****) mean?
<nacc> showaz: then you reconfigured all packages with dpkg?
<nacc> showaz: and then you typed a bunch of regex, without any articles in the descriptions, so I have no idea what you were trying to explain
<showaz> nacc: yes /var/www/* destroy permission owners group/user root dir, its need reconstruct on the basis of *.deb
<nacc> showaz: so you (accidentally?) recursively changed the permisssons on /var/www? and now what to recreate exactly what the original .deb would have done?
<showaz> nacc: /var/www/.* -> /var/**/*
<nacc> showaz: what do you think that syntax means?
<nacc> showaz: i have no idea what you are trying to say
#ubuntu-server 2016-11-23
<dreki> While setting up sieve on my email server I mistakenly setup a symlink  (~/sieve/myfilter.svbin > ~/.dovecot.sieve) but I think that that should have been  (~/sieve/myfilter.sieve > ~/.dovecot.sieve). I have fixed the mistake but dovecot/sieve still throws an error saying that the symlink still links to the wrong file. I have made sure the symlink is fixed and I tried restarting dovecot and the server but nothing works. I still get the error and my sieve f
<dreki> If anyone has any ideas about what I could be doing wrong I would greatly appreciate any help.
<jamespage> coreycb, zul: https://bugs.launchpad.net/ubuntu/+source/nova/+bug/1644187
<ubottu> Launchpad bug 1644187 in nova (Ubuntu) "ValueError on creating new nova instance" [Undecided,Confirmed]
<tobasco> jamespage: ping, uca update breaking spawning new instances for me on 14.04 uca liberty https://bugs.launchpad.net/nova/+bug/1644187
<ubottu> Launchpad bug 1644187 in nova (Ubuntu) "ValueError on creating new nova instance" [Undecided,Confirmed]
<jamespage> tobasco, I just raised that with zul and coreycb prior to you joining channel
<jamespage> tobasco, q do your compute and controller units have the same versions of the package?
<tobasco> everything except nova-compute actually, doing them one at a time
<tobasco> that's the issue? if so i can start pushing it out to all of them directly
<jamespage> tobasco, I suspect some sort of break on the RPC compat looking at the stacktrace but I might be wrong
<jamespage> zul, hey can we make sure that for ocata package updates we're using 0ubuntu1 's please
<jamespage> I've seen  a few 1ubuntu1's
<jamespage> for ubuntu first uploads that is
<tobasco> jamespage: confirmed only happening on the compute not running the latest nova packages
<jamespage> tobasco, ok please comment on the bug to that effect
<jamespage> tobasco, the versioned-objects layer should make some guarantees about mixed version running esp within a liberty sru
<jamespage> but
<jamespage> it has been know to break before..
<jamespage> lets get an upstream nova bug task raised as well
<jamespage> tobasco, can you detail from->to versions as well please
<tobasco> jamespage: i tagged upstream project in bug
<jamespage> tobasco, \o/
<jamespage> tobasco, so you did - my bad
<tobasco> jamespage: Upgrade: nova-compute-libvirt:amd64 (12.0.4-0ubuntu1~cloud1, 12.0.5-0ubuntu1~cloud0)
<tobasco> commenting on bug
<jamespage> tobasco, gosh and just a minor point upgrade as well
<tobasco> jamespage: yea, we try to keep inline with the releases of new packages, usually we are some more people but i had to handle the stuff myself so some compute nodes were left for this morning
<jamespage> tobasco, well at least there is a workaround to get you moving again
<tobasco> good it got resolved though, thanks a lot, need to verify our workflow on upgrades now, we didn't test the ability to run older compute vs newer controller packages
<jamespage> tobasco, ftr we always do a complete upgrade prior to re-commissioing the cloud during SRU verification
<jamespage> so we'd not normally pickup a mixed mode issue like this
<tobasco> jamespage: this is interesting thought, our product team is still seeing issues, this might actually be a faulty API request to nova causing the issue
<tobasco> and perhaps nothing to do with nova, must look further into this...
<jamespage> tobasco, ok here for another 7 hrs
<jamespage> light on US folks around today due to thanksgiving this week
<hhee> guys, ubuntu server 16 lts contains php 7.0.8 in default repo, currtnct version 7.0.13. which way i need to use to use latest version?
<tobasco> jamespage: false alarm, was apparently something wrong on our side
<tobasco> jamespage: atleast i got our compute nodes upgrades, sorry for the hassle :(
<SipriusPT> hello guys
<SipriusPT> I am not able to connect to ports with TLS/SSL like 587 and 993 who are open (i have test with telnet)
<SipriusPT> I am only able to use ports 25 and 143
<SipriusPT> when i try to send mail with 587, i am always receiving this error
<SipriusPT> 5.7.0 Must issue a STARTTLS command first
<SipriusPT> and i have already mess with smtpd_tls_security to encrypt and may from master.cf
<SipriusPT> also i didnt have submission commented
<SipriusPT> those was the solutions that i have found
<SipriusPT> but didnt work
<SipriusPT> anyone knows what can be?
<zul> jamespage: yeah that was me not use to the tooling that we use, its been corrected on newer versions
<binia> SipriusPT, not sure, what php version, i remember having problems with php5.6
<linuxperia> Hi all. I have a huge problem with MariaDB MySQL Server. Today i tryed to get multi mysql instances running on my ubuntu server with one galera instance that listen to 0.0.0.0 and a the existing one mysql instance listening like always to localhost inspired by this howto here => https://www.sebastien-han.fr/blog/2012/08/06/multi-mysql-instances-with-galera/
<linuxperia> After the starting of mysql using the changed configuration all my databases and user acess information has gone lost in the existing /var/lib/mysql directory where all the existing data was stored!
<linuxperia> How can i recover my existing mysql server data back! I see there some innodb data files and innodb log files that hopefully can be used. please help! thanks for any helpfull tips and tricks!
<zul> coreycb: btw keystone needs to be python-distutils in order to get the migrate.cfg stuff to work properly now
<coreycb> zul, export PYBUILD_SYSTEM=distutils  ?
<zul> coreycb: dh $@ --buildsystem=python_distutils --with python2,sphinxdoc,systemd
<coreycb> zul, ok
<coreycb> zul, did that fix it up?
<zul> coreycb: going to run it locally and rebuild the ci version and re-deploy
<coreycb> zul, ok
<zul> coreycb: no keystone...no worky ;)
<coreycb> zul, ya
<zul> coreycb: shit that didnt do it either
<coreycb> zul, did you talk to anyone upstream about it?
<zul> coreycb: yeah they thought it was fine
<coreycb> zul, are the missing files in the release tarball?
<zul> coreycb: nope they are there
<coreycb> zul, no they're not?
<zul> coreycb: the migrate.cfg are in the tarball
<coreycb> zul, maybe jamespage knows a better way.  we could manually  install the files in d/rules but there should be a better way.
<zul> coreycb: yeah im trying to figure out the better way
<zul> coreycb: im not giving up yet
<hhee> guys, how can i install latest php in ubuntu server? by default there is 7.0.8
<hhee> ubuntu server 16.04 lts
<SipriusPT> binia: i am using PHP Version 5.6.25
<binia> yeah, i gave up :D
<SipriusPT> did you solve it?
<binia> nope, whatever i did, it fucking didnt work, went to 5.5 worked no probs
<SipriusPT> i see
<SipriusPT> thanks binia
<binia> no probs
<relativemedia> morning folks
<cpaelzer> where are those morning folks?
<cpaelzer> hi relativemedia
<relativemedia> im on 16.04.01 x64 and the following packages need to be upgraded ... linux-headers-generic linux-headers-virtual linux-image-virtual linux-virtual open-iscsi
<relativemedia> last time i did dist-upgrade from 14.04 to 16.04.01 i had to nuke the vm and rebuild
<relativemedia> shouldn't have any issues this time right ?
<relativemedia> since its a minor upgrade
<cpaelzer> relativemedia: that is only kernel updates and some ipv6 fixups in open-iscsi
<cpaelzer> relativemedia: seems fairly safe if that is your only upgrade list
<relativemedia> yeah thats wthat i figured
<cpaelzer> relativemedia: but then in general since you are on a VM depending on the risk you are taking maybe snapshots are good?
<relativemedia> takign one now :)
<cpaelzer> relativemedia: well then you are safe++
<relativemedia> yes indeedy
<cpaelzer> As always, the devil is in the details ...
<relativemedia> yeah
<relativemedia> do snapshots take forever though :(
<relativemedia> cpaelzer, all good successful upgrade :) sweet
<zul> coreycb: yeah manifest.in,,,stupid pbr....grumble grumble
<coreycb> zul, ?
<zul> coreycb:  pbr generates its own manifest with "sensible" defaults with the AUTHOR and changelog automatically
<coreycb> zul, gotcha.  so this is a pbr bug?
<zul> coreycb: dh_python expects a manifest to be there,
<zul> coreycb: yeah
<coreycb> zul, ok so i'd say open a bug against pbr/keystone and we can install those files manually for now with a comment linked to the bug in d/rules.  what do you think?
<zul> coreycb: i have a patch that re-adds the manfiest
<coreycb> zul, that's probably better.  can you add a link to the bug to that patch?
<zul> coreycb: ill open a bug and add it to the link
<coreycb> zul, thanks
<zul> coreycb: i *think* antoher option would be patch our version of pbr
<zul> coreycb: lemme try something
<zul> coreycb: im just worried that other things like nova is affected the same way
<coreycb> zul, did any other projects drop their MANIFEST?
<coreycb> zul, if you patch pbr get the patch upstream too
<zul> coreycb: they all dropped the MANIFEST
<relativemedia> anyone here play with kubernetes
<coreycb> zul, well not all of them did, but yeah a fix to pbr would be good because they might
<zul> coreycb: relevant bug https://bugs.launchpad.net/magnum/+bug/1608980
<ubottu> Launchpad bug 1608980 in OpenStack Object Storage (swift) "Remove MANIFEST.in as it is not explicitly needed by PBR" [Undecided,In progress]
<relativemedia> so i have a q, can i install kubernetes on an ubuntu 16.04 server and havew it control coreos clusters?
<coreycb> jamespage, beisner, hi can you promote libvirt - 1.2.12-0ubuntu14.4~cloud2 from kilo-staging -> kilo-proposed please?
<Slashman> hello, I have an issue with zfs on ubuntu 16.04 kernel 4.4.0-47 and latest zfs: http://apaste.info/Iqogj result: any zfs dataset are unusable, any read/write operation takes forever...
<Slashman> I'm looking for bug report about this, didn't find one, any idea?
<Slashman> other log: http://apaste.info/DCX0E
<zul> coreycb: yaaay http://pastebin.ubuntu.com/23522795/
<coreycb> zul, \o/  pbr patch?
<zul> coreycb: yeah i just uploaded it to the archive..next is to rebuild in the CI
<zul> coreycb: then deploy again
<zul> coreycb: then rebuild packages and upload
<stgraber> Slashman: #ubuntu-kernel may be more likely to help you
<jonah> Does any body here use APC smart-ups with a generator? My generator is only 2200 watts. But my ups is 2700watt max output. Yet my load is under 2000w. I spoke to APC and they said it's best not to risk testing my generator with my UPS as generators should be 3-5 times higher rated in VA/watts than the load. So I'm not sure if my setup will work and worred to test it as they've said not to!!
<rbasak> jonah: when your generator comes online, it will need to supply both your 2 kW load as well as your recharging UPS. Depending on how fast your UPS recharges, it sounds like it will be overloaded.
<rbasak> Presumably that's why APC have that guideline?
<rbasak> I don't have experience of running a UPS with a generator, but I do have experience of a UPS-only scenario where the main circuit is only rated slightly higher than the load.
<rbasak> It constantly tripped after a power failure because the UPS added to the load. We had to drop the load down until it charged every power outage. Manually, before the UPS ran out.
<jonah> rbasak: so it may work if the load is reduced enough to enable recharging?
<rbasak> That would mitigate my particular point, but I don't have enough experience to be tell to tell you that there won't be some other problem.
<beisner> coreycb, libvirt 1.2.12-0ubuntu14.4~cloud2 promoted to kilo-proposed re: https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1640676
<ubottu> Launchpad bug 1640676 in libvirt (Ubuntu Trusty) "[SRU] libvirt 1.2.12 live-migration corrupts some instances" [High,Incomplete]
<rbasak> Power factor, for example - you stated your load in kW, not VA.
<coreycb> beisner, thanks
<beisner> yw coreycb
<zul> coreycb: im killing the pending ci jobs since those are going to be invalid if the manifest is not there
<coreycb> zul, ok
<zul> coreycb: might as well fix CI issues as well :)
<Someone_Else> I can't browse a mounter NFS share. First, ls listst 0 files, second try: "no such file or directory". df shows the mounted volume at first, however, changes to "stale file handle". ls list the directory permissions as "d?????????", NFS shares on other hosts work fine (using the same server)
<Someone_Else> Using Xenial
<relativemedia> hey all im on 16.04.01 and i notice when i run apt-get update i get a lot of things like The repository 'https://packages.gitlab.com/gitlab/gitlab-ce/ubuntu xenial Release' does not have a Release file.
<tarpman> relativemedia: pastebin your sources.list (and any sources.list.d fragments) and the output of apt-get update
<relativemedia> sources.list(.d) is managed by puppet so .list is empty
<relativemedia> ill pastbind .d
<relativemedia> https://gist.github.com/mikedevita/7f72580b1075dccc1f66bacfc4863746
<relativemedia> weverything is a local mirror except gitlab]
<tarpman> https://packages.gitlab.com/gitlab/gitlab-ce/ubuntu/ is returning 404 for me.
<relativemedia> same just noticed that
<relativemedia> hah
<tarpman> oh, they have some weird setup
<tarpman> directory listings don't work. fine
<relativemedia> yeah
<tarpman> relativemedia: can you do 'apt-get -o Debug::Acquire::http=1 -o Debug::Acquire::https=1 update' and pastebin that?
<tarpman> at a glance, https://packages.gitlab.com/gitlab/gitlab-ce/ubuntu/dists/xenial/Release and related files look ok
<relativemedia> it might be because of ssl :\
<relativemedia> iev got a sneaky suspicion
<Someone_Else> relativemedia: Is apt-transport-https installed?
<relativemedia> yes it is
<relativemedia> but ihave issues clone git repos on other urls
<relativemedia> and curl fails on their gitlab url
<Someone_Else> The issue seems to be GitLab related
<Someone_Else> Can you comment the lines out in the GItLab apt-file and run gitlab-ctl reconfigure?
<Fieldy> hello, is anyone else having problems installing things? for over an hour now i've been having this happen, with the various us.archive.ubuntu.com servers: 0% [Connecting to us.archive.ubuntu.com (91.189.91.15)]
<Fieldy> just never gets anywhere
<Fieldy> each time is a different ip naturally in the IP rotation
<sarnold> Fieldy: hrm, both IPv4 addresses I get back appear to work fine
<sarnold> funny enough I don't get 91.189.91.15 as one ofmy choices -- I get 91.189.91.26 and 91.189.91.23
<relativemedia> hey all something funky with my ca certs... fatal: unable to access 'https://github.com/creationix/nvm.git/': Problem with the SSL CA cert (path? access rights?)
<relativemedia> i ran update-ca-certificates and it looks ok
<tarpman> relativemedia: need more details. try openssl s_client -connect github.com:443 -showcerts
<relativemedia> i did that, came back rc0 ok
<relativemedia> is there a way to reconfigure ca-certificates completely, like nuke /etc/ssl or whatever and redo it
<tarpman> relativemedia: export GIT_CURL_VERBOSE=1 and try your clone again
<relativemedia> * error reading ca cert file /etc/ssl/certs/ca-certificates.crt (ASN1 parser: Error in TAG.)
<relativemedia> lol wtf
<tarpman> this sounds vaguely familiar. didn't you have a broken/invalid certificate somewhere in that directory before?
<relativemedia> a awhile back
<relativemedia> deleted it though
<relativemedia> is there a way to nuke /etc/ssl/certs and regenerate it completely?
<tarpman> anything in /usr/local/share/ca-certificates?
<tarpman> probably not without reinstalling the entire system
<tarpman> doubt you'll be able to purge the ca-certificates package without wiping out most of your system
<relativemedia> yup stuff in there
<relativemedia> ill duke it
<relativemedia> yeah i was about to purge that but noticed it'd remove a bunch
<tarpman> the update-ca-certificates manpage says anything in /usr/local/share/ca-certificates will be included in ca-certificates.crt
<relativemedia> BINO
<relativemedia> BINGO* fixed it
<relativemedia> rm /usr/local/share/ca-certificates/*
<relativemedia> stupid bugger
<relativemedia> tarpman, it'd help to read the manpage right :P
<sarnold> fwiw apt-get install --reinstall may let you get the 'overwrite this package' kind of results
<relativemedia> thanks sarnold
<sarnold> it wouldn't have helped in this case since it should avoid /usr/local ;) but still
<relativemedia> i assume its a bad idea to move root's homedir to an nfs mount?
<ihubuntu>  hello i try make auto installer ubuntu 16.10 but i can't skip select locale keymap and country http://pastebin.com/VkFEQnUW
<sarnold> ihubuntu: do you get any warnings or errors in any log files, or other conolses?
<ihubuntu> where get log in /var/log is empty
<sarnold> do dmesg or journalctl work?
<genii> If /var/log is empty, you probably have larger problems
<sarnold> isntall environment is weird
<sarnold> I don't know how it works :)
<genii> Oh, installer. Look at out put from console 4 then
<ihubuntu> a lot of error
<ihubuntu> but i can't scroll log
<sarnold> shift pageup perhaps?
<ihubuntu> no shift pageup isn't working
<tarpman> sarnold: the reason I didn't suggest that is it wouldn't (AFAIK) overwrite modified conffiles, or indeed delete locally-added ones...
<tarpman> and yes I'm aware of the various --force-things
<tarpman> maybe rm -rf /etc/ssl and dpkg --force-confnew would do it, but I wasn't about to recommend that wihtout testing locally first :D
<sarnold> :)
<ihubuntu> wah pressed options very different in documention
<macskay_> Hey guys, I got disconnected earlier this morning but still got a question. I have a running LDAP on my system which works fine and multiple users that can successfully access the services which are connected to LDAP. I also got a "Change PW" PHP Script, which works as well. So the LDAP pw is updated successfully.
<macskay_> The users are also allowed to use UNIX, but the PW does not change for unix, meaning they can't login to the server via SSH with the new password. Why is that?
<sypher> macskay_: I *think* that passwords are cached for a certain period of time. At least, I've seen that in some configurations, but that may have been the function of third-party systems rather than native LDAP tools.
<coreycb> zul, i pushed updates to horizon, it installs ok with the changes but needs work to get the static assets working
#ubuntu-server 2016-11-24
<zhul> what is the program used to install "meta packages" ?
<sarnold> either apt-get install <foo>^  or tasksel
<zhul> huh taskel ty :)
<zhul> tasksel*
<zhul> sarnold :  I get this error : tasksel: debconf failed to run
<sarnold> zhul: is that the entire error? there's not much to work with there
<zhul> sarnold: yup it is , i tried aptitude reinstall debconf but it doesn t change a thing
<zhul> "aptitude reinstall debconf" *
<sarnold> zhul: try apt-get install instead. maybe it gives better error mesages than tasksel
<zhul> sarnold: i tried "aptitude reinstall tasksel" and it worked
<sarnold> zhul: sorry, I meant, try apt-get install <tasknamehere>^
<zhul> sarnold: tasksel is now running ty
<zhul> sarnold: it doesn't work as I expected although :)
<sarnold> zhul: oh?
<zhul> sarnold : I wanted to use it to remove properly all lxc-lxd / virtual stuff but but it wasn't selected in tasksel, so I used apt-get insted
<sarnold> zhul: ah. if you want to remove things, indeed apt-get purge is probably a better tool :)
<infinital> got a crontab job that is running at startup on 16.10 server, I had scheduled but somehow I'm stuck with my server not booting up.  eventually it just sits on a memory error.  the cron job was:  rm contents of a folder, zip files from other folder, upload to s3,  running as  a bash script, ran fine on CL, but now can't get server to boot.  any thoughts?
<infinital> thanks
<infinital> like right now it's stuck at the last line of adding files to the zip, which next line was the aws s3 upload.  have left it sitting for over an hour, and the size of the zip file should have uploaded in about 30 minutes
<sarnold> I'm surprised a crontab job could halt bootup
<sarnold> the usual problem with crontab entries not working right is a difference in environment between a normal login shell and the cron env, 98% of the time it's PATH not being set as expected
<infinital> it was weird.  was having path issues with the 's3 aws' command, so was fixing that, then went to crontab -e, to check something, then it just fired off trying to run the script
<infinital> sarnold: right, i had the script logging out so i could see why it was running
<infinital> but now just trying to figure out how to get this cronjob to stop, booted into a ubuntu 16 desktop live cd, to try and delete the scripts, but the one I moved into the /bin/local (i think) is got an X and I can't access it
<infinital> where I'm at currently with it https://usercontent.irccloud-cdn.com/file/eKdhgeAG/file%20server%20issue.png
<infinital> the python stuff is from the AWS cli
<sarnold> ah.
<sarnold> the errors man, the errors.
<sarnold> (a) looks like some disk is full. nothing works right when that happens.
<sarnold> (b) looks like you've run it way out of memory too. That can happen when swap files fill or ..
<JohnMcClain> I always end running out of inodes before I know what's happening.
<sarnold> JohnMcClain: oh that's a classic.
<JohnMcClain> "Look, I can scrape the web!" "Wait, I still have 90% disk space..."
<infinital> well it's on exsi, so I'll take it down and allocate more memory to it, as it's just on 1gb atm
<JohnMcClain> Then I end up cronning it all away, then I cry when my DB takes 40s/query
<infinital> disk space is 500GB allocated, only using about 100, probably little less
<infinital> don't remember size of swap
<infinital> i'll let this run, and see what happens.  went from 1gb to 4gb for time being
<infinital> bbiaf
<zhul> should I use / attach  a virbr0 / bridge device to my lxc container ? or rather my eth0 / physical device ?
<sarnold> zhul: I think this is one of the better descriptions of the networking types https://linuxcontainers.org/lxc/manpages/man5/lxc.container.conf.5.html
<zhul> ty
<zhul> I had made a typo mistake :) lxc improvement are quite impressive lately
<zhul> sarnold: do you know if there is any benefit to use virbr0 rather than physical interface to attach to containers ? what is the "best" / common practice ?
<sarnold> zhul: I'm sorry to say that I really don't udnerstand the tradeoffs well :/ I think if you pass through a physical interface you won't be ablwe to use it on the host, or any other containers
<sarnold> zhul: if I'm right, that might be a deal breaker, or that might be exactly what you wanted :) it's hard to guess..
<sarnold> zhul: and I understand that the maclan option may look nice at first, but there's no way for the host to talk to the containers. Or maybe it's no way for any container to talk to any other container or the host. it felt like a stiff penalty.
<zhul> sarnold: well I just realized in recent Ubuntu it seems you attach rather to a network than to a network device, so my question was misleading I guess
<zhul> sarnold: lxc network attach <network> <container> [device name]
<patrick_> Anybody else here using Ubuntu Mate?
<sarnold> zhul: ah if you're doing lxd there's some more docs here https://github.com/lxc/lxd/blob/master/doc/configuration.md
<protn> hi folks
<protn> whats the easiest way to back up and restore list of all installed packages and repositories keys?
<sarnold> protn: dpkg --get-selections | dpkg --set-selections -- and /etc/apt/trusted*
<protn> sarnold: and where dpkg --get-selections stores text file?
<protn> on a new box I have to somehow tell dpkg also where the list of selections is
<sarnold> protn: it just dumps it to standard output, and --set-selections reads from standard input.. save it whereveer :)
<protn> hmm
<protn> maybe simply apt-clone clone foo ?
<protn>  dpkg --get-selections | dpkg --set-selections -- and /etc/apt/trusted*
<protn> dpkg: error: --set-selections takes no arguments
<sarnold> sorry, I shouldn't have used punctaion that's also common on the command line :)
<sarnold> you can manage the package list with dpkg --get-selections and dpkg --set-selections
<sarnold> and you can manage the repository trust through the /etc/apt/trusted* files
<protn> so dpkg --get-selections  and somehow save them to file and then set selections from that file?
<sarnold> yeah
<hallyn> hm, md127_raid1 has been running for 48 hours, at high cpu
<hallyn> doesn't seem like a "reboot" kinda situation, but...
<sonu_nk> i am getting service unavailable for my domain..which log i need to check ?
<Capprentice> Help Needed: Im trying to set up an Squid Box in bridge mode using Ubuntu 16.04 with two interfaces with TPROXY. Following is the firewall conf -https://paste.ubuntu.com/23526212/ . I can see packet hits in all chains but not in the tproxy redirect chain. Can you explain what Im doing dumb? Why the traffif is not hitting SQUID at all? Any info you need on this, pls ask :) - http://imgur.com/a/dvvz
<cpaelzer> Capprentice: sorry I see nothing obvious, the issue seems to exceed my iptables-foo
<Capprentice> hmmm ^
<Capprentice> cpaelzer:
<Capprentice> thanks for looking.
<Capprentice> imgur.com/a/dvvzm
<sonu_nk> i am getting service unavailable for my domain
<sonu_nk> some time some time it works
<jonah> hi can anyone help. I'm struggling with NUT / upsd. Although my servers share the same cabinet and UPS they are on different networks and not the same LAN. My NUT slave/client won't connect the master/server whatever I try. I can get them to work together and connect if on the same LAN but not over WAN. Can anyone please help how this can be done?
<zul> jamespage: https://code.launchpad.net/~zulcss/charm-helpers/swift-ocata/+merge/311743
<jamespage> zul, -> #openstack-charms
<zul> sorry
<Fieldy> hello, how can I change the server that apt uses from us.archive.ubuntu.com to ca.archive.ubuntu.com ? i haven't been able to reach any of the IPs of the us one for a few days on port 80. mtr shows it falls into a black hole after 91.189.88.162 but i can manually connect to the ca. ones
<Fieldy> "after 38.104.186.42" mispaste
<Fieldy> ah sources.list that was easy. working now :)
#ubuntu-server 2016-11-25
<jonah> Hi can anyone please help with TCP Wrappers? Are they supported in 16.04 LTS as standard or do I have to install a package? Also how can I check if an application is built to support them?
<jonah> Thanks for any help with this
<jonah> Is there a way to add tcp-wrappers support into a package with apt or do you have to compile from source to get tcp wrappers?
<zioproto> Is it the thanksgiving weekend right ? :) I guess most people on holiday ?
<zioproto> :)
<zioproto> jamespage: looks like we have another chance to work together https://bugs.launchpad.net/nova/+bug/1644839
<ubottu> Launchpad bug 1644839 in OpenStack Compute (nova) "If flavor has more than 32 cpus cannot spawn instance if glance image has hw_vif_multiqueue_enabled='true'" [Undecided,New]
<AlecTaylor> hi
<AlecTaylor> Should I place my `.sock`s in `/run` like everyone else, or should I create a new dir like some people, e.g. /softwarename/var/api/api.sock
<zioproto> Anyone knows how to check the value for MAX_TAP_QUEUES for Kernel 4.4.0-47-generic #68~14.04.1-Ubuntu SMP ?
<jamespage> zioproto, hello!
<zioproto> jamespage: hello :) I am dealing with a nice bug in production
<zioproto> as a workaround I told my use to upload a glance image with hw_vif_multiqueue_enabled='false'
<zioproto> so he can boot the instance
<zioproto> but he gets then the slow networking
<zioproto> the patch is easy, I can rework https://review.openstack.org/#/c/332660/
<zioproto> cloning git clone git://kernel.ubuntu.com/ubuntu/ubuntu-trusty.git to see if MAX_TAP_QUEUES changes from vanilla kernel
<zioproto> jamespage: the ubuntu kernel is different
<zioproto> #define MAX_TAP_QUEUES DEFAULT_MAX_NUM_RSS_QUEUES
<zioproto> this brakes nova
<zioproto> :(
<jamespage> zioproto, trusty is 3.13 right?
<jamespage> oh wait I see you're using the 4.4. kernel
<zioproto> yes
<zioproto> so there is this patch in nova that hardcodes some values
<zioproto> there is also nice reference table of this values, with URL to the git of vanilla kernel
<zioproto> jamespage: look at this review https://review.openstack.org/#/c/332660/
<zioproto> I am runnig this kernel linux-generic-lts-xenial             4.4.0.47.34
<jamespage> zioproto, xenial kernel - http://paste.ubuntu.com/23532517/
<jamespage> should be defaulting to 256
<frickler> jamespage: seems that value is changed when building the kernel for trusty
<jamespage> hmm
<zioproto> Linux zhdk0088 4.4.0-47-generic
<zioproto> how can I check it at runtime ?
<zioproto> frickler: how you find that out ?
<jamespage> zioproto, I see the same stanza in drivers/net/tun.c in the xenial HWE branch
<frickler> zioproto: ah, no, sorry, I was looking at the wrong branch
<zioproto> Did you guys see my stacktrace  in the bug report ?
<frickler> so according to the comment in baf71c5c1f80d82e92924050a60b5baaf97e3094, this should be good for 256 vCPUs
<zioproto> but I get
<zioproto> Invalid number of queues (= 46), must be a postive integer less than 31.
<frickler> zioproto: just to make sure, you do run on a system with > 32 cpus?
<zioproto> http://paste.ubuntu.com/23532554/
<zioproto> yes because If I remove the multiqueue property from the glance image I am able to boot the instance
<zioproto> I have 48 CPUs on the sistem
<zioproto> and now the instance is running
<zioproto> I told the user
<jamespage> zioproto, which libvirt version are you using?
<zioproto> to boot from a different glance image where I decorated the image with hw_vif_multiqueue_enabled='false'
<zioproto> jamespage: 1.2.16-2ubuntu11.15.10.4~cloud0
<frickler> zioproto: so as I workaround maybe try to set the limit in the nova code you referenced to 31 instead of 256
<jamespage> actually that message comes from qemu
<zioproto> frickler: yes that would work but I dont want to carry local patches
<zioproto> frickler: I need to come up with a solution that will be accepted in openstack upstream
<zioproto> jamespage: qemu 1:2.3+dfsg-5ubuntu9.4~cloud2
<jamespage> give me a sec
<jamespage> zioproto, yup you're being blocked by qemu
<frickler> zioproto: maybe the limit 31 31 is imposed by qemu, so nova is wrong in using that kernel value.
<jamespage> VIRTIO_PCI_QUEUE_MAX == 64 in the version you're using
<jamespage> 64 /2 -1
<jamespage> (VIRTIO_PCI_QUEUE_MAX - 1) / 2
<zioproto> jamespage: you rock ! how did you find that out ?
<cpaelzer> it is surely arch specific, I've had s390 on 64 cpus, but then no PCI there
<jamespage> zioproto, been poking at qemu today - but 2.7
<jamespage> where its 1024
<zioproto> I need to update this bug: https://bugs.launchpad.net/nova/+bug/1570631
<jamespage> cpaelzer, that constant has a new name
<ubottu> Launchpad bug 1570631 in nova (Ubuntu) "With hw:vif_multiqueue_enabled, libvirt driver fails with VM larger than 8 vCPU" [Low,Fix released]
<jamespage> VIRTIO_QUEUE_MAX
<jamespage> not PIC
<jamespage> PCI rather
<jamespage> include/hw/virtio/virtio.h:#define VIRTIO_QUEUE_MAX 1024
<jamespage> thats from 2.7.0
<cpaelzer> thanks jamespage
<jamespage> cpaelzer, yw
<cpaelzer> I just say it is arch specific as I had 64 running already
<jamespage> cpaelzer, I'm putting qemu in a snap with libvirt
<cpaelzer> ah thanks, just wondered what you do with that atm
<jamespage> zioproto, xenial qemu has:
<jamespage> VIRTIO_QUEUE_MAX
<jamespage> =include/hw/virtio/virtio.h:#define VIRTIO_QUEUE_MAX 1024
<jamespage> zioproto, so this looks like an issue isolated to the liberty UCA version you're using
<frickler> right, that would mean that nova has to check the qemu version in addition to the kernel version and set its limit accordingly, I guess
<cpaelzer> zioproto: but x86 HW virt is limited to stay <=HW-cpus IIRC - so you can go to 48, but not test e.g. 256 (maybe that can be tuned thou)
<frickler> jamespage: MIN_QEMU_VERSION in nova is still at 1.5.3
<zioproto> jamespage:  should we make a patch just for the ubuntu packages ?
<jamespage> frickler, youch
<jamespage> zioproto, for qemu
<jamespage> ?
<jamespage> zioproto, or for nova?
<frickler> jamespage: may be bumped to 2.1.0 for pike iiuc
<jamespage> \o/
<jamespage> that's still not enough for 1024
<rbasak> cpaelzer: around? Can I give you an intermediate report on this strongswan merge review? I'd like to talk it over with you before the complexity of our delta makes me lose my mind :)
<jamespage> rbasak, oh I remember that one
<rbasak> cpaelzer: http://paste.ubuntu.com/23532604/ are my current notes.
<cpaelzer> rbasak: I'll get a visitor to teach math to soon, but til then ok
<rbasak> cpaelzer: hangout? Two minutes.
<cpaelzer> rbasak: give me two minutes to clean up the next evil merge
<cpaelzer> rbasak: ok
<zioproto> jamespage: I guess for nova
<frickler> zioproto: if you don't come up with something else, I'll propose a patch to nova upstream next week
<rbasak> Snap :)
<frickler> gotta run for the weekend now
<zioproto> I am also on my way to the weekend
<zioproto> lets meet again here on monday :)
<rbasak> cpaelzer: https://hangouts.google.com/hangouts/_/canonical.com/strongswan?hl=en-GB&authuser=0
<jamespage> zioproto, frickler: have a nice one guys
<zioproto> bye !!
<hhee> guys, i have got a server with root enabled by default. how can i turn it off again?
<genii> hhee: First, make sure you have a user with sudo rights so you don't lock yourself out of the system. If all good there, sudo usermod -L root    ...will lock the root again
<genii> hhee: To make sure it took: sudo grep root /etc/shadow   ...and make sure the second field is an exclamation mark, like:  root:!:
<hhee> genii, got it. already create usual user
<hhee> genii, thx a lot
<hhee> :)
<genii> Glad to assist
<hhee> genii, well another question
<hhee> seems like i didn't have apropriate record in sudoers file
<hhee> which way more eight to add user with sudo right?
<hhee> rights*
<hhee> got it
<hhee> !
<tarpman> hhee: the usual way in ubuntu/debian is to add the user to the 'sudo' group
<hhee> tarpman, got it, thx :)
<tarpman> hhee: usermod -aG sudo username
<tarpman> ok
<hhee> guys. question.
<hhee> does ubuntu-server has groups for install software? how can i do it?
<hhee> for example LAMP and mail server
<hhee> im reading man apt, but dont see smth similar
<tarpman> hhee: yes. have a look at tasksel
<hhee> tarpman, got it. very handy.
<hhee> one more question. after many command in ssh session i have got something like this - perl: warning: Setting locale failed.
<hhee> perl: warning: Please check that your locale settings:
<hhee> after locale command
<hhee> got - locale: Cannot set LC_CTYPE to default locale: No such file or directory
<hhee> what i did wrong?
<tarpman> what's your locale set to?
<hhee> tarpman, i thought it was utf8
<tarpman> (run the locale command with no arguments to get a summary)
<hhee> tarpman, LANG=en_US.UTF-8
<hhee> not set - LANGUAGE= and LANGUAGE=
<hhee> sorry and LC_ALL=
<tarpman> hhee: do you have language-pack-en installed
<hhee> tarpman, cool. got it. i have found http://askubuntu.com/questions/162391/how-do-i-fix-my-locale-issue
<hhee> tarpman, and there is solutions
<tarpman> ok
<hhee> tarpman, big tnx for awesome support.
<hhee> have a nice day!
<tarpman> not sure those are the best solutions, but if they work, fine :)
<hhee> seems like work :)
<hhee> guys. another quesion about sudo :)
<hhee> i tried - sudo cat file.conf > file2.conf
<hhee> bash: file2.conf: Permission denied
<hhee> which way to do it?
<tarpman> yes, because 'cat file.conf' runs under sudo, but '> file2.conf' happens in your own shell, outside of sudo
<tarpman> you want: sudo tee file2.conf < file.conf
<tarpman> which reads from file.conf in your current shell and writes to file2.conf under sudo
<hhee> tarpman, cool... thx :)
<hhee> tarpman, another question
<hhee> sudo cd /var/log/apache2/
<hhee> sudo: cd: command not found
<hhee> how can i handle this? :)
<tarpman> hhee: if "cd" did exist as a standalone command, what would it do?
<tarpman> hhee: your shell would spawn a "sudo" process, which would execute "cd", and then exit
<tarpman> hhee: meanwhile your shell is exactly where it was, nothing's changed
<hhee> tarpman, i need some group of command.. i have to think
<tarpman> hhee: I don't know what you're trying to do. maybe you want to cd /var/log/apache2 and then sudo something in there. or maybe you want to open a root shell (sudo -s or sudo -i) and do stuff in that shell
<hhee> tarpman, got it. sudo -i what i need
<hhee> tarpman, thx again :) many times
#ubuntu-server 2016-11-26
<Amgine> How do I troubleshoot why my server does not send e-mail?
<Seveas> Amgine: look in the logs.
<Amgine> <hmms> postfix/master[10203]: fatal: bind 0.0.0.0 port 25: Address already in use
<Seveas> netstat -pltn
<Seveas> or the modern equivalent, ss -pltn
<Amgine> https://dpaste.de/U9pR
<Seveas> yeah, needs sudo to actually get the processes
<Amgine> moment.
<Amgine> https://dpaste.de/hrVE
<Seveas> so postfix is running
<Seveas> that 'fatal' line was probably caused by someone/something trying to start postfix when it was already running. Harmless
<Amgine> kk. Let me test again with mail
<Seveas> how are you testing?
<Amgine> mail -s "Test subject" email@address.tld
<Amgine> And it's getting deferred/refused by my hosted mail service. <grumbles>
<rbasak> "swaks" is good for testing MTAs
<Seveas> s/good/awesome/
<rbasak> Speaks SMTP directly to what you want it to speak to
<Seveas> Amgine: is this server in a datacenter or at home?
<Amgine> at home.
<Seveas> yeah, forget it then. Most mail providers blacklist home IP's
<Amgine> Ah. Well, that sucks.
<Seveas> get a $1/month vps :)
<Amgine> The goal for this project was to self-host a privacy-oriented service - friendica.
<rbasak> I use my (small, privately owned, anti-surveillance) ISP's SMTP server and host my own IMAP server.
 * rbasak doesn't mind surveillance-when-with-a-court-issued-warrant, but considers any other sort of surveillance wrong.
 * rbasak appears to be living in the wrong country :-(
<rbasak> (and of course my ISP can see my SMTP traffic anyway)
<Seveas> and you users' IPS's can as well
<Amgine> Gosh I love how attempting fix one thing breaks many others. But yes, I'm not too worried about the privacy thing, just annoyed by the blacklisting of user IPs.
<Seveas> Amgine: it's tremendously useful in battling spam though
<Amgine> I didn't say I'm opposed to it, just annoyed. On another hand, it *does* mean the mail system is now a private club.
<Seveas> not really, anyine can spin up a vps somewhere and send mail
#ubuntu-server 2016-11-27
<zaki> hello
<knx> hi. if i have a server connected with two ethernet ports, one connected to a router, can someone please help me understand what is necessary to be able to plug another device into the secondary ethernet port and be part of the same LAN (i.e. reach the same DHCP daemon).
<knx> from what i can tell i have at least two options, either bridge eth0 and eth1, or use iptables and forward communication between eth0 and eth1 (and masquerade eth1?), or am i mistaken?
<knx> sorry, meant "a server with two ethernet ports, one connected..."
<knx> or can i specify the servers routing table such that eth0 and eth1 don't have to be bridged nor iptable'd in order to reach eachother?
<Phanes> anybody using lxd/lxc?  not really finding a solid guide on custom image creation from scratch.  any suggested reading?
<patdk-lap> Phanes, there is nothing to it
<patdk-lap> it's the exact same why you would make an image for anything else, -kernel
<Phanes> ok, so, if i make an image for virtualbox it's an entirely different process then if i make an iso for bare metal, if I make an image for qemu it's entirely different a process then if I make it for either of those, and if I make an image for hyper-v it's entirely different then if i make an image for any of those.  so if just one single person who knows how to do this could spare me the philosophical tripe and just link me to some docs on
<Phanes> image creation in LXD i'd -very- much appreciate it in lieu of feeling stupid.
<patdk-lap> hmm, the process for all of the above is the same
<Phanes> that's not accurate
<patdk-lap> virtualbox/qemu/bare/... all use the same image
<Phanes> .ignore patdk-lap*!*@*
<Phanes> does anyone actually know how to do this?
<terabyte> hey. I have a choice, install a startup.service file via the debian package itself, or allow it to be configured via puppet. What's best practice/ standard?
<Phanes> puppet should be used for all of that during the whole lifecycle of the server
<Phanes> that's puppet's purpose
<terabyte> ok. so the deb package should just install the package, and shouldn't install any .service files. Thanks
<Phanes> no
<Phanes> don't use debs on a puppet server
<Phanes> you'll thank yourself later
<Phanes> use the puppet abstraction layers for package management
<terabyte> hm?
<Phanes> puppet abstracts away distro-specific things
<terabyte> I'm using package {}, but package is ultimately going to be a deb from some private repo.. And I also write the package. I guess it's a question of who's responsibility it is to create users/startup scripts. deb package or puppet...
<Phanes> ah ok
<terabyte> right
<Phanes> oh
<Phanes> that should be puppet
<Phanes> since those are going to be configurable if you've written your service correctly
<terabyte> ok
<Phanes> but at the same time users not using puppet should not be expected to create those
<terabyte> well this is the thing ^^
<Phanes> heh yep.  it should go in the package but should be overridden in puppet
<terabyte> ok cool.
<terabyte> thanks *
<Kiwi_Alien> good morning
<Kiwi_Alien> I wish to make my samba ubuntu server only LAN
<Kiwi_Alien> im a little confused
<Kiwi_Alien> I read that i can simply just not give it a gateway?
<compdoc> that can work. and you can block it on the router
<compdoc> it will never be able to update
<Kiwi_Alien> shouldnt have to worry about updates if its on lan?
<Kiwi_Alien> An then if i wanted to, I could ssh in to then update?
#ubuntu-server 2017-11-20
<arunpyasi> rbasak, interesting.. thanks ! :)
<lordievader> Good morning
<cpaelzer> hi lordievader, how are you this week?
<lordievader> Doing okay so far. How are you cpaelzer ?
<cpaelzer> nacc: no it was not about the iscsi in xenial I know that we killed it there
<cpaelzer> nacc: instead it was the one in trusty by a new HWE form Xenial that exceeds two digit version numbers
<cpaelzer> lordievader: ok as well over here
<lordievader> ð
<Takumo> HI all, I'm having issues with `mtr`, its only showing 7 hops, but tracepath is going to 30 before giving up
<Takumo> Any ideas why?
<rbasak> Takumo: some nodes in some paths block mtr's probes.
<Takumo> rbasak: does mtr not default to using the same ICMP probes as tracepath?
<rbasak> I'm not sure.
<rbasak> Looks like it uses ICMP echoes by default, but there are options to change that.
<rbasak> eg. --tcp
<Takumo> yeah, that gives me a whole bunch of different addresses for hop 6 , but still only 7 hops, 6 being the only one that replies
<rbasak> Sounds like you have stuff blocking stuff.
<rbasak> If tracepath does work, I'd start by running tcpdump/wireshark to see the difference and then try tweaking mtr settings to match.
<Takumo> ah, found it
<Takumo> TTL
<daincredibleholg> Hi. Anyone here running Dovecot + Antispam + Spamassassin with pipe backend successfully?
<daincredibleholg> I try running it on Ubuntu Server 16.04 and it looks like the plugin is doing exactly nothing. I can see its configuration being loaded with every IMAP interaction, but it is not doing anything. I added some logger and file touches in the wrapper script and also tried the spool2dir backend, which should write the mails-to-be-relearned to a folder. Nothing happens. No error messages and enabling debug just shows me that it is loading the
<daincredibleholg> config.
<daincredibleholg> Ideas?
<wad> Hey guys. I've got a 14.04 LTS 64-bit desktop-edition server running in the cloud, running postfix and spamassassin. Recently started getting this error: /etc/cron.daily/spamassassin:
<wad> invoke-rc.d: initscript spamassassin, action "reload" failed.
<wad> Anyone running a similar configuration, seen this issue? Some googling showed me a few things, nothing really useful. I'm just checking here first, before I dive headfirst into the weeds on it.
<powersj> cyphermox: Any further thoughts on: LP: #1732776? As far as testing, I'm tempted to change our automated tests to use priority to get things going.
<ubottu> Launchpad bug 1732776 in debconf (Ubuntu) "debconf/priority not respected" [Undecided,New] https://launchpad.net/bugs/1732776
<cyphermox> powersj: +1, priority will work for now and we'll fix the rest, clearly something was wrong seeing from my debugging session with infinity on friday evening
<cyphermox> netcfg/get_hostname is also not followed
<powersj> cyphermox: so this is a larger issue?
<cyphermox> same issue for both, something is going wrong in the migration of the preseed keys from the kernel command-line to the installer's environment
<cyphermox> so, I'm a bit surprised that priority alone works, but that might just be because multiple things go parse stuff in the command-line, and when you deal with aliases it gets a bit more complicated
<vpndude> Is there a ultra stripped down version of ubuntu server
<vpndude> one that is hardened and small kinda like alpine
<JanC> I think you would also need a stripped down kernel etc. for that?
<sarnold> what would you strip? your 'needless module' is someone else's device in their boot chain :)
<mgolisch> hm if landscape-client fails to register with a 404 error what did i do wrong?
<mgolisch> i used the command it displays on the landscape computers page
<drab> hi, anybody doing something like ntop? I'm trying to figure out if and how I can setup a pcap ring buffer and generate some stats from it on the fly
<drab> for now analyzing 1Gbps
<drab> I think ntop does thing, with their PF_RING thingie
<drab> basically do a pcap capture to ram in a ringbuffer fashion and analyze it before it gets overwritten or something
<drab> the alternative, maybe simpler, would be to setup tpcudmp doing ring pcap writes and then have another process parse the last written pcap, maybe use a ramdisk for that
<drab> closest thing I could find is this, which actually kind of fit the bill: https://github.com/kumina/promacct
<drab> but my c++ sucks
<drab> the problem with pmacct is that it just does accounting, ie you can't do flow reconstruction and extract say a url from the pcap
<drab> which is also why netflow/sflow isn't a good chioce, altho I will prolly use that for a more lightweight accounting system with pmacct
<sdeziel> drab: I'd look into netsniff-ng
<drab> nice, thanks, packet sniffing beast sounds good :)
<drab> speaking of stuff with horns... I also found this from bsd that is packaged for ubuntu: https://github.com/Cisco-Talos/Daemonlogger
<drab> basically a soft tap, which is nice
<drab> oooh zero-copy, nice
<JanC> sarnold: they want their whole base system to be the size of what the Ubuntu kernel is now, so that's obviously not possible with a default Ubuntu kernel  :)
<sarnold> JanC: ha :)
<JanC> those are also often used as container-only distros, so many devices wouldn't be relevant
<sarnold> so then they just want lxd 'images' or something
<JanC> you would have to ask that "vpndude" what they want
<JanC> container/vm (not sure what they want)
 * drab just built the smallest possible pxe bootable system for rescue
<drab> well, not true, but pretty small
<drab> I guess I could strip all the binaries and remove a bunch fo modules that i'm unlikely to use, but it's the smallest I could make while supporting all the modern hw
<drab> heck of a weekend, thanks to TJ- or I wouldn't have made it
<drab> just in case anybody is interested, because afaik there's no ubuntu based small system out there that works and can be pxebooted
<JanC> drab: I assume the minimal install ISO can be PXE-booted  :)
<drab> JanC: only to install afaics, not for rescue
<drab> ie it doesn't give you a full working system over pxe
<JanC> it should be possible to drop to a shell IIRC, but it might not be very useful
<drab> some ppl are ok/happy with just getting busybox going that way and hitting alt-2, but that's not my case
<drab> right, that, not enough, I want an actual mini iso booted, basically a server system so that I can run a bunch of tools for diagnostic etc, kinda like UBCD
<drab> except that after trying UBCD kinda sucks ime and is not apt based/can't add tools at runtime like that
<drab> same for systemrescueCD
<JanC> sort of like the rescue system some hosting providers have...
<drab> rootfs is 80MB, about 40MB of initrd
<drab> I guess, yeah
<drab> this is a full system tho, you can't tell the diff with say booting ubuntu server of an installed machine
<drab> it's no strippped down other than for what comes preinstalled with it
<drab> and the other requirements was to boot over http, withou the nfsroot stuff
<drab> which otherwise makes it possible to boot an install CD and "try before install"
<drab> the only thing I couldn't fix was dns in busybox... had to use ips in the pxe menu entry
<JanC> e.g. https://wiki.hetzner.de/index.php/Hetzner_Rescue-System/en
<drab> but apart from that I'm pretty happy with the result and I have a whole new appreciation for ramdisks... with a local apt mirror I can convert into a full desktop if needed in 10sec
#ubuntu-server 2017-11-21
<chowder> where can I find information about running Ubuntu Server as a Dom0 (control domain) for the Xen hypervisor? Truth be told, I'm looking at various options for virtualization. I may be getting a work from home gig that will require me to have windows installed. I don't want to give Windows complete control of my machine but I want something more robust than Virtualbox. Any ideas?
<chowder> **not looking to dual boot either. I absolutely detest dual-booting
<sarnold> using qemu via libvirt is probably the easier solution
<sarnold> chowder: https://help.ubuntu.com/lts/serverguide/libvirt.html
<sarnold> chowder: I suggest trying out the virt-manager and virt-viewer options on that page
<chowder> I'm a programmer so I won't be doing anything extremely resource intensive like gaming but Windows takes up so many resources....I've tried Virtualbox and its nice but it slows down my main linux install while Windows is running. That's with 8GB of RAM and an i5-2400 at 3.1 GHZ.
<chowder> sarnold, I'll check that out. thanks
<sarnold> that does sound pretty tight for serious use
<sarnold> there's just no two ways around it, you'll have two operating systems running and competing for resources at once
<sarnold> normally you can give the guest OS less RAM than you expect, because the host filesystem will cache the guest filesystem
<sarnold> so the guest won't need as much memoryaround for its own filesystem caching
<sarnold> but whatever the applications require to do their job you really better have available for them, for both host and guest
<chowder> Maybe I should upgrade my RAM after all
<chowder> or eventually buy a new machine with something like AMD's Ryzen
<chowder> best case scenario is that my machine will run well and it can serve to cook my breakfast
<sarnold> heheh :)
<chowder> I was honestly looking to virtualize several operating systems. I wanted to have an Ubuntu server host, Centos guest, windows guest, solaris guest, and netbsd guest. they're paying unix admins around 180k USD per year in my area so guess what I'm studying?
<chowder> 180k for a solaris sysadmin. at that point why code?
<sarnold> wow, that's almost worth learning how to use those cranky old things again :)
<jcoffman> I make that much without having to deal with Solaris. I'm good.
<JanC> 8 GiB is definitely on the low side if you want to run VMs (especially if you want to run multiple)
<lordievader> Good morning
<ahasenack> hi, I'm running dpkg-reconfigure unattended-upgrades in ubuntu 16.04 and it's giving me a origins-pattern that points at debian, not ubuntu
<ahasenack> is that correct?
<ahasenack> specifically:
<ahasenack> "origin=Debian,codename=${distro_codename},label=Debian-Security";_
<ikonia> that doesn't seem right
<JanC> ahasenack: it's the same in 17.10, so if you file a bug report: it's not only for that distro version...
<smoser> https://objectstorage.prodstack4-5.canonical.com/v1/AUTH_77e2ada1e7a84929a74ba3b87153c0ac/autopkgtest-bionic/bionic/amd64/o/open-iscsi/20171121_123741_f0d9a@/log.gz
<smoser> anyone have a solution on that failure there ^ from http://autopkgtest.ubuntu.com/packages/o/open-iscsi/bionic/amd64
<smoser> the process runs
<smoser> apt-get install -qy --only-upgrade libnss-myhostname=235-3ubuntu1 libnss-mymachines=235-3ubuntu1 ...
<smoser> in an effort to only upgrade things (not install new ones)
<ddstreet> smoser what's the testsuite test do?
<smoser> but apparently that fails if there are other dependencies...
<smoser> ddstreet: https://git.launchpad.net/~usd-import-team/ubuntu/+source/open-iscsi/tree/debian/tests/README-boot-test.md
<smoser> it installs the packages that its being expected to test into a cloud image and then boots taht cloud image
<smoser> but in this case that installation needed some dependencies, and that didn't work.
<ddstreet> hmm
<ahasenack> JanC: ok, thanks for checking
<smoser> what i could do, buit had avoided and probably has similar issues... is go through the list of packages in the image (from dpkg-query --show) and filter it for the list of things of new things and then just 'apt-get install' those things.
<ddstreet> smoser ah it looks like the -proposed systemd depends on a newer version of libgcrypt20
<dpb1> Hello all!  Office hours has officially started, feel free to ask whatever server related questions you have.
<Dmitrii-Sh> https://bugs.launchpad.net/curtin/+bug/1728742
<ubottu> Launchpad bug 1728742 in curtin "curtin dname for bcache uses unstable devname instead of UUID" [Undecided,New]
<Dmitrii-Sh> dpb1: I think I have a cheap solution for this which doesn't require kernel work
<Dmitrii-Sh> https://bugs.launchpad.net/curtin/+bug/1728742/comments/4 <- this comment
 * dpb1 looks
<Dmitrii-Sh> this is to make sure dname is set properly based on bcache superblock uuids. Currently the problem is that there is no superblock UUID in uevents coming from kernel on coldplug so udev rules provided by bcache-tools don't work and persistent device links provided by /dev/by-dname are wrong
<cpaelzer> you might want to highlight smoser and rharper on this Dmitrii-Sh
<cpaelzer> smoser: ^^
<Dmitrii-Sh> true
<ddstreet> smoser i think the problem is the test needs to pull the systemd deps from -proposed too, since it's getting systemd from -proposed
<Dmitrii-Sh> we normally rely on dname because as
<Dmitrii-Sh> ceph charm config <-> /dev/by-dname/<device-name>
<Dmitrii-Sh> or
<Dmitrii-Sh> Juju storage <- /dev/by-dname/<device-name-in-maas> <- MAAS API
<ddstreet> hi server guys, i have a q that may not be relevant to the server team but i'll ask anyway, i have a large update to the ubuntu-dev-tools package i'm trying to get merged but nobody seems to 'own' the package, most of the top contributors have not wanted to review my changes
<ddstreet> so i'm planning on taking over (co-)maintainer of the package, anyone have any thoughts on that?
<ddstreet> i'm going to talk to foundations people as it's probably more relevant to them
<ddstreet> (talk to them also i mean)
<rbasak> ubuntu-dev-tools is maintained in Debian.
<rbasak> Which is a pain, IMHO, but anyway.
<rbasak> Also, IMHO, if patches are being sent to Debian and they aren't going in, we should just fork in Ubuntu (and/or offer to co-maintain in Debian if a DM or DD).
<rbasak> ahasenack: https://code.launchpad.net/~racb/usd-importer/+git/usd-importer/+merge/334033 and https://code.launchpad.net/~racb/usd-importer/+git/usd-importer/+merge/333888 please. The second is a pre-requisite of the first.
<ahasenack> ok
<cpaelzer> ddstreet: are you by accident and D* in Debian already?
<ddstreet> rbasak ubuntu-dev-tools is maintained in launchpad, owned by Ubuntu Development Team...unless i'm missing something?
<ddstreet> e.g. https://packages.debian.org/source/sid/ubuntu-dev-tools lists Ubuntu Developers (and Benjamin Drung and Stefano Rivera) as maintainers, but hosted in LP owned by UDT team
<ddstreet> cpaelzer i'm not debian devel
<ahasenack> JanC: https://bugs.launchpad.net/ubuntu/+source/unattended-upgrades/+bug/1577215 somebody filed it already in 2016
<ubottu> Launchpad bug 1577215 in unattended-upgrades (Ubuntu) "Origin pattern is unexpected on dpkg-reconfigure" [Undecided,Confirmed]
<cpaelzer> ddstreet: it is in debian as well
<cpaelzer> ddstreet: and a sync for us
<ddstreet> cpaelzer where is the debian repo for it?  seems they just use the lp.net/ubuntu-dev-tools git repo
<cpaelzer> ddstreet: you are at the right repo
<cpaelzer> ddstreet: but the upload has to go to debian
<cpaelzer> and synced from there
<cpaelzer> which will be an auto sync
<cpaelzer> so the target to upload to with dput&co is debian
<ddstreet> right, i'm trying to change the upstream repo tho
<ddstreet> which will go to debian of course
<ddstreet> anyway i think we're all saying the same thing
<cpaelzer> ack
<ddstreet> thnx!
<rbasak> ddstreet, cpaelzer: I think so. VCS maintained by ~ubuntu-dev, but uploads via Debian by Stefano and Benjamin only.
<rbasak> I'm a DM, so perhaps I should ask to be added.
<ahasenack> rbasak: with https://code.launchpad.net/~racb/usd-importer/+git/usd-importer/+merge/334033, pytest-3 gitubuntu/*.py no longer hangs, but I get test errors that I don't get with tox
<ahasenack> http://pastebin.ubuntu.com/26013402/
<rbasak> ahasenack: you have to run the tests on artful I think.
<ahasenack> that is artful
<rbasak> Otherwise your version of dpkg-parsechangelog won't do the right thing.
<rbasak> Hmm.
<ahasenack> tox works
<ahasenack> hm, I don't have dpkg-parsechangelog
<ahasenack> rbasak: fixed
<rbasak> \o/
<ahasenack> we need a script to install all the dependencies
<ahasenack> I might do that
<rbasak> ahasenack: here's what I'm doing: http://paste.ubuntu.com/26013419/
<ahasenack> nice
<dpb1> OK, thanks all for the questions.  office hours is officially over.
 * dpb1 shuts door, only to open it back up for regular business
<ahasenack> rbasak: just checking, I'm getting this in master as well, not just your branch: http://pastebin.ubuntu.com/26013467/
<ahasenack> rbasak: I was trying a code path that would need a launchpad login, to see if your change affected that
<ddstreet> rbasak so re: ubuntu-dev-tools, stefano hasn't uploaded to it in years (according to changelog) and there have been lots of uploads be people other than Benjamin, who last uploaded May this year
<rbasak> Perhaps they're (effectively) NMUing?
<rbasak> I'm not sure about that error.
<ddstreet> could be
<ddstreet> lemme see if i can talk to benjamin
<rbasak> Technically in Debian a team-maintained package can be uploaded without it being an NMU.
<rbasak> And I suppose the maintainer team is defined as "Ubuntu Developers".
<rbasak> So perhaps that's what they're doing: a team upload from bzr every tinme.
<rbasak> In that case, we should just land stuff into bzr.
<rbasak> And when needed do an upload into Debian.
<ddstreet> they moved it to git earlier this year, but yeah
<rbasak> Which any DD can do, or I can do if someone sets my DM upload bit against the package in Debian.
<ddstreet> rbasak i see you also have a MR open for pull-debian-source, you may want to review my MR as it consolidates all the pull-*-source and rewrites most of it
<ddstreet> https://code.launchpad.net/~ddstreet/ubuntu-dev-tools/+git/ubuntu-dev-tools/+merge/322863
<ahasenack> cpaelzer: did you manage to use git-ubuntu submit without hitting this backtrace? http://pastebin.ubuntu.com/26013467/ maybe because you are logged in already?
<smoser> ddstreet: you're right. the apt-get does not have the proposed entry there.
<ahasenack> rbasak: still around?
<rbasak> ahasenack: yes but otp
<ahasenack> rbasak: ok, I'll comment in the mp
<rbasak> ahasenack: back now but I'd like to EOD. Do you still need anything?
<ahasenack> nope
<rbasak> OK. Thanks for reviewing!
<ahasenack> np
<trekkie1701c> Has anyone had experience installing Ubuntu Server on a Poweredge T30?  It's telling me it can't boot off of my RAID array and I'm wondering if it's not liking the one I set up via Dell's utility or if I have to set one up in Ubuntu manually.
<trekkie1701c> I've got 4 1TB disks set up in RAID5
<sarnold> trekkie1701c: at least -someone- was able to get the thing booted https://certification.ubuntu.com/hardware/201702-25369/
<trekkie1701c> Yeah, that's why this is frustrating.
<TJ-> trekkie1701c: booting the installer, or booting the installed OS?
<trekkie1701c> Installed OS
<trekkie1701c> I can get the installer to boot off of a USB thumbdrive, but when I try to boot the installed system it tells me no boot device found.
<TJ-> trekkie1701c: right, because of the RAID-5 array? how does the T30 firmware select that device for booting? Is it UEFI or BIOS boot ?
<TJ-> trekkie1701c: the boot-method of the installer controls which boot-method it is installed for. E.g. installer boots in BIOS/legacy mode, it installs that mode.
<trekkie1701c> BIOS mode, and the array shows up as a single volume that's selected for boot.
<trekkie1701c> Overriding the boot settings and just going for that volume brings up an error about failing to boot off of the selected device.
<TJ-> trekkie1701c: at a guess I'd think GRUB didn't install to it correctly. Can Linux see the underlying disks as well as the logical RAID-5 array as well? if so, that can cause problems
<drab> trekkie1701c: I've had that kind of problem with a supermicro machine trying to boot off of nvme... booting the installer from pxe was fine, but when I tried to boot the system it would not
<drab> in my case it was a bios issue, ie the bios version I had could not boot from nvme
<trekkie1701c> Hmm.
<drab> I'm wondering if in bios mode it has sufficient drivers to boot from that raid device or if for example you'd need UEFI with additional drivers
<drab> so in your case I may try to install using UEFI instead of legacy mode
<trekkie1701c> Alright.
<drab> but it's just my WAG
<trekkie1701c> Better than what I had to go on.
<trekkie1701c> Hmm, UEFI won't even let me set the disk in the boot order.
<drab> trekkie1701c: how do you mean? what disks? usb one to install?
<trekkie1701c> The hard disk.  Shows up in SATA but not in the boot order.
<trekkie1701c> I'm going to try installing anyways with UEFI and seeing if maybe it picks up once GRUB is reinstalled
<drab> I would not necessarily worry about that right now and just try to install, it may not do that because it doesn't see it as installed or something, even tho a bios shouldn't care
<trekkie1701c> If not I guess I'll just disable the RAID array with Dell's software and use the Ubuntu installer to set it up
<drab> yeah
<drab> is this supposed to be a good hw raid with battery backups and stuff?
<drab> because otherwise ime it's not worth it
<trekkie1701c> Software RAID provided by Dell's firmware, but I want to experiment with a RAID setup.
<trekkie1701c> Technically speaking this server isn't worth it.  I don't need it, but I want to play around on it and doing virtualbox off of a laptop is getting annoying.
<drab> if it's a sw raid then do it with linux's sw raid... mdadm
<sarnold> (or zfs :D )
<trekkie1701c> Alright.
<trekkie1701c> Sweet.  EFI worked.
<sarnold> woot
#ubuntu-server 2017-11-22
<trekkie1701c> That moment where, after several hours of troubleshooting, you realize that there's no problem with your config, your WiFi adapter is just bad.
<sarnold> ow
<sarnold> that's rough
<trekkie1701c> What's really dumb is if I'd figured it out right off, I could've run down to Fry's, grabbed an Ethernet cable, and set up my old WiFi router as a bridge to the one Comcast has us using that my roommate refuses to replace.
<Nizumzen> replace your room mate :P
<beatzz> I have installed mailutils, postfix, dovecot-imapd, & dovecot-pop3d, followed a some tutorials as to set them up so my server will function as a send-only SMTP server, I can send email from telnet to localhost successfully, yet from the php form hosted on my apache2 server I get no response. Here is the output from netstat: http://dpaste.com/0MGVRVB
<beatzz> here in /etc/postfix/main.cf : http://dpaste.com/2TD1X44
<beatzz> ufw status: http://dpaste.com/0MEG50R
<beatzz> and /etc/dovecot/dovecot.conf : http://dpaste.com/0592VD8
<cpaelzer> ahasenack: I hit the trace you linked with ustriage rather often, but never with git ubuntu
<cpaelzer> ahasenack: afaik I tohught it would be related to my kde & keystore setup
<cpaelzer> ahasenack: I was sure it is either that or part of the language settings (lang: en; numbers/formats: german) that make this to hit just me
<cpaelzer> ahasenack: there even was a bug about it in the context of ustriage, but we didn't get far IIRC
<lordievader> Good morning
<Slashman> hello, I'm testing canonical-livepatch and it says that there is nothing to apply but I have a reboot required with the kernel, I'm using the HWE kernel, is this why? or am I misunderstanding how it works? output of the console: https://apaste.info/FEfI
<Slashman> from https://www.ubuntuupdates.org/package/core/xenial/main/proposed/linux-image-4.10.0-40-generic, shouldn't the canonical-livepatch service work for CVE-2017-12188 ?
<Slashman> I cannot find out if canonical-livepatch works for the HWE kernel... any idea?
<smb> Slashman, no (https://assets.ubuntu.com/v1/ac3aa269-DS_Canonical_Livepatch_Service_screen-AW_08.17.pdf <- see system requirements, only 4.4 kernels)
<Slashman> smb: thanks, that's too bad and make it useless for me...
<beatzz> So I'm setting up an email server for the first time, running into some expected trouble. I'm on the Ubuntu fourms trying to resolve this, but I figured I would try here also. executing 'echo "test" | sendmail me@gmail.com' returns no errors, but I'm not getting any mail in my gmail account. Here is all the relevant information I could think to gather, http://dpaste.com/16JXRHQ
<beatzz> Any help would be greatly appreciated, as I am currently stuck.
<ne2k>  any suggestions on the nicest/cleanest way to add gretap tunnels and bridge them to a bridge on ubuntu, i.e. ifupdown /etc/network/interfaces
<ne2k> persistently, obviously
<rbasak> ahasenack: is Launchpad struggling? I'm getting lag.
<rbasak> Could that be the reason?
<ahasenack> it's fine from here
<ahasenack> rbasak: ok, so this line:
<ahasenack> 11/21/2017 19:47:34 - INFO:Importing patches-unapplied 0.12~pre2.dfsg0-1 to debian/sid
<ahasenack> 11/21/2017 19:48:04 - ERROR:Command exited 1: gbp import-orig --no-merge --upstream-branch do-not-push --pristine-tar --no-interactive --no-symlink-orig '--upstream-tag=importer/upstream/debian/%(version)s.gz' /home/ubuntu/deb/sysstat/gitrepo/.git/git-ubuntu-cache/elinks_0.12~pre2.dfsg0.orig.tar.gz
<rbasak> "ERROR:stderr: gbp:error: The orig tarball contains .git metadata - giving up."
<ahasenack> rbasak: in the end, 0.12~pre2.dfsg0-1 should exist in the repo I'm creating, right
<ahasenack> besides that error
<rbasak> I do get that in my run.
<rbasak> Yes, importer/import/0.12_pre2.dfsg0-1 should exist.
<rbasak> But the pristine-tar will be missing, which is expected.
<ahasenack> maybe we should add some verbosity to the escaping function. If -v was passed, it could log that it's escaping some .+git directories
<ahasenack> ok, let me run again
<rbasak> You can see that it escaped by checking out one of the errant import tags
<ahasenack> of course I removed the previous repo
<rbasak> For example
<rbasak> git ls-tree importer/import/0.12_pre2.dfsg0-1
<rbasak> Contains 040000 tree 4b825dc642cb6eb9a060e54bf8d69288fbee4904	..git
<rbasak> However, you don't see it on checkout because the original .git directory was empty.
<ahasenack> rbasak: when I check that out, I'll also have ..git, right
<ahasenack> ah
<rbasak> So that leads to the git empty dir case.
<rbasak> But you can see that it's correctly in the tree object.
<ahasenack> rbasak: when we rename .git to ..git, we change the timestamp of that directory?
<ahasenack> (unrelated question)
<rbasak> git doesn't store timestamps
 * ahasenack checks stat
<rbasak> https://git.wiki.kernel.org/index.php/Git_FAQ#Why_isn.27t_Git_preserving_modification_time_on_files.3F
<ahasenack> ok
<ahasenack> what was the other package that also had a .git in its tarball?
<rbasak> It's listed in bug https://code.launchpad.net/bugs/1730778 but I can't reach it right now :-/
<ahasenack> lockfile-progs
<ahasenack> hm, that one crashed
<ahasenack> http://pastebin.ubuntu.com/26019672/
<rbasak> That's interesting.
<rbasak> I think it's a separate bug though.
<rbasak> nacc pointed out that our orphan tag handling is wrong.
<rbasak> But we'd never hit a broken case.
<rbasak> Now we have :)
<ahasenack> I'll file it, worst case we close it as invalid
<ahasenack> or duplicate
<ahasenack> I'll also check with the snap
<ahasenack> the snap fails before because of the .git issue
<ahasenack> filed
<ahasenack> rbasak: have you seen this crash before? http://pastebin.ubuntu.com/26013467/
<rbasak> ahasenack: didn't you have that yesterday? :)
<ahasenack> yes, I didn't remember if I showed it to you back then :)
<ahasenack> I'm going over my todo list for today and that item was there: "file bug somewhere about that crash"
<rbasak> Feel free to file a bug on it. But I want to focus on the importer right now.
<ahasenack> I'm not sure it's in git-ubuntu, feels like it's not
<ahasenack> rbasak: you can probably merge https://code.launchpad.net/~racb/usd-importer/+git/usd-importer/+merge/334033, unless you want another review
<rbasak> Thanks!
<ahasenack> rbasak: I finished the local import of elinks, and I'm trying build-source on it now
<ahasenack> rbasak: it's failing like this: http://pastebin.ubuntu.com/26020011/
<ahasenack> is this because of the pristine-tar failure during import?
<ahasenack> it's a debian sync package, btw, no ubuntu changes
<rbasak> Seems likely.
<rbasak> But really these are all separate bugs.
<rbasak> ahasenack: oh
<ahasenack> I like "oh" :)
<rbasak> It's probably because you haven't branched the correct pristine-tar names
<rbasak> Basically you need to rename importer/* -> *.
<rbasak> Inside refs/heads and refs/tags IIRC.
<ahasenack> is that another step after import finishes?
<ahasenack> I mean, does our cron job in that bastion host do that as a separate step?
<ahasenack> or is that done when the repo is pushed, which I skipped?
<rbasak> Importing locally and not pushing is an edge case that we don't really support for users - just developers for testing.
<rbasak> So basically all the refs are wrong because they've been prefixed.
<ahasenack> and the "push" step "fixes" that?
<rbasak> We did that for safety - to avoid local changes accidentally making it to the published repos, the importer operates entirely inside importer/*
<rbasak> Yeah. The push un-importer/*-izes, IYSWIM.
<ahasenack> ok, that's good enough
<rbasak> In the long term we could make this better for the developer testing use case.
<rbasak> But for now it's a poor UX I admit.
<ahasenack> I'll push to my namespace
<rbasak> You could just push to another local repo.
<rbasak> If you want to test.
<rbasak> Or, as a hack, check out something like a new orphan empty branch
<rbasak> Then rename from inside .git/refs
<rbasak> Move everything in .git/refs/importer/ one level up
<rbasak> If you push somewhere, you have to set the refspec manually. The importer deliberately doesn't use the default refspec.
<ahasenack> ok, so just setting --lp-owner isn't enough?
<ahasenack> and importing again without --no-push?
<rbasak> What exactly are you trying to do?
<ahasenack> rbasak: I want to verify that after all these manipulations we are doing, when I build a source package out of the git branch I will get the .git directory inside the orig tarball that we generate
<ahasenack> the original .git problematic directory
<rbasak> I see.
<rbasak> That won't work at the moment, since I haven't implemented the unescape end in git ubuntu build.
<rbasak> I intend to open a bug for that and then leave it, as it's unimportant.
<rbasak> Right now, you would end up with a ..git.
<rbasak> To test that, I suggest you try my hack above to unprefix all the refspecs.
<ahasenack> is unescaping missing somewhere else?
<ahasenack> that we know of, of course
<rbasak> I can only think of the build for unescaping and import for escaping.
<ahasenack> ok
<ahasenack> rbasak: let's land it
<ahasenack> just gave a +1
<rbasak> Thanks!
<ahasenack> rbasak: did the imports resume?
<ahasenack> after the git-escaping fix
<Guest74793> hi, is there a way to create a new dhcp entry in dhcpd.conf using shell commands? something like webmin but in cli
<rbasak> ahasenack: I've not updated the bastion yet. Working on the applied branch fix.
<ahasenack> Guest74793: I think there is a dhcp cli
<ahasenack> Guest74793: in the case of isc's dhcp server, it's omshell
<DammitJim> how long does it take for the welcome screen when one does ssh to not show the number of packages that can be updated (meaning, I recently updated packages on another ssh session)
<sdeziel> DammitJim: if you log off then log back in it will be up to date
<DammitJim> oh, how weird
<DammitJim> I guess since it doesn't keep state, one has to kick it
<sdeziel> DammitJim: it's a know bug
<sdeziel> finally found it: LP: #1368864
<ubottu> Launchpad bug 1368864 in shadow (Ubuntu) "old motd is displayed on login" [Medium,Fix released] https://launchpad.net/bugs/1368864
<drab> anybody has openvpn running in a container in bridge mode by any chance?
<cyphermox> powersj: so, you've switched to using priority instaed of debconf/priority, correct?
<powersj> yes and I got ISOs published the last two days
<powersj> last night things broke again, but due to a perl depend: https://paste.ubuntu.com/26021153/
<cyphermox> ack
<cyphermox> so, you might want to change netcfg/get_hostname to just 'hostname' as well
<cyphermox> the issue is due to changes in busybox
<powersj> are these changes that are official and not bugs?
<cyphermox> an official change to fix some bug, that breaks assumptions make in the installer
<powersj> ok thanks for following up
<cyphermox> I'm looking at how to fix this now
<Guest74793> omshell, oh, thanks i go to see
<kyle__> Do you have to do anything special to boot off of mdadm with linux-image-generic-hwe-16.04?
<kyle__> vs linux-image-4.4.0-101-generic?
<drab> kyle__: not that I know of, but you want to make sure that the initramfs was updated with your raid config, altho I'm not even sure that's needed anymore, it should autodetect everything
<drab> what problem are you having?
<kyle__> drab: I installed with hwe, and it installe dhte 4.4.0 and the 4.10.0(hwe) kernel.  If I boot with the 4.4.0 it comes all the way up, if I boot with the 4.10.0, it doesn't.
<kyle__> I can pull up the error on kvm, but there's no output, no nothing, just dies not being able to locate root on md0
<drab> do you get dropped into an initramfs / busybox shell?
<drab> oh
<sarnold> do you need to install an -extra package or similar?
<kyle__> Yeah.  It's curious.
<drab> the generic should pull in extra (as opposed installing virtual which installs minimal)
<kyle__> root@kh25-65:~# dpkg --get-selections|grep 4.10
<kyle__> linux-image-4.10.0-40-generic                   install
<kyle__> linux-image-extra-4.10.0-40-generic             install
<kyle__> That extra?
<drab> but yeah, extra should be there, minimal has no raid
<drab> yep, that extra
<drab> update-initramfs -u should run as part of the kernel install process, but maybe worth another try
<drab> ?
 * kyle__ is really hoping for a, "You forgot to install XYZ you idiot" type answer and it will magically fix it.
<kyle__> I did try that earlier, but I'm willing to try again. OK
<drab> if you did that already that's fine, just running through some ideas
<drab> the only weird thing is the no busybox shell... if it can't find the root it should drop you into one
<drab> I don't get that part, don't think I've seen it before
<kyle__> You know, I never tried remove it first, update-initramfs -k all -u is muscle memory by now.
<kyle__> Trying -k all -c first, then the -u
 * drab puts up his "trust in sarnold and everything will be ok" sign
<drab> it seems to help with weird problems
<sarnold> heh, i'm usually useless at boot / install things, I only ever do that once or twice a decade
 * kyle__ sighs.
<kyle__> Supermicro boxes take SOOOo long to cycle
<sarnold> but forgetting to install the -extra package bit me in the ass once, so I remembered that one.
<drab> once I had this woman who wanted to hang a banner with my name next to her screen because she kept calling me for a problem but when I went there it was always fine
<sarnold> drab: lol
<drab> and she insisted the computer knew I was there and behaved
<sdeziel> drab: you must have a good EMI karma ;)
<drab> lol
<drab> I know all the secret pressure points, like the reset button or the switch on the PSU
<kyle__> Here's what it says after the fully done update-initramfs
<kyle__> https://imagebin.ca/v/3iD0zFYx9WDc
<drab> lol, I just tried to pgup the picture :P
<drab> how did you assemble the raid? did you use /dev/sdc or by id or something?
<drab> I'm wondering if for some reason once you use hwe kernel modules the order in which it detects drives changes or somethings
<drab> and throws mdadm off
<kyle__> /dev/sda /dev/sdb, in debian preseed.
<kyle__> Well... you give debian preseed the drives you want to use, and it partitions and does all the stuff for you, and you sit there and hope it doesn't decide to do anything horribly weird, because it's debian-preseed.
<drab> if you can wait, which I'm sure you can't, at some point today I can try on my spare SM
<drab> I have a raid1 on two SSDs and disks in the front trays, it's an X9 tho
<drab> they boot fine on generic, can try to install hwe and see what happens
<kyle__> drab: Might not help, just because this works on the two older generations of the same SM hardware.
<kyle__> :/
<drab> ah, ok, so it's an X10 thing, mmmh
 * kyle__ nods
<drab> we're too poor for x10s
<drab> ok, well, the hard way would be to take that initrd.img and unpack it, can't think of anything else to do
<drab> and see that it has the modules and the mdadm stuff
<kyle__> I don't think it's poor as much as, oh my god we're strapped for space! You there! Fit two full size servers into each U, go do... whatever it is you IT people do
 * kyle__ thinks that's how the conversation to buy these went.
<drab> here's what I mean when I say poor... I built the rack myself with 2x4s :P
<kyle__> You get extra macguyver points for that though...
<drab> srly tho, X9s on ebay are in a very good spot now, X10s not quite
<kyle__> Really?  OK I need to check that out...
<drab> lol, now if only homedepot let you redeem macguyver points... :D
<drab> that would be a kickass marketing strategy
<drab> afk for a while
<kyle__> Hrumm..... sounds like a marketing opprotunity.
<drab> but yeah, unpacking initrd.img and checking for modules + mdadm stuff would be my next step
<drab> ttyl, wish u luck
<kyle__> Thank man.  Goodnight!
<pankaj_> How to write shell scripts in linux which control the other applications? I also want to speed up in linux.
<kyle__> If you're talking about scripting running applications, you need an application that exposes something it can control.
<pankaj_> kyle__: What?
<kyle__> Generally shell scripts launch other applications with options, not interact with ones already running.  The language expect lets you launch and automate text based applications if that's what you want.
<pankaj_> kyle__: So, I can control text based application with shell scripting?
<kyle__> using expect, yes.  But it's automating an application it launches.  It is not automating an application that is already running before your script.
<pankaj_> kyle__: OK
<kyle__> Scripting running applications is highly dependent on the application, and what that application exposes.
<pankaj_> kyle__: Is 'expect' any program
<kyle__> expectinteracts with stdio only
<kyle__> standard in standard out.
<kyle__> I think stderr as well.
<pankaj_> kyle__: Are their any examples online that can help me that how can I control my applications with shell scripting
<kyle__> Plenty, just search for what you're trying to do in vague terms.
<kyle__> Or lookup the bash shell scripting tutorial on ldp.org
<kyle__> wait, wrong site
<kyle__> www.tldp.org
<kyle__> That one
<pankaj_> kyle__: OK
<sarnold> I never had luck with expect except for two cases, (a) ppp chat script (b) using autoexpect to learn the interaction
<pankaj_> kyle__: Are their more or any guidance or tools that you would suggest to use on linux for faster usage of system and also as responxe to user by the system.
<pankaj_> sarnold: I am trying to understand its man page.
<kyle__> sarnold: I didn't write it, but there's an expect script for start-scumming nethack.  It's brilliant
<pankaj_> kyle__: What is start-scumming nethack?
<sarnold> pankaj_: nethack is an ancient game, one of the first computer games.. https://nethackwiki.com/wiki/Start_scumming
<pankaj_> sarnold: OK
<pankaj_> sarnold: Is their any guide or anything you will suggest (for mode of learning) for anyone learning about ubuntu servers?
<pankaj_> sarnold: OK. BYE. THANKS
<sarnold> pankaj_: when I was starting out, I read something like a "student guide to unix" which had a nice overview of things.. and then all the manpages on the system, and all the documentation in /usr/share/doc/ , all the howtos on www.tldp.org ..
<sarnold> heh
<genii> The ubuntu server manual can even sometimes be useful
<keithzg> Well this is annoying, for one of the servers at work ASUS seems to have only released Windows executables for updating the Intel management engine, I have no obvious avenue for updating the firmware on this motherboard other than briefly running Windows I guess?
<keithzg> (I suppose that's better than the one for which the manufacturer still hasn't released an update...)
<cyphermox> powersj: still around?
<powersj> cyphermox: yep
<cyphermox> powersj: dpb1 : what is your opinion on making the server iso splash have a timeout, and carry on to "Install Ubuntu Server" automatically?
<cyphermox> I propose a timeout of 5 seconds, that matches up with what is already in place for desktop images.
<cyphermox> that automatic install would still then stop at asking the user for a language in the installer
<powersj> I feel like the only issue is if someone would want one of the other install options, is 5 sec enough.
<cyphermox> it would just be jumping right into d-i (or subiquity) rather than waiting for input at the bootloader
<powersj> Then again I'm not sure the other install options are used very much, given some were broken for a while
<cyphermox> yep
<powersj> I'm +1, but I think worth at least asking ubuntu-server list
<cyphermox> well, 5 sec is enough if you consider any keypress cancels the timeout
<powersj> if you have a good network connection for those doing remote installs
<cyphermox> as necessary we can put an exception to increase the timeout, but I'd rather burn that bridge when we get there
<powersj> ok still worth an email to the server list
<cyphermox> :/
<powersj> heh
<powersj> I killed the i386 iso with zero negative responses
<sarnold> keithzg: btw, will the intel microcode firmware package be the -entire- update when it is published?
<cyphermox> powersj: timeouts can quickly because bikeshed
<powersj> well, how about we change it then and see if anyone even notices or cares
<cyphermox> bah, I'll send an email to the list
<cyphermox> might be agreeably surprised
#ubuntu-server 2017-11-23
<keithzg> sarnold: Hah, yeah I had pondered whether this would all just be handled by the intel microcode, but as far as I understand the Intel ME doesn't necessarily run via that; hell, it has its own x86 processor! Running Minix, apparently!
<cyphermox> powersj: thar, email sent.
<sarnold> keithzg: hehe yeah, I thought that was pretty cool :) I wish I knew _what_ those microcode updates fixed. :(
<powersj> cyphermox: what list did you send it to?
<cyphermox> ubuntu-server
<jncunha> I just installed pfsense in a vm in proxmox and my 200 mbps internet connection is now testing at around 120 mbps. my upload speed was also affected. any idea of what is causing this?
<sarnold> did you set up passthrough for your NIC to the VM?
<jncunha> sry I'm just starting... how exactly do I do that? :)
<sarnold> sweet, they've got a nice little wiki page about it! :) https://pve.proxmox.com/wiki/Pci_passthrough
<jncunha> thank you! I'll do some reading.
<ShellcatZero> I have an ubuntu live cd that I would like to install to a host but I can't run an installer. If it's possible to just copy root to the disk from the live cd, what else needs to be modified?
<cpaelzer> good morning
<lordievader> Good morning
<cpaelzer> hiho lordievader
<cpaelzer> hope you have a good morning as well
<lordievader> Jup, doing good here :)
<necrophcodr> Is it possible to either forward or BCC all emails sent by MAILER-DAEMON to a specific adress?
<necrophcodr> So for instance if a user is sending emails to a user on a server that doesn't exist, they'll get a MAILER-DAEMON email back. I'd like for that server to also send the same message BCC or forwarded to a specific address.
<necrophcodr> Message being the MAILER-DAEMON message
<cpaelzer> necrophcodr: https://www.howtoforge.com/configure-custom-postfix-bounce-messages
<cpaelzer> necrophcodr: TL;DR it seems you can edit the template being used
<cpaelzer> necrophcodr: try adding a BCC there
<necrophcodr> cpaelzer, that's actually a pretty good idea, i'll give that a shot
<cpaelzer> assume this is passed to something sendmail compatible
<cpaelzer> so it might catch and follow the bcc statement
<cpaelzer> necrophcodr: good luck
<necrophcodr> thanks!
<rbasak> ahasenack, cpaelzer: looks like the git importer had hung.
<rbasak> I've also found the fix for the applied branches not working and have an MP up for it.
<rbasak> https://code.launchpad.net/~racb/usd-importer/+git/usd-importer/+merge/334131
<rbasak> I'd like to avoid restarting the importer pending the landing of that fix
<rbasak> Then we won't end up with broken applied imports
<cpaelzer> rbasak: sounds reasonable
<rbasak> It fairly simple
<rbasak> (the MP)
<cpaelzer> already looking
<rbasak> Thanks!
<cpaelzer> rbasak: it is quite a while since I imported from git instead of from snap - is there anywhere a "watch out for this" doc or something?
<cpaelzer> well I can do things in a container
<cpaelzer> the snap won't interfre there
<rbasak> That's what I've been doing.
<rbasak> In a container.
<rbasak> An artful container specifically.
<cpaelzer> to have the same deps as intended for the snap I guess?
<rbasak> I can give you the list of deps
<rbasak> Yeah one moment
<rbasak> cpaelzer: http://paste.ubuntu.com/26026686/ is my container setup
<rbasak> Includes all deps I have needed so far.
<rbasak> In addition you'll need "git config --global user.name" and email.
<rbasak> And on first run the importer will prompt you for you LP username. But it won't require Launchpad auth unless you try to push.
<rbasak> That should be all.
<cpaelzer> just need to clear a few other things, thenn will try to review asap
<rbasak> Thanks!
<cpaelzer> slashd: I looked slightly deeper at PCP for the questionyou adde dyesterday
<rbasak> cpaelzer: FYI, I'm not blocked.
<rbasak> This is just to restart the importer.
<cpaelzer> which blocks a lot of us atm :-)
<cpaelzer> slashd: my personal TL;DR is this: run away
<cpaelzer> slashd: modd wise I'm short of filing an archive removal, I just don't have enough hard facts (and hate doesn't count)
<cpaelzer> s/modd/mood/
 * cpaelzer does a mood reset before checking rbasak's MP
<cpaelzer> ommmm
<cpaelzer> rbasak: I replied on the MP from a code review POV
<cpaelzer> I start testing now, but if you think you want to follow my suggestion let me know and I stop testing until you implemented so
<rbasak> Ah thanks. I wasn't aware of that wrapper. I'll look now.
<rbasak> cpaelzer: I think you're right. There are things covered there that I didn't cover, such as debian.patches. I should refactor and alter that method as needed.
<cpaelzer> ok ping me again when I shall fetch to check again rbasak
<rbasak> ack
<xnox> cpaelzer, about dpdk, how come it's not built for armhf? it seems like it's supported there no?
<xnox> cpaelzer, also you don't use $ update-maintainer? =)
<rbasak> cpaelzer: can I run a revised plan by you first before implementation and test please?
<rbasak> I'd like to change quilt_env to take a treeish instead of a commit hash.
<rbasak> Instead of extracting to a temporary worktree, I'll examine the tree object directly using the existing follow_symlinks_to_blob function.
<rbasak> That should raise a KeyError (I'll check) if not found, or a blob object otherwise.
<rbasak> So I can use that for the os.path.exists tests for the rest of quilt_env, and then it won't need a commit any more.
<rbasak> Then in import_patches_applied_tree, after dropping my previous change, I'll wrap quilt calls in repo.quilt_env.
<rbasak> The required treeish will be the previous treeish from the previous loop iteration.
<rbasak> For the first loop iteration, I'll have to generate a treeish in the case that the .pc handling above didn't do it.
<rbasak> repo.dir_to_tree exists.
<rbasak> I think this code predates it.
<rbasak> So I may switch to using that instead.
<rbasak> EOD
<rbasak> How does that sound?
<rbasak> Separately, I'm thinking about restarting the importer now, before landing this.
<rbasak> As it'll take a while to do it right.
<rbasak> The applied branches will continue to be broken for a while.
<rbasak> But that has already regressed, and we will have to reimport the world anyway.
<cpaelzer> xnox: I'm the deb maintainer together with bluca so - yes I might have forgotten an update maintainer but it is only formally incorrect
<cpaelzer> xnox: also it is mostly in sync now - working on the next in debian to be syncable again
<cpaelzer> xnox: and finally - the only real question/issue I think - armhf I have no-one to test/work on it at all
<cpaelzer> xnox: for arm64 I had linaro folks with me and tested myself on cavium systemd
<cpaelzer> but armhf I have neither peers to run it nor HW to test
<cpaelzer> xnox: and from every other arch the lessons learned was that it fails initially
<xnox> right, ack.
<cpaelzer> xnox: does that make sense or would you want me to enable it untested?
<cpaelzer> xnox: on which release did I miss the maintainer so that I can fix it on (if) I upload for it next time?
<xnox> cpaelzer, no, i was mostly poking it to see if s390x is supported or not =) and noticed that there is armhf and x32, and got curious why they were not explicitely enabled vs explicitely disabled.
<xnox> artful & bionic, but fixed now.
<xnox> in bionic that is
<cpaelzer> thanks
<xnox> patch submitted to debian too
<cpaelzer> xnox: thanks - I'll convert the debian bug to a fix in our repo then
<cpaelzer> hmm
<cpaelzer> we already did that
<cpaelzer> oh I see, the one test misses the arch qualifier
<xnox> well, it was not in debian sid / ubuntu bionic; for the last test case; was in for the other test cases.
<cpaelzer> xnox: I have put it onto the gerrit, it will be in any 17.11.x later on then
<cpaelzer> rbasak: now I'm back with you
<cpaelzer> rbasak: sorry thursday is my alternating short/long lunch break
<cpaelzer> rbasak: the suggested approach seems sound to me
<cpaelzer> rbasak: and I ack on restartig the importer
<cpaelzer> rbasak: applied branches are the less important things, so I think we are ok for now
<cpaelzer> given we know we reimport the world at some point soon
<rbasak> cpaelzer: OK. Thanks!
<cpaelzer> jamespage: might I ask you on your OVS plans for bionic - especially in regard to bug 1733325?
<ubottu> bug 1733325 in openvswitch (Ubuntu) "Update in Bionic to match DPDK 17.11" [Undecided,New] https://launchpad.net/bugs/1733325
<arunpyasi> Hi guys, I have an issue, I get 530 login auth failed, where do I see error log for pure-ftpd ?
<cpaelzer> arunpyasi: http://manpages.ubuntu.com/manpages/trusty/man8/pure-ftpd.8.html
<cpaelzer> arunpyasi: by default it seems to go to journal I'd think
<cpaelzer> arunpyasi: but there are plenty of options to increase verbosity and set an explicit log file
<arunpyasi> cpaelzer, I get this error :http://dpaste.com/1WV31PG does this mean it doesn't recognize the username of ftp ?
<cpaelzer> arunpyasi: sorry I don't know but thtowing that error in a search engine give plenty of hints
<cpaelzer> arunpyasi: I'd assume if you rfollow the first few you will find a resolution
<arunpyasi> cpaelzer, yeah, doing so.
<cpaelzer> too bad it is a calculation error, dpdk just got me 291.43Pb/s on one case
<rizonz> hi gusy
<rizonz> how to remove a route like this ? 172.16.2.0      *               255.255.255.0   U     0      0        0 ens3
<cpaelzer> rizonz: list it with ip route
<cpaelzer> rizonz: and you can delete it more or less with "ip route del <the line you want to to remove>
<rizonz> cpaelzer: https://pastebin.com/ERK9eqkv
<rizonz> cpaelzer: yeah I know but those wildcard GW's are never nice
<arunpyasi> cpaelzer, is there any channel were I would get support for pure-ftpd ?
<arunpyasi> it seems weird issue
<arunpyasi> it was working just before I created new user :P lol
<cpaelzer> it is a community thing - around here you are good, but usually rely on somebody having the experience on a particular program
<cpaelzer> maybe they have an own channel somewhere
<arunpyasi> cpaelzer, didn't get it :P
<arunpyasi> cpaelzer, there is no channel for it I guess :P
<cpaelzer> not according to their webpage
<arunpyasi> So, I will need you guys help.
<cpaelzer> which means one around here that uses it more often
<cpaelzer> arunpyasi: people are generally willing to help, but in this case if you happen to create clean steps to reproduce the issue that might help
<cpaelzer> arunpyasi: you'd need to for a bug report to ubunut as well - as given the case as I see it that is most likely the first question
<cpaelzer> arunpyasi: especially since my search check before brought zillions of links about broken config causing such an issue
<arunpyasi> cpaelzer, yes there are but they didn't work.
<cpaelzer> arunpyasi: so get a container and try to simplify to the smallest number of steps to recreate the issue
<arunpyasi> cpaelzer, I think I need to switch for vsftpd or proftpd
<cpaelzer> if that's an option - sure
<arunpyasi> cpaelzer, which one would you suggest ? :P
<arunpyasi> I am always confused with vsftpd or proftpd
<cpaelzer> vsftp
<cpaelzer> based on having uses one but not the other
<arunpyasi> cpaelzer, Ok thanks for your suggestion
<arunpyasi> I have a file named --help no idea how I got it created and now it wont remove :P I get --help for every command I entere :P lol haha
<mgolisch> rm ./--help ?
<tafa2> anyone got a recent tutorial on how to setup a stupid fast LEMP stack?
<oerheks> recent for LTS https://www.unixmen.com/how-to-install-lemp-stack-on-ubuntu-16-x/
<jncunha> has anyone had any success changing the fans on a proliant se316m1 g6 (I believe its the same as the dl160 g6)? I've seen some fan mods that involve some electronic skills but I was looking for a plug and play solution.
<ahasenack> hi guys, I'm checking the existence of the landscape-client package (-client, -common: 2 binary packages) in the server installer iso
<ahasenack> I thought it had been removed because it's py2
<ahasenack> yet if I mount the artful server iso, I can find it in the image: http://pastebin.ubuntu.com/26030067/
<ahasenack> even python2.7 is in there
<ahasenack> looks like I'm mistaken in my assumption, but maybe someone here remembers the story in more detail?
<ahasenack> hm, maybe it was just about cloud images? https://bugs.launchpad.net/ubuntu/+source/landscape-client/+bug/1427275
<ubottu> Launchpad bug 1427275 in cloud-utils (Ubuntu Vivid) "clean cloud images of python2" [High,Fix released]
<PCatinean> hey guys, can anyone help, i'm doing scp -r /big/file user@server.com:/bla and at some point I get No such device or address, what's going on?
<genii> Why -r with a file?
<PCatinean> genii, it's a directory sorry
<PCatinean> and it's a big one
#ubuntu-server 2017-11-24
<genii> Probably has symlinks
<genii> Or recursion
<genii> You should probably try rsync instead
<PCatinean> genii, it certainly does
<PCatinean> can I do rsync on a ftp server?
<sdeziel> PCatinean: yeah, rsync can operate over SSH, like SCP
<maxagaz> Hi
<lordievader> Good morning
<peetaur2> any bcache users here? since systemd, any machine with bcache (not even as anything required for booting or any services) ends up as either https://brockmann-consult.de/peter2/2017-08-14%20ubuntu%2016.04%20emergency%20mode%20fail.png  or https://brockmann-consult.de/peter2/2017-11-24%20node101%20systemd%20bcache%20fail.png
<peetaur2> first is as normal... and 2nd is with noauto in all fstab entries, including swap and boot, and I don't believe it matters if root is so I didn't set it there
<peetaur2> I'll test it on root too..but should do anything since it mounts root in initramfs stage
<albech> Good morning all you smart people. I have noticed that btrfs is available and wondering if anyone has experience with this both performance and stability. I will be using it to merge (no raid) 6x2TB volumes from our SAN. Unfortunately Xen cannot allocate more than 2TB at a time. This 12TB volume will not be running as any kind of raid, since the underlaying hardware raid of our SAN will provide that. The volume will primarily be used as file storage 
<albech> I have always been a fan of EXT and XFS from my old IRIX days.
<albech> But it really seems like btrfs is providing some interesting and simplified features, that would be harder to achieve with ext4
<JanC> ZFS is also available
<albech> JanC: how does it compare to btrfs in the above scenario?
<peetaur2> zfs is mature, but not native or properly integrated
<JanC> right now I think it's more reliable than btrfs (but it's been some time since I used btrfs); I can't say much about performance
<peetaur2> btrfs is not mature and said not to be stable..the btrfs wiki says raid5/6 is not to be used, preview only, and others say single devices work great but raid can corrupt
<albech> I only played around with it on a couple of Sun systems..
<albech> peetaur2: i wll not be using raids
<peetaur2> how will you "merge" then?
<JanC> technically it's somewhat like a RAID 0
<JanC> I suppose?
<albech> more like jbod
<peetaur2> and I'm not sure if a jbod setup exists in btrfs (I'd imagine it would, as "single" with multiple disks), but the people saying raid is less stable than single mean devices rather than which mode the devices are in.
<peetaur2> and personally, I have used raid10 in the past, and had issues but not so bad...and probably fixed ages ago. And currently I just use it as a single device (just using snaps), and never had corruption, just some out of space after deleting snaps and it doesn't clear the space
<albech> i will be using the underlaying raid of the SAN so relying it the SANs ability to recover on diskfailure rather than btrfs'
<albech> so annoyed that in 2017 volumes larger than 2TB is not supported by Xenserver.. :/
<albech> JanC: are you sure its like a raid0, cause from what i can read they have a raid0 and something that looks like jbod.
<peetaur2> is it citrix? I didn't believe that xen only supported 2TB and looked it up and only found one citrix post where they just said using GPT solved it I think
<albech> peetaur2: yeah citrix
<albech> peetaur2: i didnt believe it either, until i digged around a little.. its going to be a dealbreaker next time we review our infrastructure setup.
<peetaur2> use ceph and kvm :)
<peetaur2> for large scale, something with openstack
<albech> peetaur2: unfortunately i think most of the organization is leaning towards vmware :(
<peetaur2> hahah "2TB minus 4GB"  https://docs.citrix.com/content/dam/docs/en-us/xenserver/xenserver-7-0/downloads/xenserver-7-0-config-limits.pdf
<albech> peetaur2: the management has been bombarded with vmware adds in their fancy magazines and apparently it is working
<peetaur2> years ago it was more vmware...many switched to openstack
<peetaur2> openstack costs nothing for license, but more for labor, overall less
<peetaur2> and of course you can get support contracts and stuff too
<albech> seems like a pain to admin
<peetaur2> yeah, as I said, I think it costs more labor
<albech> doubt they will want to commit to that with the price of manpower in Denmark :/
<peetaur2> why does this pdf just say nfs and lvm...that's not all that's available is it? can you use ceph rbd and iSCSI?
<albech> yes
<albech> iscsi
<samba35> if i am using rdns/usb (mobile and thetering ) to use internet and i have two such device/phone can i aggregate internet speed using ovs (openvswitch) in ubuntu ?
<metastable> samba35: Best you can do is load-balance. You won't get double the speed on a single connection, but you can handle double the connections at those speeds.
<samba35> i have two usb connection/one isp but two connections
<samba35> using two mobile using usb
<nafallo> eexxiitt
<keithzg> Hrmm, so I guess these days (17.10) systemd-resolve has taken over from resolvconf in the role of "reason why one ends up just hand-editing /etc/resolv.conf"? :P
<metastable> keithzg: What issues are you having that require manual editing of resolv.conf?
<keithzg> metastable: Inability to resolve any addresses
<metastable> keithzg: That would seem to be a problem with the configuration you're handing resolved.
<keithzg> metastable: *shrug* nothing of the configuration of the server in question has changed, but it just stopped resolving properly after recent updates.
<keithzg> The computer in question has a static IP configured in /etc/network/interfaces and it seems that for whatever reason systemd-resolve is no longer getting the DNS server information from that configuration anymore.
<keithzg> Easy enough to just add it manually to a manually-created /etc/resolv.conf, but obviously I shouldn't *have* to do that.
<metastable> Would help to see the content of /e/n/i.
<keithzg> metastable: Here it is: https://paste.kde.org/p2yz0gaxb  (but again, this configuration is unchanged, apparently since May 26th)
#ubuntu-server 2017-11-25
<keithzg> Hmm, that's a purely wishlist item compared to my other problem at the moment, apparently one of the storage servers has a dead drive, but the 4-drive BTRFS raid10 pool won't even mount with `-o degraded`
<keithzg> And meanwhile another server is giving "Reading package lists... Error!" on an apt update, yikes, everything's blowing up at work this Friday night . . .
<keithzg> Hrmm. The label of the BTRFS pool is "heartland", and that's how it was being mounted via its fstab entry. But, running `sudo mount -o ro,degraded LABEL=heartland /media/heartland` is definitely not working, but it's not spitting out any errors either, it's just failing to actually do anything.
<keithzg> A reboot later and surprisingly the same mount command worked fine this time, huh.
<keithzg> Now my problem is that the `btrfs replace` command doesn't appear to be working. `sudo btrfs replace start 4 /dev/sde /media/heartland` should be what I need as I understand it, but running `btrfs replace status` just returns "Never started"
<keithzg> I can't just add a device because I can only mount it read-only; attempting to mount it using only `-o degraded` gives "wrong fs type, bad option, bad superblock on /dev/sdd" etc
<keithzg> Okay, looks like that's a known issue and I need a new enough kernel to be able to mount a degraded 4-disk raid10 array. Unfortunately that "new enough" kernel is "literally the latest", heh. Time to call it a week and come back and make a custom live disk with kernel 4.14.2 on Monday.
<lordievader> Good morninig
<lordievader> morning even
<macskay> if you had to take an educated guess: of all servers connected to the internet how much would you think run a webserver?
<__mapo__> hi, i've tried to install ubuntu server 16.04.03 but I had a problem in the tasksel step, so I had to skip that step,install grub and reboot the system. Now to fix that missing step all I have to do is apt-get install ubuntu-server?
<TJ-> __mapo__: you don't need to ask in multiple channels :)
<compdoc> sudo tasksel install ubuntu-server maybe. google that
<__mapo__> :) I wrote here because alkig pointed me to for server-specific issues
<TJ-> did he? I must have missed that!
<TJ-> It's generally ultra quiet in here weekends
<__mapo__> compdoc: sudo tasksel install ubuntu-server did nothing, sudo tasksel install server ended up with an "apt-get failed (100)" error, which is basically my problem at hand
<__mapo__> should we continue here or go back to ubuntu?
<compdoc> you have run 'sudo apt-get update' ?
<__mapo__> yes
<compdoc> mgith be easier to just start from scratch
<trekkie1701c> Probably.
<trekkie1701c> You can modify /etc/apt/sources.list to include only CD sources and update from that but it's a pain.
<compdoc> When i install, I only consider the install a success if there are no errors. I do it over until I figure out what Im doing wrong
<trekkie1701c> Like, I had to boot the CD in recovery mode to even get mounting to copy the files and do all that.
<trekkie1701c> And yeah, if I hadn't been using the server for other things I would've just done a reinstall
<__mapo__> I just came from a fresh install and it all started with a dependency error in the tasksel step during installation, which prevented me to install the task I wanted, including the "basic ubuntu server"
<__mapo__> compdoc: with your criteria my install was a fail, but whatever I tried I just couldn't get this step to complete successfully
<trekkie1701c> Bad disc?
<__mapo__> you mean the installation disc? how can it be the cause of a dependency error?
<trekkie1701c> If you've tried repeatedly and it's refusing to get past it, that's something to look in to.
<__mapo__> I totally agree, but at this point I'm not sure I'm willing to re-install the machine again
<trekkie1701c> When I installed my home server I wound up spending about a day banging my head against getting it to work
<__mapo__> how do I clean the apt package list?
<apb1963> Greetings!  I've been ripping my hair out all week trying to figure out how to name serve my own domain.  I tried installing bind but after struggling with it for hours and days, I couldn't get it working and so that led me to dnsmasq which led me to Network Manager & dhcp-client and then finally resolvconf.  I've read through dozens of setup guides, articles and likely hundreds of posts.  So, before I start bleeding from the eyes and/or head,
<apb1963> what is the Ubuntu "right way" to serve up my own DNS master domain?  Is bind the proper way or is it one of these other methods?  My router serves up DHCP so I guess I wouldn't want to run dhcp-client I don't think.; v16.04 LTS
<rbasak> apb1963: a domain for the Internet at large?
<rbasak> apb1963: does your server have a publicly reachable IP address?
<apb1963> yes
<rbasak> Use bind
<apb1963> ok, in that case the most recent error I'm getting is: rndc[31343]: rndc: connect failed: 127.0.0.1#953: connection refused
<rbasak> Sounds like bind hasn't started up
<apb1963> Right.  And it won't.  Because of that error.
<apb1963> it's catch-22
<rbasak> You don't use rndc to start bind
<rbasak> Only to signal it once it's running
<apb1963> I don't use it at all.  I simply startup bind.  What it does with rndc is beyond me.
<apb1963> let me paste it for you.... hang on
<TJ-> apb1963: have you created a zone file for your domain?
<apb1963> rbasak, https://pastebin.com/csesAXn9
<apb1963> TJ-, Yes
<rbasak> Looks like you're missing some of bind's log.
<rbasak> Try sylog.
<rbasak> syslog
<TJ-> apb1963: did you use named-checkconf and named-checkzone  ?
<apb1963> tj- yes.  all ok
<apb1963> named[31329]: open: /etc/bind/named.conf: permission denied
<apb1963> in syslog
<apb1963> ll /etc/bind/named.conf
<apb1963> -rw-r--r-- 1 root bind 463 Nov  8 05:00 /etc/bind/named.conf
<TJ-> apb1963: how about the directory: "ls -ld /etc/bind"
<apb1963> drw-r-Sr-- 3 root bind 4096 Nov 25 13:25 /etc/bind
<rbasak> That looks pretty screwed up.
<apb1963> What should it be?
<rbasak> I'd have to fire up a container and check.
<rbasak> 755 or perhaps 750 I expect.
<TJ-> That looks correct; I've jsut compared it
<rbasak> drwxr-sr-x 2 root bind 4096 Nov 25 23:45 /etc/bind
<rbasak> In a Xenial container
<apb1963> hmm... I don't know the difference between s and S
<TJ-> apb1963: is there another service listening on port 53?
<rbasak> S is missing the executable bit.
<apb1963> tcp        0      0 127.0.1.1:53            0.0.0.0:*               LISTEN      4106/dnsmasq
<apb1963> nobody    4106  1176  0 Nov18 ?        00:00:07 /usr/sbin/dnsmasq --no-resolv --keep-in-foreground --no-hosts --bind-interfaces --pid-file=/var/run/NetworkManager/dnsmasq.pid --listen-address=127.0.1.1 --cache-size=0 --conf-file=/dev/null --proxy-dnssec --enable-dbus=org.freedesktop.NetworkManager.dnsmasq --conf-dir=/etc/NetworkManager/dnsmasq.d
<apb1963> Seems to be tied to networkmanager perhaps?
<TJ-> Yes, it is. Not sure if that'd cause named not to start though. Depends what interfaces you've told named to bind to
<rbasak> I don't understand. Your bind is broken because your /etc/bind permissions are screwed up. Fix those first.
<TJ-> It's an apparmor issue I think
<rbasak> No, it's a permission issue on /etc/bind.
<rbasak> You might *then* have an issue with something else binding to 127.0.1.1:53, but you're not even getting that far.
<apb1963> ok, reinstalling just to verify I didn't hose it myself... or if I did.
<apb1963> ll /etc/bind
<apb1963> ls: cannot access '/etc/bind': No such file or directory
<apb1963> there's proof :)
<apb1963> I guess it was me
<apb1963> drwxr-sr-x 2 root bind 4096 Nov 25 15:54 /etc/bind/
<apb1963> Active: active (running) since Sat 2017-11-25 15:55:40 PST; 11s ago
<apb1963> Boom
<apb1963> I'm curious.. why doesn't apt-get purge clean out config files and dirs?
<apb1963> I would have expected /etc/bind to be purged... in the purge.
<apb1963> oh.  Thanks for your help guys!!!!  I should have come here before spending dozens of hours on it.  Oh well :)
<rbasak> Purging the bind9 package does clean out /etc/bind for me in a Xenial container.
<rbasak> You're welcome :)
<apb1963> it doesn't if you add any files
<apb1963> Plus it should also delete the dir itself.
<rbasak> dpkg: warning: while removing bind9, directory '/etc/bind' not empty so not removed
<apb1963> right
<apb1963> so, nice warning... cool.  But not the documented behavior of purge
<rbasak> The packaging system doesn't know if files from other packages are left in there.
<rbasak> It's by design.
<rbasak> Purge will only remove stuff shipped or managed by the package itself.
#ubuntu-server 2017-11-26
<rbasak> Anything else is your responsibility (you put them there...)
<apb1963> I see
<apb1963> well, back to the grindstone for me.  Thanks again!  Happy Thanksgiving if appropriate :)
<rbasak> There are also cases where multiple packages share a configuration directory
<rbasak> Or a package drops configuration in for another package in its configuration directory.
<rbasak> And then it becomes impossible to remove the directory on purge because stuff will be missing upon reinstall, etc.
<apb1963> well.. i'm of two minds on the matter... there's something to be said for "clean up after yourself", but I think there needs to be a third option... like... superpurge or something.
<rbasak> I can understand why you want it. But that doesn't make it easy to implement :)
<apb1963> nothing worthwhile is ever easy :)
<rbasak> We don't really think about servers like that any more anyway.
<rbasak> Put it in a container. Rather than purging the package, throw away the container :)
<ubuntu_padawan> hi I have a ubuntu server setup on a usb drive that i want to create a backup iso of and also use a copy of that drive to load in virtual box whats the best way to go about creating an iso of the thumb drive ?
<tomreyn> ubuntu_padawan: why an iso?
<tomreyn> personally i'd just create a raw disk image. it won't fit ona dvd anyways
<tomreyn> if you still insist on n iso, there are the following tools: linux respin, systemback, linux live kit (i have no experience with either).
<ubuntu_padawan> tomreyn, hi want to be able to use it in virtual box as well
<tomreyn> a raw disk image is fine for that
<ubuntu_padawan> oh can they be loaded the same way as iso's never used um before in virtual box
<tomreyn> https://www.howtoforge.com/using-raw-devices-in-virtualbox-vms
<tomreyn> part 3 is what matters, unless you have a raw disk image file, then you can just use that, i think
<ubuntu_padawan> cheers tomreyn ill check that out!
<tomreyn> ubuntu_padawan: keep in mind that the vmdk file created on this how.to is just a translation layer - it accesses the actual hard disk. so don't use that hard disk elsewhere while you use it in virtualbox
<tomreyn> ...or you will loose data
<ubuntu_padawan> dont quiet understand whats the difference between that and .vdi ?
<tomreyn> just a different format
<ubuntu_padawan> ah i was hoping to have something a bit more robust that i can load on virtual box on a windows machine
<ubuntu_padawan> so if i created to raw disk copies one for virtualbox and one as a back up that should be fine so long as virtualbox is the only program that access the vmdk?
<tomreyn> ubuntu_padawan: the how-to i pointed you to explains how to use an existing raw disk as a backing storage for a virtualbox VM. if you use it this way, you must ensure that only one system uses it at a time. alteratively, you can create a raw disk image (a copy of your existing storage), in VDI file format, and use that in virtualbox.
<tomreyn> that, too, can only be used in one system at a time. but since it's a copy of the original storage, you could use the original storage and the VDI image of it at the same time.
<apb1963> 16.04 LTS: setup a DNS server to authoritative, but I'm having several issues.  The first one that needs resolving is what dig says: ;; ->>HEADER<<- opcode: QUERY, status: REFUSED, id: 2222
<apb1963>  named.conf.options here: https://pastebin.com/TCvvkwCV
<ubuntu_padawan> yeah ive had a look at it and as you siad it seems no different than the way i use virtual disk. the original will be a live server on a different machine, and the copy will be loaded via virtual box for testing purposes, so i dont break my live server  thanks for the info
<apb1963> s/to/to be/
<Sling> I used the installer to automatically partition my disk with a boot partition and a single partition with the rest using LVM, I notice that sda1 is /boot, sda2 is an extended partition with sda5 as first logical partition in sda2 (and as LVM pv), does it skip sda3 and sda4 because there can be 2 more primary partitions?
<mike-zal> why do I have /usr/lib/chromium-browser/chromium-browser and other similar profiles in apparmor on server, when this is minial, fresh instalation?
#ubuntu-server 2018-11-19
<lordievader> Good morning
<Mr_Pan> smb, from BW :P im in Singen
<ahasenack> good morning
<ahasenack> rbasak: hi,
<ahasenack> rbasak: in terms of the git workflow for merges,
<ahasenack> rbasak: do you have a preference about when to commit "added changes": before git ubuntu merge finish, or after?
<rbasak> ahasenack: ideally before, but I don't think there's any need to rebase etc if it goes in later.
<ahasenack> rbasak: that's fine
<ahasenack> rbasak: another question, when consolidating the logical
<ahasenack> I have a delta which is adding a file, then another piece of delta which is changing that file
<ahasenack> rbasak: I presume it's ok and wanted to consolidate those two into one commit, "adding file"? Or do we want to record the change? The change was a bugfix
<ahasenack> specifically, it's the apparmor profile
<rbasak> It should definitely be consolidated by the time of the next logical (in he following merge).
<rbasak> I don't have a strong feeling on whether it needs doing in _this_ merge
<ahasenack> it should have been consolidated in the previous merge already I think
<ahasenack> now I'm adding yet another fix to it, that's one of the "added changes"
<ahasenack> so here it's still separated, to be consolidated next time
<ahasenack> that's when I noticed it wasn't consolidated previously
<rbasak> Sometimes the need will be noticed in a MP, and in that case I think it's fine to leave as a fixup commit
<rbasak> For consolidation next time
<rbasak> So in the general case I think it's fine.
<rbasak> (except that it must be consolidated in the "logical" step next time)
<rbasak> IOW, the one place that I think it is a requirement to complete full consolidation is in the logical step in our workflow.
<rbasak> If a change comes after that for whatever reason, it can wait until the following logical step in the following merge.
<rbasak> In the case of a mistake following the workflow (missing a thing in logical) I think being lenient is appropriate.
<rbasak> Unless it makes te review harder
<rbasak> Since the reason for that step is to move towards a full consolidation of the Ubuntu delta in the long term. Short term unconsolidated commits will happen anyway so the odd extra bit doesn't really matter
<ahasenack> rbasak: in this case, the delta is already a) add file; b) fix file. That's the current logical, and was like that in the previous upload and perhaps even before (I didn't check that far)
<ahasenack> rbasak: and one of my "added changes" is c) another-fix-for-file
<ahasenack> rbasak: so let me ask this
<ahasenack> rbasak: I'm already at the end of the merge, and I noticed this
<ahasenack> rbasak: so can I do this:
<ahasenack> rbasak: a) checkout logical; rebase -i old/debian and fixup the two commits (a) and (b), merging them into (a)
<ahasenack> rbasak: now, instead of rebasing that new logical on new/debian and doing all that work, can I go back to my branch and merge the same two commits?
<ahasenack> or should I rebase the new logical (with the merged commits) onto new/debian and do the whole process
<rbasak> ahasenack: I think it's fine to rebase just your merge branch
<ahasenack> and do the same there, right
<rbasak> However it will make review of the merge ever so slightly harder
<ahasenack> hm
<rbasak> Since the reviewer needs to ensure that the merge branch result is the same as the two commits from logical
<ahasenack> but I will update the logical tag
<rbasak> Oh
<rbasak> In that case, that's fine
<ahasenack> rbasak: ah, about the previous question about added changes before or after merge finish
<ahasenack> rbasak: if doing it before merge finish, then bug references will lose the ":" in the "LP: #xxxxxx" syntax
<ahasenack> in d/changelog
<rbasak> merge finish does that?
<ahasenack> yep
<rbasak> That might need manual fixing then
<ahasenack> because it thinks it's dealing with remaining changes only
<ahasenack> and drops
<ahasenack> where it's correct to strip that
<ahasenack> or, leave only remaining changes + drops before merge finish, then add changes, and use git-ubuntu.reconstruct-changelog for the added changes
<ahasenack> although that might strip the : too, come to think of it
<rbasak> I think it's OK to drop the LP reference entirely
<rbasak> It'll be further down in the changelog
<rbasak> And after consolidation it might not make direct sense any more
<ahasenack> but not for added changes. The bug won't be auto-closed
<ahasenack> git-ubuntu.reconstruct-changelog does not strip the :, just checked
<ahasenack> hm, the wiki page about the git workflow actually recomments to do extra fixes after merge finish
<ahasenack> I missed that before
<ahasenack> cpaelzer: the main task in this bug is "invalid", right? https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1801128
<ubottu> Launchpad bug 1801128 in openssh (Ubuntu Cosmic) "OpenSSH 7.7 -w tunnel bug" [Medium,In progress]
<ahasenack> disco had 7.8 iirc
<ahasenack> and now 7.9
<ahasenack> or "fix released"
 * ahasenack comments on the bug
<cpaelzer> ahasenack: released
<cpaelzer> ahasenack: updated the bug
<ahasenack> thx
<ahasenack> it came up in triage, that's why I pinged you :)
<cpaelzer> totally fine
<cpaelzer> I thought I clean it up (and I did) but forgot that detail - thanks for the ping
<ahasenack> cpaelzer: how's your nss upload?
<cpaelzer> that waits intentionally
<ahasenack> just saw #1803707
<cpaelzer> ahasenack: I opened the MP for review
<cpaelzer> but we want kstenerud to coplete nspr first
<cpaelzer> as nss builds against nspr and mdeslaur told us they usually go together
<ahasenack> I remember they were entangled, just didn't remember who came first
<cpaelzer> nspr -> nss
<cpaelzer> I stated so in the MP to avoid being sponsored by accident
<cpaelzer> but even then it would be just a no change rebuild to fix it
<ahasenack> I'll link the mp to the bug
<ahasenack> (nss)
<cpaelzer> isn't it auto linked?
<cpaelzer> the merge bug I mean
<ahasenack> it wasn't for some reason
<ahasenack> let me check your d/changelog
<cpaelzer> hmm but it seems right in the changelog to me
<cpaelzer> odd
<cpaelzer> I still fight the "Too many levels of symbolic links"
<cpaelzer> it seems gone in Disco, but still is in D-unstable
<cpaelzer> well I do so only in spare time between other bugs - as I wait for good ideas to come to me :-)
<cpaelzer> I have isolated enough to hopefully strace it soon
<ahasenack> it's gone in disco?
<ahasenack> just like that?
<cpaelzer> yeah
<ahasenack> cpaelzer: this one is now just missing mecab-ipadic, is that something you can do, or an AA?
<ahasenack> https://bugs.launchpad.net/ubuntu/+source/mecab/+bug/1781529
<ubottu> Launchpad bug 1781529 in mecab-ipadic (Ubuntu) "[MIR] mecab" [Undecided,Fix committed]
<cpaelzer> I assumed something like that, due to -testing and -cosmic being fine
<cpaelzer> but I can't yet isolate which change it was
<cpaelzer> ahasenack: no that needs an AA
<ahasenack> k
<cpaelzer> ahasenack: like the override vorlon did
<ahasenack> right
<cpaelzer> ahasenack: hehe, enough debugging code makes the issue go away
<cpaelzer> +1 for a race of some sort
<cpaelzer> but that makes tracking why it was failing so much harder :-/
<rbasak> cpaelzer, kstenerud: should I treat my card for Thursday triage last week as done? Or does it need doing?
<ahasenack> rbasak: is this a tell about the user switching between mysql and mariadb:
<ahasenack> ERROR: Unable to start MySQL server:
<ahasenack> mysqld: Can't read dir of '/etc/mysql/conf.d/' (Errcode: 2 - No such file or directory)
<ahasenack> or some other behavior we know about already?
<ahasenack> I've seen that in a few mysql bug reports
<rbasak> ahasenack: /etc/mysql/conf.d/ is shipped by mysql-common IIRC
<rbasak> So either the user has removed it or is using a non-archive mysql-common (shipped perhaps by upstream in a third party repo)
 * ahasenack can't figure out what users are doing wrong when installing mysql
<rbasak> Yeah: https://packages.ubuntu.com/bionic/all/mysql-common/filelist
<ahasenack> oh man:
<ahasenack> Commandline: apt-get purge mysql-server* mariadb*
<rbasak> So I think that error is automatically a "looks like a local configuration problem".
<ahasenack> what's wrong with people installing mysql
<ahasenack> Commandline: apt install yum
<rbasak> ahasenack: Josh it and move on :)
<ahasenack> maybe we should conflict mysql-server with ubuntu-desktop
<ahasenack> :)
<cpaelzer> ahasenack: rbasak: powersj: all last weeks triage cards are done
<rbasak> OK. Thanks!
<frickler> coreycb: I got problems rebuilding neutron for stable/pike, you require python-pbr>=2.0.0 here, but stable/pike UCA only has 1.8.0 for me https://git.launchpad.net/~ubuntu-server-dev/ubuntu/+source/neutron/tree/debian/control?h=stable/pike#n11
<frickler> coreycb: this line also looks like a broken edit https://git.launchpad.net/~ubuntu-server-dev/ubuntu/+source/neutron/tree/debian/control?h=stable/pike#n125
<coreycb> frickler: stable/pike has 2.0.0 - http://reqorts.qa.ubuntu.com/reports/ubuntu-server/cloud-archive/pike_versions.html
<frickler> coreycb: indeed, weird, for some reason my build vm didn't pull in the uca pkgs. needed another "apt update" run to fix it. sorry for the noise ;-)
<coreycb> frickler: np :)
<Mr_Pan> can i install openmediavault on ubuntu 18.04 server?
<lordcirth_> Mr_Pan, openmediavault is an appliance, ie a pre-configured OS.  What do you actually want?
<jamespage> coreycb: OK I uploaded nova to disco-proposed
<jamespage> fixed a few more py3.7 issues but not all of them - we still skip three tests...
<coreycb> jamespage: ok thanks
<bipul> How to install Ubuntu server via preseed method.
<jamespage> coreycb: doing some work on the bom for stein to fill in the rest of my day
<jamespage> frickler: I appreciate you pinged about an apache2 module issue last week - I've not found time to look yet
<coreycb> jamespage: ok. i've not started on stein yet today but will shortly. if i can pick up on anything in particular let me know, other wise i'll focus on core pkgs.
<jamespage> coreycb: I've been nudging it along
<jamespage> coreycb: core pkg focus is fine for now
<Sircle> Iam looking to rent out a vps/server. Iam more interested in disk space (hdd will work) as my database will grow very fast and internet speed. Which host is recommended in a budget?
<sarnold> vultr packet.net hetzner all seem popular among folks who want to spend less than aws
<Sircle> sarnold,  what about ramnode?
<sarnold> Sircle: never heard of it
<Sircle> hm
<sarnold> don't worry about that too much, I'm not really in that market space
<sarnold> it just means I can't give you solid feedback
<Sircle> sarnold,  how much disk space is there in ec2?
<sarnold> Sircle: as many petabytes as you want to pay for
<Sircle> I meant the free tier
<sarnold> probably 10 or 20 gigs
<Sircle> k
<Sircle> I recalled, it was 30
#ubuntu-server 2018-11-20
<lordievader> Good morning
<munsking> Hello, why does my getty@tty1.service file keep getting overwritten? using ubuntu server 16.04.5 LTS
<lordievader> What service file are you editing?
<munsking> getty@tty1.service
<munsking>  /etc/systemd/system/getty.target.wants/getty@tty1.service
<lordievader> munsking: On 18.04 the `getty@` service is defined in `/lib/systemd/system/getty@.service`.
<munsking> lordievader: and on 16.04.5?
<munsking> oh it's the same, it's just a symlink
<munsking> still, why does it get overwritten every week or so?
<lordievader> Most likely in the same path. However, if you want to override the service definition, I'd put the overrides in `/etc/systemd/system/getty@.service.d/<name>.conf`.
<munsking> all i really need is for tty1 to auto login, get a kerberos ticket and start a remote desktop application on a windows terminal server (camera surveillance)
<munsking> right now i edit the getty@tty1.service file, change the execStart to 'agetty -a remoteUser %I $TERM' and then it works
<munsking> so how would i get that part to stick?
 * lordievader sent a long message:  < https://matrix.org/_matrix/media/v1/download/matrix.org/UDMsNYWzpncPLnTPUKtWLJHS >
<munsking> lordievader: thanks, i'll give that a shot
<ahasenack> good morning
<OerHeks> hi ahasenack
<ahasenack> hello OerHeks
<lordievader> Hi ahasenack, OerHeks
<ahasenack> hi there
<OerHeks> good afternoon, as it is in my timezone :-D
<ahasenack> indeed
<ahasenack> rbasak: hi, could you please import pgaudit and add it to the whitelist?
<rbasak> ack
<ahasenack> it's from universe, but touched everytime postgresql is uploaded
<ahasenack> in dep8 dependent tests
<ahasenack> and it likes to fail
<ahasenack> rbasak: thanks
<rbasak> ahasenack: imported and pushed. As usual the whitelist change won't take effect until I next roll something through to the importer.
<ahasenack> cool, thanks
<ahasenack> cpaelzer: have you seen this pgaudit dep8 failure before, that only occurs on s390x? https://pastebin.ubuntu.com/p/ZkVpFhWgjT/
<cpaelzer> ahasenack: doesn't ring a bell
<die7> how to remove multiarch or disable it in preseed file?
<tomreyn> die7: in case you're referring to amd64 (native) and i386 (foreign): dpkg --remove-architecture i386
<die7> tomreyn: in preseed file?
<die7> tomreyn: dpkg is not available during installation
<tomreyn> die7: you could do it with the post installation script hook, i forgot the exact name. but i'm not sure this is the right approach, there may well be a better one.
<die7> tomreyn: I found already solution, thank you...soultion can be solved with seed file at self
<die7> tomreyn: d-i apt-setup/multiarchÂ Â string
<tomreyn> much nicer
<die7> tomreyn: if you leave befind string empty i386 will not be added
<tomreyn> ok, good to know
<beowuff> So, I see 16.04 is FIPS 140-2 compliant. Any idea if 18.04 will be?
<beowuff> Woah, I didn't realize you could install windows 2016 headless... I wonder if that'll mess up security...
<beowuff> oops, wrong window. XD
<TheHonorableKitt> how do I create a new nic on Ubuntu Server 18.04LTS with no ip (as in accordance to this tutorial for Snort Inline IPS: http://sublimerobots.com/2016/02/snort-ips-inline-mode-on-ubuntu/)?
<sarnold> TheHonorableKitt: this is probably the best starting point https://netplan.io/examples#bridging
<sarnold> TheHonorableKitt: try throwing in dhcp4: no dhcp6: no and not specifying addresses
<sarnold> lets see what happens ;)
<sdeziel> I would personally opt to disable_ipv6 on it too
<sdeziel> not sure if netplan can do this natively
<sarnold> of course, if you don't specify *anything* probably the nics won't have addresses that way, too :)
<sarnold> but finding some way to document and codify that they intentionally don't have addresses feels like a good idea
<sarnold> and if you're going to be using a bridge anyway, well, this knows how to make them
<TheHonorableKitt> like this? https://paste.ubuntu.com/p/tvT3wHYG59/
<TheHonorableKitt> or maybe change 2 and 3 to 1 and 2?
<sarnold> you've got an enp0s3 so having an eth0 eth2 and eth3 feels unlikely..
<TheHonorableKitt> huh?
<sarnold> what are you NICs named now?
<TheHonorableKitt> errrrr I don't know? eth0? this is a linode VPS
<sarnold> run 'ip a'
<sarnold> that'll show you the NICs on the system
<TheHonorableKitt> https://paste.ubuntu.com/p/Vd4wYKW8g9/
<TheHonorableKitt> there are two 'docker' nicks that are down, and then l0 for loopback
<TheHonorableKitt> this is the only useable eth nic
<sarnold> you can fake up NICs using tun/tap stuff (often for VPNs or VMs) but I don't know an awful lot about how those things work
<sarnold> does the management panel let you add more NICs?
<TheHonorableKitt> it lets me add "private ip address" but other than that, no
<sdeziel> TheHonorableKitt: Linode VMs only have a single NIC AFAIK so is that what you want to feed to snort?
<TheHonorableKitt> yes, but snort needs to have more than one nic to work for inline mode
<sarnold> are you intending to feed it via VPNs?
<TheHonorableKitt> no? I'm running my websites on the same server as my snort setup
<sdeziel> inline mode seems to be for creating transparent bridges
<TheHonorableKitt> so long as I have two (or three?) nics, snort inline mode bridges them for me
<TheHonorableKitt> but that's where I'm stuck, I don't know enough about linux to properly create two new nics
<TheHonorableKitt> I know it can be done, but I'm not understanding how
<TheHonorableKitt> as you can see here: http://sublimerobots.com/2016/02/snort-ips-inline-mode-on-ubuntu/, that's the case, but it doesn't elaborate in this particular portion of the instructions
<sdeziel> TheHonorableKitt: is your end goal to inspect the traffic hitting your web server?
<TheHonorableKitt> yes
<TheHonorableKitt> I have snort working for IDS already, but I want more than an IDS, and to get an IPS, I need more nics
<sdeziel> TheHonorableKitt: then inline mode doesn't seem like a good fit, unless you run it on a machine that's not your web server itself
<TheHonorableKitt> I don't think there's a way to get an IPS without inline mode
<sdeziel> TheHonorableKitt: I don't think you require more NICs
<TheHonorableKitt> errr hm?
<sarnold> sure, it could just pcap packets on the one nic you've got..
<sdeziel> you can probably have NFQUEUE setup in iptables so that snort decides of the faith of the packets
<TheHonorableKitt> yeah I haven't even got a clue how to do that
<sarnold> sdeziel: dude. http://manual-snort-org.s3-website-us-east-1.amazonaws.com/node7.html#SECTION00254000000000000000
<sdeziel> sarnold: yes?
<TheHonorableKitt> nice 404 error?
<sarnold> sdeziel: I had a a vague idea that there was probably something better than pcap but couldn't have named it ;) but there it is, nfqueue :)
<sdeziel> TheHonorableKitt: I'm a little more familiar with suricata so here's an example with multi-nics: https://redmine.openinfosecfoundation.org/projects/suricata/wiki/Setting_up_IPSinline_for_Linux
<sdeziel> TheHonorableKitt: should be easily adaptable for a single NIC for your use case where the web server is local to the IPS
<sdeziel> sarnold: hehe
<TheHonorableKitt> let me take a look real quick :)
<TheHonorableKitt> I guess what's confusing to me is how snort handles the data. It pics up on eth0, but is it supposed to loop back around and drop it back off on eth0 again? wouldn't that cause an endless loop? I think it's supposed to pick up on eth0, bridge eth1, and drop it off on eth1
<sdeziel> TheHonorableKitt: in fact, it touches on the "host" scenario too
<TheHonorableKitt> at the bottom of that writeup, it requires two nics
<TheHonorableKitt> eth0 and eth1
<sdeziel> TheHonorableKitt: the transparent bridge is for a different use case
<sdeziel> TheHonorableKitt: the link covers 2 scenarios, search for "host" aka scenario #2
<sdeziel> TheHonorableKitt: in the host scenario, you work with INPUT/OUTPUT instead of FORWARD
<TheHonorableKitt> oh hmm
<sdeziel> they even mention TCP/80 handling ;)
<TheHonorableKitt> ah ok, I see. they just didn't separate the two scenerios into two portions, they're kind of mentioned together a bit
<TheHonorableKitt> that's where I was confused :P
<TheHonorableKitt> I think the issue now is...how do I get this to work with snort?
<TheHonorableKitt> let me look at this: http://sublimerobots.com/2017/06/snort-ips-with-nfq-routing-on-ubuntu/
<sdeziel> suricata is compatible with snort rules IIRC ;)
<TheHonorableKitt> I'm not using suricata :)
<TheHonorableKitt> I am so incredibly confused
<TheHonorableKitt> If I run these iptables configs for nfqueue, will it kill my network connection? I'm not sure if there's a config I need to have setup in snort to make sure it's filtering them, because I *think* if it's not actively filtering, then the connections are all just dropped
<sdeziel> TheHonorableKitt: I would suggest to only send TCP/80 to snort, not the whole thing
<TheHonorableKitt> I'm hosting a lot more than TCP 80 on my server
<sdeziel> I'd start with TCP/80 then and ramp this up as you gain confidence in the setup
<TheHonorableKitt> I'll do that, but better to use 443 than 80, since my server only works with 443
<TheHonorableKitt> it's auto-re-reouterd to 443 from 80
<sarnold> what exactly will snort read out of TLS streams?
<sdeziel> well, what is it that you want to inspect on TLS?
<sdeziel> old proto/ciphers?
<sdeziel> very little is worth looking at on TLS, and this will only shrink as TLS 1.3 is deployed
<sdeziel> (I'm looking at your OpenSSL 1.1.1 backport to 18.04)
<sdeziel> s/your/you/
<sarnold> :)
<TheHonorableKitt> It might be important to know what snort is actually for, it's an intrusion detection system, and in inline mode, an intrusion prevention system. The rules in snort far exceed that of http and https. So, it needs to be a global system. No point in doing port 80 since it's auto-forwarded to 443 anyway, so I don't know, maybe I can do port 22 then or
<TheHonorableKitt>  better yet icmp
<sdeziel> encrypted protocols are less interesting to look at
<TheHonorableKitt> I'd honestly rather someone who knows what they're doing to look at this for me, as I'm completely clueless on how to even use snort, or for that matter, how to configure linux network information.
<sarnold> if you want to go whole-hog, feel free. the worst that can happen is you wind up having to hit the 'delete vm' button and start over :)
<TheHonorableKitt> not a change, I always make backups ;)  :D
<sdeziel> on Linode you have a remote serial console available (LISH is the name IIRC) so hopefully the snort deployment won't go that bad
<sarnold> oh sweet
<sarnold> that makes it way less likely you'll need the 'delete vm' button :)
<TheHonorableKitt> :P  it's sweet when I'm not at work hehe
<TheHonorableKitt> I'm at work right now, only way I can even terminal in is with a webssh tool
<coreycb> jamespage: we should have everything core + dashboards uploaded for stein now except horizon itself. i pushed all the updates i made but it needs django-debreach which will be a new package. component-mismatches should be fixed up now too.
<TheHonorableKitt> so what I did earlier really screwed up my setup, I need to get someone to help me and look at my iptables rule file (I have it save persistently, so just rebooting won't help). I need to manually remove whatever is screwing up my system. Can someone please volunteer to help me?
<teward> TheHonorableKitt, might be useful to restate the core problem as well
<teward> since not all of us know the actual problem you are facing right now
<TheHonorableKitt> sure thing, so I was trying to set SNORT into inline IPS mode, but I only have one IP (well, now I can have three, I might need it). anyway, someone said I can just add a few iptables rules for NFQEUE and snort will run those
<TheHonorableKitt> I added those rules, and it killed my entire box's connection. now I can't figure out how to remove them
<teward> how did you add them?
<TheHonorableKitt> iptables -I INPUT -j NFQEUE
<TheHonorableKitt> and
<TheHonorableKitt> iptables -I OUTPUT -j NFQEUE
<teward> andyour iptables ruleset currently is what?  (and where on the system)
<teward> if you can share your iptables rulesets in a pastebin I can take a look
<teward> and ID what rules you have to remove to get traffic working again
<teward> not sure if you can do that easily though if you have no networking
<TheHonorableKitt> i'll share the file with you directly, I don't want to paste it here
<teward> i can't DCC here on IRC currently
<teward> and I didn't say paste it here
<teward> i said use a pastebin
<teward> and then PM me the link :P
<TJ-> TheHonorableKitt: if you use "iptables --line-numbers -nvL" you can use the line-number of the rule to delete it with "iptables -D <chain> <line-number>"
<teward> TJ-, he's not got it in his stored rulesets all he has to do is iptables-restore < ... the ruleset
<teward> and it would then get rid of the nfqeue rules heh
<TJ-> Ahhh
<TJ-> line-numbers is useful info anyhow; many folks don't realise it's there
<teward> mhm
<teward> not sure why he won't share his rulesets since there's nothing secret in those rulesets that'd ID his box as a target anyways but meh
<teward> TJ-, woah that's a THING?
<teward> *learned a new thing*
<TheHonorableKitt> I generally try to be as secure as I can, I fail a lot, but good practice means good I suppose
<TheHonorableKitt> so the iptables-restore command, what should I run with that? never ran this before
<teward> i assume this ruleset is stored in a file on disk, yes?
<TheHonorableKitt> yeah
<teward> sudo iptables-restore < /path/to/ruleset/file/on/disk
<TheHonorableKitt> /etc/iptables/rules.v4 and rules.v6
<teward> and that's it
<teward> so then: sudo iptables-restore < /etc/iptables/rules.v4
<teward> and: sudo ip6tables-restore < /etc/iptables/rules.v6
<teward> and you're done
<TheHonorableKitt> alrighty, I might lose connection in a sec ;) lol we'll see
<TheHonorableKitt> ok, ufw is enabled, looks like I'm all good
<TheHonorableKitt> phew
<TheHonorableKitt> so linode gave me two additional ip slots, should I use them to get snort inline IPS to work?
<teward> if you added NFQEUE rules into the ufw configs find them and yank them out
<TheHonorableKitt> or do I not need them?
<TheHonorableKitt> it was only in iptables
<teward> otherwise your box should talk to the internet fine
<teward> good
<Greyztar> the iptables and restore ive also used,however someway ruleset alway get reset on reboot,now im using systemd script with iptables-restore command,any tip on what might cause this?
#ubuntu-server 2018-11-21
<Greyztar> ive removed ufw only using iptables interface
<mwhudson> tomreyn: thanks for all the subiquity bug reports btw
<mwhudson> tomreyn: have you seen this? https://www.systutorials.com/docs/linux/man/8-lvm/#lbAG (rules for valid VG and LV names)
<tomreyn> mwhudson: welcome :) and no, i had not. but i'm not surprised there are restrictions.
<tomreyn> i mean ... on lvm's end.
<TheHonorableKitt> just ran a restore on my box, apparently all the fixes I did didn't work, ufw still blocked everything
<TheHonorableKitt> restore done, all good now
<mwhudson> tomreyn: i'm not surprised there are restrictions, i'm a bit surprised they are so fiddly
<mwhudson> tomreyn: the only restriction on md appears to be "non-empty" and "does not contain /"
<mwhudson> although whether the kernel will actually allow "md/my shiny drive's raid" i'm about to find out...
<tomreyn> hehe, good luck
<tomreyn> those lvm restrictions are a fiddly, yes. but i guess if you just limit it to ^[a-zA-Z0-9][a-zA-Z0-9+_.-]*$ this will cover pretty much every use case.
<TheHonorableKitt> anyone have a good answer as to how I can just create a new eth, like eth1, eth2? I'm using linode, which uses netplan
<sarnold> TheHonorableKitt: that's not the path you want to take
<mwhudson> yeah
<TheHonorableKitt> what path exactly should I take then?
<TheHonorableKitt> any and all tutorials for putting snort in inline IPS mode is that you have to have more than one eth, but when I took your advice for the other option, it shut down my entire machine's network and resulted in requiring a backup restore to fix
<sarnold> feeding snort or suricata with nfq
<TheHonorableKitt> yeah, I did that, it broke everyhting
<sarnold> the "inline" option that you found in the first guide was about protecting an entire network
<sarnold> sadly the nfq docs also assumed the same thing, because almost no one uses snort or suricata on single hosts
<TheHonorableKitt> unfortunately I can't afford a second VPS to do it without a single host
<openfire> TheHonorableKitt: Linode does not use netplan. Ubuntu uses netplan. Netplan can be disabled easily. So what are you trying to do?
<TheHonorableKitt> I'm trying to get snort in inline IPS mode
<openfire> On a Linode?
<TheHonorableKitt> yes
<mwhudson> i probably shouldn't use ctypes to call functions from liblvm2cmd.so.2.02 should i
<sarnold> mwhudson: depends.. doing it from C would probably be easier and more reliable in the long run but probably harder project to start :/
<openfire> TheHonorableKitt: And what else is this Linode doing?
<mwhudson> well i could write a python extension to do it too
<mwhudson> but this is being silly
<mwhudson> better to just copy the validation into subiquity, as tedious as that will be
<TheHonorableKitt> linode is hosting five websites, sip server, and znc bouncer
<sarnold> I think I'd rather see ctypes than python extension :)
<mwhudson> sarnold: how do you think subiquity talks to netlink...
<openfire> TheHonorableKitt: Then you're using the wrong tool for the wrong job.
<TheHonorableKitt> please be more elaborate
<sarnold> mwhudson: I'm almost afraid to find out :)
<mwhudson> sarnold: i wrote a c extension binding to libnl3-route ...
<sarnold> mwhudson: my condolances
<sarnold> mwhudson: netlink is just ... sadness
<openfire> TheHonorableKitt: snort is a NETWORK IPS. You want something to protect a single host. snort does not do that.
<mwhudson> sarnold: i don't know, it beats sysfs i think
<mwhudson> sarnold: stracing lsblk, now THAT is sadness
<sarnold> mwhudson: ouch -- you've clearly seen some dark things :)
<TheHonorableKitt> is there something else that would do what I need to do then?
<openfire> TheHonorableKitt: What is your experience with IDS/IPS systems in general?
<TheHonorableKitt> basic, but I know what they are
<TheHonorableKitt> security + certified <----
<openfire> So is my cat.
<openfire> In other words, zero practical experience.
<TheHonorableKitt> your cat's fucking awesome
<openfire> Short version: You DO NOT want to try to deploy HIDS/HIPS on something you care about without spending quite a bit of time figuring out how they work on a test system, first.
<openfire> If you do... You're gonna have a bad time.
<openfire> Either because you flood yourself with (not kidding) millions of alerts, or you shut down your everything.
<sarnold> this was also why sdeziel suggested rolling it out for tjust tcp/80 first and adding protocols as you gained confidence
<sarnold> course I suggested to go whole-hog on it because it's a VPS that you can wipe and restore in a few minutes, so an ideal platform for learning ;)
<TheHonorableKitt> I already run snort as an IDS on this machine, and I don't get flooded with alerts.
<openfire> TheHonorableKitt: How much tuning did you do?
<TheHonorableKitt> a good bit
<openfire> How long is your SID suppression list?
<mwhudson> haha now i have /dev/md/this
<sarnold> rofl
<TheHonorableKitt> anyway, I'm not on here to have someone chew me out because, again, they dislike how I'm trying to run my systen.
<TheHonorableKitt> system*
<mwhudson> i wonder if this is curtin failing to quote something somewhere
<mwhudson> or mdadm being terrible
<mwhudson> the /sensible/ fix is presumably to not let people put spaces in the bod
<mwhudson> *box
<sarnold> [a-zA-Z0-9]
<sarnold> (sorry kylin)
<openfire> TheHonorableKitt: You know, with a slight perspective adjustment, you could learn to appreciate the advice being given to you by people with many years of experience, saving you from learning things the hard and aggravating way.
<openfire> TheHonorableKitt: Snort is the wrong tool for the job. You could look into something like samhain, ossec, aide, or tripwire, and learn how much you still have to learn. Cheers.
<mwhudson> hah yes it's mdadm
<sarnold> o_O
<mwhudson> tbf to lvm's man page, clearly mdadm should be validating much harder
<mwhudson> e.g. a name of .. probably isn't going to work either
<mwhudson> mdadm: array /dev/md/.. started
<mwhudson> ORLY?
<sarnold> I wonder what happens if you 'cd /dev/md ; cd ..' on that..
<tomreyn> or try starting the /dev/md/../../etc/passwd array
<sarnold> ENOTDIR?
<mwhudson> the think in /dev/md/ is just a symlink
<mwhudson> tomreyn: it does forbit / at least
<tomreyn> aaaw
 * mwhudson blinks
<mwhudson> mdadm: device /dev/md/../../etc exists but is not an md array
<mwhudson> why didn't it say that for /dev/md/.. then?
<tomreyn> maybe it doesn't like that /dev has 0 blocks allocated
<mwhudson> oh probably /dev/md didn't exist at all at that point
<tomreyn> thank you for actually working on fixing these bugs i report, mwhudson, that's great. :)
 * tomreyn zzz
<mwhudson> tomreyn: sorry for the radio silence, it's partly me waiting until i had the time to respond sensibly...
<tomreyn> no bad feelings, i'm glad it's moving! :)
<TheHonorableKitt> lol I was wondering why I saw that guy, I ignored the douche openfire ages ago. strange.
<TheHonorableKitt> when I run "ip addr del X.X.X.X dev eth0" and then "ip addr add X.X.X.X dev eth0:0" and then I re-check with "ip addr", it still shows as under eth0, and not eth0:0, am I doing something wrong here?
<sarnold> the eth0:0 "aliases" interface was deprecated about twenty years ago in favour of just adding multiple IPs to the interface directly
<TheHonorableKitt> oh hmmm
<TheHonorableKitt> ok, that's fine then, that's how it is now
<TheHonorableKitt> I'm just confused on how I can get snort to utilize them because it specifically does eth0:eth1 for it's binding/bridging feature
<TheHonorableKitt> I'll speak to #snort about that
<openfire> Still chasing snort for this, huh?
<sarnold> I'd strongly rcommend asking them for help on how to solve your problem rather than starting with the "inline IPS" discussion
<sarnold> maybe they'd be quicker to catch on than we were that you were following the wrong guide for what you were trying to solve :) but still, no need to start off on the wrong foot
<TheHonorableKitt> yep, thanks much for your help sarnold :) <3
<sarnold> have fun, good luck :)
<masber> good afternoon all, I have an Ubuntu 16.04.5 LTS server I would like to enable hyperthreading
<masber> I already setup the BIOS but I can't see the extra cores
<masber> this is the cpu model --> Intel(R) Xeon(R) CPU E5-2680 v4 @ 2.40GHz
<masber> any advice?
<sarnold> https://ark.intel.com/products/91754/Intel-Xeon-Processor-E5-2680-v4-35M-Cache-2-40-GHz-
<sarnold> it sure looks like it should HT..
<masber> sarnold, yes I can see the ht flag in the /proc/cpuinfo
<masber> however lscpu says --> Thread(s) per core:    1
<masber> do I need to reinstall the OS after enabling ht in the BIOS?
<sarnold> masber: how about grep "core id" /proc/cpuinfo
<masber> sarnold, no luck it only shows the physical cores for the 2 sockets http://dpaste.com/1H3WADP
<sarnold> awwwwww
<sarnold> masber: https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/tree/Documentation/admin-guide/kernel-parameters.txt#n2041
<sarnold> masber: what's your /proc/cmdline look like?
<masber> http://dpaste.com/2SHSTHA
<sarnold> maxcpus=28
<sarnold> try removing that
<masber> damn
<masber> sarnold, thank you it is now working :)
<masber> so I understand that grub/kernel flag was limiting the number of cpus but, why Thread(s) per core:    1 if ht was enabled?
<sarnold> masber: excellent! :D
<sarnold> masber: good question. :/
<sarnold> I'm not actually sure what would be ideal to report.. or what options the different tools even have
<sarnold> because it was accurately reporting the state of the system, as it was booted
<sarnold> if it were reporting the silicon abilities it might have taken a while longer to figure out that htop should have completely filled your terminal :)
<sarnold> anyway, time to run, have fun masber :) that looks like a machine for serious fun :) hehe
<lordievader> Good morning
<ahasenack> good morning
<lordievader> Hey ahasenack How are you doing?
<ahasenack> rbasak: hi, good morning, may I suggest this bug for your sru day? :) https://bugs.launchpad.net/ubuntu/+source/postfix/+bug/1791139
<ubottu> Launchpad bug 1791139 in postfix (Ubuntu Bionic) "postfix-mysql package upgrade results in server configuration error" [Undecided,Fix committed]
<ahasenack> hello lordievader, I'm doing well, and you?
<ahasenack> https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/1782806 has also been in a verified state for almost a month now
<ubottu> Launchpad bug 1782806 in apache2 (Ubuntu Bionic) "Typo in apache2-maintscript-helper causes MPM check to misfire" [Undecided,Fix committed]
<ahasenack> and https://bugs.launchpad.net/ubuntu/+source/exim4/+bug/1786508 too (!)
<ubottu> Launchpad bug 1786508 in exim4 (Ubuntu Bionic) "Use of uninitialized value $ARGV[0] in string eq at /usr/sbin/eximstats line 563" [Low,Fix committed]
<lordievader> ahasenack: doing good here
<ahasenack> lordievader: where are you from?
<lordievader> Holland. What about you?
<ahasenack> Brazil
<ahasenack> it's 9h40 here now
<TheHonorableKitt> o/
<ahasenack> gotta love such tests: https://pastebin.ubuntu.com/p/zSbj93HqWy/
<sdeziel> ahasenack: the " " looks different
<ahasenack> I don't think so, I zoomed in
<sdeziel> ahasenack: I used "od -c"
<sdeziel> the first line has a regular space while the second one has "342 200"
<sdeziel> as the space char between 1 and 2
<sdeziel> putting each line in a separate file after dropping the -/+:
<sdeziel> $ cmp 1 2
<sdeziel> 1 2 differ: byte 3, line 1
<bipul> So there is no solution for Install Ubuntu via preseed in Virtualbox?
<bipul> This is my preseed configuration https://paste.ubuntu.com/p/Xbj8fyRv3G/ , I'm not sure what will be the configuration inside /isolinux/tx.cfg and /boot/grub/grub.cfg ? To automate the Installation.
<bipul> Could anyone help me out. I'm trying to install Ubuntu server 18.04.
<lordcirth> bipul, what happens when you try it?
<bipul> Seems like preseed file is unable to read by initrd
<bipul> s/initrd/debian-installer
<lordcirth> bipul, can you provide the exact error message?  Or does it just continue as if you had not provided a preseed?
<bipul> lordcirth, Just give me 15 Minutes, I'm trying once more time.
<lordcirth> no hurry
<genii> You can switch to console 4 to see the stderror
<bipul> I'm installing it inside VirtualBox, How could i open console 4 ?
<bipul> I'm editing the iso file. And i need to ask one thing more, that it required only to edit isolinux/txt.cfg? or boot/grub/grub.cfg ?
<bipul> Both?
<genii> Normally it would be alt-f4
<bipul> Alter F4 is used to cross the application
<genii> I was debugging preseed files like this before, switching from console 1 where it was doing regular stuff to the console 4 to see output of what it was doing or looking for
<bipul> genii, Have you install Ubuntu server 18.04 via preseed?
<genii> Not 18.04, but all the other LTS versions from 10.04 to 16.04
<ahasenack> bipul: did you use the live server installer, or the old installer?
<ahasenack> the so called live one doesn't have preseed support I think
<genii> I was using tftp
<bipul> I'm using Live-server i.e ubuntu-18.04.1-live-server-amd64.iso
<genii> netboot/tftp
<bipul> Where i can download netboot?
<bipul> And are you sure?
<genii> index of netboot images http://cdimage.ubuntu.com/netboot/18.04.1/
<genii> At that time I was using full-blown isc dhcp server, etc, but now it's easier to do by dnsmasq for the server
<bipul> genii, Which one to download?
<bipul> mini.iso?
<genii> The important stuff there is the pxelinux and filesystem netboot.tar.gz, you can use any iso file but they do provide the mini.iso as well
<genii> If you already have an iso just use that
<genii> work, afk 5-10 minutes
<bipul> just a minute
<bipul> md5sum, it required to updated? when we create preseed file?
<TheHonorableKitt> hey guys, back again today. It appears my linode Ubuntu 18.04LTS server is utilizing 'netplan'. I'm unsure if it supports the creation of 'dummy network interfaces' or otherwise known as 'virtual network interfaces' or not, but can someone help me figure out how to do this properly?
<sdeziel> TheHonorableKitt: is this still for the IDS/IPS scenario?
<TheHonorableKitt> yeppers :)
<TheHonorableKitt> i'm just trying to take one step at a time
<ahasenack> TheHonorableKitt: https://netplan.io/examples has some examples, and there is also a #netplan channel on freenode
<TheHonorableKitt> I need to get more interfaces before I can do anything
<ahasenack> (generic examples, not exactly about your case, but they might help)
<TheHonorableKitt> ohhhhh nice, I'll speak to them :)
<sdeziel> TheHonorableKitt: I don't understand how dummy NICs will help you get there but good luck anyways
<TheHonorableKitt> well, according to all of the tuts I've seen, it absolutely requires two or more ethernet interfaces, virtual or 'non-virtual' will work. In fact, one even states to give it no ip address. But I'm unsure how my system will respond, so I'd prefer to get answers before screwing around with things. It takes almost 45 minutes to do a full restore on my
<TheHonorableKitt>  system, which I'm not afraid of, but it's annoying
<sdeziel> TheHonorableKitt: creating dummy devices is trivial: ip link add dummy0 type dummy
<sdeziel> TheHonorableKitt: ^ if you want to experiment quickly without making things permanent with netplan/other
<sdeziel> but then again, I fail to see how dummy devices will help you
<TheHonorableKitt> let me give that a test :)
<sdeziel> a dummy device gets no traffic so it will be pointless to direct snort to it
<TheHonorableKitt> hmm
<TheHonorableKitt> I think virtual network interfaces still work though, but then again, someone said that this function was depreciated a long time ago. i.e. eth0:0, eth0:1, eth0:2, etc.
<sdeziel> those are IFACE labels
<sdeziel> and yes, they are deprecated
<sdeziel> those are not dummy devices
<TheHonorableKitt> I see
<TheHonorableKitt> geeze, in the past two days I've opened four tickets with linode to try and get this resolved. It seems neither I or they fully understood what needed to happen. But hey, I was able to swing getting two additional IP addresses for my linode :D
<sdeziel> TheHonorableKitt: for those additional IPs, you definitely don't need those deprecated IFACE labels, netplan supports adding multiple IPs to a single NIC
<TheHonorableKitt> yes, that's already set, but snort relies on network interfaces, not ip's
<sdeziel> I'm pretty sure that those label interfaces are in fact the same NIC so pointless
<sdeziel> try tcpdump on one of those, I'm pretty sure you'll see the traffic for the base/original NIC
<bipul> lordcirth, It says Boot loader /casper/initrd.1z: file not foun
<TheHonorableKitt> oh oh, wait...I think I figured it out, don't know why I never tried this
<TheHonorableKitt> ifconfig eth0:0 x.x.x.x
<bipul> May be i have misconfigured.
<lordcirth> bipul, /casper/initrd.lz is for the desktop iso.  For the server iso you need /install/initrd.gz
<sdeziel> TheHonorableKitt: ifconfig is also deprecated, replaced by ip
<TheHonorableKitt> seems to have worked though
<sdeziel> TheHonorableKitt: it still works for simple stuff but not everything, just a heads up
<bipul> lordcirth, Yes, i changed but Still i  need to interact with installation process.  It's seems like preseed configuration is not working.
 * bipul Think to move on debian
<cyphermox> TheHonorableKitt: that's why I was asking about network config
<cyphermox> netplan does not and won't support labels (what eth0:0 is) unless there's a very good reason to do it
<cyphermox> that weird setup for snort is iffy
<cyphermox> (not your fault, just an odd requirement from it)
<TheHonorableKitt> yeah, I've been running in circles, trying this and that to get this to work, it's been a total PITA
<cyphermox> hence, one option to do this in netplan is to have eth0 and vlan1 (on eth0), which both will be the same network interface on the same network (unless network config says otherwise); and then Snort should be happy to bridge eth0 and vlan1
<TheHonorableKitt> I hadn't thought about vlans, but that makes sense
<cyphermox> it's a little hackish, but that does work in some scenarios. I haven't tried it with Snort
<TheHonorableKitt> I'm assuming I can make vlans the same way? ifconfig vlan1 x.x.x.x?
<sdeziel> instead of a full fledged vlan, a dummy dev would be more appropriate IMHO
<cyphermox> no
<cyphermox> sdeziel: not if you want to bridge the traffic across the same interface.
<cyphermox> and it doesn't help if you can't create a dummy from netplan either ;)
<TheHonorableKitt> was that no to me or sdeziel?
<cyphermox> to you
<sdeziel> cyphermox: the desired goal is have snort do the bridging (in user space)
<cyphermox> if you want to use netplan, write the vlan in the netplan yaml
<sdeziel> that goal is wrong IMHO though ;)
<cyphermox> sdeziel: I agree, but bridging from eth0 to dummy0 won't achieve anything but blackholing the traffic?
<cyphermox> sdeziel: it's a requirement from that setup
<sdeziel> cyphermox: well, if dummy0 has the destination IP, it could work
<cyphermox> Snort wants to take traffic from one interface and throw it out the other after sniffing at it for a bit and wagging its tail
<sdeziel> yup
<TheHonorableKitt> ok, let me take a look at this netplan config then, see if I can figure out how to create a vlan
<cyphermox> I'm not familiar enough with the dummy driver to say it would work
<sdeziel> so it could work with a dummy dev where snort filtered out the undesired stuff, I think
<cyphermox> TheHonorableKitt: if you want a config that will persist ;)
<TheHonorableKitt> hm?
<sdeziel> but this whole bridging idea is wrong to begin with
<TheHonorableKitt> snort bridges on its own, I don't
<cyphermox> TheHonorableKitt: otherwise you can use 'ip link add link eth0 name eth0.1 type vlan id 1'
<cyphermox> (to test that it works with a vlan before going further)
<TheHonorableKitt> let me run that
<sdeziel> TheHonorableKitt: snort doing bridging is when you want snort to inspect traffic for _other_ machines, not self
<sdeziel> but I'll stop repeating this
<cyphermox> I'm going to get back to my autopkg tests now, just ping me if there's a netplan question, I don't always look at this channel
<TheHonorableKitt> thanks cyphermox
<TheHonorableKitt> sdeziel I know, but I can't believe that snort isn't capable of inspecting traffic on its own system. I already have snort in IDS running on this same machine, it already sees traffic and alerts me when things happen, but it's not in IPS mode so it can't do anything with the traffic. So I don't see why IPS won't work, if IDS is
<sdeziel> TheHonorableKitt: snort is capable of operating in IPS mode on a host but bridging isn't how you do it. NFQUEUE is the way to go
<TheHonorableKitt> Right, I understand that. I don't know why, but running it that way shut down my entire network. I was forced to run a restore just to get it back up again.
<sdeziel> TheHonorableKitt: have you been to #snort (if there is such channel) to expose your scenario?
<TheHonorableKitt> I have been, but snort is generally really quiet, only about 50 people in there
<sdeziel> TheHonorableKitt: with NFQUEUE, you divert packets to snort itself so yeah, you need to be careful what you send it cause you risk cutting your own access
<TheHonorableKitt> yeah, it just killed everything. nothing at all worked. The problem was that I was unable to remove it after I set it, even with LISH access on Linode
<sdeziel> the devil is in the details. How are you managing your ip{,6}tables rules?
<TheHonorableKitt> I use iptables-save and iptables-restore, but the restore didn't fix things, so I had to run a restore
<sdeziel> TheHonorableKitt: I highly recommend iptables-persistent
<TheHonorableKitt> I think that's part of iptables-save and iptables-restore
<sdeziel> also, you should be working from LISH and iptables-restore from a temp/experimental file when you do something risky
<sdeziel> iptables-persistent is a package that takes care of loading your rulesets on boot
<sdeziel> among other things
<TheHonorableKitt> right
<sdeziel> anyway, so the idea is to use a temp file to avoid introducing bogus rules in your main rulesets
<sdeziel> this way, you preserve your known good set for an eventual restore if you screwed up
<TheHonorableKitt> yep, lesson learned XD  lol
<sdeziel> the alternative would be to insert rules live with "iptables -I" directly
<sdeziel> but I find it easier to simply edit a file and feed it to iptables-restore
<TheHonorableKitt> agreed. lol I just couldn't find the rule to remove when I set the NFQEUE setting
<sdeziel> TheHonorableKitt: gotta run for now but I'll be happy to walk you through it later, as long as you know how to tell snort to feed from a NFQUEUE as I only did this on suricata
<TheHonorableKitt> hope it works, but we might need an alternative way of communication
<TheHonorableKitt> if I set NFQUEUE it'll undoubedly kill znc
<TheHonorableKitt> honestly I do have a pfsense box at my home that protects my entire network. I'm just not confident enough to host public websites at home on my home server (which is undoubtedly much better than the linode one I'm paying for), and I know pfsense has snort IPS.
<TheHonorableKitt> it's just that it blocks freaking everything
<lotuspsychje> explain at wich time this occurs stormbard
<lotuspsychje> the more info we have, the better volunteers can help
<stormbard> I'm seeing messages that are displayed right before the grub boot menu. All I can catch before they go away are something about compression and error. I'm using a zfs root pool and installed 18.04. I'm trying to figure out how I might see these messages for longer than the flash so I can debug further.
<XenophonF> stormbard: did you install ZFS per https://github.com/zfsonlinux/zfs/wiki/Ubuntu-18.04-Root-on-ZFS?
<XenophonF> or did you use a different install procedure?
<stormbard> I used that guide
<XenophonF> are you able to re-mount the pool from the live CD per the rescue instructions in that guide?
<XenophonF> there's also this troubleshooting guide, https://help.ubuntu.com/community/Grub2/Troubleshooting
<stormbard> Haven't tried, but I'll give it a try. The system does boot fine. It's just that I see these messages before grub loads
<stormbard> XenophonF: I'm able to follow the rescue steps in the guide without issue
<stormbard> forgot I had IPMI and SoL capabilities. The message I'm seeing is "error: compression algorithm inherit not supported". I'm googling for answers now but if anyone has insight I'm posting here as well
<ahasenack> is that zfs?
<stormbard> yup it is a zfs rpool
<ahasenack> I've seen grub complaining a lot about some zpool features it doesn't understand
<ahasenack> but it would still boot
<ahasenack> if it's not booting, the real issue might be something else
<ahasenack> I also remember I had a machine where I couldn't get it to boot using mbr with the bios partition, it only worked with uefi
<TJ->   if (comp != ZIO_COMPRESS_OFF && decomp_table[comp].decomp_func == NULL)
<TJ->     return grub_error (GRUB_ERR_NOT_IMPLEMENTED_YET,
<TJ->                "compression algorithm %s not supported\n", decomp_table[comp].name);
<TJ-> stormbard: ^^^^ "inherit" method is not supported in grub. "  {"inherit", NULL},        /* ZIO_COMPRESS_INHERIT */ "
<trippeh> Gnome thinks my 56Gbps network interface is in fact Bluetooth
<trippeh> thats some mighty spiffy Bluetooth
<lordcirth> lol
<lordcirth> Nice NIC
<stormbard> TJ-: Thanks, what is that compression mode? when I create the pool I set it up as lz4
<TJ-> stormbard: from reading the ZFS source it seems that means the compression is inherited from the 'parent' - not sure what precisely the parent is though
<stormbard> Ah, I didn't think about checking there. I can make a guess as to what is happening based on what I know about ZFS and how I set it up. The compression can be set on each dataset separately. I set it on the very root dataset and at the pool level and never changed it again. If you don't explicitly set the value on a child item it inherits it from the parent.
<TJ-> stormbard: that sounds like it
<stormbard> Everything boots fine and that pool status is healthy so it is likely just a message I can ignore for now. I was just erring on the side of caution until I could figure out more. Thanks all for the help
<ahasenack> stormbard: that has been my experience. The warnings are there, but it ends up booting just fine
<sdeziel> stormbard: dunno if that's related but grub warns when it cannot write to disk (to save the default boot entry) but otherwise works fine
<TJ-> It depends on what the device is that contains GRUB's file-system. Things like RAID devices it can only read
<sdeziel> TheHonorableKitt: I'm back
<TheHonorableKitt> hey buuuuuuddy
<sdeziel> TheHonorableKitt: it might be best to move to a priv conversation to avoid spamming everyone in here ;)
<TheHonorableKitt> hehe that works :)
<awkwardusername> help, what to check when you can DNS resolve things but can't connect to 80/443 - acls do not block any port outbound (ufw off)
<sarnold> are you on AWS or similar cloud hosts?
<sdeziel> awkwardusername: do you manage the target of your connection (where you are trying to connect on TCP/80 or TCP/443) ?
<awkwardusername> sdeziel, any domain, regardless - won't connect to both. have tried pings to domain, it resolves to ip.
<sdeziel> awkwardusername: what do you get from "nc -zv sdeziel.info 443" ?
<awkwardusername> curl says Immediate connect fail for 2404:6800:4004:808::2004: Network is unreachable for google.com
<sdeziel> hmm
<sarnold> does ipv6 work on your host?
<awkwardusername> no - i haven't enabled them. also additional info, vm is behind a NAT (it's actually an EC2 instance) with a network card that has a private and public IP
<awkwardusername> route tables are also properly configured (i haven't actually changed them)
<sarnold> do your security groups allow ingress/egress to the IPs in question?
<openfire> awkwardusername: So, it's obviously trying to reach somewhere via IPv6, which will happen if you have a global-scope v6 address and a v6 default route.
<awkwardusername> sarnold, yes - ACLs allow for outbound all traffic for all ips. for inbound , ssh, http/s, and all UDP
<awkwardusername> openfire, how can I check that
<openfire> awkwardusername: Your error tells you that much.
<sarnold> ip route get is very handy
<openfire> awkwardusername: Did you deploy an egress-only internet gateway in your VPC?
<awkwardusername> openfire, yes but it tried ipv4 first then fallback to ipv6
<openfire> awkwardusername: That's oddly backwards.
<awkwardusername> that is, Trying 216.58.197.206... then Trying 2404:6800:4004:818::200e...
<openfire> awkwardusername: So, did you deploy an IGW (v4) and an EIGW (v6), and configure routes to 0.0.0.0/0 and ::/0 in your routing tables to go to those?
<awkwardusername> openfire, no, i didn't deploy that
<openfire> Then that's your problem.
<awkwardusername> lemme check
<openfire> You have no outbound gateway.
<Sircle> Which MTA has good features like slowing mails down in a timmed calculated cap or delaying mails down if multiple emails are sent to same recipient e.g gmail?
<TheHonorableKitt> well that was fun
<genii> Sircle: http://www.postfix.org/TUNING_README.html
<TheHonorableKitt> woops think I messaged the wrong person lol
<Sircle> genii,  ok
<vlt> Sircle: Exim should handle most of that.
<Sircle> vlt,  exim?
<Sircle> vlt,  its an MTA? how do you compare it with postfix? I need most support for whatever MTA I use + featurefull MTA
<TheHonorableKitt> soooooo I'm looking to try and move my server from linode to my own hosted server, any idea what I need to do to auto-install all the application/packages on the other server?
<TheHonorableKitt> or is there any way for me to just clone from that server to the new one?
<sarnold> you can use dpkg --get-selections on one server and pipe that into dpkg --set-selections on the other; I'd expect an apt-get install to be able to take it from there
<sdeziel> I'm a big fan of 'ssh dd if=/dev/vda | dd of=/dev/vda' :)
<TheHonorableKitt> vda?
<TheHonorableKitt> rather, can you desect that command for me pls? :)
<sdeziel> TheHonorableKitt: you can boot your Linode from a live CD and copy the disk as is. /dev/vda is the virtio disk which should be hooked to your Linode slice
<TheHonorableKitt> O.o errrr how int he world do I haz do that?
<TheHonorableKitt> lol
<sarnold> sdeziel: hah yes that works pretty well if everything lines up just fine..
<sdeziel> TheHonorableKitt: that's how I move Linode slices around
<vlt> sdeziel: That might fail horribly whenever /dev/vda holds a mounted file system.
<sdeziel> TheHonorableKitt: it basically copy the whole disk as is to your destination VM. You then just need to tweak the destination
<sdeziel> vlt: hence the live CD
<TheHonorableKitt> I don't have /vda, I think mine is /dev/sda
<sdeziel> TheHonorableKitt: OK same command but different block device ;)
<TheHonorableKitt> how do I set that live cd up there though?
<sdeziel> TheHonorableKitt: in Linode manager, you should be able to boot off of Finnix or something like that, I don't remember the name of their rescue boot disk
<sdeziel> TheHonorableKitt: are you going to move the Linode to a local VM or a physical machine?
<sdeziel> cause I'd advise this dd trick only if the destination is a VM
<TJ-> /dev/sda since Linode moved to KVM
<sdeziel> otherwise it gets complicated, real quick
<sdeziel> TJ-: right, didn't realize that, thx
<sdeziel> '[    2.066417] scsi host0: Virtio SCSI HBA'
<TJ-> "DMI: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.11.0-0-g63451fca13-prebuilt.qemu-project.org 04/01/2014"
<sdeziel> I guess I should move off of i440fx and give a try to Q35
<TheHonorableKitt> sdeziel: I have a large vmware server at my home that I'm going to use
<sdeziel> TheHonorableKitt:
<TheHonorableKitt> yes?
<sdeziel> TheHonorableKitt: good, VMs are easier to deal with when you need to fix/tweak grub and such
<TheHonorableKitt> yup
<sdeziel> TheHonorableKitt: If the VM isn't bootable as is after being copied over, I recommend you boot it with a external kernel/initramfs then fix grub from inside the VM
<sdeziel> that's assuming VMWare allows you to provide a kernel/initramfs to boot the VM with
<jayjo> is there a way to copy only changed files every 10 seconds or so using bash? I tried to use inotify but I am using a mounted s3fs filesystem and I don't think it supports the standard events like created delete modified
<TheHonorableKitt> it might be best for me to just do a clean install, clean some junk up and move my configs all over
<sarnold> jayjo: what are you trying to do?
<jayjo> I have an s3fs mounted filesystem that has content I want to serve from nginx. It's shared because php-fpm is serving dynamic content and nginx is serving non .php files. I can't change the permissions on the mounted directory directly, so I attempted to use inotify to watch the directory for events
<vlt> jayjo: rsync
<sdeziel> TheHonorableKitt: that works too and should be made relatively quick with sarnold's trick
<jayjo> although this is not over a network, will rsync do it from /my/first/data/dir to /my/second/data/dir ?
<TheHonorableKitt> how exactly should I run what sarnold said? is that on my new server? do I have to ssh into the other server? #confused
<jayjo> Hopefully I can just run every 10 seconds for perpetuity
<sarnold> rsync can go from one dir to another fine
<sarnold> I suggest using a tool like run-one or something similar to make sure you don't get two going at once
<sarnold> if that happens your system's going to be unhappy in a hurry
<sarnold> there might still be a better way to solve the problem though
<TheHonorableKitt> I'm gonna need step by steps, because I'm still technically a novice with linux, I'm a windows sys admin by profession, but linux is still a new beast for me
<sarnold> it'd be something like ssh linode dpkg --get-selections > /tmp/package_list ; ssh vmware dpkg --set-selections < /tmp/package_list
<sdeziel> jayjo: with a s3fs mount, you may want to use rsync --whole-file too
<openfire> What's the issue?
<openfire> TheHonorableKitt: ^
<TheHonorableKitt> sarnold: run that on the linode, or my server?
<sarnold> TheHonorableKitt: both those commands from your desktop. it'll onnect first to your linode, grab stuff, adn save the results locally. then it'll connect to your new vmware instance and send the local package listings to the next command
<jayjo> can I just run rsync every 10 seconds? it will do nothing if nothing has changed, right?
<sarnold> jayjo: yueah that's not ideal but it should do fine
<sarnold> off to lunch :)
<XenophonF> is there a way to get my smartarray p410 to export unconfigured disks?
<XenophonF> i want to set up a ZFS pool under Ubuntu 18.04 without having to set up lots of single-disk RAIDs
<XenophonF> hm, according to a StackExchange article, controllers older than the p420i won't let you disable RAID functionality :(
<XenophonF> maybe the driver can bypass that?
<Greyztar> openfire: just curious what you mean with ^ when talking with someone?
<openfire> Greyztar: My original message didn't have a nick prefix, so it was ambiguously targeted. The ^ was meant to be a "hey, this line was for X person."
<Greyztar> openfire: hmm,i dont get it though,i see many use this on social media still dont get it,i know its used in some regexp to mark beginning of match or so
<openfire> Greyztar: It's a symbol that literally by its shape points up.
<Greyztar> openfire: ohh now i get it though haha
<Greyztar> openfire: thanks for clarifying that been annoying me for quite som time,googling it didnt yield any result as with other prefixes and so :)
<TheHonorableKitt> so I ran that command, and all I got was this response: "dpkg: warning: package not in status nor available database at line ***: packagename"
<openfire> TheHonorableKitt: What are you trying to do?
<TheHonorableKitt> sarnold: ^
<TheHonorableKitt> ugh can't get this to work
<TheHonorableKitt> figured it out, thanks to other people having problems XD
<TheHonorableKitt> https://www.linuxquestions.org/questions/linux-software-2/dpkg-set-selections-fails-to-find-hundreds-of-packages-4175617954/
<sarnold> XenophonF: sometimes controllers can be flashed with an "IT Mode" driver
<sarnold> TheHonorableKitt: hmm. maybe youve got universe enabled on one system but not the other? or maybe linode had something specific to their systems installed, that can happen on some of the cloud providers
<TheHonorableKitt> i figured it out :)
<TheHonorableKitt> and it's stillllllllll installing lol
<sarnold> ah good good
#ubuntu-server 2018-11-22
<mwhudson> oh haha that "mdadm device name with spaces" crazyness is mdadm's fault
<mwhudson> it reads the name out of a file with sscanf ("%200s") which matches a run of non whitespace characters
<lordievader> Good morning
<ahasenack> good morning
<frickler> jamespage: did a bit more digging on that apache shibboleth issue and the root cause seems to be this bug: https://bugs.launchpad.net/ubuntu/+source/xmltooling/+bug/1776489 , would be great if you could find someone to take care of it
<ubottu> Launchpad bug 1776489 in xmltooling (Ubuntu) "libxmltooling7 depends on libcurl3, which has been replaced by libcurl4 in Bionic" [Undecided,Confirmed]
<ahasenack> cpaelzer__: could you take a look at https://code.launchpad.net/~ahasenack/ubuntu/+source/symfony/+git/symfony/+merge/359137 please?
<cpaelzer> ahasenack: yep checking the MP now
<ahasenack> thx
<cpaelzer> kstenerud: "errcodes			FAILED"
<cpaelzer> so it seems the build fixes are still needed then right?
<cpaelzer> you can bring them (not the thumb2) changes in and rebuild to check if that was it
<cpaelzer> and then make the MP that way
<kstenerud> where did that error come from?
<cpaelzer> from your new PPA building the code dropping the delta
<kstenerud> on the ppa page somewhere?
<cpaelzer> yep
<cpaelzer> I saw that x86 builds failed
<cpaelzer> so I checked the build log which you can reach from there
<cpaelzer> kstenerud: also you could give it a try to build in Debian with the build fixes that we seem to need
<kstenerud> what page did the report go to?
<cpaelzer> if it works there with the fixes we might ask if they woudl take them
<cpaelzer> kstenerud: get to the hangout I'll show you the path
<Sircle> Any service provider that can give smallest possible speced servers at monthly billing?
<cpaelzer> ahasenack: I did the review, but for now it is a nack
<cpaelzer> ahasenack: give my update a read and then let me know so that we can sort out how to proceed
<ahasenack> ok
<cpaelzer> ahasenack: can you remove the ubuntu-server review slot?
<ahasenack> nope
<ahasenack> no such option
<cpaelzer> what a pain
<cpaelzer> it makes a common UI enforced mistake even worse
<cpaelzer> ahasenack: is my wondering about 3.4.17 vs 3.4.18 reasonable or did I miss something?
<ahasenack> cpaelzer: yeah, that was when I was thinking in terms of git workflow and an automatic changelog version was generated, I had it correct when I uploaded to bileto
<ahasenack> right now I'm wondering how to add the fixup about the armhf messaging without disturbing the logical tag
<cpaelzer> ahasenack: well kep logical as is
<cpaelzer> ahasenack: on the merge branch modify the file
<cpaelzer> and mention it like "clean up ..." in CL
<ahasenack> it would be an added change
<cpaelzer> yes
<cpaelzer> but one that would be squashed next time
<ahasenack> after remaining changes
<cpaelzer> yes
<ahasenack>   * New upstream release 3.4.18. Remaining changes:
<ahasenack>     - Do not fail testsuite on s390x
<ahasenack>   * Added changes:
<ahasenack>     - d/p/phpunit: drop comment about armhf, since we are only skipping s390x.
<ahasenack> does that look weird?
<ahasenack> ops, and it's d/t, not d/p
<ahasenack> or
<ahasenack>   * New upstream release 3.4.18. Remaining changes:
<ahasenack>     - Do not fail testsuite on s390x
<ahasenack>       [drop comment about armhf, since we are only skipping s390x.]
<cpaelzer> the former is better for correctness, but the latter is more readable
<cpaelzer> both work
<cpaelzer> ahasenack: ok you are rewriting things it seems - next steps you ping me with a revised version then?
<ahasenack> cpaelzer: I pushed
<cpaelzer> ok, reading
<cpaelzer> ahasenack: is the tarball somewhere so I can take a look?
<ahasenack> it's in the ppa
<ahasenack> https://launchpad.net/~ci-train-ppa-service/+archive/ubuntu/3529/+packages
<ahasenack> cpaelzer: ^
<cpaelzer> ok
<ahasenack> https://launchpad.net/~ci-train-ppa-service/+archive/ubuntu/3529/+sourcefiles/symfony/3.4.18+dfsg-0ubuntu1~ppa1/symfony_3.4.18+dfsg.orig.tar.gz
<cpaelzer> alsready comapred it
<cpaelzer> LGTM
<ahasenack> thx
<rbasak> kstenerud: on bug 1804069 it's in my triage list because it was touched yesterday. Since it's a patch-on-a-plate, I'm tagging it server-next.
<ubottu> bug 1804069 in haproxy (Ubuntu) "haproxy fails on arm64 due to alignment error" [High,Triaged] https://launchpad.net/bugs/1804069
<rbasak> Also bitesize
<Sircle> What essential tools for email delivery assurance should I be using with postfix or any other MTA?
<sdeziel> Sircle: do you want to ensure your recipients get your emails instead of being rejected as spam ?
<Sircle> sdeziel,  yes
<sdeziel> Sircle: so you need to make sure you don't send spam to begin with :)
<sdeziel> Sircle: then you need to comply with the rules of the recipient side (gmail.com, outlook.com, etc)
<Sircle> sdeziel,  thats a good suggestion! Are there any tools for maintenace, security etc?
<sdeziel> Sircle: so that usually mean having SPF, DKIM and DMARC setup
<Sircle> sdeziel,  I hope postfix is not open to general public as default?
<Sircle> sdeziel,  I have done spf, dkim, dmarc
<sdeziel> Sircle: postfix isn't an open relay by default (fortunately)
<Sircle> sdeziel,  gmail is going fine, hotmail just not even putting my mails in junk. Is there a form link to contact hotmail for that?
<sdeziel> Sircle: I don't know about hotmail, this is usually a domain I ignore ;)
<openfire> Outlook/Hotmail is the service you shouldn't ignore.
<sdeziel> Sircle: make sure your outbound IPv6 and IPv4 addresses have PTR and decent reputation
<sdeziel> openfire: why, because it hosts so many other domains?
<openfire> And the outsized impact it has on spam and reputation lists, yes.
<sdeziel> openfire: oh well, I tried to get a hold on someone there long ago to tell them their TLS 1.2 setup was broken, here we are years later and nobody responded
<sdeziel> Sircle: you should also get listed to dnswl.org
<Sircle> sdeziel,  ok
<Sircle> sdeziel,  exact link to add to whitelist?
<sdeziel> Sircle: https://www.dnswl.org/selfservice/
<Sircle> k
#ubuntu-server 2018-11-23
<ahasenack> good morning
<TvL2386> hey guys, I have a 18.04 mariadb-server. Just installed mariadb-server, nothing more. I want to customize the installation, so I start with creating /etc/mysql/mariadb.conf.d/10-custom.cnf and put a [mysqld] section in there with "bind-address = 0.0.0.0"
<TvL2386> next up: systemctl restart mariadb
<TvL2386> and I was expecting 'netstat -ltnp' to show it would be running on 0.0.0.0:3306
<TvL2386> however it's still 127.0.0.1:3306
<TvL2386> The file is read (if I make a typo, mariadb won't start and there's a log line in /var/log/mysql/error.log)
<TvL2386> argh... found it
<TvL2386> I was testing with 10-custom.cnf and 100-custom.cnf
<TvL2386> it seems that file is loaded before 50-server.cnf
<TvL2386> I made it 60-custom.cnf
<TvL2386> sorry guys
<blackflow> yeah it's lexical ordering (where 100 < 50, because 1.... <  5.....)
<TvL2386> yeah thanks! I did not expect that :)
<teward> is there a way to see what machines I have subscribed to the livepatch service currently?
<ahasenack> hm
<ahasenack> good question
<teward|web> is anyone familiar with how to shrink an LVM2 partition to recover free space to the hard drive itself so that it can be used for another partition?
#ubuntu-server 2018-11-24
<raidghost> How can i solve this issue: transcode: 0001: Unable to open libx264 encoder
<blackflow> raidghost: to begin with, by defining its context.
<raidghost> blackflow: tvheadend is using it
<blackflow> !details | raidghost
<ubottu> raidghost: Please elaborate; your question or issue may not seem clear or detailed enough for people to help you. Please give more detailed information; for example, we might need errors, steps, relevant configuration files, Ubuntu version, and hardware information. Use a !pastebin to avoid flooding the channel.
<vlt> teward: Yes (to the question about LVM2 in case that was you).
<ahasenack> teward: you mean shrink an actual partition (a "PV"), and not an LV?
<blackflow> Anyone knows if it's now okay to restart systemd-journald, in bionic? systemd version is 237, and if I'm not mistaken, this was supposedly fixed in v235?  https://github.com/systemd/systemd/issues/6620
<blackflow> tl;dr restarting journald nuked open FDs so services were busted....
<blackflow> I can't TIAS because I don't have proper test coverage for all open FD cases....
<blackflow> and according to this comment in that bug report, it's still not okay to stop journald, but it's okay to restart, as long as services handle EPIPE properly? gah..... https://github.com/systemd/systemd/issues/6620#issuecomment-325947296
<blackflow> to be on the safe side, as I need this for configuration automation, I'll just ban modifying journald.conf at run time.
<teward> ahasenack: i solved it but I had to GUI it to find a tool that would work.  I shrunk the LV down, and then was trying to shrink the PV to free up some space for a dual boot.
<teward> turns out the system doesn't like that muchl
<teward> (ended up having to borrow Kubuntu's kvpm to get it to 'just work' >.>)
<TJ-> teward: I generally just use "pvresize --setphysicalvolumesize 1234S" and that makes it easy to resize the containing partition to the same number of sectors
<TJ-> note that is 1234 S (for Sectors)
<teward> TJ-: i tried that, the underlying LVM system started freaking for some reason about "real size being larger than specified size"
<teward> *shrugs*
<TJ-> teward: did you check that no LVs were using the extents that were being lost?
<teward> yep
<teward> TJ-: ultimately, it's fixed now so it's more idle musing why it wouldn't work as is
<teward> *shrugs*
<TJ-> yeah, I've never had an issue. I check with "pvdisplay -m"
<teward> TJ-: the other lesson to learn from this would be "Don't try and do this when you're dead tired" because that may have been a factor
<teward> but meh
<TJ-> yes, I agree there 1*10^9 :)
<teward> well before I mess with this more, I think i'mma have to backup the server anyways (full disk image, anyone?  >.>)
<TJ-> teward: I've got an empty 8TB archive drive sitting about but can't resolve to use it because there still don't seem to be any file-systems designed to work with shingled drives, despite some earlier experiemental work Ted T'so did on ext4. Grrrr.
<teward> heh
#ubuntu-server 2018-11-25
<mattgphoto> Hello everyone! I've got a bit of an issue and need to know how to go about troubleshooting it, was hoping someone here could help. How do I determine the cause of a Call Trace?
<mattgphoto> For example: What is causing this call trace to happen when my Ubuntu VM is under load/transferring data between samba shares (as client): https://i.imgur.com/sBNZ2My.png
<mattgphoto> This is on 18.04.1 server btw
<TJ-> mattgphoto: which kernel "uname -r" ?
<mattgphoto> One second, lemme shut it off, power back on :-)
<mattgphoto> ~$ uname -r
<mattgphoto> 4.15.0-39-generic
<TJ-> mattgphoto: I see that bug for v4.14 through v4.17 reported for other distros, so it looks like a kernel regression
<TJ-> mattgphoto: I'd recommend upgrading to the v4.18 HWE kernel (linux-image-generic-hwe-18.04-edge)
<lotuspsychje> old, but perhaps related? https://bugs.launchpad.net/ubuntu/+source/gvfs/+bug/1075923
<ubottu> Launchpad bug 1075923 in gvfs (Ubuntu Precise) "nautilus hangs copying large directories from a samba share" [High,Confirmed]
<mattgphoto> @TJ-, how do I do that?
<mattgphoto> hrm, I see the instructions for 16.04... https://wiki.ubuntu.com/Kernel/LTSEnablementStack
<TJ-> mattgphoto: "apt list linux-image-generic-hwe-18.04-edge" - if you see it, then "apt install ..."
<mattgphoto> Gotcha. :-) @TJ- Thank you! Here's hoping this fixes it!
<mattgphoto> Um, nothing's listed.
<mattgphoto> It just returns: 'Listing... Done'. And returns to command prompt
<TJ-> mattgphoto: OK, so you need to enable the component it is in
<TJ-> right, it's in bionic-proposed so you need to enable that in apt's sources
<TJ-> mattgphoto: "echo 'deb http://gb.archive.ubuntu.com/ubuntu bionic-proposed main' | sudo dd of=/etc/apt/sources.list.d/bionic-proposed.list"  then "sudo apt update"
<mattgphoto> so just `sudo add-apt-repository bionic-proposed`?
<mattgphoto> ah
<TJ-> mattgphoto: maybe you don;t want the "gb" mirror though :)
<mattgphoto> oh, I'll assume us... one sec
<mattgphoto> hrm, it'd be available on any mirror?
<mattgphoto> oh, just archive works too
<mattgphoto> So pardon if I ask a bunch of questions here, the release of ubuntu versions isn't something I'm quite familiar with. Is the HWE kernel something you just stay on until next point release? or?
<TJ-> mattgphoto: the idea is that newer hardware, better performance, and so on can be supported on older releases. As 18.04 is now to be supported for 10 years we wouldn't expect to remain on the 4.15 kernel :)
<mattgphoto> gotcha
<TJ-> mattgphoto: I'd hope a stable release update to the mainline kernel might also bring in the fix for your issue to the 4.15 kernel at some point
<mattgphoto> gotcha
<mattgphoto> we'll see
<TJ-> mattgphoto: we'd have to figure out which commit the fix was first though; I couldn't find anything so it may have been fixed incidentally in other code
<TJ-> mattgphoto: the other reports I found said v4.18 had solved it
<mattgphoto> gotcha
<mattgphoto> so basically a normal 'apt-get dist-upgrade' would do it once it's figured out?
<WBILL>  shouldn't this on eliner in my crontab work to just reboot my server
<WBILL> <WBILL>  < 52 13   *   *   *    root     shutdown -r now >
<WBILL> <WBILL> minu the <>symbols of course
<blackflow> WBILL: might need full path to shutdown
<mattgphoto> New issue! heh. How would I go about troubleshooting this? https://i.imgur.com/Web3Xh4.png
<mattgphoto> (I find some humor in the jiffies term btw)
<mattgphoto> This just seems like an amalgamation of problems now :-/
<mybalzitch> I wonder if its io related
<mattgphoto> I don't wonder myself
<mattgphoto> I tried having this VM in it's own iSCSI LUN on ESXi, and ran into the previous problem...
<mattgphoto> now it's in a NFS Store...
<mattgphoto> (There isn't enough space on this server to house the TB's of storage heh)
<mattgphoto> although
<mattgphoto> I guess I could put just the VM itself on the local storage to the VM
<mattgphoto> woah damn https://i.imgur.com/UZmRhDH.png
<mybalzitch> dat iowait
<mattgphoto> https://i.imgur.com/WJTgBiJ.png
<mattgphoto> how can you tell iowait in that screenshot?
<mybalzitch> that would be my first guess as to why your load average is past 60 on a 4 core system
<mattgphoto> oh gotcha heh
#ubuntu-server 2019-11-18
<Delvien> So I want zfs on root, but in I dont see the option in ubuntu-server installer on 19.10, any easy way to do this?
<mybalzitch> I think you need the alternative installer
<Delvien> alternative installer is just missing "live" in the name, right?
<Delvien> hmm, no zfs option even in alternative, i think its only an option in desktop. Which kinda sucks :(
<lordievader> Good morning
<mason> Delvien: It's not hard to use the desktop live environment to do a minimal/debootstrap-based install that you can flesh out. Just because you're using the desktop media, you're not in any way stuck with having a "desktop" install. Packages are packages.
<bracham> Hey just looking into setting up Livepatch on my home server. I have Ubuntu Server 18.04.3 LTS. Is it just plain not available for personal use on Server?
<lordcirth> bracham, seems like 3 personal machines is free: https://ubuntu.com/advantage
<bracham> I get the error "invalid or missing Livepatch token". So I'm guessing that server tokens aren't available for personal use.
<lordcirth> bracham, did you get a token from the website?
<Odd_Bloke> bracham: It is available on Ubuntu Server for personal use. :)
<bracham> The token is the long code that the website gives you too attach a machine, correct?
<bracham> "Sudo ua attach <token>"
<lordcirth> bracham, yes
<bracham> The way it's set up I'm assuming it's the one code per account, for three machines. Is this correct?
<Odd_Bloke> bracham: Yep, you use the same token across all machines.
<Odd_Bloke> bracham: What version of Ubuntu are you running, and where did you find the instructions to use `ua attach`?
<bracham> There is a chance I've already registered three times i guess, although those aren't active anymore. Is there a way to deactivate registrations from the Livepatch account?
<Odd_Bloke> bracham: If you aren't being told it's because you're oversubscribed then you probably aren't.
<bracham> And I'm running Server 18.04.3 LTS. I found that instruction when i signed in at Ubuntu.com/advantage. I did figure out the correct command structure, but that's when it said invalid token.
<tomreyn> oh, it says "Initially, this free subscription is available for Ubuntu 14.04 LTS only."
<tomreyn> Odd_Bloke: can you confirm this?
<powersj> Odd_Bloke, correct, the new UA experience is only available on 14.04 TLS. The livepatch site should have redirected you to get your livepatch token no a UA token
<powersj> err tomreyn ^
<tomreyn> powersj: thanks. so i guess the link on the "Get Livepatch" button at https://ubuntu.com/livepatch should maybe just point to a different location, such as https://auth.livepatch.canonical.com/ ?
<powersj> tomreyn, exactly
<tomreyn> bracham: see above
<bracham> Tomreyn: was just going through everything and now i run into a new error.
<bracham> 019/11/18 17:07:27 error executing enable: cannot enable machine: bad server status 403 (URL: https://livepatch.canonical.com/api/machine-tokens): {"error": "Unknown Auth-Token"}
<tomreyn> bracham: did you get a livepatch token befoirehand, though, which, as i understand it, is different to an UA token?
<tomreyn> fwiw i filed this at https://github.com/canonical-web-and-design/ubuntu.com/issues/6145
<bracham> I was already signed into the Canonical site so as soon as i went to the page you found, it gave me a key. Different from the advantage key.
<tomreyn> so there must be a separate issue, maybe powersj can advise
<bracham> Ok so instead of copy and pasting the whole command with token from the page you found, tomreyn, i typed the command manually and pasted just token, and it worked.
<bracham> Thank you tomreyn!
<bracham> And now i found why it didn't work the last time. It appears i was somehow missing the last character is the key.
<bracham> Of* the key
<tomreyn> hmm, i'm also getting fancy error messages while running the commands provided on https://auth.livepatch.canonical.com/?user_type=ubuntu-user : "sudo canonical-livepatch enable <MY_API_KEY>" returns "cannot locate base snap core: No such file or directory" the first time i run it, then "2019/11/18 18:44:02 error executing enable: Livepatchd error: Snappy kernel-module-control interface not connected!" the second time i do.
<tomreyn> in your case it sounds like a copy paste error ;)
<bracham> I had to install the Livepatch snap before it would work.
<tomreyn> yes, so did i, it's the frist of the two line instructions
<bracham> Yup i initially skipped it but then nothing worked lol
#ubuntu-server 2019-11-19
<lordievader> Good morning
<frickler> jamespage: coreycb: not sure if you saw my ping over in infra, you may want to double check that this matches your plans for Fossa regarding qemu+libvirt http://lists.openstack.org/pipermail/openstack-discuss/2019-November/010907.html
<cpaelzer> frickler: even Eoan is >= the versions needed
<cpaelzer> actually for Ussuri we have libvirt 4.0 and qemu 2.11 which means "even Bionic would do"
<cpaelzer> Eoan would be enough for V then, but as usual we plan to update libvirt/ubuntu in Focal
<cpaelzer> and I always hope that jamespage and coreycb will then put that into the UCA :-)
<frickler> cpaelzer: thanks for confirming, I didn't actually expect any issue, just trying to make sure everyone is on the same page
<jamespage> frickler, cpaelzer: I did see your ping in -infra but I see we're looking good for 20.04 - thanks for confirming cpaelzer
<jamespage> frickler: and thanks for being a continued conduit for comms between ubuntu and openstack!
<aissen> It seems #ubuntu-cloud redirects here. I was wondering who can I contact to help solve this issue with cloud images: https://bugs.launchpad.net/cloud-images/+bug/1846365 ?
<ubottu> Launchpad bug 1846365 in cloud-images "arm64 cloud-image always falls back on 30second grub boot" [Undecided,New]
<coreycb> frickler: thanks. appreciate the ping on that.
<kre10> hey guys, how can I change the default user and pass?
<rbasak> rcj: ^ do you know who could help with that please?
<rbasak> kre10: default for what exactly? How are you installing/booting Ubuntu?
<Ussat> I think if youre asking that you should um....probably not be running a server
<kre10> I just want to change the default user and pass
<kre10> Ussat, thank you for you opinion :)
<Ussat> welcome
<rbasak> kre10: I can probably answer your question but not unless you tell me exactly what default you want to change.
<kre10> my default user is "some-fuckin-user" with password "some-fuckin-password"
<Ussat> ...
<kre10> I want to change them
<rbasak> How are you installing/booting Ubuntu?
<Ussat> add a new user, and change that password of the new user
<kre10> Yes, I know that I can add a new user.
<bracham> Are you running Ubuntu Server, or Ubuntu Desktop?
<bracham> kre10
<rbasak> I think kre10 got his answer in #ubuntu, but didn't mention that here. Rude.
<kre10> rbasak, I know that I can make new user. My question was different, though.
<kre10> bracham, ubuntu server, thank you
<bracham> Ok then I'm not sure there is a default user... What do you mean by that?
<tomreyn> kre10: ubuntu does not have a default user and password, you must be running something 'special'. please provide more details.
<kre10> sorry, guys, by default, I mean the user I have created
<tomreyn> if you remember the users' password, you login as this user and use the "passwd" command
<tomreyn> i fyou don't remember this users' password but can login as a different user and gain root access you can run   sudo passwd userwithforgottenpassword
<tomreyn> ...replacing "userwithforgottenpassword" by the username of the user whose password you forgot
<bracham> tomreyn: doesn't Ubuntu Desktop have the auto login feature?
<tomreyn> bracham: i think most if not all graphical login managers support automatic logins. this seems like a question for #ubuntu rather, though.
<bracham> tomreyn: yes that would be, I'm just saying that the auto login user could be considered the default user.
<tomreyn> i see what you mean
<kre10> tomreyn, thank you once again :)
<tomreyn> you're welcome.
<mason> mgedmin, sdeziel, cyphermox, lordcirth: You guys discussed a systemd-resolved issue with me about a month ago, and I promised testing and a bug report. I have that done now, and a patch to fix the error I found: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1853164
<ubottu> Launchpad bug 1853164 in systemd (Ubuntu) "systemd: /etc/dhcp/dhclient-enter-hooks.d/resolved error" [Undecided,New]
<lordcirth> mason, awesome!
<mason> As it turns out, the issue existed in 18.04 as well, but I hadn't had an 18.04 system using ifupdown that also used dhcp, so I didn't notice. It's not new with 19.10.
<mason> brb
<mason> sarnold: ^
<sdeziel> mason: cool, "if systemctl is-active systemd-resolved > /dev/null 2>&1; then" would be shorter but I'm just nitpicking ;)
<mason> sdeziel: Ah, I'd wondered about that actually. I'd be happier with shorter too. I tend to do the long form in my own scripts to make it abundantly clear.
<mason> sdeziel: Noted in the bug.
<shibboleth> anyone noticed that 18.04 empties out guest-specific entries in /etc/apparmor.d/libvirt/ at vm shutdown?
<shibboleth> this complicates hardware passthrough
#ubuntu-server 2019-11-20
<bracham> Good evening! I have a question. If I remote into my server at home and start a long process, and then get disconnected, will the process stop?
<compdoc> I think unless you use a util, that it will
<dlloyd> yeah, without something like nohup, screen, tmux, etc the process will be terminated with your session
<sarnold> bracham: yes
<bracham> Thanks! But using one of those utilities would prevent that?
<compdoc> I install a minimal desktop, log in with x2go and run stuff that way. that way I can disconnect and get back to it later
<bracham> That makes sense. I'm trying to avoid installing the desktop though.
<sarnold> then you're probably going to like tmux :)
<bracham> Just did some quick reading on it... Yes I'll have to read more and figure it out! Thank you sarnold!
<rbasak> bracham: try byobu - it's a front-end to tmux that makes it easier to get started
<rbasak> It's still tmux behind the scenes
<JanC> there is also dtach if you need something really simple
<bracham_> So tmux and byobu are both installed with Ubuntu (Server) by default?
<rbasak> bracham: I believe so, yes.
<sarnold> bracham: yeah, it looks like just the server; byobu ought to be just a thin config around tmux, so it's not too crazy to have them both
<rbasak> You can run "byobu-enable", which IIRC will make login shells run byobu automatically on login
<rbasak> Then multiple admins logging in remotely on a server will automatically share their screen, which I think is a great user story for users new to server administration
<sarnold> interesting
<bracham> Actually i think byobu is also on my Ubuntu desktop machine too, where i did the normal install. I recognize the icon from there.
<lordievader> Good morning
<linuxperia> Hi all. I need to install AMD Vega 64 GPU Driver for Ubuntu 19.10 Server but AMD only Provides Driver for 18.04. How can i install the AMD Vega 64 GPU Driver on my Ubuntu 19.10 Server from official Repository ?
<frickler> jamespage: coreycb: can you please add building new neutron-lbaas pkgs to your list? https://bugs.launchpad.net/ubuntu/+source/neutron-lbaas/+bug/1847981
<ubottu> Launchpad bug 1847981 in neutron-lbaas (Ubuntu) "Traceback in _create_loadbalancer_stats for python3-neutron-lbaas" [Undecided,New]
<coreycb> frickler: definitely we'll include them in the next round of point releases. thanks.
#ubuntu-server 2019-11-21
<lordievader> Good morning
<mason> lordievader: o/
<mason> ping popey - I'd love to ask a couple wiki questions if you get a moment. (Seems I need to join ubuntu-wiki-editors, so I've put in my request, and looking at the list you seem to be an administrator.)
<mason> popey: Although, it occurs to me that if/when I'm approved I can probably dig around to find answers. Hrm.
<mason> Well, anyway, quick question: Are there user pages, so I can put pages up before they move into the general population?
<lotuspsychje> mason: maybe in #ubuntu-discuss they also might be able to help on some topics
<mason> lotuspsychje: Thanks, I'll join - I'll assume that's on Freenode for the moment.
<lordcirth> mason, yes, all the official ubuntu channels are here on freenode.
<mason> lordcirth: Oh, I thought OFTC was also official for Ubuntu... Or is that only for Debian?
<lordcirth> mason, I don't see any mention of OFTC on the IRC guidelines. Dunno
<mason> Probably just Debian then. Who knew?
<dax> Debian officially uses OFTC (but has a freenode support channel larger than their OFTC one last I checked). Ubuntu officially uses freenode
#ubuntu-server 2019-11-22
<lordievader> Good morning
<explore> hi guys, during the Ubuntu Server 18.04LTS install I asked to use the entire drive together with LVM support.. but when the setup tool suggest the layout, i was kinda surprised at the setup suggested, it said / only has 4GB size.. although the rest of the 500GB is available as the PV (ubuntu-vg)
<explore> so how do i go about loading up the goodies into my /home/username?
<explore> and also load up big VMs into my /var (i think KVM dumps some big VM files under /var)
<explore> is this something that's unique to Ubuntu Server and not seen in the Desktop?
<lordievader> explore: Logical volumes can dynamically be grown. Ext4 support live enlargining, but does not support live shrinking. With that in mind it makes sense to be conservative initially and expand when needed, rather than giving some volume all the space and later realizing the space requirement is elsewhere.
<itsame> greetings, is there a good way to execute a shell command if a usb device is connected
<sdeziel> itsame: sounds like a job for udev
<itsame> sdeziel: looks promising, thanks =)
<sdeziel> itsame: if you need further help with this, I recommend hopping in #systemd where many are familiar with udev
<itsame> will do, just in case, thanks again
<sdeziel> you are welcome
<explore> lordievader: ahhh i see
<explore> lordievader: thank you so much i didn't realize
<explore> hey guys i am worried that i don't understand the meaning of routable.d is anyone here availble for me to pick their brain?
<explore> so i had to add a bunch of ip commands into routable.d but i saw someone online add a while loop to check that the nic card is actually available https://paste.ubuntu.com/p/5z8pvCZ3Jh/
<explore> but i just realized that he is using something called FreeNAS but I am using routable.d
<explore> doesn't routable.d mean that eno1 is guaranteed to be up?
<explore> so there's no need for a while loop?
<explore> may i ask if this is indeed what routable.d mean?
<explore> thanks ahead of time for any assistance!
#ubuntu-server 2019-11-23
<pgnd> I'm working on a cmd line 'do-release-upgrade' upgrade of a small 16.04LTS server to 18.04LTS.
<pgnd> 1st attempt fails at, "Not enough free disk space"
<pgnd> my current '/boot' is mounted on a dedicated, separate, non-LV partition, and has allocated:
<pgnd> --  Type      Size  Used Avail Use% Mounted on
<pgnd> --  ext4      244M  136M   92M  60% /boot
<pgnd> other than creating a new, larger partition, & moving to it, is there some additional clever workaround this space requirement for the purpose of this upgrade?
<RoyK> heh - join/ask question/part
<Ussat> sounds typical
#ubuntu-server 2019-11-24
<explore> hey
<explore> newbie question, when you install a vnc server on a ubuntu server, does it free up all the memory resources when you don't use it? (meaning when you don't log in via vnc)?
<explore> cus i have a really old PC with low specs and i was wondering if I can free up the main memory when VNC isn't been utilized for that weekly administrative upkeep
<explore> cus I just imagine that X Window and all that take up ram
<explore> does it?
<lotuspsychje> explore: vnc is a security risk these days, cant you do your work over ssh?
<explore> can i forward vnc over ssh?
<explore> i remember a long time ago it was easy to setup vnc over ssh
<lotuspsychje> !vnc | explore yes
<ubottu> explore yes: VNC is a protocol for remote desktop. https://help.ubuntu.com/community/VNCOverSSH describes how to use it securely.  It works best over fast connections, otherwise look at !FreeNX
<explore> lotuspsychje: so back to the question of resource utilization
<explore> when i am not using vnc connections, i am hoping that X window and VNC server will just swap to disk and leave the main memory alone
<explore> is that the case?
<explore> or will they gunk up the main memory?
