#ubuntu-server 2006-03-06
<ealden> MarioMeyer, ping
<MarioMeyer> ealden, pong
<UWS30> Can anyone point me to a useful URL that explains how a mailserver operates and how to set one up on my Ubuntu web server?
<UWS30> I did the howtoforge server install but I just can't figure out how the mailserver part works.  I'm a newb.
<MarioMeyer> the howtoforge one is very straight forward.. just follow it
<UWS30> I agree that it's great, and I did follow it, but I'm not sure how to operate the mailserver now. There weren't any "instructions for dummies" that came with it.
<Pygi> wb matt
<Pygi> nop, I don't have the link anymore :-/
<Pygi> o, chara :)
#ubuntu-server 2006-03-07
<tepsipakki> hi, I'm trying to preseed a server install to use a server-kernel, but so far without success
<tepsipakki> so the question is, does the vanilla server-installation prompt the user for a kernel?
<tepsipakki> or is "linux-server" something that has to be installed by hand?
<tepsipakki> maybe I'll just file a bug..
<lapo> hi
<lapo> would be possible to have a more recent dovecot in dapper (in sid there are packages for the lastest one which is beta3)?
<fabbione> no
<fabbione> we are in deep bug fix mode only
<lapo> beta3 fixes a lot of bugs :-)
<lapo> I have a lot of "Corrupted index cache file" errors with the current build
<fabbione> i am using it with no issue
<fabbione> file a bug if you think it is utterly important to have the newest version
<lapo> fabbione, #30314
<fabbione> ok than somebody will process it
<fabbione> sooner or laer
<fabbione> later
<lapo> I have the maildirs on xfs, can it be the source of the problem?
<lapo> nothing is writing to those maildirs atm, except for dovecot
<fabbione> yes
<fabbione> xfs sucks
<fabbione> like many others fs
<fabbione> ext2 or ext3
<fabbione> these are the only 2 i trust for my data
<fabbione> ext2 if they are really really sensible
<Psi-Jack> Anyone use any DNS server that uses mysql-based table lookups?
<lapo> fabbione, seems like that the  "Corrupted index cache file" is not caused by xfs, I have the same behaviour with ext3 as well
<lapo> fabbione, I found out references to that index corruption problem, seems like related to 64bit system, and seems like fixed in lthe betas, see http://www.dovecot.org/list/dovecot/2006-February/011360.html
<lapo> fabbione, I filed #33457 regarding this thing, thanks for your attention
<lapo> bye
<eri1> hello?
<eri1> I accidentaly overwrote root user in phpmyadmin and locked myself out, any way to fix that?
<ivoks> yes
<ivoks> but you have to be root
<eri1> yeah
<eri1> ...
<ivoks> stop mysql service
<ivoks>  /etc/init.d/mysql stop
<ivoks> then run: mysqld --skip-grant-tables
<ivoks> be aware
<ivoks> now *everyone* can write in your DB
<ivoks> log into your phpmyadmin and set a new password for root
<ivoks> kill mysqld and start it as a service
<eri1> how do I stop a service?
<ivoks> /etc/init.d/mysql stop
<ivoks> this is a question for #ubuntu
<eri1> thank you
<ivoks> np
#ubuntu-server 2006-03-08
<irvin> MarioMeyer: ping?
<nictuku> I believe we'll be right back. Dinner :-)
<MarioMeyer> irvin, pong
<lapo> hi
<maswan> can't the server config default to not be quiet? please?
<maswan> Just "ALERT! Can't find /dev/hda1, dropping to a shell" is fairly unhelpful when it comes to debugging a problem.
<dotslashroot> Hello
#ubuntu-server 2006-03-09
<Pygi> fabbione: server's working well for now ^^
<Pygi> let's hope it stays that way...
#ubuntu-server 2006-03-10
* #ubuntu-server  [freenode-info]  if you need to send private messages, please register: http://freenode.net/faq.shtml#privmsg
<Psi-Jack> Hey, anyone here use mydns? :)
<maswan> I'm a bind&sendmail guy. :)
<Psi-Jack> maswan: Yeouch. ;)
<Psi-Jack> Hey, anyone know how to setup IP Aliases in the /etc/network/interfaces?
<infinity> By "IP aliases", I assume you mean virtual adapters?
<Psi-Jack> I mean, just that. IP aliases. Several aliases bound to a single interface, for example, eth0, eth0:1, eth0:2, etc.
<infinity> eg: "iface eth0:1 inet static\n address 123.123.123.123" etc?
<Psi-Jack> Hmm, would that actually.. Work? hmm
<infinity> It's the same as setting up any other interface, yes.
<infinity> The only caveat is that eth0:1 can't go up before eth0 (so you could have a "pre-up" for eth0:1 that says "pre-up ifconfig eth0 up")
<infinity> Or just make sure they're in the right order in the file, and all set to "auto" :)
<Psi-Jack> heh. Hmmm.. auto?
<maswan> infinity: that's the way we do it at work (no aliasing at home currently) :)
<Psi-Jack> Hmmm.
<infinity> Example:
<infinity> auto eth0
<infinity> auto eth0:1
<infinity> iface eth0 inet static
<infinity>   address 10.0.0.2
<infinity>   network 10.0.0.0
<infinity>   netmask 255.255.255.240
<Psi-Jack> I have mapping hotplig, script grep, map eth0, which started eth0, eventually during the hotplug.
<infinity>   network 10.0.0.15
<infinity>   gateway 10.0.0.1
<infinity> iface eth0:1 inet static
<infinity>   address 10.0.0.3
<Psi-Jack> hotplug even.
<infinity>   network 10.0.0.0
<infinity>   netmask 255.255.255.240
<infinity>   network 10.0.0.15
<infinity> That should work smashingly.
<infinity> Oh, get rid of the hotplug stuff on your server... (It's going away in dapper anyway, for all installations)
<Psi-Jack> Oh, great..
<infinity> udev will magically handly hotpluggish suff without the crazy mapping scripts in dapper.
<infinity> Thankfully.
<Psi-Jack> It better be very "compatible" with otherwise, else every dumb-founded ubuntu person will be screaming. ;)
<infinity> dapper's default interfaces file is much easier for people to understand (no one really understood the hotplug mapping stuff)
<infinity> And the breezy->dapper upgrade SHOULD fix old interfaces files to remove the unnecessary gunk.
<infinity> This upgrade path needs to be tested, re-tested, and tested some more, mind you. :)
<Psi-Jack> There should be no should in that statement. ;)
<infinity> The should will become a "does" or "will" before release, trust me. :)
<Psi-Jack> hehe
<Psi-Jack> I love people in #ubuntu sometimes. I get more help /here/ than I ever will in #ubuntu, 19:20 times.
<Psi-Jack> Course, then again, most of my questions are usually topics the average "user" doesn't use. ;)
<Psi-Jack> Hmm. now to see if maradns can bind to multiple IP's, specifically set.
<Psi-Jack> Well, it certainly didn't like that. heh
<Psi-Jack> Not bad.. Not bad at all.. Roughly about 2.7mb, IF even that much, used by mydns. :)
<Psi-Jack> Oh sheesh.. Not even 1mb. Roughly ONLY about 400kB.
<Psi-Jack> heh. I'm wondering though, why maradns, being my caching dns, uses up around 8mb.
* Psi-Jack shrugs, "Better than the 20mb bind9 itself eats up, right off the bat. I guess." :)
<Psi-Jack> Heh heh
<Psi-Jack> Yeah, I found that out about the D C C S E N D exploit. For some reason SPI is vulnerable to it.
<pesco> Hi all. I'm going to set up a new server in about two weeks. Should I try Ubuntu server instead of trusty Debian, and if so, why?
<spike> pesco: because trusty debian is trusty debian and not trusty debian-server, and you're building a server, not a generic linux box. because you cannot afford to run old software, neither to run unstable stuff from sid. because you have no time to spend on default customization you want on a server, like kernel patching. because u're running on some hw certificated by ubuntu and both customers and boss will be happy to see it as such
<spike> because you're using some scsi controller for which dedicated management software exists but isnt packaged
<spike> pesco: because if you're gonna need something server related you have more chances to see it implemented into ubuntu-server than generic debian
<spike> pesco: and because you get all this based on your trusty debian
<pesco> spike: Thanks. I suppose going right with Dapper will be fine in my timeframe?
<spike> pesco: I do not think so, then it really depends what's that machine for and what you define "fine", but I wouldnt advise it. better going with breezy and update to dapper later, even if with breezy you're not gonna get all the cool stuff
<spike> pesco: dapper will be released in april,so in 2 weeks wont be stable yet. it will probably run fine and be stable, but you're taking responsibilities for that
<Psi-Jack> Anyone know of a web-based firewall/NAT/PAT manager, at all? ;)
<bpuccio> monowall provides one, but its a complete distribution, not a web interface that you can install an on ubuntu machine
<spike> Psi-Jack: think ebox is getting one. otherway ipcop/smoothwall got one too you could rip off
<spike> m0n0wall as well, yeah
<Psi-Jack> Hmmm.
<spike> the other frontend I know of is GUI, firestarter
<spike> Psi-Jack: are you sure you need something webbased?
<Psi-Jack> Well, the reason I asked for web-based, is I will be using it on a remote monitorless box. Within my LAN.
<spike> wouldnt something like shorewall do the job?
<spike> ssh to it?
<spike> I cant think of anything bettern than shorewall for fw management
<Psi-Jack> Shorewall. What's that?
<spike> it's rock solid, can take care of everything, from vpn to tc
<spike> a cli frontend to iptables
<Psi-Jack> Hmmm. I ntoiced, there's a shorewall webmin module.
<spike> no idea, vim is all I need with such good confs
<Psi-Jack> hehe.
<spike> you can define zones, policies and whatever, like u'd do on a netscreen
<spike> much better than cisco like style imho
<Psi-Jack> Cool. :)
<Psi-Jack> I'll have to check it out, then.. ;)
<spike> I would :)
<Psi-Jack> Heh, webmin-shorewall removes webmin-firewall. Oh well. Still gonna check it out.
#ubuntu-server 2006-03-11
<Psi-Jack> Man, I am so, so.. Blah when it comes to firewall setups on Linux these days. heh
<maswan> pfft on firewalls.
<Psi-Jack> Not really even just firewall. Mainly just port forwarding.. Namely from a single NIC.
<spike> eh?
<spike> Psi-Jack: if it's just forwarding, why not using "redirect"?
<Psi-Jack> spike: redirect?
<spike> if just want that and have no iptables in place I do not see why taking the hassle
<spike> Psi-Jack: apt-cache show rinetd
<Psi-Jack> Oh, I want iptables in place. Basically the general thumb is, I'm setting up one Linux system as a a DMZ from the front-end router, to make Linux handle all the necessary port forwards.
<Psi-Jack> And, I most DEFINATELY want all external IP's to remain external to the servers receiving it.
<spike> uhm, what frontendrouter is that? cant u just setup and dmz there?
<Psi-Jack> It's just a netgear router, actually.
<maswan> Psi-Jack: isn't it better to just put all the hosts on the network? nat does break some applications in rather subtle and evil ways.
<Psi-Jack> It has a port forwarding limit of 20 entries, too, which is definately /not/ enough.
<spike> I c
<Psi-Jack> maswan: Heh, when it comes to that, I know what to do. I just suck at iptables. I'm used to ipf.
<Psi-Jack> Basically, right now, what I want to do, is block all external IP's, and chain in a couple accept rules in front of that, to allow specific services to run over the internet. Then setup specific port forwards to go elsewhere in the LAN, which I have about 6 other servers I need to forward for
<Psi-Jack> Hmm.
<Psi-Jack> I'm having trouble with shorewall's hosts file. :/
<Psi-Jack> It keeps saying all my hosts have Invalid HOST(S) column contents. For things like 192.168.1.0/24, and 192.168.1.1 etc
<Psi-Jack-v2> Anyone here use shorewall, and handy?
<nictuku> I do
<nictuku> milestone1 of nwu is very close  :-) https://trac.ubuntubrasil.org/nwu
<Psi-Jack> nictuku: Do you by chance know how to do a single NIC NAT?
<nictuku> i think so
<Psi-Jack> I'm basically trying to make my firewall/router server run the gateway for my servers, having all the servers use it as the default gateway, while it itself uses the front-end router for it's own default gateway.
<nictuku> well
<nictuku> but if the default gateway and the servers are all in the same subnet that won't work as expected, unless you put the server as a physical bridge
<nictuku> or are they in split sub networks?
<Psi-Jack> No, there's no split sub networking involved. :)
<Psi-Jack> I'm basically just splitting off the servers as more of a side dish, than anything. For now.
<nictuku> so, servers are like 10.0.0.20, default gateway is 10.0.0.1 and your linux router is 10.0.0.2?
<Psi-Jack> My front-end router is 192.168.1.1, which all my local's use, and the backend router, (which is the DMZ point of the front-end-router as well), is 192.168.1.20
<nictuku> that won't work, since the linux router will tell the servers and station to update their route and your design will be useless
<nictuku> you have to split them physically and use the linux server as a bridge, not a router
<infinity> Nah.
<nictuku> also, no NAT is involved there
<Psi-Jack> Eh? I setup all the servers to use the backend firewall/router as the default gateway.
<nictuku> Psi-Jack, and check the nodes routes after you try to talk to the outer world
<infinity> What subnet are you using for the internal machines?
<nictuku> if you use icmp PING, you'll get a 'nexthop: 192.168.1.1' message and they will just update their own routing tables.
<Psi-Jack> They're all using 192.168.1.0/24 for the network. There's no subnetting involved.
<infinity> Psi-Jack: That's your problem, then.
<nictuku> infinity, he's not using subnets
<infinity> Psi-Jack: You need a subnet (but it doesn't have to be physical, just logical), so you can tell the frontend router that all traffice to 192.168.2.0/24 should go to 192.168.1.20 with a static route.
<nictuku> Psi-Jack, anyway you have to split it physically, or you will have no security if you leave the nodes in the same network bus as the backend router
<Psi-Jack> nictuku: Why would the routes get changed, when I specifically set them otherwise?
<nictuku> I disagree with infinity :-)
<nictuku> split logical bus is a bad idea, if you don't split them physically
<Psi-Jack> nictuku: Security is not the issue. ;)
<nictuku> Psi-Jack, that's an IP protocol stuff
<nictuku> That's still a bad idea, but if you really hate your job and doesn't take security into account, then just split the subnets
<nictuku> that can be administratively painful though. I'd make your linux server a bridge. That works really fine for me, with 5 sites and 1k+ nodes
<Psi-Jack> Hmm. Well, the backend router itself does have two NIC's, so as an alternative, I /can/ make it use it.
<infinity> If you bridge the subnets, you've not bought any more security.
<infinity> Your argument kinda falls apart there.
<infinity> Two bridged ethernet networks are still one physical network.
<nictuku> infinity, if his goal is to make all trafic pass by the linux machine, my point does stand
<nictuku> No because we can filter traffic the same as a router. A bridge firewall is exactly like a router firewall.
<nictuku> I mean, from the filtering point of view.
<Psi-Jack> nictuku: My goal is to have ONE NAT for the local clients, and two NAT's for the servers. While still allowing the local network to communicate efficiently with the server network.
<infinity> Yeah, or you could run VLANs at the previous router, or a variety of solutions.
<nictuku> indeed
<nictuku> why so many "NAT" (better call them masquerade networks, i think)?
<Psi-Jack> Masuqerading == NAT, mind you. :)
<nictuku> that will just create a myriad of subnets
<Psi-Jack> nictuku: The reason for this is, this is, in fact, a home network, with a bunch of servers sitting in the back-end.
<nictuku> I know that
<nictuku> hm
<Psi-Jack> Rather than all the servers sitting in the front-end, with all the locals behind those, I have all the locals in the front, with the front-end re-directing all non-addressed traffic to the backend.
<nictuku> I still see no reason for a masqueraded network. But that's me, because I have a strong, personal opinion about "NAT's"
<nictuku> oh i see then
<Psi-Jack> That make more sense? I don't have a diagram to show it, so I try to explain it best as I can. ;)
<nictuku> I'm still confused hehe. let me re-read that
<Psi-Jack> I have about 6 front-end local clients that all use the front-end router for the default gateway. Some ports from the front-end PAT to individual clients. Stuff like ssh, game ports, VNC, etc..
<Psi-Jack> Anything not port-forwarded from the front-end, gets DMZ'd to the backend, which has the heavier firewall on it.
<Psi-Jack> And that backend needs to handle routing for the 16 servers behind it.
<nictuku> I see
<nictuku> you have a strange DMZ there, then hehe
<nictuku> seems like your 'local clients' act like a DMZ :-)
<Psi-Jack> It's strange, yes.. But it works better for a home-based network. ;)
<Psi-Jack> They are, essentially. ;)
<nictuku> and this 'strong firewall' is that linux router we have discussed?
<Psi-Jack> Correct.
<nictuku> I whish I had such a home network myself :-)
<Psi-Jack> All the servers using IT as the default gateway, will need DNAT's to portforward specific ports to their needed destinations, while they route back through the backend firewall, back to the front, and out the internet.
<Psi-Jack> I parallellized all my servers in the backend. Seperate computers for webserver, mailserver, maildelivery, mysql database, ldap database, and etc...
<nictuku> ok then. Suppose you don't want to split into subnets, one possible design is (though I think infinity could provide a better solution):
<nictuku> hmm use a bridge :-)
<Psi-Jack> heh
<nictuku> in the first NIC of linux-router, plug the IT-signaled bus
<nictuku> in the second NIC, plug your servers
<nictuku> configure PAT rules in the IT router only
<nictuku> setup netfilters in the linux router, with rules for the traffic to and from the servers
<nictuku> finally, use shorewall for all that. I believe you mentioned it in the beggining.. shorewall is really nice
<Psi-Jack> Hmmm. I have 4 DNS servers in the server area, 2 of which are mydns, and 2 resolvers, that the mydns resort to for resolving. If I split them out like that, How exactly would I still get my local clients to talk to /both/ of them?
<nictuku> Altough you have to setup the bridge in /etc/network/interfaces, with pre-up post-down commands. I don't have them in handy, unfortunately, but I think shorewall online docs has a sample of that for debian
<nictuku> how wouldn't them?
<nictuku> all boxes *could* have access to all other nodes, if you allows so in the firewall rules
<Psi-Jack> Hmmm..
<nictuku> they can have full network connectivity. No PAT here
<Psi-Jack> I guess I don't see how that works.
<Psi-Jack> PAT, basically is a port to a port.
<nictuku> and no DNAT either
<nictuku> node1 is a local client: 192.168.1.201.     server1 is a dns server: 192.168.1.21.
<nictuku> from node1 you can ping 192.168.1.21 and connect to any of its ports
<Psi-Jack> Hmm...
<nictuku> obviously you have to create rules to block or allow traffic from 'nodes' to 'servers'
<nictuku> in /etc/shorewall/policy:
<nictuku> nodes       server     DROP
<nictuku> in /etc/shorewall/rules:
<nictuku> ACCEPT       nodes       server:192.168.1.21 udp 53
<nictuku> ACCEPT       nodes       server:192.168.1.21 tcp 53
<nictuku> then nodes will only be able to do DNS requests to server1
<nictuku> also you have to setup policies and/or rules for the traffic from server1
<Psi-Jack> Hmm. Okay. Could you walk me through some of this, to get me started? I'm about to bring the second NIC of the firewall/router up, and wire it up. heh
<nictuku> hmm that is a lot of work you'll have to do, and it's 02:40 AM here, I'm crashing :-)
<nictuku> I suggest you to read shorewall.net about bridges
<nictuku> it's a nice documentation as far as I remember
<nictuku> Psi-Jack, I can try to help with specific issues, though
<Psi-Jack> alrighty
<nictuku> 203.41.193.137: icmp_seq=2 Redirect Host(New nexthop: 202.5.165.81)
<nictuku> this is the 'redirection' I mentioned early
<nictuku> that's why it's useless to setup a gateway for the nodes, but this gateway redirects to another router in the same subnet. result: "Redirect host"
<nictuku> https://lists.netfilter.org/pipermail/netfilter/2003-November/048077.html
<nictuku> it is possible to disable those, it seems
* nictuku wonders if it's time to add nwu to freshmeat
<Psi-Jack> There we go. Re-wired them up a bit. One of my network cables just suddenly died, in the proccess. Could explain why that particular server was flakey on the connection at times. ;)
<nictuku> :-)
<Psi-Jack> Yay! Finally Skype has USD instead of JUST Euro! :D
<Psi-Jack> Anyway.
<nictuku> good news
<Psi-Jack> Wassat?
<Psi-Jack> Basically now, from the firewall/router, which I will now refer to as the IG, is using eth0 tying it in with the rest of the network, and eth1 tying in all the servers.
<Psi-Jack> heh.
<Psi-Jack> Great, and now my DNS is failing. :/
<nictuku> can you ping it?
<Psi-Jack> I can ping the servers, just fine, yes.
<Psi-Jack> But, now even the IG server can't ping an internet IP
<Psi-Jack> However, the LAN can communicate fine with the SLAN.
<Psi-Jack> LAN == Locals, while SLAN == Server LAN.
<Psi-Jack> And I have shorewall completely shut off at the moment.
<Psi-Jack> Technically, it should be able to do it. heh
<Psi-Jack> Ahh, there we go.
<Psi-Jack> two 0.0.0.0 gw 192.168.1.1's. One for eth0 and eth1 existed.
<Psi-Jack> But, now, still, the servers can't get to the internet. That's my stumping point.
<hunger> Is xfonts-75dpi needed?
<hunger> Both KDE and Gnome seem to hardcode font resolution to ~100dpi
<allee> hunger: KDE uses whatever is was autodetected by xserver (75 dpi as fallback)
<allee> hunger: oh, this is (k)ubuntu.  Sorry :(  Then for KDE:  75-110 dpi are mapped to 96 dpi, 110-140 DPI are set to 120 dpi. > 140 dpi: use the resolution
<nictuku> hi
<Pygi> hi hi
#ubuntu-server 2006-03-12
<spiekey> hello!
<spiekey> i have a i386 box with an adaptec raid controller and when i boot it with the 5.10 breezy server iso i get a kernel panic
<spiekey> i have already tried it with: vga=normal noapic noscsi nodma noapm nousb nopcmcia nofirewire noagp nodhcp xmodule=vesa
<ubijtsa2> spiekey: if a dpt_i2o card, breezy won't work.. hoary or dapper will
<spike> hey ubijtsa2
<spike> how's you man?
<ubijtsa2> lo spike
<ubijtsa2> I'm not to bad. tired and have tons of work to do :)
<ubijtsa2> you?
<spike> ubijtsa2: got a uk based job that's boring the hell out of me...
<spike> ubijtsa2: but it's good news anyway, needed it, had to start somewhere and it's "important" enough to look good on a cv :)
<blacking> nrllo all
<blacking> hello
<ubijtsa2> spike: good stuff.. where in the .uk are you based now then? :)
<blacking> please does anyone here with experience how install ubuntu on usb drive?
<mkrufky> I have TDS functionality working correctly using php5 on my ubuntu server, communication with mssql on a windows server..... unfortunately, Breezy's php5 doesnt seem to include support for stored procedures, "mssql_init(), mssql_bind(), mssql_execute()" although all online documentation says that the functionality should be present in php4.1 and later....  anybody know what i'm missing, here?
<janron> am I correct to assume that dapper wont be upgraded to the latest samba-3.0.21c since it's in a freeze now?
<mkrufky> janron: i'm not one of the official ubuntu guys -- I'm just a user like you, but:  I am pretty sure that you're assumption here is correct
<mkrufky> from what i hear, dapper will be released next month (i could have heard wrong)
<mkrufky> ...so, i highly doubt you'll see any major package updates at this point in time
<janron> 3.0.21b is in dapper and 21c was recently released but I dont expect to see it in dapper
<mkrufky> if it's just a bug-fix maintance release, they might update to it, (might require some convincing on your part)  but I cant speak for the packagers
<fabbione> 12c might make it
<fabbione> infinity was looking into it afaik
<fabbione> dapper will be release the 20th of Apr
<mkrufky> ah, cool
<mkrufky> fabbione: any idea of who or where I should ask about my php5-mssql issue with stored procedures?
<fabbione> still infinity
<fabbione> he is php5 maintainer
<mkrufky> aha
<mkrufky> thanks
<fabbione> no problem
<mkrufky> infinity: hope im not being a pest .... I have most mssql functionality working through the use of php5-sybase .... but it doesnt let me use stored procedures... I've googled it, and everything I found says that it should work with php4.1 and later...  I need access to the procedures, "mssql_init(), mssql_bind(), and mssql_execute()"  ... what else do I need to do to get this functionality?
<janron> any news about the community testing for server hardware?
<mkrufky> fabbione: his away message says he's sleeping :-/  ... any idea which time zone he's in?
<mkrufky> ...in the meantime, i will experiment, and install the dapper php5 packages .... .lets hope this doesnt destroy my system...
<fabbione> mkrufky: australia..
<fabbione> mkrufky: it will mostlikely update the entire machine to dapper
<mkrufky> ah.... okay then.... so i will have to sign on again tonight and try to catch him
<mkrufky> yikes
<fabbione> it should be safe enough.. but it is still development
<fabbione> keep that in mind :)
<mkrufky> ya this is for a production server
<fabbione> wait :)
<mkrufky> obviously not in production yet
<fabbione> well ok
<mkrufky> :'(  okay
<fabbione> if you have the option to test/upgrade -> in case reinstall
<fabbione> go for it
<fabbione> otherwise don't
<fabbione> janron: i think ben collins did send an announce out not too long ago...
<mkrufky> i made a backup root partition ....  I'll just ghost the current root to the backup and upgrade there... if it dies, i'll just revert to the master root
<janron> hmm, looking at https://wiki.ubuntu.com/TestingServerHardware there is nothing much there yet. Would be nice to have some package to download and try on my own servers to try and determine if they are stable running dapper
<janron> I have one proxy with samba/squid integrated with MS AD running on dapper now, but not much load yet since the students are off on vacation
<fabbione> janron: the main from Ben did explain what to do
<fabbione> s/main/mail
<janron> found a mail by Ben to ubuntu-devel-annonce, however there is still missing subpages on the wiki for communitytesting
#ubuntu-server 2007-03-05
* Starting logfile irclogs/ubuntu-server.log
* #ubuntu-server  [freenode-info]  channel flooding and no channel staff around to help? please check with freenode support: http://freenode.net/faq.shtml#gettinghelp
<CrummyGummy> Hi all, I just did an update to my server and it looks like the startup scripts have changed substantially. I've got a few custom startup scripts. Should I be worried. What changes need to be made?
<lionel> CrummyGummy: you updated from whic release to which release ?
<lionel> but I am preaty sure you does not have to worry
<CrummyGummy> not a release, just a general dist-upgrade. I'm still running Edgy. 
<CrummyGummy> But I'm super paranoid after the sh symlink was changed from bash to dash
<CrummyGummy> without me realising.
<lionel> CrummyGummy: in Edgy, there are only bug fixed in upgrades
<CrummyGummy> lionel, thanks. I was just a bit worried. My ha service goes for a loop if the startup scripts fall over :(
<vandenoever> hi all, i'm trying to run xeyes from my server, but i get 'display not found'
<vandenoever> i'm even tried installing xorg-server but that does not help
<vandenoever> also i restarted ssh with x11forwarding enabled
<vandenoever> i log in with ssh -X or -Y, but this does not help
<lionel> vandenoever: try to install xbase-clients
<lionel> (on th eserver)
<vandenoever> lionel: ah, i'll try, thanks
<vandenoever> lionel: wow, do i need all of that?
<lionel> all of what ?
<vandenoever> 100 packages in xbase-clients
<lionel> xbase-clients is on package
<lionel> ah, you means dependencies ?
<vandenoever> yes, there are a lot of them
<vandenoever> ok, what i need is 'xauth'
<cmdln> morning
<cmdln> anyone have any guides to migrating to swraid from noraid?
<Shane-S> is there a pre-made package that will install webalizer or other apache log analyzer?
<mralphabet> http://fontignie.blogspot.com/2006/04/install-and-configure-webalizer-on.html
* Starting logfile irclogs/ubuntu-server.log
<firecrotch> Hi all: In a default install, does PHP run as an Apache module or as cgi?
<\sh> firecrotch, when you install php module it runs as module, if not, you have to configure it as cgi
<ivoks> firecrotch: bottom line: you can do both :)
<firecrotch> Perhaps I should have worded it differently... My host did a normal install with LAMP from the CD, and I haven't changed anything as far as how PHP runs... so... is it running as a module or cgi? I don't know how to tell from php_inf()
<\sh> firecrotch, depending on the installation he did.. the php5/4 module needs to be installed separatly
<firecrotch> \sh: php_inf() will show me if it's running as a cgi, correct?
<\sh> firecrotch, it should, I didn't use the cgi-style in ages :)  
<firecrotch> Okay, I think it's running as a CGI.  I just finished an apt-get upgrade and there was an upgrade to php5-cgi
<firecrotch> Would php5-cgi show up if I did ps -e in a console?
<kupesoft> I just got disconnected, but I hope this is relevant: -to check the SAPI of php, try: echo php_sapi_name();
<firecrotch> Alright, I think I finally figured it out.  if it's running as a CGI, then the $_SERVER['SCRIPT_NAME']  variable will show the php-cgi script and not the actual file.
<kupesoft> firecrotch: There's a better way: http://www.php.net/manual/en/function.php-sapi-name.php
<firecrotch> kupesoft: that gives me apache2handler
<kupesoft> Then PHP is running as an apache module,
<kupesoft> apache2 module, that is
<firecrotch> Hooray!
<firecrotch> Thanks, kupesoft
<kupesoft> (=
<kupesoft> firecrotch: If you want to write PHP scripts for use locally, you can use php cli (sudo apt-get install php5-cli)
<kupesoft> I mean if you want to write command-line php scripts
<firecrotch> Thanks =D
#ubuntu-server 2007-03-06
<Crash_SE> hi
#ubuntu-server 2007-03-07
<TheLighty> hello folks
<TheLighty> is anyone around
<TheLighty> can anyone recommand a cpanel like interface for Ubuntu on the serve
<TheLighty> can anyone recommand a cpanel like interface for Ubuntu on the serve
<TheLighty> anyone around yet
<CrummyGummy> Hi all, I was running tomcat5 behind apache2 fine. How do I get tomcat5.5 to work now? I've edited the workers.properties file. Anything else I've got to do?
<TheLighty> is anyone around yet in here
<lionel> CrummyGummy: what is your problem ?
<TheLighty> can anyone recommand a cpanel like interface for Ubuntu on the serve
<TheLighty> I am gettin a dedicated server today with peinstalled Ubuntu
<TheLighty> not sure how much of the install they will do
<TheLighty> But I know I will need a cpanel like interface and whm like interface
<CrummyGummy> lionel, It seems that theres no response from tomcat to mod_jks requests.
<lionel> CrummyGummy: what does apache logs say ?
<lionel> TheLighty: sorry, my cpanel is vim :-(. That will not help you :-(
<jhutchins_lt> So which mail servers have the ability to define a "fallback" method of sending a message if the primary (direct) method fails?
<GNu_Joe> jhutchins, good question, but not my experteese
<TheLighty> hello folks
<TheLighty> I could use some help configuring Ubuntu
<CrypTom> Hi, I've got a problem with the ubuntu kernel "-server": The keyboard of my server (a normal pc) stops working after grub hands over control to the kernel. This does not happen with the -generic kernel.
<CrypTom> I'm using edgy with the most recent kernel 2.6.17-11
<CrypTom> Is this behavior known? Is there a solution (other than using the -generic) kernel?
<GNu_Joe> CrypTom, the server kernel is compiled diffrently, there are know issues, have to checked the bug list?
<CrypTom> GNu_Joe: where do I find this list?
<GNu_Joe> CrypTom, Think it's https://bugs.launchpad.net/
<TheLighty> is anyone around yet
<TheLighty> sure could use some help
<TheLighty> man I keep missin people
<TheLighty> CarlFK CrummyGummy DJ_Mirage GNu_Joe RemoteViewer TheLighty[BNC]  \sh ajmitch asw cemil_ chesty fabbione infinity2 ivoks jhutchins lbm lionel maswan minttea mralphabet r00tintheb0x ra1nb0w tmarble ubuntulog zenrox
<r00tintheb0x> yes?
<TheLighty> thanx
<r00tintheb0x> lol
<r00tintheb0x> whtas up
<TheLighty> I am a noob
<r00tintheb0x> great!
<r00tintheb0x> d52 1 1 c0t1d0s4
<r00tintheb0x> oops
<TheLighty> I just got a dedicated server with ubuntu 6.10
<r00tintheb0x> may bad, whats the problem TheLighty 
<lionel> TheLighty: no need to hl all the people there !
<r00tintheb0x> okay.
<TheLighty> sorry guys
<r00tintheb0x> good choice TheLighty 
<TheLighty> btu I been asking for help since last night
<TheLighty> any hows
<TheLighty> all I have is ssh access
<TheLighty> nithing else
<TheLighty> they did not install LAMP
<TheLighty> I have 5 ip's too
<TheLighty> and I have no idea where to start
<TheLighty> this is a unmanaged server
<\sh> sudo apt-get install mysql-server apache2 libapache2-mod-php5
<lionel> a good starting point could be to explain what you want :)
<TheLighty> well
<\sh> that's lamp
<lionel> but \sh has a better suggestion :)
<\sh> linux apache mysql and php54
<\sh> linux apache mysql and php5
<\sh> cd /etc/apache2
<TheLighty> linux apache mysql and php4
<TheLighty> going
<\sh> php4 is obsolete for ubuntu and will go in a few days
<\sh> php5 is state of art
<TheLighty> root@ubuntu:~# cd /etc/apache2
<TheLighty> -bash: cd: /etc/apache2: No such file or directory
<TheLighty> well I am into vbb
<\sh> vbb?
<TheLighty> and I here there are some issues
<TheLighty> but I think I may be able to work those out
<TheLighty> yes
<TheLighty> vbulletin board
<\sh> oh this I'm installing in 5 minutes using ubuntu...I did that here in my company
<TheLighty> oh cool
<TheLighty> then sure
<\sh> vbb is just a tar.gz ...you have to follow the readme and install docs in the tar
<TheLighty> also want ot put some counter strike game serverson here for my son & his froends
<TheLighty> I know how to install vbb
<\sh> the rest is apt-get install apache2 mysql-server  libapache2-mod-php5 and configuring apache2 
<TheLighty> been writing hacks for it gor many years
<\sh> TheLighty: what I can hear is, that you need someone who has a clue about administrating linux server...and their i-net services, right? ,-)
<TheLighty> yes
<TheLighty> I am use to managed server
<TheLighty> I have 2 of those
<TheLighty> now I am trying un maged
<TheLighty> I know enough to be dangerous
<TheLighty> so can you help
<\sh> sorry no, I have enough to do with my 300 blades right now
<TheLighty> man
<TheLighty> I thought this was support
<\sh> I told you already how to install LAMP....the other things are unsupported...and I can't give you a lesson in "how to become a sysadmin in less then 5 mins"
<mralphabet> TheLighty: this is the server development discussion channel, not a general support channel
<\sh> Topic:Ubuntu Server *development* discussion | general support -> #ubuntu
<mralphabet> most in here idle or talk about the wacky bugs that come up
<mralphabet> further, there are *many* pages about  how to set up an ubuntu lamp server and even more on how to work with one if you search for "ubuntu lamp" in google
<TheLighty> thanx found a bunch
<mralphabet> the type of support you are asking for is usually a paid service from an experienced admin
<mralphabet> so those are pretty much your options . . . google it and learn for yourself, use #ubuntu for general support, or pony up some $$ to work with an experienced admin
<\sh> between 60 and 120  per hour , depending on the knowledge of the freelancer ,-)
<sacater> anyone here know of a kind soul who is willing to let me have a space on their server :|
<sacater> for free i may add
<mralphabet> if you admin his server, TheLighty may . . .
<mralphabet> I don't know of any sane person that would be willing
<TheLighty> lol
<TheLighty> you guys gave me a few tips
<TheLighty> server is up and running thanx
<mralphabet> good to hear
<TheLighty> wasn't as hard as I thought
<TheLighty> only thingg I need to figure out is how to add more IP's
<sacater> TheLighty: dunno whats going on..... but...... space on your server?
<TheLighty> what do you need it for
<sacater> storage
<TheLighty> no warez
<mralphabet> or porn
<sacater> no
<sacater> i know
<mralphabet> well, no kiddie porn
<sacater> mralphabet: :P
<mralphabet> regular porn isn't so bad
<TheLighty> right
<sacater> mralphabet: ill have you know i am responisble about porn :P
<sacater> TheLighty: ?
<mralphabet> sacater: more then I needed to know, but thanks for sharing
<mralphabet> ;)
<sacater> mralphabet: oh you got me wrong :p
* sacater sighs
<mralphabet> TheLighty: I don't know about you, and no offense to sacater, I wouldn't let anybody have access in any way to any server that I admin that I don't know
<mralphabet> particularly if said person is outside of driving distance of me / my car / my baseball bat
<sacater> mralphabet: 80 miles from london okay?
<mralphabet> nope, sorry ;(
<sacater> oh well
<sacater> i excape the baseball bat
<\sh> sf.net has enough space for OSS projects
<\sh> and  I think lycos europe has still it's tripod service up and running
* \sh quits because it's EoD
#ubuntu-server 2007-03-08
<firecrotch> Okay, I have an install that's pretty much the default with Apache, PHP, mySQL... slight problem though... How do I get apache to handle perl scripts properly?
<firecrotch> Instead of the script executing, it wants me to download it
<GNu_Joe> Where do the ubuntu-server devlopers hang out?
<lionel> here and on ubuntu-devel
<GNu_Joe> not here, no one ever talks about ubuntu-server
<hyrax_> heh. I just tried out ubuntu-server. To me it is a good base install for setting up a desktop where the defaults are not so "ubuntusized"
<hyrax_> As a server install though, I saw X and alsa stuff being included in the base install. But man did not get installed.
<hyrax_> Not sure why I'd want X and alsa on the type of servers I run. I guess I could trim back the base install some after the fact.
<hyrax_> that being said, my install of ubuntu-server was the first unbuntu flavor install that did not annoy me in any way.
<hyrax_> and seems to be a solid basis for a GNU/Linux insall
<ivoks> X isn't a part of ubuntu-server
<ivoks> oh, he left :/
<dballester> hi to all
<dballester> where can i get info about canonical movements to put ubuntu in the enterprise world? Any roadmap or similar ? Thanks and regards
<dballester> I'm trying to install ubuntu-server arch amd64/em64T into one Dell Poweredge 860 ( http://www.dell.com/content/products/productdetails.aspx/pedge_860?c=us&cs=04&l=en&s=bsd ) by now is the second time that install cd ( 2 different burns ) claims that  libiw28 packages is corrupt
<dballester> md5sum for the iso image is correct
<dballester> any tip ?
<yomm>  Is it possible to completely boot off a server ,and run the OS 100% native on the client ? So in other words a diskless ubuntu-box ...Can anyone point me in the right direction ?
<GNu_Joe> yomm, edubuntu has that function ( via the LTSP.org )
<yomm> Gnu_Joe : I have a small spare box , and i Like to store several OS Images on 
<yomm> the server , so I can select which one to boot .. Is that possible with Edubuntu/LTSP ?
<GNu_Joe> humm not sure
<yomm> Gnu_Joe : I was under the impression that ltsp was still also not 100% native on the client
<ivoks> boot client from server?
<ivoks> wihtout a disk?
<yomm> ivoks ; yes , but 100% native
<yomm> if that is possible :)
<GNu_Joe> ya LTSP runs on the server the client is just a terminal
<ivoks> 100% native?
<ivoks> it's normal linux
<GNu_Joe> He wants a BIS
<GNu_Joe> Boot Install Server
<yomm> ivoks : native in the sense that all aps & processes run on the client not the server
<ivoks> yomm: of course
<ivoks> yomm: you need dhcp server, tftpd-hpa and ethernet card 
<ivoks> i have cluster set up like that
<ivoks> all clients (60 of them) boot from network
<yomm> ivoks: so tftpd-pha is the package to look at ?
<ivoks> they have no disk, but all apps run on client
<yomm> ivoks , yes thats what I wwant
<ivoks> yomm: yes, it's trivial FTP which serves kernel to clients
<ivoks> once client grabs kernel, mounts / over NFS
<yomm> ivoks : does it support all OS ?
<ivoks> and that's all...
<ivoks> yomm: all OS?
<yomm> ivoks :would I be able to serve any OS  that would run on the client itself ?
<GNu_Joe> yomm, http://www.schnozzle.org/~coldwell/diskless/
<ivoks> yomm: if by any you mean redhat, ubuntu, debian, suse, then yes
<ivoks> if you want windows, you should talk to guys from redmond
<yomm> ivoks : and if by any I mean windows , OpenStep ,& Darwin ?
<ivoks> (i highly doubt that's dooable)
<yomm> lol , the concept seems simple , just serve a disk to a client  .. but apparently not 
<ivoks> it's not that simple
<yomm> :/
<ivoks> your client has to get an IP, start portmap and nfs client
<ivoks> mount network share as /
<ivoks> pivot root from ram to mounted system
<ivoks> and then continue to boot
<yomm> ivoks : I see !
<ivoks> that's called PXE boot
<ivoks> great way to install ubuntu on lots of computers :)
<yomm> ivoks : I heard of that
<ivoks> or to manage cluster and not worry about updates on clients
<yomm> ivoks , is  tftpd also a pxe variant ?
<ivoks> yes
<yomm> Gnu_Joe : thanks for the link
<GNu_Joe> np
<yomm> ivoks : you too , thanks a lot for the information , I'll go fire up my vmware server & start experimenting with tftpd ,I'll probably bug you guys a lil' more later on :)
<ivoks> np; i'll give you my bank account :)
<yomm> lol
<yomm> i'll give you my money 
<yomm> <------ as if he has any !
<yomm> ;)
<yomm> ivoks : would this procedure approach what you described :    http://reilly.homeip.net/folding/linux.html
<ivoks> there is more than one way to do it
<ivoks> you should use ubuntu kernel
<ivoks> http://wiki.koeln.ccc.de/index.php/Ubuntu_PXE_Install
<ivoks> this is about installint ubuntu over network
<yomm> ok thx
<yomm> lol I'm having soo much fun with Linux :)
<ivoks> heh
<ivoks> it's not point and click
<ivoks> but you can learn a lot
<yomm> the clicky path is not necessarily the better :)
<ivoks> i agree
<yomm> though we all like some eye-candy once in a while :)
<AMSmith42> When I apt-get install kubuntu-desktop I get a 403 Forbidden. Where should I start?
<xenalise> a 403? O_o
<AMSmith42> Yes.
<AMSmith42> Just a sec. I'll get one of the messages...
<mralphab1t> have you been bad?
<AMSmith42> All the time, yes.
<mralphab1t> heh
* mralphabet wonders when his nick changed
<AMSmith42> "Failed to fetch http://us.archive.ubuntu.com dapper/main [etc]  403 Forbidden [IP: 91.189.89.6 80] "
<AMSmith42> The "etc" is the package. It has it for all of them.
<xenalise> Hmm
<AMSmith42> Indeed.
<mralphabet> have you changed anything in /etc/apt/sources.list?
<AMSmith42> I just installed ubuntu-server and this was the first thing I tried to do. I also got an error during install regarding not being able to fetch some packages.
<AMSmith42> And that I should "investigate this soon" or some-such.
<AMSmith42> I have not edited sources.list
<mralphabet> did you do a sudo apt-get update? or sudo apt-get upgrade
<mralphabet> or is this from aptitude
<AMSmith42> This is an apt-get and update does the same thing.
<AMSmith42> I don't have any trouble from Kubuntu desktop doing the same sort of thing.
<AMSmith42> I can opent the console and sudo apt-get all day long.
<mralphabet> and I don't have any trouble from an ubuntu server doing the same thing . . . I just did it no more then 5 mins ago
<mralphabet> that's an odd one
<AMSmith42> Huh.
<AMSmith42> Oh, well.
<AMSmith42> For another day, I suppose.
<AMSmith42> Thanks for your help.
<AMSmith42> Have a good day.
<mralphabet> sorry we couldn't be more help
<xenalise> Oh one thing.... is your sources.list okay?
<xenalise> Maybe (I doubt it, but better safe then sorry) something could be wrong there?
#ubuntu-server 2007-03-09
<supervillain> Hello, is apt-proxy secure? can I trust an apt-proxy server?
<AMSmith42> I'll check my sources.list and make sure...
<AMSmith42> Where is that again? hehehe
<AMSmith42> Nevermind, found it.
<AMSmith42> Oh, ho ho! Here is the entry: deb http://us.archives.ubuntu.com dapper-updates main restricted
<AMSmith42> They are all "restricted". Is this the problem? Why would it install like that?
<AMSmith42> What should I set them to?
<AMSmith42> I guess I could just delete restricted... There are some comments down at the bottom about them "failing to verify" and therefore being set to restricted.
<AMSmith42> I think when I installed, it couldn't get to them for some reason.
<AMSmith42> That didn't seem to work.
<AMSmith42> I'm going to reinstall.
<AMSmith42> If my time is off, could that cause a problem? If I lied during install and told it that my clock was set to UTC?
<AMSmith42> Upon reinstall, I still got an error "Configure the package manager" "Cannot access security updates"
<ekimus> is anybody using amanda-client in edgy successfully. I'm getting "WARNING: client2.amanda.testing.openforce.com: selfcheck request failed: timeout waiting for ACK" but netstat tells me that the port is open (used xinetd)
<AMSmith42> My content filter was blocking me the entire time.
<AMSmith42> Problem solved.
<sacater> does anyone knowhow to change the ns name on a server?
<ivoks> ns name?
<lionel> sacater: in /etc/resolv.conf ? 
<sacater> okies
<sacater> i have a m8 who wants to change his name
<ivoks> his name?
<ivoks> ns is nameserver or what?
<TheLighty> yes
<mralphabet> sacater: his host name?
<sacater> ask TheLighty
<sacater> its his server
<mralphabet> as in, what the machine has on the prompt when he logs in?
<TheLighty> if you check the files in /etc/bind
<TheLighty> lok in there on any machine
<TheLighty> it has the ns*.host.com
<TheLighty> it is work
<TheLighty> wrong
<ivoks> huh?
<ivoks> first of all...
<TheLighty> it is reporting wrong
<ivoks> content of /etc/bind is something user creates on his own
<ivoks> there is no 'standard'
<ivoks> you can name files whatever you want
<ivoks> there must be only named.conf
<ivoks> in named.conf other filenames are defined
<ivoks> and in those files are defined zones and hostnames
<ivoks> and... you have /etc/bind only if you have bind9 installed (name server)
<ivoks> this is not something everybody has :)
<ivoks> other than that, i don't understand where the problem is :)
<TheLighty> when I did it I put in the wrong name
<TheLighty> I put ns6 instead of ns4
<TheLighty> so should I uninstall bind and redo again
<ivoks> ha?
<ivoks> did you ever configure bind before?
<TheLighty> okay
<TheLighty> no
<ivoks> if not, you should really grab a manual...
<TheLighty> this is my first time using unbuntu
<ivoks> this is not trivial thing to do
<ivoks> TheLighty: are you sure you need name server?
<TheLighty> yes
<ivoks> so, you are an ISP?
<TheLighty> yes
<ivoks> ok
<TheLighty> first time I am managing
<ivoks> ok...
<TheLighty> I have learned a lot, but obviously made a mistake
<ivoks> in /etc/bind you should nave named.conf
<TheLighty> yes
<ivoks> TheLighty: filenames are not important
<ivoks> you don't have to reinstall bind if your file is names werrt and you want it to be sdfbd
<ivoks> s/names/named
<cmdln> im trying to migrate an ubuntu box to software raid1
<cmdln> how do I get my md devices in /dev/
<cmdln> there are some in /dev/.static/dev/
#ubuntu-server 2007-03-10
<ekimus> hello, any experiences with rsyncing raw devices (hda1 -> hda2) including the bootsector? raid is not an option unfortunately
<sacater> if i wanted to allow people to access a /home/storage folder on my computer in my home network. Would i have to enable anything?
<sacater> or could someone on my home network do 'ftp #computername'
<kupesoft> Hmm, so why aren't the madwifi drivers in the Server kernel?
#ubuntu-server 2007-03-11
* Starting logfile irclogs/ubuntu-server.log
<arrummzen> I was wondering if one of you could tell me; why does '/etc/init.d/apache2 start' print nothing, yet not start apache2?
<arrummzen> 'apache2ctrl start' works... but isn't it best practice to use the distro provided init scripts?
<ivoks> that's a bug if that's correct
<ivoks> or...
<ivoks> you have NO_START=1 in /etc/default/apache2
<arrummzen> I have NO_START=1...
<ivoks> make it NO_START=0
<ivoks> then it will work
<arrummzen> Interesting, thank you.
<ivoks> np
#ubuntu-server 2008-03-03
<Apollo9> Hi! I'm using Ubuntu server and I wonder if it's possible to install KDE and run it? 'apt-get install kde' ???
<kgoetz> yes you could, but we dont provide support for kde here
<kgoetz> here being this channel
<jjesse> kubuntu-desktop would install things to work and act like kubutnu
<jjesse> kde is the entire kde metapackage
<jjesse> so if you want ubuntu server to include everything in kubuntu, just install kubuntu-desktop
<jjesse> the kde package has more then just kubuntu-desktop
<Apollo9> jjesse: ty
<jjesse> Apollo9: no problem
<gopp__> hey I have bind setup correctly
<gopp__> but
<gopp__> I still get can't find gopunix: Non-existent domain
<kgoetz> yay for samba :|
<kgoetz> although i guess its really MS filesharings fault
<gopp__> I can
<gopp__>  nslookup gopunix.local
<gopp__> Server:         192.168.1.5
<gopp__> in linux, but in windows nothing shows up
<gopp__> in nslookup
<kgoetz> does windows have the correct name server?
<gopp__> in network connection yes
<gopp__> 192.168.1.5
<gopp__> were  else should I check
<kgoetz> dunno. i'm not in ##windows :)
<gopp__> ya
<kgoetz> are you sure bind is listening on that IP?
<gopp__> kgoetz what do you mean
<gopp__>  it is
<gopp__> kgoetz could explain
<kgoetz> gopp__: are you sure other systems can connect the dns server
<kgoetz> *to the
<gopp__> yea other system can not
<gopp__> why
<kgoetz> if bind is only listening on loopback, you cant connect from outside the system
<kgoetz> for example
<gopp__> this is what I have zone "1.168.192.in-addr.arpa" {
<gopp__>         type master;
<gopp__>         file "/etc/bind/db.192.168.1";
<gopp__> and I have _ldap._tcp.dc._msdcs    IN      SRV     0 0 389 gopunix
<gopp__> and kgoetz gopunix                 IN      A       192.168.1.5
<Bidou> hi
<kgoetz> hi
<Bidou> i cant connect to the jabber server im.apinc.org the error is: "conflict"
<Bidou> with the client gajim
<kgoetz> Bidou: try #ubuntu
<Bidou> thx
<gopp__> kgoetz do you know
<kgoetz> !private message | gopp__
<ubotu> gopp__: Please ask your questions in the channel so that other people can also benefit AND help you. Please don't PM a user in the channel without asking first, some find it rude.
<gopp__> k
<gopp__> err still bind will not work
<gopp__> *** DD-WRT can't find gopunix.local: Non-existent domain
<kgoetz> bind should be listening on all interfaces, so your client is probably misconfigured
<gopp__> k
<gopp__> but were what file do I need to look at please
<gopp__> named.conf
<kgoetz> on the client? or server?
<gopp__> server
<gopp__> bind
<gopp__> my client is a
<gopp__> windows xp
<gopp__> and my server is ubuntu
<kgoetz> i'm starting to get confused.
<kgoetz> !enter | gopp__
<ubotu> gopp__: Please try to keep your questions/responses on one line - don't use the "Enter" key as punctuation!
<pubo> hi all
<pubo> Does anyone know how can I export the audio device from a pc to another pc?
<pubo> I have 2 pc's. One in the living-room. Another one in other room. And I would like to play a sound in one PC and it would sound in boths pc's
<pubo> any idea?
<CGS|Jared> Can someone help me with a floppy drive and ubuntu?
<CGS|Jared> How do I mount a floppy drive?
<kraut> moin
<nijaba> morning
<_ruben> mornin
<henkjan> hmm, rsync 3.0 released with huge improvements in speed and memory usage
<henkjan> what can i do to get in in hardy main?
<spiekey> Hi
<sergevn> Does anyone have any experience with dhcp3 failover?
<ere4si> or a sip server?
<Viper111> look ere4si some1 in th other channel send me this link  http://www.voipphreak.ca/2007/11/03/freepbx-ubuntu-howto/
<Viper111> check it out
<ere4si> it was a prod for your quest in #ubuntu Viper111  hehe...
<Viper111> yeah i now
<ere4si> :)
<Viper111> but u know sharing info :P:d
<ere4si> thnx for the thought Viper111  :)
<Viper111> weclome
<spiekey> if i add ldap to my group line in /etc/nsswitch.conf i can not log in anymore. Any idea why? (this is hardy)
<soren> spiekey: Where did you add it? Beginning or end?
<spiekey> end
<spiekey> my login seems to time out
<soren> Do you have a working login?
<spiekey> only if i comment out the ldap in the group line.
<henkjan> passwd:         files ldap
<spiekey> actually....i just found out that slapd is NOT starting automatically
<spiekey> (so far i only to to log in with a local account)
<henkjan> file ldap in nsswitch.conf should allow local logins
<soren> spiekey: How do you change nsswitch, if you can't log in?
<spiekey> http://pastebin.ca/925839
<spiekey> there you can see a working and a broken config
<spiekey> it does not make sense to me since i should be able to log in if the ldap server is down
<soren> spiekey: Again: How do you change nsswitch if you can't login?
<spiekey> oh, sorry. I misunderstood your question.
<spiekey> in single mode (recovery root shell)
<spiekey> maybe this is the source of the problem? http://pastebin.ca/925841
<spiekey> well...cn=nssldap,ou=DSA,dc=example,dc=net does not exist...but i still wonder why my local user cant login then.
<spiekey> it works on dapper
<spiekey> could someone please verify this on hardy? add ldap to the  groups line in /etc/nsswitch.conf, stop slapd and try to login with a local user
<soren> spiekey: Well, I suppose it asks ldap for addition group memberships and as ldap fails, it bails out.
<spiekey> soren: but that should not make the login fail...should it?
<soren> spiekey: That's debatable.
<soren> Imagine if you have a "DenyGroup evilusers" in your sshd_config..
<soren> and that group is maintained in LDAP.
<soren> In that case, it's the safer choice to fail completely.
<soren> In you situation, though, it's not very convenient.
<soren> Here's what you can do:
<soren> Change:
<soren> group: files ldap
<soren> to
<soren> group: files ldap [unavail=continue]
<soren> Although, that really should be the default.
<spiekey> where can i read up what "compat" is?
<soren> spiekey: man nsswitch.conf
<spiekey> soren: group: files ldap [unavail=continue]  did not solve it .-/
<spiekey> .   /etc/ldap.secret only contains the password, not the rootbind, correct?
<soren> I belive so, yes.
<soren> spiekey: When you're logged in in single user mode, and enable ldap in nsswitch.conf, what does "getent group yourusername" give you?
<spiekey> foobar:x:1000:
<spiekey> whats the diffrence of /etc/ldap.conf and /etc/ldap/ldap.conf?
<Kamping_Kaiser> spiekey, ones part of pam, ones part of ldap iirc
 * Kamping_Kaiser sleep. gl
<spiekey> where can i read that up?
<spiekey> why does dapper not have a ldap.conf?
<spiekey> apt-file search ldap.conf
<spiekey> returns nothing
<gopp__> can I create bind dns zone records easily in webmin
<gopp__> in ubuntu-server what the easyiest way to do dns
<sergevn>  /join #linux-server
<sergevn> lol sorry
<rhineheart_m> Is there a known issue with ubuntu server attached to a LAN using single IP address...I most of the times experienced intermittent connection when my ubuntu is on.
<nijaba> faulkes-: around?
<sommer> morning all
<soren> rhineheart_m: I don't understand the question.
<rhineheart_m> soren: when I will connect the server to the LAN.. the modem seems loosing its control even if I have a huge bandwifth
<AnRkey_> I followed this howto http://ubuntuforums.org/showthread.php?t=249889
<AnRkey_> the only problem is that my mounted nfs share is read only for clients
<AnRkey_> how can i mount it readable and writable
<flohack> Hi there! I'm trying to setup nfsv4 with kerberos authentication on my server and already went through a lot of troubles. Could someone lend me a hand?
<flohack> I get the following error message when trying to mount my share on the server (same on the client): mount.nfs4: mounting lancelot.acoveo.com:/ failed, reason given by server:
<flohack>   No such file or directory
<flohack> In the logs I get the following output (which seems to be fine): http://pastebin.ubuntu.com/5236/
<flohack> Setting the following options for the rpc.mountd server does not really help: RPCMOUNTDOPTS="--debug all" I don't get any log messages from it, not even when running it from a shell with -F
<flohack> I have the following entries in /etc/exports:
<flohack> /exports                gss/krb5(ro,fsid=0,insecure,no_subtree_check,async,anonuid=65534,anongid=65534)
<flohack> /exports/acoveo_share   gss/krb5(rw,nohide,insecure,no_subtree_check,async,anonuid=65534,anongid=65534)
<flohack> exportfs -v shows then just fine
<flohack> But mounting it via the following line in /etc/fstab fails with the error mentioned above:
<flohack> lancelot.acoveo.com:/           /media/acoveo_share     nfs4    ro,sec=krb5i,users              0       0
<flohack> AAAAAARRRRGH I just found the problem...it's the krb5i option, replacing it with krb5 makes it work. I picked that option from a tutorial somewhere and forgot about adding it...sorry
<rhineheart_m> hello! I found this issue.. SAMBA tends to slow down network connection..
<frame45> foo: u there?
<zul> mathiaz: when you get a chance can you look at that samba merge?
<mathiaz> zul: sure - I'll try to review it later today
<zul> ok
<c1|freaky> what is the best CMS today?
<henkjan> vim
<spiekey> thats like asking for the best linux dist these days...
<henkjan> or 42
<c1|freaky> how do i found out which CMS is the best for me?
<faulkes-> research
<mathiaz> c1|freaky: try - http://www.cmsmatrix.org/
<faulkes-> determine what your needs are, look at the available CMS platforms, compare features
<faulkes-> or use mathiaz' handy url ;)
<faulkes-> morning mathiaz
<mathiaz> hya faulkes-
<c1|freaky> thank you
<zul> mathiaz: oh yeah I talked to ScottK about the libdb4.6 migration and you have just have to grep for the word transaction
<mathiaz> zul: great - could you update the Roadmap with the new information ?
<zul> sure
<zul> ill do some as well
<spiekey> what does use_first_pass do in common-auth?
<spiekey> there is no manpage for pam.conf
<spiekey> froma man page: "Specifies that pam_ldap should always use the first password provided in the authentication stack."
<spiekey> ==> but when can yuo provide a 2n passwd?
<spiekey> 2nd
<lionel> spiekey: it prevent your user having to type two times his password (one for unix auth, one for ldap auth)
<spiekey> ah!
<spiekey> thanks!
<soren> spiekey: You can stack authentication modules. You can require users to authenticate against passwd/shadow, LDAP, opie, and otpw, one after the other. Most things that use pam for authentication support this.
<Exfil> hello Soren
<keescook> jdstrand: toma (who seems to be having connection issues) brought to my attention an interesting use-case with akonadi -- it launches (and fails) mysql in a separate directory.  The AA profile is breaking it...
<mathiaz> keescook: yes - I've seen the bug
<mathiaz> keescook: I've been thinking about this.
<keescook> mathiaz: okay, cool.  :)
<mathiaz> keescook: I think that akonadi shouldn't use mysql the way it does now.
<mathiaz> keescook: I don't see a reason to start your own mysql server process
<keescook> heh
<keescook> I'd tend to agree there.  :)
<mathiaz> keescook: either you should directly embed mysql in your application
<mathiaz> keescook: or use the system server
<mathiaz> keescook: I haven't looked at how they're actually doing it though.
<keescook> mathiaz: me neither -- I just wanted to make sure it was on our radar (passing along toma's concerns)
<zul> hey keescook
<keescook> heya zul -- I take it you got back the next day?
<zul> keescook: yep had to go through montreal
 * jdstrand wonders why akonadi would do that by default...
<mathiaz> jdstrand: yeah - it's an uncommon design.
<mathiaz> jdstrand: however I wonder if they're embedding mysql
<mathiaz> jdstrand: it may come from that
<zul> muhaha
 * faulkes- eyes zul
<jdstrand> zul -v
 * faulkes- <mr burns church fingers>
<faulkes-> exxxxcellennt
<zul> freaking cyrust-imapd
<faulkes-> heh
<faulkes-> I think what we really need to concentrate on, is bringing back gopher for 8.04 server
<faulkes-> perhaps maybe toss in a bit of WAIS as well
<faulkes-> priorities!
<alapidas> Hi all - I am trying to install ubuntu-server 7.10 in a vmware VM, but when I check the cd for defects, I get the error "The ./isolinux/boot.cat file failed the MD5  checksum verification.  Your cd-rom may be corrupted"  The only thing is, the MD5 checks out
<donspaulding> anyone know of a good alternative to ebox-platform?
<alapidas> Hi all - I am trying to install ubuntu-server 7.10 in a vmware VM, but when I check the cd for defects, I get the error "The ./isolinux/boot.cat file failed the MD5  checksum verification.  Your cd-rom may be corrupted"  The only thing is, the MD5 checks out
<keescook> jdstrand: is your vmware-to-kvm conversion process documented?  I feel like I used to have a URL, but now I can't find it.
<jdstrand> keescook: it is not yet, but should be a part of libvirt soon, per soren
<keescook> sweet.
#ubuntu-server 2008-03-04
<keescook> I am presently stumped by insane network configs.
<mralphabet> keescook: you aren't the only one
 * mralphabet mocks the network guy, "Let's VLAN *EVERYTHING!*
<mralphabet> "
 * keescook hides in shame
<keescook> my home network has like, 6 VLANs.  ;)  however, today's problem is related to hibernation on my laptop, it seems
<mralphabet> but it's stupid vlan's . . . not for security or to reduce broadcasts / other traffic, he vlans 3 class c subnets together
<keescook> ieeeee
<mralphabet> I understand the point of it, but not there! anyway, hibernation sucks ;)
<Bambi_BOFH> why are you vlaning /24's? o_0
<mralphabet> Bambi_BOFH: EXACTLY!
 * Bambi_BOFH wonders wether he should worry or simply flee
<mralphabet> it drives me crazy
<zul> keescook: 2 words....carrier pigeon
<mralphabet> sneaker net > carrier pigeon
<Bambi_BOFH> mralphabet: try doing an interstate link with sneakernet
<mralphabet> hey, there isn't enough bandwidth to cover a uhaul full of backup tapes
<Bambi_BOFH> uhaul?
<mralphabet> http://thewifeslife.files.wordpress.com/2006/03/uhaul.jpg
<Bambi_BOFH> ah right. a truck with a fancy name :p
<mralphabet> yes
<mralphabet> apologies to those overseas
<Bambi_BOFH> hehe. no worries
 * Bambi_BOFH decends into the very depths of hell itself... using emacs *dramatic chord*
<mralphabet> omg
 * Bambi_BOFH has a reference guide, and not a clue, so this could be ... interesting.
<mralphabet> no other alternative? . . . ed?
<Bambi_BOFH> vims there, but i need to learn emacs. and perl. so i'm combining the two into one very unproductive but educational day (and getting paid for it)
<mralphabet> well . . . that counts as a +1
<mralphabet> uhoh . .. fsck.ext3 is going crazy
<Bambi_BOFH> :|
<mralphabet> Block bitmap for group 2263 is not in group.  (block 0)
<mralphabet> Relocate<y>?
 * mralphabet orders a drive
<mralphabet> how do you copy partition sizes from driveA to driveB?
<rhineheart_m> hello.. how to install pear in ubuntu gutsy?
<mralphabet> php-pear - PEAR - PHP Extension and Application Repository
<mralphabet> that?
<rhineheart_m> yeah.. since my joomla is looking for it?
<mralphabet> sudo apt-get install php-pear
<mralphabet> I would assume
<rhineheart_m> I got this error actually..
<rhineheart_m> Warning: require_once(/var/www/joomla/editor/editor.php) [function.require-once]: failed to open stream: No such file or directory in /var/www/joomla/index2.php on line 96
<mralphabet> uhh, okay
<rhineheart_m> Fatal error: require_once() [function.require]: Failed opening required '/var/www/joomla/editor/editor.php' (include_path='.:/usr/share/php:/usr/share/pear') in /var/www/joomla/index2.php on line 96
<rhineheart_m> that's pear, right?
<mralphabet> the first error has nothing to do with pear, as far as i can tell . . .
<kgoetz> neither does the second
<rhineheart_m> thanks kgoetz! welcome back..
<rhineheart_m> so.. any idea what it is all about?
<rhineheart_m> I tried actually sudo apt-get install php-pear as recommended by mralphabet... but the says that it has already its latest version
<kgoetz> it cant open /var/www/joomla/editor/editor.php
<kgoetz> which means its probably not in the path listed .:/usr/share/php:/usr/share/pear
<kgoetz> in the file /var/www/joomla/index2.php
<rhineheart_m> what do you mean with that? which means its probably not in the path listed .:/usr/share/php:/usr/share/pear
<kgoetz> the file editor.php is not in either . /usr/share/php or /usr/share/pear
<kgoetz> afk. lunch time
<mralphabet> or in /var/www/joomla/editor/
<fujin> anyone know of a tutorial/howto for clustering with redhat-cluster-suite on ubuntu?
<fujin> as it's the only cluster suite in 'main', it's surprisingly difficult to find tutorials
<Fozzy57> Hello....I currently have a LAMP server in place and I am having issues running Jabber and sendmail on the same machine. Is there a little trick that I am missing?
<kgoetz> what sort of issues?
<Fozzy57> Well I can get when I install sendmail it works pefectly. Then once  I install Jabber, I can not get any email out of the server....
<kgoetz> any errors?
<Fozzy57> I am using dotproject on the server and like to send emails out regarding status, and then have Jabber in place as a real time collabritive communication point in the server
<Fozzy57> Just says "Failed to Send"
<kgoetz> what about your mail logs?
<Fozzy57> that is the funny thing the mail logs are not reporting any problems.
<Fozzy57> When I set up sendmail I added a path to IPtables to route the email to the exchange server.
<Fozzy57> basically I am just using the smtp functions to send out the updates....
<kgoetz> why in iptables?
<Fozzy57> well until I specified the path, and I would have to look at the server to get the exact information, I could not get any mail sent. This is a stand alone smtp box in network that contains an exchange server....
<Fozzy57> the idea was that basically it would just forward the email to the exchange server for routing...
<kgoetz> why dont you setup the mail server to send to exchange so it happens properly?
<Fozzy57> Tried using a smart relay to do that, and it failed....It could be that I set it up wrong.......which would explain my problems now...
<kgoetz> s/smart relaty/smarthost/ ?
<kgoetz> i dont have any postfix systems setup with smarthosts, so i dont know how easy it is to do (i hate postfix)
<Fozzy57> everything i have read on getting sendmail to work with exchange 2003 says to setup a smarthost.......
<kgoetz> thats what i'd expect it to say
<Fozzy57> i think it might only apply if the exchange server is an smtp server, which in this case it is not....
<kgoetz> ah. what is it in this case?
<Fozzy57> well, technically i have no smtp server to speak off......exchange is installed as Mail Transport (MTA-2)
 * kgoetz has no idea what that means for us
<Fozzy57> basically as I understand it ( I did not setup the exchange server) the alternative to smtp apparently is MTA at least that is what i have come to understand....
<Fozzy57> this is what happens when you put a Linux person in an Microsoft environment
<kgoetz> sounds pretty MSy to me
<ScottK> It's a pretty standard setup for postfix and exchange both to stick a postfix box between the big bad internet and exchange.
<kgoetz> mm. but in that case postfix is the smarthost, not exchange
<ScottK> Sorry.  That's what I though we were talking about.  The reverse would be perverse.
 * lamont notes that the most common mistake with postfix relayhosts is to not put [] around the hostname, and therefore use the MX RRs for the named host for relays, rather than the A RR for the smarthost...
<pnukeid>  i try to install apache&php with deb, but install mysql with source, can i connect php with this mysql ?
<kgoetz> if i dont have a /proc/acpi/ does it mean the server hardware doestn support it? i'd like to know how hot the CPUs in this system are
<faulkes-> err, good question, what hardware is it?
<faulkes-> could be a bios issue
<kgoetz> dual P3, generic 1RU server, award or ami bios (i dont remember which)
<faulkes-> I'd boot to the bios and check for any setttings there first and to see what rev of the bios it is
<faulkes-> maybe consider installing lm-sensors and letting it run through to see what it finds as well
<faulkes-> that should at least tell you what the mobo supports
<kgoetz> lm-sensors is probably a good idea
<faulkes-> probably, although I've been known to have worse ones ;)
<faulkes-> usually after 10 or 12 beers :)
 * kgoetz will have to leave l-s until tomorrow - just started a memtest on the system
 * faulkes- nods
<faulkes-> well, I'm just hoping this laptop lasts until the new one arrives
<kgoetz> got an ETA for the new one?
<faulkes-> kb dead, dvd dead, hdd is making squelching sounds, I've had it running continuously for almost 5 years now
<faulkes-> 7 days or so
<kgoetz> a laptop? wow.
<faulkes-> dell 600m, when I bought it, it was the almost top of the line thing dell sold
<ScottK> Bah.  New hardware.
<kgoetz> hehe
<faulkes-> so, I have a 1720 on order
<ScottK> My test machine is a L400 (circa 2001).  It was just retired from being my main laptop 4 months ago.
 * faulkes- will be glad for 1900x1200 real estate
<kgoetz> problem with the server i'm trying to setup is it runs perfectly in bios at a stable temp, but locks in a few minutes of booting. not sure if its the ubuntu snapshot or hardware doing it though
<faulkes-> not sure if I'd call that a heat issue
<faulkes-> point a fan at it and keep it cool
<kgoetz> it was running (afaik) stable under the old ubuntu release it had -0 7.04 perhaps. tomorrow is its 'shake down' day
<pnukeid> i want try install apache+php with deb (ubuntu), but mysql install with source.. it posible ?
<faulkes-> possible? yes, at least as far as I know, so long as you satisfy the dependencies if you expect php to connect to mysql
<faulkes-> as for a detailed decscription of how to do it? that is beyond the scope of what I could offer help for
<pnukeid> ok, in my phpinfo() mysql and mysqli say's that them connect mysql through sockect where /var/run/mysqld/mysqld.sock
<pnukeid> but previous installation mysql.sock set up in /usr/local/mysql/tmp/mysql.sock
<pnukeid> where  ishould change..
<pnukeid> in php setting or mysql.sock
<soren> Exfil: Hello. Do I know you?
<faulkes-> mysql.sock is a socket, if mysql is configured to put it in /usr/local/mysql/tmp then I would change php.ini to look for it there
<pnukeid> it's ok to change mysql.sock in php.ini ?
<faulkes-> that is not a guarrantee it will work though, as I said, beyond the level of help I can offer
<faulkes-> just comment out the line and below it add in your new one, restart apache, see if it works
<faulkes-> if it doesn't work, change it back
<faulkes-> php.ini is just a config file
<faulkes-> hi soren
<soren> 'morning, faulkes-.
<pnukeid> ok i will try
<faulkes-> yes, I suppose it is that now
 * faulkes- really should get to bed
<basketball589> ##Linux (with ##) on Dalnet needs some good company and good channel operators. type /server irc.dal.net (or /connect irc.dalnduxTalk to see.
<basketball589> ##Linux (with ##) on Dalnet needs some good company and good channel operators. type /server irc.dal.net (or /connect irc.dalnduxTalk to see.
<basketball589> ##Linux (with ##) on Dalnet needs some good company and good channel operators. type /server irc.dal.net (or /connect irc.dalnduxTalk to see.
<basketball589> ##Linux (with ##) on Dalnet needs some good company and good channel operators. type /server irc.dal.net (or /connect irc.dalnduxTalk to see.
<basketball589> ##Linux (with ##) on Dalnet needs some good company and good channel operators. type /server irc.dal.net (or /connect irc.dalnduxTalk to see.
<basketball589> ##Linux (with ##) on Dalnet needs some good company and good channel operators. type /server irc.dal.net (or /connect irc.dalnduxTalk to see.
<_ruben> they really are desperate outthere in ##linux on dalnet ..
<basketball589> ya
<basketball589> ##Linux (with ##) needs some good company and good channel operators. More flexible, more friendly.
<basketball589> ##Linux (with ##) needs some good company and good channel operators. More flexible, more friendly.
<basketball589> ##Linux (with ##) needs some good company and good channel operators. More flexible, more friendly.
<basketball589> ##Linux (with ##) needs some good company and good channel operators. More flexible, more friendly.
<henkjan> hmm, nobody with ops around? i vote for a ban
<spiekey> Hi
<spiekey> does dapper not use /etc/pam_ldap.conf?
<kraut> moin
<spiekey> hi
<soren> kthxbye
<soren> Er..
<soren> wtf..
<soren> Well, I guess -srn is fine.
<nijaba> morning
<spiekey> i still dont understand the way of authentification when using a ldap backend :-/
<spiekey> When i log in via ssh the first module it uses is pam, right?
<spiekey> pam_ldap to be precise.
<spiekey> correct?
<spiekey> i wonder how the authentification works with the pam_ldap.conf (http://pastebin.ca/927428)
<spiekey> how does it know where to look for the user?
<kraut> soren: you should set +n
<Kamping_Kaiser> spiekey, depends what modules you set it to ue
<spiekey> auth    sufficient      pam_ldap.so
<spiekey> so i use pam_ldap first.
<spiekey> but i do not understand how it knows where to compare the password hashes
<spiekey> in "/etc/pam_ldap.conf" it know what kind of hash it uses.
<spiekey> knows
<Kamping_Kaiser> spiekey, heres where i have ldap lines:
<Kamping_Kaiser> /etc/pam.d/common-account:account    sufficient /lib/security/pam_ldap.so
<Kamping_Kaiser> /etc/pam.d/common-auth:auth       sufficient    /lib/security/pam_ldap.so
<Kamping_Kaiser> /etc/pam.d/common-password:password   required  /lib/security/pam_ldap.so
<Kamping_Kaiser> and those files are sourced where relevent by (eg) ssh/login
<spiekey> yes. That makes sense.
<spiekey> and /etc/pam_ldap.conf is the config file for pam_ldap.so
<spiekey> correct?
<Kamping_Kaiser> yes, iirc
 * Kamping_Kaiser grins. heres a comment i have from in that file: # here because "lamont said"
<spiekey> okay. So how does pam_ldap now know where to find the user?
<Kamping_Kaiser> i dont follow
<spiekey> in orde to authenticate, you have to find the hash of a User and compare it against the password hash that was typed in. correct?
<Kamping_Kaiser> hash of a user? password hash?
<spiekey> erm... "hash of a user" = Password hash of a user
<Kamping_Kaiser> correct enough, aiui
<spiekey> how does pam_ldap find my user in the database then? In order to compare the password hashes?
<spiekey> do you know what i mean?
<Kamping_Kaiser> look in /etc/pam_ldap.conf
<spiekey> there i have "base dc=example,dc=net" and "rootbinddn cn=manager,dc=example,dc=net"
<Kamping_Kaiser> 'all that stuff' is how you configure it.
<Kamping_Kaiser> eg pam_login_attribute
<Kamping_Kaiser> and pam_password
<spiekey> how does it know my users are in ou=Users,dc=example,dc=net ?
<soren> magic
<Kamping_Kaiser> ^^
<spiekey> it seems like it
<spiekey> this is my whole pam_ldap.conf: http://pastebin.ca/927442
<Kamping_Kaiser> spiekey, which one?
<Kamping_Kaiser> oh, pam_ldap.conf
<Kamping_Kaiser> spiekey, what version of ubuntu are you running?
<spiekey> Dapper
 * spiekey likes LTS
 * Kamping_Kaiser hasnt done ldap on dapper recently
<Kamping_Kaiser> and my notes are on my work laptop atm :|
<spiekey> hmm...what a shame :-/
<spiekey> does it not use nss to map username <-> uid first?
 * spiekey is confused
<spiekey> It looks like  /etc/libnss-ldap.conf is the same as /etc/pam_ldap.conf
<Kamping_Kaiser> the pam_ldap stuff shipped in dapper is different enough from whats in gutsy (eg what is running at work) that i cant directly relate. especially since i've worked with it
<Kamping_Kaiser> iirc actually, my other stuff was actually not ldap but something else. *shrug* i dont remember ;|
<spiekey> yeah, they changed a lot from Dapper <-> Gutsy
<Kamping_Kaiser> pschulz01, evening
<spiekey> maybe someone else knows?! :)
 * Kamping_Kaiser pokes lamont 
<pschulz01> Kamping_Kaiser: evening
<pschulz01> Kamping_Kaiser: How do we fix logwatch?
<Kamping_Kaiser> pschulz01, give it to kim
<pschulz01> Kamping_Kaiser: hehe..
<pschulz01> Kamping_Kaiser: .. or buy be some time :-)
<Kamping_Kaiser> pschulz01, who is be? ;)
<pschulz01> s/be/me
<pschulz01> Kamping_Kaiser: Cricket's getting exciting :-)
<Kamping_Kaiser> pschulz01, i'll hvae to check.
<pschulz01> Kamping_Kaiser: I've been left holding the baby.. so if I disappear in a hurry you'll know why.
<Kamping_Kaiser> pschulz01, no worries.hope it doesnt explode on you :)
<Kamping_Kaiser> should be close, if australia dont lose any wickets in the next 5~ overs
<pschulz01> Kamping_Kaiser: The last final is in Adelaide.
<pschulz01> Kamping_Kaiser: If it's on.
<Kamping_Kaiser> pschulz01, i'm willing to put money on it being a dead rubber
<Kamping_Kaiser> in all honesty...
<pschulz01> Kamping_Kaiser: What did the temperature get to today? I'm not gettign any email as my mail gateway crashed.
<pschulz01> Kamping_Kaiser: It happens in hot weather.
<Kamping_Kaiser> pschulz01, its ~30 atm in the city, so it must have been fairly toasty 2 hrs ago
<Kamping_Kaiser> s/2/3
<Kamping_Kaiser> pschulz01, tomorrow is meant to be 37
<pschulz01> Kamping_Kaiser: Beck nearly bought me the xkcd t-shirt - 'regular expressions'
<pschulz01> Kamping_Kaiser: (It's birthday week :-)
<Kamping_Kaiser> pschulz01, :) 'nearly'?
<pschulz01> Kamping_Kaiser: Someone should outlaw angle grinders in hot weather!!
<pschulz01> Kamping_Kaiser: Sat
<Kamping_Kaiser> pschulz01, sorry, dont think you'll have a galaxy for your bday ;)
<pschulz01> Kamping_Kaiser: Woot!~
<kraut> soren: you should setup +n, anyhow external irc-users could send messages in this channel without joining it!
<Kamping_Kaiser> heheh
<pschulz01> Out!
<soren> kraut: Ah, true.
<kraut> :)
<pschulz01> Ah!!!
<Kamping_Kaiser> pschulz01, day before yesterdays userfriendly is good ;)
<pschulz01> blackberry?
<Kamping_Kaiser> no, crossword
<pschulz01> Did you do it?
<Kamping_Kaiser> i only know two answers :p
<pschulz01> Did you see the 'UF' game?
<pschulz01> Published a while ago.
<Kamping_Kaiser> quite a while ago. i did, never tried it out though
<pschulz01> I reacon we should. Print it out..
<Kamping_Kaiser> at work ;)
<pschulz01> Lunchtime.
<Kamping_Kaiser> kgoetz, http://ars.userfriendly.org/cartoons/?id=20080302
<Kamping_Kaiser> kgoetz, remember that for us
<pschulz01> Kamping_Kaiser: He's good like that.
<Kamping_Kaiser> pschulz01, hey, needs to have some use ;)
 * Kamping_Kaiser is thinking of heading off RSN
<pschulz01> I am invincible!!!
<pschulz01> (I'll have to show you some funky perl tomorrow.)
<Kamping_Kaiser> logwatch is enough perl for me this week
<Kamping_Kaiser> afk
<spiekey> soren: could you give me a hint please?! How does pam_ldap do the authentification? How does it know where the userdn is?
<spiekey> grep -Ri Users /etc/* |grep -i example |grep -v smbldap-tools |grep -v phpldapadmin    => Returns nothing.
<spiekey> i would have exspected something like: usersdn="ou=Users,dc=example,dc=net"
<Kamping_Kaiser> spiekey, did you set that OU?
<Kamping_Kaiser> spiekey, also, use grep -v -e <string> -e <string2> -e <string3> etc
<Kamping_Kaiser> or egrep, for that matter
<soren> spiekey: From configuration file of some sort (or defaults if there is no such file).
<spiekey> soren: so the default is "Users" ?
<spiekey> Kamping_Kaiser: thanks, i will do that :)
<soren> spiekey: I would have guesses it was People, but I could easily be wrong.
<Kamping_Kaiser> most places use people afaik, but as long as you setup everything the same it shouldnt matter...
<spiekey> I am just trying to understand where exactly this is set up.
<soren> spiekey: Dapper?
<spiekey> Yes! :)
<soren> spiekey: I'll check.
<NineTeen67Comet> Hi all .. fired up a new box tossed Ubuntu Server 8.04 Alpha5 (AMD64bit) and it is not playing nice with bash_completion. It'll finish out directories (sudo /etc/apac<tab>) but not applications .. like sudo aptit<tab> inst<tab> smartmo<tab> .. it just beeps.
<soren> spiekey: Ok, I haven't followed the conversation here, so I'll be asking silly questions for a bit, probably.
<soren> spiekey: This is pam or nss?
<soren> spiekey: Or both?
<spiekey> both really
<spiekey> soren: The PAM module are used at different stages.  The "auth" lines handle the actual authentication.  The first line says to authenticate using the shared library pam_ldap.so.  This collects the user name and password.  If the LDAP server is available, it checks the password.
<spiekey> i would like to know how the "it checks the password" works in detail.
<soren> it probably tries to autenticate against the ldap server using the credentials given.
<soren> What's the problem we're trying to solve?
<soren> /etc/pam_ldap.conf is used to libpam-ldap and /etc/libnss-ldap.conf is used for libnss-ldap.
<soren> I'm guessing they could be replaced by a symlink to the same file if one were so inclined.
<spiekey> soren: i already linked them ;)
<soren> Ok. And what seems to be the issue?
<spiekey> i am trying to understand the magic. The credentials in the config files do not point to users or groups. just to a basedn and rootbinddn
<spiekey> ah!
<spiekey> soren: i am getting there...
<soren> Heh
<soren> pam_login_attribute might be what you're looking for?
<spiekey> soren: nono, its sooo easy!
<spiekey> give me a minute, i have to write it down
<spiekey> the whole "magic" is that pam_ldap looks in basedn for a Object that contains the posixAccount Class.
<spiekey> thats how it finds the user
<spiekey> soren: http://pastebin.ca/927557
<spiekey> soren: are you impressed? :)
<spiekey> no? hmm..., :-/
<soren> Sorry, was away.
<soren> Good work! :)
<J_P> hi all
<J_P> People, I would like to change my locale, how I do this ? What is command line ?
<J_P> dpk-reconfigure locale ?
<faulkes-> that's a good question, one which I've never actually had to do
<abogani> Hi Guys! I just curious about ebox. Is it ready for Hardy? Seems to me that lately zul is working on...
<zul> abogani: hopefully I can get it into universe this week
<abogani> zul: Thanks, Chuck.
<zul> abogani: its in my ppa if you want to take a testdrive
<abogani> zul: Yeah! I'll try it soon. Thanks again!
<J_P> I install localeconf (apt-get install localeconf) but don't have command localeconf. Anyone know what is command to call localeconf ?
<sommer> zul: I had a question about eBox... does it have to use slapd when you enable the users and groups module?
<zul> sommer: no idea I just package it
<sommer> gotcha
<nijaba> hello sommer
<nijaba> could you send me an email with your address?
<sommer> nijaba: sure
<sommer> mailing address right?
<nijaba> yeah, right
<sommer> heh... thought I'd make sure
<nijaba> Trying to get a machine with VT enabled sent to you
<zul> nijaba: send me one as well ;)
<henkjan> hmm, souns interesting :)
<nijaba> zul: you don't need one, you've got one in your head ;)
<zul> meh
<abogani> nijaba: Agreed :-)
<sommer> nijaba: mail sent
<sommer> wow... that would be great
<nijaba> sommer: heh, we need KVM documented, right ;)
<nijaba> sommer: got your email, thanks
<sommer> yep, another way to go would be to allow access remotely
<sommer> either way works for me :-)
<Qbi-Jens> Hi, someone told me, that /etc/init.d/$SKRIPT is not the "right" way to start or stop scripts. Instead Ubuntu developed a new mechanism, I was told.
<Qbi-Jens> I could not find any hints at help.ubuntu.com. So is there something new? Where
<Qbi-Jens> can I find more info about?
<sommer> Qbi-Jens: as far as I know that's still the way it's done
<sommer> Qbi-Jens: they may have meant upstart: http://upstart.ubuntu.com/
<sommer> those scripts still stop and start services, though
<Qbi-Jens> sommer: Thanks. I'll have a look at it.
<sommer> np
<Qbi-Jens> a
<zul> mathiaz: I updated the merge with the ifup.d stuff http://people.ubuntu.com/~chucks/samba-3.0.28-merge.debdiff
<mathiaz> zul: ok - I'll have a look at it. We have some time before uploading as we're in archive freeze until alpha6 is released.
<zul> yep
<zul> ill do the ffe when it looks good
<mathiaz> zul: I don't think we need a FFe for that. It's a bug fix only.
<mathiaz> zul: although it's a merge from debian - may wanna ask the release team.
<zul> yep
<faulkes-> if we're passing out VT machines like candy, sign me up
<Isaiah> I was trying to install php 5.2.5 on my server, and messed everything up
<Isaiah> now when I try to install mysql with apt-get it says The following packages have unmet dependencies: mysql-server: Depends: mysql-server-5.0 but it is not going to be installed
<Isaiah> Is there some way to fix this?
<sommer> Isaiah: which release are you using?
<Isaiah> gutsy
<Isaiah> I messed it up by trying to manually install a bounch of php 5.2.4 packages
<Isaiah> and then wouldn't install so I ran apt-get -f install ( I know... stupid me)
<Isaiah> Is there some way to get a list of packages I installed manually and remove them?
<sommer> Isaiah: did you try apt-get install mysql-server-5.0 ?
<sommer> Isaiah: when you say installed manually, do you mean with apt-get ?
<Isaiah>  mysql-server-5.0: Depends: mysql-client-5.0 (>= 5.0.45-1ubuntu3.1) but it is not going to be installed
<Isaiah> by manually I mean download the .deb packages and install it with apt-get
<sommer> mmm... were the .debs from Ubuntu's repositories?
<Isaiah> yes, I got the php *.deb here: http://ubuntu.interlegis.gov.br/ubuntu/pool/main/p/php5/php-pear_5.2.4-2ubuntu5_all.deb
<Isaiah> and then downloaded everything it depended on from the same site
<sommer> Isaiah: looks like you installed the php for hardy and not gutsy
<Isaiah> Ah... oops
<Isaiah> is there some way to undo that?
<sommer> dpkg -l | grep php
<sommer> will list all the php packages
<Isaiah> ok
<sommer> then do apt-get --purge remove package_name
<sommer> that should remove everything
<sommer> you can then do: apt-get install php-pear; and you should be off and running
<Isaiah> ok, I will try that
<Isaiah> Thanks :)
<sommer> np
<Isaiah> I do dpkg -l | grep php and it shows me all the php packages
<Isaiah> but when I do apt-get --purge remove php-pear (or whatever package) it says it's not installed
<sommer> Isaiah: I'd just remove any of the php packages you might have downloaded and installed
<sommer> whichever ones are in the list
<Isaiah> right, but how do I remove them if apt-get --purge remove packagename doesn't work?
<sommer> try: dpkg -P package_name
<sommer> sort of the same thing :-)
<faulkes-> Olfrygt
<faulkes-> I knew I kept that term around for a reason
<faulkes-> new hostname
<Isaiah> that works sommer :)
<faulkes-> hi sommer
<sommer> hey faulkes
<nijaba> faulkes-: don't dream about vt machines, it will be a loan, at best
<pwnguin> kind of unfortunate that scripting languages have to duplicate package management on systems like debian
<faulkes-> nijaba: no need to dream actually, I ordered a new dell yesterday
<faulkes-> even got the new hostname picked out ;)
<Isaiah> I'm using ubuntu server Feisty Fawn now, is there an easy way to upgrade it to php 5.2.5?
<faulkes-> anyways, I'll check survey for new stuff and then head back to improving the forum reporting stuff, which is almost at the stage where I'd feel ok putting it into LP
<nijaba> faulkes-: regarding the survey, I saw that you changed the names in LimeSurvey, which is great, but I am unsure on which to work on now.  Is it the inactive v0.2?
<faulkes-> nijaba: my username is attached when you look at the ownership column
<faulkes-> the others are listed as admin
<faulkes-> but yes, the inactive v2.0
<nijaba> faulkes-: cool, thanks
<faulkes-> nijaba: inactive v2.0 is also what's in my LP because I believe I had to modify one of the template files as well
<soulc> so can I talk now?
<soulc> yes
<soulc> so where can I get some help with apache2 now..... I would like to enable user dirs ie public-html.
<soulc> er public_html
<spiekey> is this not an #apache question? :)
<soulc> I think I asked where like a channel name
<soulc> so your response should be #apache not a question
<spiekey> #apache !
<spiekey> ;)
 * spiekey will brb
<soulc> but more to the point is there a ubuntu specific apache channel
<spiekey> how is ubuntu and apache related?
<spiekey> #apache is fine, belive me. Or wait here for some help :)
<spiekey> i gotta go
<soulc> bye
<keescook> mornin'
<mathiaz> hiya keescook !
<keescook> heya mathiaz :)
<Isaiah> I'm using ubuntu server Feisty Fawn now, is there an easy way to upgrade it to php 5.2.5?
<keescook> Isaiah: is there something in 5.2.5 you need?
<keescook> you could try building debian's php5 (http://packages.qa.debian.org/p/php5.html)
<Isaiah> keescook, yes I need to test my code with php 5.2.5, because the server I'm using is upgraded to 5.2.5
<Isaiah> I need to run the same version of php on both the production server and my devlopment server
<zul> build from source maybe?
<keescook> Isaiah: cd /tmp; sudo apt-get build-dep php5; sudo apt-get install build-essential devscripts fakeroot; dget http://ftp.debian.org/debian/pool/main/p/php5/php5_5.2.5-3.dsc; dpkg-source -x php5*dsc; cd php5-*; debuild -uc -us; cd ..; ls *.deb
<Isaiah> Thanks keescook, I will give that a try
<Isaiah> Will that copy the mod_php stuff into the right place?
<keescook> Isaiah: for more details, see https://wiki.ubuntu.com/PackagingGuide
<keescook> Isaiah: it will build you Debian's php5 .deb files on Ubuntu, YMMV, etc
<Isaiah> ah I see
<Isaiah> then I can just intsall the .deb file like normal?
<keescook> Isaiah: with "dpkg -i" yeah...  though you won't get security updates automatically any more, etc.
<Isaiah> right, that's ok
<Isaiah> Thanks for the help keescook :)
<keescook> Isaiah: np.  :)
<Isaiah> you still around keescook?
<Isaiah> I tried you suggestion, and it keeps complaining to me about an unmet dependency libdb4.6-dev
<keescook> Isaiah: yawp
<keescook> for missing deps, just   sudo apt-get install DEP
<keescook> where the DEP is what you need
<keescook> since you're spanning between old distros, you may have to "adjust" your debian package source :)
<Isaiah> It says I need libdb4.6-dev, but apt-get can only find version 4.5
<keescook> in that case, edit debian/control and use 4.5 -- that may fix it.  This is all guessing on my part -- I've not tried to do a php5 backport like this before.
<faulkes-> nor have I but I would tend to agree that may fix the issue
<Isaiah> well it fixed things enough to let the package build
<jdstrand> soren: with libvirt, should vnet0 have an ip address? my libvirt guests aren't getting an ip address, even though dnsmasq is running (but vnet0 does not have an address)
<jddk23> Hello everybody. I just finished installing Server 6.06 LAMP and it boots to a command prompt. How can I make it login to GUI? Also, what is the default root password? THANK YOU!!
<soren> jdstrand: It's fine for vnet0 not to have an address.
<soren> jdstrand: Think of it as a plug in a switch.
<jdstrand> soren: that is what I thought...
<jdstrand> hmmm
<zul> sommer: ping
<jdstrand> soren: is there a bug on dhcp clients not working right with dnsmasq?
<zul> sommer: traffic shaping fixed in my ppa
<jdstrand> (this was working before-- I didn't change my networking either)
<jdstrand> soren: this is a converted dapper vm that used to work
<sommer> zul: cool, I'll update this evening
<jdstrand> soren: ok, I am not going crazy-- I just tried another vm and dhcp isn't working there either
<jdstrand> $ ps auxww|grep [d]nsmasq
<jdstrand> nobody    7445  0.0  0.0  14696  1020 ?        S    Mar02   0:00 dnsmasq --keep-in-foreground --strict-order --bind-interfaces --pid-file  --conf-file  --listen-address 192.168.122.1 --except-interface lo --dhcp-leasefile=/var/lib/libvirt/dhcp-default.leases --dhcp-range 192.168.122.2,192.168.122.254
<jdstrand> aha
<jdstrand> dnsmasq[7445]: no address range available for DHCP request via vnet0
<spiekey> soren: you there?
<soren> sommer: On my way to bed. Be quick.
<spiekey> i have    group: files ldap [UNAVAIL=continue]
<spiekey> but i still can not log in if ldap is down
<spiekey> is my line correct?
<soren> That last one is redundant, I belive. It should be the default (yes,I know I was the one who told you to put it there)
<spiekey> hehe
<sommer> eh?
<spiekey> continue means it should carry on or what?
<sommer> nm, you meant spiekey
<spiekey> i guess so :)
<halcyonCorsair> are there any dhcpd guru's around, or does anyone know where I can get help with dhcpd?
<sommer> halcyonCorsair: what's your issue?
<halcyonCorsair> i'm wanting to assign a pool of ip addresses to devices with mac addresses in a certain range
<levander> If I ran a cron job last night, but haven't set anything up with email on my system yet, where does the cron job output go?
<sommer> halcyonCorsair: not entirely sure that's possible
<sommer> halcyonCorsair: I guess you could setup a script to populate the mac range... at least that's one way
<kgoetz> levander: what are you running?
<halcyonCorsair> it should be possible, i've found hints that it may be possible .... at the very least by dns-masq (although i'd rather not use that)
<levander> Gutsy
<kgoetz> i'm fairly sure dhcpd does support that, for bootp purposes if nothing else
<kgoetz> levander: check you have a mail server installed
<halcyonCorsair> but the documentation on dhcpd.conf and dhcp-eval seems to be a little......dry
<halcyonCorsair> kgoetz: any idea where i can get more help?
<levander> I just checked with dpkg -l postfix and dovecot, neither are installed.
<kgoetz> halcyonCorsair: if the comments in the config file dont give you any points i dont off the top of my head
<sommer> eh... kgoetz probably knows more than me :-)
<kgoetz> levander: then theres the problem - no mail server to send the mail from cron
<halcyonCorsair> kgoetz: the config / example files only really cover the basics
<halcyonCorsair> levander: i can't populate the mac range beforehand because i don't know which mac's i'll be getting exactly
<kgoetz> i strip my dhcpd config files after i configure them, so i dont have a default one ot reference *ekeeps looking*
<levander> kgoetz: just install dovecot, and i'll get the output emails?
<Nafallo> no
<kgoetz> levander: ubuntu prefers postfix
 * kgoetz prefers exim
<Nafallo> dovecot doesn't do the same thing at all
 * kgoetz isnt sure how dovcot works
<soren> It works fine.
<Nafallo> kgoetz: imapd and pop3d, rather then smtpd
<Nafallo> :-)
<kgoetz> Nafallo: aah right :)
<sommer> halcyonCorsair: you might read through this thread: http://ubuntuforums.org/showthread.php?t=675257
<halcyonCorsair> sommer: i think that could be it......if it is, you are my hero
<sommer> heh... I'd try it out first
<kgoetz> hehe
<halcyonCorsair> obviously i need to level up my google fu or something
<halcyonCorsair> all i kept getting is a million copies of the man page
 * keescook <3 kvm
<NineTeen67Comet> Hi all .. I've got a newer Sampron 3000+ processor. I've read both it is and it is not a 64bit processor. It is in a server/headless machine I've been playing with Hardy Alpha5 64bit server edition and it seem'ed "okay" with some minor bash_completion issues (prolly not associated w/64bit) and some difficulty in restoring MySQL databases (might be 64bit issue) .. ideas?
 * kgoetz has the idea you should ask a question we can answer
<NineTeen67Comet> lol .. sorry, that did ramble .. Basically does the server edition make as big a diff as the desktop edition when it comes to 64bit issues?
 * NineTeen67Comet I'm not a fan of AMD anyhow, but I just wanna make it as easy on the processor as possible. This just a web server with minimal in house print/file sharing.
<kgoetz> i'd say no, but i'll let someone else who knows more answer
<NineTeen67Comet> uhn'k .. I'm headed off to slave camp "work". I'll keep playing with it. This is the first time I've been able to actually use new hardware in the 5 years I've been using Linux on my servers .. heheheh
<kgoetz> *grin*
<NineTeen67Comet> thanks much for your time kgoetz .. I'm outty
<halcyonCorsair> that was.....weird
<keescook> soren: since you've done some dpkg poking, can you take a look at 198421 when you get a chance?
<soren> keescook: Interesint.
<soren> er...
<soren> Interesting.
<soren> "Interesint"?!?
<soren> keescook: bzr branch with fix pushed. Yay karma :)
<kgoetz> ffs. why is there only dvd images at cdimage.ubuntu.com?
<soren> kgoetz: You going to have to qualify that statement a bit.
<kgoetz> soren: at cdimage.ubuntu.com/releases/{7.10,8.04,gutsy,feisty,hardy}/* there are only dvd iso's
<soren> kgoetz: If you're looking for releases, go to releases.ubuntu.com
<kgoetz> soren: thanks.
<halcyonCorsair> when is the hardy heron release date, anyone know off the top of their head?
<nijaba> April 24
<nijaba> halcyonCorsair: ^
<nijaba> https://wiki.ubuntu.com/HardyReleaseSchedule
<halcyonCorsair> yeah, just saw that
<halcyonCorsair> cheers
<nijaba> faulkes-: how is your starting of a project in LP going?
#ubuntu-server 2008-03-05
<faulkes-> nijaba: it hasn't started as of yet actually
 * faulkes- was in negotiations all day
<faulkes-> I should have it going tomorrow as I have a free day, well, "mostly" free
 * kgoetz discovers he has no /proc/acpi under 7.10, but this doesnt crash - therefor the problem is with 8.04 :(
<kgoetz> afk lunch
<Bambi_BOFH> back
<rhineheart_m> Is courier-imap has Poppassd service?
<Bambi_BOFH> rhineheart_m: what?
<rhineheart_m> Bambi_BOFH: yeah.. Poppassd service...
<rhineheart_m> Bambi_BOFH: I need it for change_passwd by PAM authentication for my squirrelmail..
<Bambi_BOFH> that didnt clear it up
<Bambi_BOFH> i see. i suggest searching the web for info
<kgoetz> pschulz01: we forgot http://ars.userfriendly.org/cartoons/?id=20080302
<Gide0n> could somebody help me with a question about setting up a routing table?
<kraut> moin
<sergevn> Doesn anyone has any experience with dhcp3-server and failover?
<henkjan> sergevn: are you going to ask the every day? ;)
<sergevn> henkjan: yes :)
<sergevn> henkjan: ;)
<henkjan> do you realy need failover?
<sergevn> henkjan: yes
<henkjan> i've heard only horror stories about failover
<sergevn> henkjan: I know how to configure it, but it aint working :D
<_ruben> search the dhcp users mailinglist archives .. its a rather hot topic overthere
<kraut> sergevn: yes. did that answer helped you!?
<henkjan> 2 dhcp-server witch their own scope isnt an option?
<kraut> dhcp failover is a major pain into the ass...
<sergevn> henkjan: if the secondary takes over, it says it holds all leases
<sergevn> kraut: yeah im getting that picture the last 2 days
<soren_> Hm... I've never tried it, but it sounds pretty straight forward?
<soren_> Assuming some sort of monitoring mechanism takes care of switching them, what's left to do but copy the leases from the active to the passive node?
<_ruben> strange .. ps aux sorts procs by pid, tho im used to them being sorted by starttime (on suse boxes) .. guess i'll have to dive into the manpage :p
<_ruben> ps auxkstart_time .. lets see if that can be made a default somehow
<henkjan> sergevn: just configure 2 dhcp servers with both the same scope
<henkjan> sergevn: a client request an adress by broadcast. Both (or more) dhcp answer: 'pick this adress'. Client takes the adress and answers in broadcast, 'i take this adress'. Both (or more) dhcp servers update their leases file
<henkjan> thats how we are running it
<soren_> Yeah, I really don't see the problem. Identical configuration, sync leases info from active to passive node. When disaster strikes, start dhcp server on the passive node. Go.
<henkjan> you don't need to sync leases
<soren_> henkjan: AH, yes, that's even better.
<soren_> henkjan: I never tried. Didn't know dhcpd was clever enough to do that.
<sergevn> henkjan: so if you run 2 dhcp servers in the same network
<sergevn> henkjan: they know about each others leases by defaul?
<pppZero> hi, eth0 isnt starting on boot (ifup eth0 starts it correctly though) where do i start looking?
<soren_> pppZero: In /etc/network/interfaces
<nijaba> morning
<soren_> pppZero: It needs to say "auto eth0" somewhere.
<pppZero> soren let it be known for the record, i love you!
<pwnguin> heh
<henkjan> sergevn: a client will answer with an broadcast. Both dhcp server receive that broacast en place the mentioned ip the leases file
<sergevn> henkjan: aaaaaaaah ok
<henkjan> sergevn: thats exactly how we are running it with 4 dhcp servers
 * soren_ hugs pppZero 
<henkjan> well, did it earn an VT enabled pc with this answer?
<sergevn> henkjan: problem nr2, it has to be compatible with dynamic dns
<henkjan> hmm
<pppZero> sergven i've got a setup going here with dhcp + djbdns + a perl script that adds hostnames to djbdns as windows boxen take out leases, give me a minute or 10 to find the link
<pppZero> if you want to use bind, I've got no idea how its done, probably some changes to how it writes files should suffice, but heres the link:
<pppZero> http://www.thismetalsky.org/projects/dhcp_dns.xml
<sergevn> henkjan: im testing it right now, 2 dhcp servers in 1 subnet, same range etc.
<sergevn> henkjan: but if i get lease from 1 server, shut that server down.
<sergevn> henkjan: do another dhcp request, im getting the same ip
<henkjan> thats what you want, right?
<sergevn> henkjan: yes, but not duplicate leases
<henkjan> hmm, how are you testing it?
<sergevn> henkjan: havent released the old one yet, and getting the same one (as old) from other server
<spiekey> Morning everybody :)
<henkjan> a proper dhcpclient will answer with a broadcast
<sergevn> henkjan: using dhclient
<henkjan> sergevn: thats exactly what you want. The second dhcp server knows your lease, so it gives you the same ipadress
<sergevn> henkjan: hmm
<pppZero> the dhcp server seems to give the same ip to a machine as long as it can, i've got a computer here thats been on the same IP for about 3 years, and thats though endless reboots, OS installs and power outages
<slafko> hello everyone...i need help with ssh
<henkjan> slafko: what is your problem?
<slafko> i want to connect to server with ssh, but I got error "Host key verification failed"
<henkjan> the server seems to have a different hostkey than the key you have in .ssh/known_hosts
<slafko> how to fix it?
<slafko> ok, I solved the problem
<slafko> thanks!
<henkjan> you can remove the corresponding line from ~/.ssh/known_hosts
<henkjan> ah, to late :)
<sergevn> what is an good application for emailing system reports
<sergevn> no, i dont like to create manual scripts :P
<zul> logwatch?
<nijaba> sergevn: yep, logwatch is great, even though rules can be a pain sometimes to get right
<faulkes-> morning nijaba
<nijaba> hello faulkes-
<faulkes-> well, that was nice, I think I actually slept for 12 hours solid
<sergevn> nijaba: logrotate is installed by default i see, doesnt lolrotate have the same functionality as logwatch
<sergevn> nijaba: lolrotate = logrotate :D
<nijaba> sergevn: not IIRC.  logrotate changes the logfile and archive old one only
<nijaba> sergevn: it can mail them eventually, but with no filtering at all
 * faulkes- nods
<sergevn> nijaba: ok, so i installed logwatch, i see it puts it script in cron.daily.
<nijaba> logwatch will allow you to set regexp to be looked for in multiple log file and periodically mail you the matching lines of all watched log files in a single email
<sergevn> nijaba: but aint i getting the same log each day now?
<nijaba> sergevn: nope, only the lines that matches your regexp will be sent
<nijaba> sergevn: look at the default config, it is a good safe start
<sergevn> nijaba: noob Q: what is regexp
<faulkes-> regular expressions
<nijaba> sergevn: regexp = regular expression
<sergevn> nijaba: /etc/logwatch doesnt contain any config files :D
<henkjan> sergevn: we have a customer running logcheck on his colocated machine
<nijaba> sergevn: I realize I have been speaking of logwatch when thinking of logcheck
 * nijaba feels silly
<sergevn> nijaba: so you didnt mean logwatch in the first place ? :D
<nijaba> sergevn: both seem to do similar things but with a different architecture.  yeah, I meant logcheck as it is what I am using, but logwatch should work as well
<henkjan> logwatch - log analyser with nice output written in Perl
<henkjan> logcheck - mails anomalies in the system logfiles to the administrator
<zul> nijaba: you need more coffee
<henkjan> nijaba needs to send me an VT enabled computer :)
<nijaba> zul: right...  I'll be back after another load of caffeine
<nijaba> zul: jetlag...
<zul> nijaba: sure sure :)
<faulkes-> both are going to match on regexp though iirc
<henkjan> logcheck-database - database of system log rules for the use of log checkers
<henkjan> logchech has a database available
<henkjan> don't know about logwatch
<faulkes-> rules just get interpreted
<faulkes-> if you look in /etc/logcheck you'll notice that the files in there are all regexp based
<nijaba> henkjan: I personally don't have any to send, but if you plan on doing something usefull with a vt machine for the community, let's talk about it
<henkjan> nijaba: it was just joke, hence the smiley. But with an VT enable pc i could test a lot more on virtualisation
<henkjan> currently running on 1Ghz PIII :)
<nijaba> henkjan: I understood it as such.  And I think we do need some tester on PIII machines as well, just to make sure the devs don't get too sloppy ;)
<henkjan> hehe
<henkjan> but KVM will only run with VT support right?
<nijaba> henkjan: yep, we had to remove the full qemu emul because of it depending on a old gcc 3.4 version, IIRC
<henkjan> ah, to bad for me :)
<henkjan> but i'm happy with Xen
<sommer> morning all
<faulkes-> morning sommer
<zul> hi sommer
<mohamed_> hello all, how to know the running service on ubuntu server and how can i stop any of them ?
<henkjan> start/stop with /etc/init.d/<service start|stop
<mohamed_> thx henkjan , i mean how to stop any permenant
<mohamed_> that next time don't start
<henkjan> remove the symlink in /etc/rc3.d/S<number><servicename>
<zul> or you can use update-rc.d
<henkjan> ah, didnt know about that one
<Apollo9> When installing Ubuntu server, how can I disable automatic network configuration and enter a custom IP instead?
<henkjan> Apollo9: edit /etc/network/interfaces
<henkjan> man interfaces will give you enough information about what needs to be in that file
<nijaba> Apollo9: you can also press esc during install when the dhcp config is taking place
<nijaba> it will ask you what IP you want
<henkjan> ah, during install time its easier indeed
<mohamed_> but in case if he connect to dhcp server then network will configured auto the first time, in this case maybe he disconnect network cable while install
<Apollo9> Thank you all :)
<Apollo9> Btw, how large should the swap area be on a relatively old PC (I'm installing it as a test server to toy around a bit)? Should it be large (like 700MB) to compensate for lacking RAM?
<WaVeR> mohamed_, you can cancel the dhcp configuration (just press cancel when trying to get IP from dhcp)
<mohamed_> thx, WaVeR , for this info
<henkjan> Apollo9: how much ram do you have?
<WaVeR> welcome
<henkjan> ram is cheap nowadays, you should avoid swapping
<faulkes-> avoid? yes? always possible? no
 * faulkes- whistles innocently about jvm app servers
<henkjan> eeew
<Apollo9> henkjan: 128 MB, but only 800 MHz
<henkjan>  4626 tomcat5   15   0 4874m 1.5g  59m S  2.7 39.0 116:35.54 java
<henkjan> Apollo9: 512M swap should be enough
<faulkes-> if you only have 128mb, I would have at least 512mb of swap
<Apollo9> OK, thanks.
<mohamed_> is there a command to know the running services ?
<faulkes-> the ps command
<henkjan> but using that much swap makes your server unusable
<faulkes-> although that will list all processes
<faulkes-> see the ps man page
<faulkes-> it all depends on what you plan to do with the server as a test
<faulkes-> if it's just a LAMP stack, you should be fine
<faulkes-> if it's a jvm app server test, you'll be in trouble
<faulkes-> if it's just general learning and testing, you'll be fine
<faulkes-> "mostly"
<sommer> they mostly comem out at night... mostly
<Apollo9> henkjan: I'm pretty new to Linux. Can you please explain why using more swap makes it unusable?
<henkjan> Apollo9: swap is slow
<mohamed_> if one use more ram , this mean that can't crate swap partation ?
<mohamed_> crate = create
<faulkes-> you can always create a swap partition
<faulkes-> the point I believe henkjan is trying to make is that swap is much slower than actual ram
<faulkes-> because it is disk based
<mohamed_> e.g if i have 2 G ram in this case i can avoid swap ?
<faulkes-> all depends on what you are doing with the server
<faulkes-> I have yet to encounter any server that has not had a swap partition
<faulkes-> even if you feel you will never run out of ram, best practices dictate that murphy's law will apply ;)
<faulkes-> the short and sweet of it, create a swap partition just to be safe, even if it is never used
<faulkes-> and swap partition sizing all depends on how much ram you have and what you expect the server to do, so its a variable amount (IMO)
<faulkes-> if the server had 2gb of ram, I would personally give it 1gb of swap
<mohamed_> this is good then one safe in this case
<faulkes-> safety is good ;)
<mohamed_> of course
<faulkes-> you can't anticipate what or how much memory a given application will consume or if it has memory leaks
<kirkland> faulkes-, mohamed_: there's a couple of different theories as to how much swap is the right amount
<kirkland> when I have lots of hard disk, I give 2x RAM size to swap, which handles the theoretic worst case scenario of having to swap ALL of RAM out
<faulkes-> and disk is cheap
<kirkland> faulkes-: yep, most of the time
<mohamed_> kirkland, but if the system ram is enough and swap also exist system will not use swap till ram resources not enough ?
<kirkland> faulkes-: I do have a mythtv machine that only has a 2GB SD card for a disk, and there, I have no swap at all
<kirkland> mohamed_: right
<faulkes-> it is very dependent, my opinion, on what the server is expected to do
<kirkland> absolutely, I agree with that
<kirkland> lately, I've been using swapfiles instead of swap partitions
<rhineheart_m> hello...Is there a way to upgrade squirrelmail using terminal?
<kirkland> allows me to allocate more and reclaim my swap space far more easily
<faulkes-> kirkland: yes although thats a more advanced technique, for a new user
<kirkland> http://en.wikipedia.org/wiki/Paging recommends 1.5x RAM size, fwiw
<Apollo9> lol, after installation: /dev/hda1 has gone 49710 days without being checked, check forced.
<faulkes-> that's typical
<rhineheart_m> how to add users to imap without adding them into the system users?
<\sh> does anybody work on grinder, e.g. for inclusion in ibex?
<henkjan> !grinder
<ubotu> Sorry, I don't know anything about grinder - try searching on http://ubotu.ubuntu-nl.org/factoids.cgi
<\sh> henkjan: http://grinder.sourceforge.net/
<henkjan> ah, i see
<faulkes-> question: once I create a project in LP, how do I create/add the trunk? after following it's directions I keep getting "not a branch" error from bzr
<ScottK> faulkes-: --> #launchpad
<mathiaz> faulkes-: did you push your branch to LP ?
<mathiaz> faulkes-: I think you first need to push your branch and then you can set the trunk serie in the project.
<zyx386> hi all
<faulkes-> mathiaz: it's a bit confusing as to how they want it done
<zyx386> what is ubuntu recomended server hosting(Virual Server)?
<faulkes-> scottk: thanks, I'll ask there
<zul> zyx386: kvm
<zyx386> i will bay Virtual Server
<zyx386> zul, can give the company link,
<zul> zyx386: sorry its not a company i gave you the wrong info misfired
<zyx386> ok thanks, i choose company with virual server, but ubuntu basis?
<zyx386> for example www.server4you.com
<zyx386> can everyone tell me :)
<engida> does a regular server install come with a GUI (DE and x-server)?
<engida> if not, what is a lightweight window manager to install and what package/s? (Fluxbox?)
<sommer> engida: you can find details here: https://help.ubuntu.com/community/ServerGUI
<engida> sommer: Thanks
<sommer> np
<mathiaz> sommer: is there a factoid for the server gui ?
<mathiaz> !servergui
<sommer> mathiaz: not that I know of
<sommer> but that would make a good one... wouldn't have to lookup the site :-)
<mathiaz> !servergui
<ubotu> Sorry, I don't know anything about servergui - try searching on http://ubotu.ubuntu-nl.org/factoids.cgi
<faulkes-> hrmm, 30 min until meeting?
<kirkland> zyx386: personally, I use a2hosting.com.  They do have Ubuntu VPS options: http://www.a2hosting.com/vps_hosting.php
<sommer> hey all, is the statement regarding apt-get dist-upgrade correct: http://doc.ubuntu.com/ubuntu/serverguide/C/apt-get.html
<sommer> with regards to upgrading packages?
<sommer> wait never mind I'm just reading the lead in wrong I think
<mathiaz> sommer: the statement about upgrading from one release to another should be removed
<mathiaz> sommer: do-release-upgrade should be used instead of dist-upgrade
<sommer> mathiaz: ya, I removed the second few paragraphs... as was reading the first one, and it started to not make sense :-)
<sommer> mathiaz: it's replaced with a link to the upgrading section under installation
<ScottK> It's true that's the supported way, but I've never had a problem with apt-get dist-upgrade on servers.
<mathiaz> sommer: dist-upgrading from dapper to hardy won't work as dapper's dpkg doesn't understant the new Breaks: field available in hardy
<sommer> mathiaz: yep, we should be covered
<zul> anyone seen ivoks recenlty?
<sommer> zul: today he replied to an email a sent him last week, he's been sick for the last 10 days
<zul> ah ok thats unfortunate
<sommer> ya, sounded pretty bad
<ScottK> mathiaz: Since you uploaded cyrus-sasl2, cyrus-sasl2-heimdal needs to be updated too or it's broken.
<engida> just did a 6.06 server install and am wanting to add 2 new users to the admin group. I have looked at adduser and useradd, was wondering if there was a command to list current users/grous
<sommer> engida: cat /etc/group and cat /etc/passwd will accomplisth that :-)
<faulkes-> cat /etc/group | grep <username>
<engida> which command is better to just create a normal user that belongs to an admin group (or a sudoer), useradd or adduser?
<sommer> engida: I think adduser is pretty simple: adduser username groupname
<sommer> but really whatever works for you is the "correct" way
<engida> but I don't want the new user to have a home directory... just a shell and being able to sudo...
<sommer> engida: for that you'll want to check the options for useradd, then you can always go back and run adduser
<sommer> at least that's what I'd do
<mathiaz> ScottK: I haven't uploaded cyrus-sasl2 yet
<ScottK> Hmmm
<mathiaz> ScottK: kirkland and I still have to complete the merge IIRC
<ScottK> OK
<mathiaz> ScottK: someone else uploaded it ?
<ScottK> No.  slangasek uploaded another Ubuntu revision.
<ScottK> So you'll need to update your merge, but the -18 merge isn't done
<ScottK> When you do, please include an update of cyrus-sasl2-heimdal (in Universe) so it won't be broken.
<engida> sommer: Is it possible for the new user to belong to the admin group and still have its own password to be identified by?
<engida> I envoked the -p argument in useradd and was not promted for a password when creating a new user
<sommer> engida: sure, you just need to set it using passwd
<sommer> engida: I think the -p argument expects the password to be part of the command
<sommer> or standard input
<engida> hmm.. so a <sudo passwd username "newpass"> should do the trick?
<sommer> engida: should
<engida> Thnks :)
<sommer> np
<mathiaz> ScottK: ok
<ScottK> mathiaz: Thanks.
<kirkland> mathiaz: do you want to set aside some time this week to finish that cyrus-sasl import?
<kirkland> mathiaz: or, if you want to just do that one yourself, that's okay by me--it looked more complicated than a run-of-the-mill import
<kirkland> s/import/merge/g
<ScottK> It can't be uploaded until after the alpha 6 freeze is over, so you have some time.
<mathiaz> kirkland: I think it's good example of a merge.
<mathiaz> kirkland: even though it includes more work, you get a good intro to the merge process.
<mathiaz> kirkland: we could actually upload it as it is, but we've started to clean up the packaging a little bit.
<mathiaz> kirkland: so I think we should keep working on it - get the merge ready and once the archive is opened, I'll upload it.
<keescook> soren, zul: can you look this over, and let me know which of xen-3.[012], qemu, kvm need updated?  https://bugzilla.redhat.com/show_bug.cgi?id=433560
<ubotu> Red Hat bug 433560 in vulnerability "CVE-2008-0928 Qemu insufficient block device address range checking" [Medium,New: ]
<soren> keescook: All of them, probably.
<keescook> soren: that's what I suspected.  :P
<soren> keescook: Don't use Ian's patch, but I assume you noticed that?
<keescook> soren: yea, saw comment 22 there.
<soren> keescook: Right. I'll grab it for hardy kvm.
<keescook> I'm hoping to get a "blessed" patch from either upstream or you/zul :)
<soren> keescook: Er.. How high priority is this? Can you wait until tomorrow. I want to talk to Dan.
<keescook> soren: it's "fix soon" in my book, but needs to be "fix right" due to the invasiveness of the patch, so I'm happy to get additional confirmation.
<soren> keescook: There's one of the cases that looks wrong in his updated patch, and I just want to check with him which one of us is on crack :)
<soren> keescook: None of this is in main, is it?
<soren> keescook: Apart from kvm in hardy, that is..
<keescook> soren: xen?
<soren> keescook: In main? Really?
 * keescook remains unclear
<soren> libxen, perhaps, but not xen.
<soren> I hope.
<zul> libxen is not affected but xen-utils is affected
<soren> zul: xen-utils? Hm. Interesting.
<rhineheart_m> hello! How to configure http://www.example.com/tick to be accessible thru http://www.tickl.example.com?
<kirkland> rhineheart_m: in your sites-enabled apache conf file:
<kirkland> <VirtualHost *:80>
<kirkland>         ServerName www.tickl.example.com
<kirkland>         DocumentRoot /var/www/html/tick
<kirkland> </VirtualHost>
<rhineheart_m> kirkland: thanks for that. How about hosting multiple sites with each domain?
<kirkland> rhineheart_m: you can put as many of those <VirtualHost> sections as you want in there
<rhineheart_m> you mean? all I have to do is to confgure external nameserver like www.tickl.example.com to point to my IP?
<kirkland> rhineheart_m: yes
<ScottK> lamont: I'm reading this http://ressukka.net/blog/posts/20070909_postfix_defaults/ and thinking default subdomain matching for relay'ed domains is probably not the best plan.
<rhineheart_m> kirkland: where can I find the sites-enabled apache conf?
<kirkland> rhineheart_m: /etc/apache2/sites-enabled/*
<rhineheart_m> kirkland: I have only two available files there.. 000-default and squirrelmail
<kirkland> rhineheart_m: you want 000-default then
<mathiaz> rhineheart_m: you'd better create one file in /etc/apache2/site-available/ for each virtual hosts
<kirkland> rhineheart_m: and then symlink them into sites-enabled/
<rhineheart_m> mathiaz: what do you mean with that?
<mathiaz> rhineheart_m: and then use the command a2ensite to enable the sites
<mathiaz> rhineheart_m: the code that kirkland posted above - put in a file in /etc/apache2/site-available/
<mathiaz> kirkland: right - I think it's just the standard way to do it.
<mathiaz> kirkland: but you should edit your files in /etc/apache2/site-available/
<mathiaz> kirkland: site-enabled is just a directory with symlinks.
<kirkland> mathiaz: ;-)
<kirkland> mathiaz: agreed.
<rhineheart_m> the two of you! great job! how to create symlinks by the way?
<lamont> ScottK: reading
<mathiaz> rhineheart_m: use a2ensite
<mathiaz> rhineheart_m: there is a manual page for a2ensite that explains what it does
<mathiaz> rhineheart_m: you don't need to know about symlinks.
<ScottK> Actually I'm not sure I like default subdomain matching at all.
<rhineheart_m> ScottK: You made me thinking deep? Please say something..
<ScottK> rhineheart_m: I'm talking to lamont about a postfix thing.
<ScottK> Sorry it sounded like your topic.
 * ScottK knows very little about web servers and tends to ignore talk about them.
<rhineheart_m> NP. Thanks for letting me know..
<lamont> ScottK: yeah.  it's a ponder thing, for sure.
<lamont> ScottK: and nfc how the 2.4.5 backport built, either.
<ScottK> lamont: Accepting mail for some domain I don't explicitly list seems so Postfix 1.0
<lamont> and yet my mail server _wants_ that behavior (iz many hosts it takes mail for)
<ScottK> lamont: I'm pretty sure the whole Main/Universe thing is supposed to be ignored for backports.  It's really a non-sequitor.
<lamont> ah, that could be it
<ScottK> And jdong told me that he thought that got fixed a year ago.  I think someone 'improved' the system.
<lamont> yeah - quite possible that a recent rollout regressed it... you should file a bug against launchpad
<ScottK> lamont: I have a strict policy against filing or looking at bugs against launchpad.  It just hurts my blood pressure. I'm heckling jdong into doing it.
<lamont> ScottK: fish in a barrel.
<ScottK> It's just such a freaking amateur hour project combined with extreme hubris that it drives me nuts.
<rhineheart_m> mathiaz, kirkland: got an idea how to enable https in squirrelmail?
<ScottK> My favorite recent example was being told I'd have to give up my opinion that the pre-beta U/I was better if I wanted my complaints to be taken seriously.
<ScottK> So I've given up on making complaints.
<mathiaz> rhineheart_m: https://help.ubuntu.com/community/forum/server/apache2/SSL
<lamont> ScottK: generally, I find that it's getting better, and that it does what I need.
<ScottK> lamont: There are things that are getting better.  I find that as the system is growing more complex the U/I is getting more confusing and it's getting harder to find stuff.
<ScottK> The amateurish part is I think they put way to much into implementation and not enough into design and testing.
<ScottK> In the most recent release they made a change to have PPA uploads start building immediately before publisher runs.
<ScottK> What they failed to notice in design, implementation, or testing is that before publisher runs on an empty ppa there is no releases file.
<ScottK> Soyuz will barf when it tries to upload the binaries.
<ScottK> Pretty basic thing I'd say.
<ScottK> It's currently marked low and the only developer comment I saw was something along the lines of ooh - let's call this the builds to fast bug.
<ScottK> I just barely restrained myself from a really sarcastic comment and that was the last LP bug I looked at.
#ubuntu-server 2008-03-06
<rhineheart_m> mathiaz: what do you mean with * Reloading web server config apache2   5904  OK after doing the given tutorial?
<zul> soren: xen-utils has the qemu bits
<musashi> after setting up raid 1, my computer no longer boots. it hangs for a while, resumes and then dumps to (initramfs). my system worked fine with raid set up but not mirroring. last night i did "mdadm /dev/md1 -G -n 2" or order to get it mirror. That's all i did. now it doesn't boot. any help?
<musashi> also added the mirror drives with "mdadm --add /dev/md1 /dev/sdb2"
<musashi> if i try to exit busybox I get "target filesystem doesn't have /sbin/init"
<rhineheart_m> is it possible to set SSL redirection to local IP using apache2? Example.. the router can be accessed at this add: 192.168.1.20..can I configure apache2 modSSL to allow redirection to local  192.168.1.20?
<ScottK> Someone who's in Canada go wake up zul so he can upload ebox.
<faulkes-> depends where zul is and how much you're gonna pay me ;)
<faulkes-> zul in mtl?
<zul> ScottK: there is always tomorrow
<faulkes-> heh
<faulkes-> zul: where in .ca?
<zul> ottawa
<faulkes-> ah
<faulkes-> toronto here, well, outside of toronto, but still
<zul> ah how unfortunate ;)
<rhineheart_m> can anyone here recommend commodo firewall for ubuntu server ed gutsy?
<ScottK> zul: I was thinking it'd be cool to be able to tout ebox in the alpha 6 release notes.
<slide23> I think my server may have been compromised but I can not take it offline immediately to reinstall. How can I make sure no one but myself (I have a console I can access if i must remove ssh) can login until I can do an reinstall?
<ScottK> If it's been seriously compromised you can't.
<sommer> what if you changed the shell option for users in /etc/passwd?
<slide23> im not sure how seriously but i wont be able to reinstall for a day or so and at least want to minimize anything i can
<slide23> well, i only had 1 becides myself and it was actually set to root (which im not sure if i did that a LONG time ago and just forgot or not)
<sommer> you could also monitor for proceses that shouldn't be there
<sommer> not 100% fool proof though
<slide23> ugh
<slide23> stupid hackers
<faulkes-> zul: heh
<faulkes-> slide23: determine the vector by which you were comprimised, seal it off, that isn't a garrauntee of other things but it's a start
<faulkes-> depending what or who, it could be something as simple as a bot exploit
<slide23> i think it was probably a forum exploit that got them in
<faulkes-> then it is likely just a bot
<slide23> how do i tell, and what is a bot lol
<faulkes-> a bot is just automated software which probes and exploits when it finds a vulnerability, usually adding itself to an irc network
<slide23> actually, they had a phising page setup on one of my site
<faulkes-> you could just run tcpdump and look for port 6667 traffic
<faulkes-> yes, but they need a control medium, that is usually done via irc
<slide23> ah
<sommer> slide23: did you have extra apache processes running?
<faulkes-> so if you aren't irc'ing from the server itself and see port 6667 traffic, that would indicate the general level of infection
<slide23> what do you mean extra?
<faulkes-> as it's more virus than actual human at a prompt
<sommer> extra as in from a different httpd binary somewhere else in the file system
<slide23> how can I tell
<faulkes-> slide23: processes owned by the www-data user, that are not httpd
<ScottK> Personally I'm still getting over "I think it's compromised, but can't turn it off".
<sommer> ps -ef should show the binary path
<sommer> ScottK: heh... sometimes it happens
 * ScottK would suggest the long term consequences of having one of your IPs being used for bad stuff probably outweigh whatever short term risks there are with pulling the plug.
<faulkes-> ScottK: have had that happen recently to a box that was 700 clicks from me with no useful DC support
<faulkes-> takes awhile for things like that to get added to lists though, so if he caught it in time
<faulkes-> he should be good
<faulkes-> and the only way he can prevent that, is to track down the attack and figure out what it did
<faulkes-> slide23: look through /var/log/apache2/access.log, heck, even "cat /var/log/apache2/access.log | grep -i bot"
<faulkes-> if that shows up a url, use wget to download a copy of the bot from the url, you can then see what process it think it should hide as and move from there
<faulkes-> usually, this form of attack is against phpbb
<slide23> i see tons of google bot and msn bot
<slide23> lol
<sommer> you were hacked by google!
<slide23> lol
<faulkes-> heh
<faulkes-> try grep -i "=bot" instead
<faulkes-> with quotes around the "=bot"
<slide23> nope
<slide23> nothing now heh
<faulkes-> then you have to look through line by line ;)
<faulkes-> look for anything which includes your url, attempting to call another url
<musashi> after setting up raid 1, my computer no longer boots. it hangs for a while, resumes and then dumps to (initramfs). my system worked fine with raid set up but not mirroring. last night i did "mdadm /dev/md1 -G -n 2" or order to get it mirror. That's all i did. now it doesn't boot. any help?
<faulkes-> i.e. /path/to/myphp.file.php?=http://some.server.somewhere.com
<faulkes-> or something like that
<musashi> well I also added the mirror drives with "mdadm --add /dev/md1 /dev/sdb2" and goofed up so removed it and then added again.
<faulkes-> again, that is just a common attack vector, it could be something else entirely
<faulkes-> define "goofed up"
<musashi> me?
<faulkes-> yep
<musashi> by goofed up i did "mdadm --add /dev/md1 /dev/sdb1" when it should have been sdb2 to match
<musashi> md1 = sda2 and sdb2
<musashi> so i did mdadm --remove /dev/md1 /dev/sdb1 and then re-added with with sdb2
<musashi> md1 holds the / partition
<faulkes-> my first instinct says to search the official server forum at http://ubuntuforums.org/forumdisplay.php?f=7 as I believe others have had this issue
<faulkes-> I'm not sufficiently versed enough beyond this point to really be of much assistance
<musashi> okay. looking...
<musashi> any particular keyword a good choice for searching?
<faulkes-> I would search for mdadm (I believe there was a recent post) and also raid
<rhineheart_m> faulkes: this might be off topic here.. but may I ask you? Do you have background on joomla CMS?
<faulkes-> rhineheart: no, I do not use joomla nor have a background with it
<faulkes-> the last CMS I touched would probably have been drupal and I despised every minute of working with it ;)
<slide23> ok i ran chkrootkit and got this, "Checking `bindshell'... INFECTED (PORTS:  465)"
<faulkes-> port 465 is ssl over smtp
<faulkes-> I would check with chrootkit folks to see if it is a known false positive
<faulkes-> as both chrootkit and rkhunter are capable of giving off false positives
<faulkes-> err, smtp over ssl
<faulkes-> I think I just ip over avian carrier'd myself there
<faulkes-> and in the very next step, dated myself incredibly
<faulkes-> of course, if you know your installed mail system in/out, it would also tell you if it's valid or not
<slide23> yea no... lol i set it  up a long time ago and dont do this as a business just personal
<slide23> bbl
<musashi> I have scanned the 110 posts that match but none seemed to address my issue (of course I'm not sure what I'm looking for). my system boots to busybox and trying to exit busybox I get "target filesystem doesn't have /sbin/init"
<musashi> i found lots googlilng that error but nothing useful yet
<musashi> except a suggestion to reinstall udev which i did without effect
<faulkes-> serach for "raid initramfs" then
<faulkes-> as that is particular to your case
<faulkes-> within the forums that is
<musashi> searching...
<rhineheart_m> faulkes: where is wget extracted folder could be found?
<faulkes-> musashi: which server version are you using
<faulkes-> rhineheart: huh?
<rhineheart_m> I got it.. in the root.. thanks.. m using 7.10
<musashi> it's not a server. just my desktop. i'm running 7.10. installed from alternate cd and set up raid. it wasn't mirroring so i did the mdadm add stuff and finally got it to mirror. i'm betting my problem is because the --remove bit did more than i expected.
<musashi> this looks promising but not sure what i need to do http://ubuntuforums.org/showpost.php?p=4012098&postcount=6
<faulkes-> #ubuntu-desktop may have encountered similar issues before
<faulkes-> however, I also found
<faulkes-> http://ubuntuforums.org/showthread.php?t=651110&highlight=fail+boot+raid+device
<faulkes-> which seems to describe some of what you are seeing but that is about all I can really offer, not having a box to test it out on here right now
<musashi> what does this mean "It looks like you may not have loaded the raid1 module in your initramfs. "
<musashi> could it have been removed as i was setting it up? it used to boot just fine.
<faulkes-> iirc if you modify your initramfs you need to update-initramfs -u
<musashi> well i never modified anything intentionally. i can boot a live cd and try that
<musashi> i don't even know what initramfs is
<musashi> maybe ram file system?
<faulkes-> initramfs basicly tells the kernel which stuff to load at boot
<musashi> so will "sudo update-initramfs -u" update it?
<faulkes-> however, if you can boot off a live cd, I mount and check /etc/fstab /etc/initramfs-tools/modules
<faulkes-> hrmmmm, I smell burnt IC
 * faulkes- eyes his laptop
<musashi> oh, literally
<musashi> lol
<musashi> yeah, i can boot live cd but kind of a pain to get the raid volume to mount
<faulkes-> yes, literally
<faulkes-> this laptop has been dying a slow death the last week
<faulkes-> I have a new one on order
<faulkes-> kb dead, dvd dead, hdd making sqawking noises
<musashi> well new computers are always fun
<faulkes-> eh, it'll be nice to have a current machine
<faulkes-> 3x the ram, 5x the drive space, alot more cpu and alot more vram
<faulkes-> I'll get it all sparkly and pretty with desktop effects
<faulkes-> maybe add in some flowers and a throw pillow or two
<musashi> okay looking at /etc/initramfs...
<musashi> lol
<musashi> nothing but commented lines
<faulkes-> commented lines such as #raid0 #raid1?
<musashi> yeah
<musashi> says #examples:
<musashi> # raid1
<musashi> # sd_mod
<musashi> and some other stuff before that
<faulkes-> that could possibly be an issue as iirc the -generic kernel isn't built with raid support
<musashi> well, i did install from the alternate cd and specifically set up raid at install. i would hope that would cover it
<musashi> it was booting fine too
<musashi> until i made the changes to get it to mirror
<faulkes-> yes, damnable changes
<faulkes-> what about /etc/fstab
<musashi> okay, did the update-initramfs bit.
<faulkes-> do the UUID of the disks match for your raid mirror?
<musashi> not sure, how do i check
<faulkes-> cat /etc/fstab?
<musashi> update didn't seem to do much
<musashi> yes, i'm looking at fstab
<faulkes-> musashi: I'm not sure what output it would give if you ran it, although you would have to make changes to the modules file (such as uncommenting those options)
<musashi> but don't know if the uuids are right. it does say /dev/md0 and /dev/md1 and then gives the uuids
<faulkes-> md0 representing which disk?
<faulkes-> or set of disks (as appropriate) or mount point
<musashi> md0 is hd0 or sda1
<musashi> i think this is correct as it does start to boot. just errors out later
<faulkes-> I would comment out the raid1 and sd_mod modules in /etc/initramfs-tools/modules and do the update-initramfs -u
<faulkes-> s/comment/uncomment
<faulkes-> then give it a reboot, who knows, might just fix it
<musashi> okay, trying
<musashi> update says "cat: /proc/cmdline: no such file or directory" mean anything?
<musashi> well rebooting. lets see what happens
<musashi> no go
<musashi> it says md0 stopped and md1 stopped and then hangs
<musashi> why is it stopping them
<faulkes-> that would be the $5 mil question, wouldn't it ;)
<musashi> well, i was hoping you might have an idea :)
<faulkes-> when it says "stopped" is that the full message it gives?
<musashi> before going to busybox it says "trying o resume from /dev/disk/by-uuid" and then no resume, doing normal boot...done. some modprobe lines then cannot read /etc/fstab and some more failed mounts.
<mralphabet> do you have the boot disk mirrored with mdadm?
<musashi> yes, but not the boot partition
<musashi> just / and /home
<musashi> for stopped it just says md0 stopped
<musashi> the rest of the info is off screen now. how can i scroll up?
<faulkes-> well, at the point where it says it can't read /etc/fstab, we have an issue already
<faulkes-> probably even before that
<faulkes-> you *do* take regular system backups *don't* you? ;)
<musashi> right. i think it's because it's stopping the array and then can't reay anything
<musashi> yeah, i have a full backup of /home
<musashi> the data is good though
<musashi> i can read it from a live cd
<musashi> i didn't backup / though
<musashi> it's easy to reinstall that
<faulkes-> wow, I feel like I won the lottery, I found a user who takes backups
<musashi> lol
<musashi> what? doesn't everyone?
<faulkes-> given the lottery feeling, the general answer would probably be no ;)
<musashi> the whole point of doing the raid was to give me another backup
<musashi> i help on launchpad answers a lot and it seems like a lot of people manage to overwrite windows when installing and never made a backup before install. now that's crazy
<faulkes-> the only thing I can think of is that it either doesn't think the raid1 array is fully populated/created (which seems to be a known bug) or that something is wrong with the boot sequence but thats about all I have and it's just from googling
<faulkes-> and LP entries
<faulkes-> and I do need to head off to bed
<musashi> i'm guessing something similar but no idea how to fix
<musashi> well, thanks for the help.
<musashi> i'm installing on a new drive so i can have something to work from
<ScottK> lamont: You can add the Postfix backport you did to Gutsy to the how the heck did that work list since DB 4.6 was in Universe at Gutsy release.
<nealmcb> mathiaz, sommer - I wasn't at the meeting today since I'm at the idtrust2008 symposium.  but I did notice the 'servergui' request.  I'll get to it later.  But for now I'd suggest talking about guis other than x11 and linking to ebox from the servergui web page, and perhaps recommending in the ebox wiki page that it is not quite ready for prime time in gutsy and is/will be much better in hardy.
 * musashi waves at nealmcb 
<nealmcb> :-)
<sommer> hey nealmcb
<sommer> sounds good to me
<sommer> I'll update the servergui page
<sommer> nealmcb: I'm also using the ebox wiki page to rough draft the documentation, so if you have anything to add ;-)
<sommer> nealmcb: are you going to UDS Prague?
<lamont> ScottK: heh
<ScottK> If someone would be up for testing we could backport ebox to gutsy once zul uploads his updates.
<sommer> ScottK: I'm up for testing
<sommer> from my hardy ebox testing there's still some issues though :\
<ScottK> Well if it works reasonably well it might be worth it to get more testing.
<sommer> to be honest I think there are some design decisions with ebox that aren't "the best"
<sommer> to manage users and groups you have to install slapd for instance
<sommer> what if I like /etc/passwd
<nealmcb> sommer: thanks!
<sommer> nealmcb: welcome
<nealmcb> sommer: yes I'm going to Prague - woot!
<nealmcb> ouch - slapd huh....
<sommer> cool, do you know if americans need a special visa thing?
<nealmcb> I haven't checked.  or even czeched....
<ScottK> sommer: My understanding is not (I'm going too).
<sommer> heh... I looked through the czech embassy page and didn't see anything
<nealmcb> :-)
<sommer> ScottK: cool, good news
<sommer> it'll be great to meet everyone in RL... heh
<ScottK> Personally I won't use it, but I understand it (ebox) is an important issue for the distro.
<musashi> nealmcb, i went to to prague about 13-14 years ago and no visa needed. things may have changed though
<sommer> ScottK: same here, but I work with some windows admins that would like to have that functionality :-)
 * sommer thinking about delving into eBox development
<nealmcb> sommer: I haven't really found time to look in depth at ebox yet, but yeah, my sense is that it would be very helpful,  though it needs to be done right....  so I hope it looks appealing
<nealmcb> musashi: thanks.  I hear it is a great place to visit
<sommer> nealmcb: I like the interface, looks great
<slide23> is there anyway I can backup a remote server to my computer?
<sommer> nealmcb: I think the overall design is a little "heavy"
<sommer> at least for my taste
 * nealmcb isn't fond of perl
<sommer> slide23: are they both linux machines?
<slide23> no =\ my local computer is windows
<sommer> slide23: one way would be to use rsync... I believe there's a windows client, but you might double check
<ScottK> slide23: Install cygwin on the Windows box and use rsync
<ScottK> sommer: ^^^ is the windows client
<sommer> ah
<slide23> hrm well I also want to preserve permissions and date info, is there anyway to do that too? like put it into an archive
<ScottK> slide23: IIRC you can do that with the right swicthes on rsync.  Read the man page
<sommer> slide23: also bacula might be a good option... haven't done linux > win myself though
<ScottK> I use the cygwin rsync approach to back up my wife's computer (her transition is on the TODO).
<slide23> hehe
<ow1> I need some help. I've just created a fix for the ntp bug. Using https://wiki.ubuntu.com/PackagingGuide/Recipes/Debdiff as my recipe I've made a debdiff, but it's huge. I've just noticed that the changelog shows 'feisty' in my change entry, rather than 'hardy', which I suspect is the cause. Without building a hardy machine or a pbuilder environment for hardy, how do I make a debdiff with a single line fix in a bash script?
<sommer> debchroot?
<ow1> sommer: Doesn't that mean that I still need to have a gig of space to make a virtual hardy machine?
<sommer> ow1: you'll need some space yep
<ow1> Crap.
<ow1> Sigh.
<sommer> ow1: to be honest I'm not 100% sure, probably a good idea to ask in #ubuntu-motu, they should know
<ow1> Cool, I'll ask, tah.
<sommer> though someone here probably knows better than me here as well
<ow1> Well in the end I created a debdiff with diff -ruN which seemed to create what I needed.
<sommer> when using a serial console to a linux machine is it the same as using vga without X11 ?
<owh> sommer: AFAIK yes - actually, a TTY, but yes.
<sommer> owh: cool thanks... that's the way I understood it, but have never actually set one up
<sommer> probably a good project for the weekend
<owh> sommer: I created a debdiff with diff -ruN in the end.
<owh> s/with/using/
<owh> For my next project I'll create a JEOS vm to do patching in :)
<sommer> owh: sweet, jeos is pretty cool
<sommer> good news on the debdiff :-)
<owh> I'm down to 48 seconds on a jeos build :)
<owh> Mind you, that's not on my workstation, but on a big server :)
<sommer> heh... I've only used with qemu, but worked well for me
<pnukeid> i want share internet connection my ubuntu with xp, and i have problem ?
<pnukeid> anybody can help ?
<pnukeid> my ubuntu connect have 2 lan card, one connect to adsl modem, one in laptop xp..
<pnukeid> when i ping google.com from laptop, it just "request time out"..
<rhineheart_m> Anybody here who knows the poppass daemon default port for courier and how to configure it?
<soren> I'm guesssing it's 106.
<soren> No idea where to configure it.
<soren> Never used it.
<rhineheart_m> thanks...  How I wish somebody here knows about it..
<rhineheart_m> hello.. I got this error: Warning: fsockopen() [function.fsockopen]: unable to connect to localhost:106 (Connection refused) in /usr/share/squirrelmail/plugins/change_pass/options.php on line 140. Any idea?
<soren> I'm no expert, but I'm guessing options.php is trying to connect to port 106 on localhost, and it can't.
<MenZa> Morning, soren
<soren> Hi, MenZa  :)
<rhineheart_m> hello soren..
<soren> Hi.
<rhineheart_m> actually m trying to configure to be able to change password in squirrelmail..but it needs poppass to accept incoming requests  at port 106.The router is alraedy open at 106 though.  Just don't know where to configure it..
<soren> It's trying to connect to localhost. Unless your network setup is *seriously* messed up, that shouldn't involve a router.
<soren> You probably just haven't start the poppass daemon.
<rhineheart_m> I'm using here courierpasswd. The plugin says I could use it instead of poppass
<soren> Then courierpasswd is your poppass daemon.
<rhineheart_m> I just forgot how did I set it up... how to know what authentication method courier is using?
<freeflying> rhineheart_m: what plugin r u using?
<rhineheart_m> plugin for squirrelmail...to let users change their own passwords..
<freeflying> rhineheart_m: no idea, never used this plugin
<rhineheart_m> freeflying: do you user squirrelmail?
<freeflying> rhineheart_m: yes
<rhineheart_m> freeflying: did you allow your users to change their own password?
<freeflying> rhineheart_m: no :P
<rhineheart_m> okay.. why ?
<rhineheart_m> freeflying: are they virtual users
<freeflying> rhineheart_m: yes, they don't wanna :P
<rhineheart_m> uhuh! what guide you use to make virtual users?
<freeflying> rhineheart_m: no guide :)
<rhineheart_m> freeflying: that's great..
<freeflying> rhineheart_m: u will not make it run just follow some guides :P
<nijaba> morning
<\sh> does the php5-cgi package supports fcgi mode (e.g. for lighty/apache)?
<\sh> forget the question..i found the answer :)
<rhineheart_m> its afternoon here..
<kraut> moin
<mok0> I have an amd64 running the latest hardy kernel (2.6.24-11-generic) but it seems to be running full throttle. How can I tell if dynticks are enabled?
<faulkes-> morning nijaba
<nijaba> hello faulkes- first day at your new job today, right?
<faulkes-> something like that
<faulkes-> only have meeting scheduled today, but that'll probably last like 3 hours
<nijaba> faulkes-: hey, good luck on this.
<faulkes-> get stuff setup, see what kind of hideous mess I've walked into  ;)
<nijaba> I read the log from the meeting yesterday
 * faulkes- nods
<nijaba> did you get to talk with owh?
<faulkes-> yes
<faulkes-> we spoke at length on a number of topics
<nijaba> I don't quite get his remark "going all over the place", could you shed some light on tis for me?
<faulkes-> and then we took a step back because there were some obvious differences, put things apples to apples, so to speak
<nijaba> (if you don't have time now, we can do this later)
<henkjan> hmm, server-meeting is a bit late
<faulkes-> nah, I have time
<henkjan> in GMT+1 thats 22:00
<nijaba> henkjan: yeah, I know, I am based in paris
<nijaba> same time zone as you, it seems
<henkjan> i would like to follow the meetings, but also need my sleep
<tmadsen> If I enter a wrong password on an ubuntu server, that password will not be saved anywhere in cleartext, right?
<freeflying> tmadsen: should be
<tmadsen> where?
<tmadsen> I entered a qrong password, and I don't want anyone to be able to see it
<henkjan> you entered a wrong password at a password prompt?
<henkjan> then it wil not be saved
<tmadsen> yes, while doing a sudo'
<zul> sommer: around?
<henkjan> tmadsen: don't worry
<tmadsen> henkjan: not saved?
<henkjan> if you typed it in stead of an command like 'ls' it would be saved in .bash_history
<freeflying> tmadsen: i mean it will be saved
<henkjan> tmadsen: i won't be saved if you typed a wrong password while doing sudo
<tmadsen> henkjan: thank you
<tmadsen> freeflying: if you think its saved, where do you think then=
<sommer> zul: just getting ready for work ;-)
<freeflying> tmadsen: sorry, will not be :)
<tmadsen> good, thank you both
 * tmadsen is relieved
<zul> sommer: ok talk later then :)
<henkjan> last week i received a shipment of ubuntu-servers cds. I decided to drop them at the reception, so customers could get one to try ubuntu.
<sommer> zul: give me like 30min... I'll ping you in a bit
<henkjan> today i noticed that the last cd was gone
<henkjan> would canonical ship more free cds to promote ubuntu ?
<freeflying> henkjan: u may apply from shipit
<henkjan> freeflying: shipit has no ubuntu-server cds
<zul> sommer: sure
<henkjan> we just ordered two sun t1000's for the coming hardy release (we run nl.archive.ubuntu.com )
<henkjan> lets see how that runs (1 proc, 8 cores, 4threads p/core
<henkjan> threaded apache, 2x 10G AMSIX connection
<sommer> zul: I'm back
<zul> sommer: cool I fixed that problem with the logger
<zul> sommer: for the userandgroups stuff it looks like you have to configure ldap
<sommer> ah, so eBox doesn't handle it for you?
<zul> no
<zul> unfortunately
<sommer> ya, that's kind of limiting if you have to use ldap, but need to configure it yourself
<zul> oh I agree
<sommer> but I guess if it's documented should be okay
<zul> thanks for all your testing
<sommer> I'll be able to do more testing this evening
<sommer> np
<henkjan> hmm, proper setup of ldap is not that easy, especially for the people who want to use a webbased panel
<ScottK> sommer: Someone ought to add something to the Alpha 6 release notes about ebox...
<zul> ScottK: not yet..
<sommer> ScottK: sounds good to me, not sure how that process is handled though
<ScottK> zul: No?
<zul> ScottK: still uploading it to universe and it has to get out of binary new
<ScottK> sommer: Not if zul says no, but the usual way is to whine to slangesek
<zul> and source new
<ScottK> Right.
<sommer> ScottK: ah,
<rhineheart_m> ScottK: when will be hardy be officially released?
 * ScottK hands rhineheart_m wiki.ubuntu.com/HardyReleaseSchedule
<rhineheart_m> ScottK: thanks... are you one of its core developers?
<henkjan> half april, so we have a month to make a superfast nl.archive mirror
<ScottK> rhineheart_m: I'm a core-dev, yes.
 * ScottK is not a Canonical employee, however.
<rhineheart_m> ScottK: That's great!  Are you the founder of this channel?
<ScottK> Not at all.
<rhineheart_m> ScottK: where can the ubuntu headquarters be located?
<mralphabet> rhineheart_m: there is a wiki page about the server team (and a page for all the ubuntu teams) if you are looking for some history.
<ScottK> Ubuntu developers are from all over the world.
<rhineheart_m> what's the correct pronunciation of ubuntu? is it yubuntu or obunto?
<henkjan> obunto afaik
<mralphabet> ewwbuntu
<rhineheart_m> the final one please.. what's the right one?
<ScottK> Dear zul: Please abandon your obsolete dependency on python-xml in xen-3.2.  Please see Bug 199014 for details.  kthnkxbye.
<ubotu> Launchpad bug 199014 in eric "python-xml removal: please drop/replace (build) dependencies" [Medium,In progress] https://launchpad.net/bugs/199014
<zul> Dear ScottK: okiely dokiely kthnkxbye
<Rayn> Hey all, any solutions for mysql overflowing varrun?
<henkjan> what do you mean?
<Rayn> the binary logs on my slave are filling /var/run/mysqld and creating problems
<henkjan> are you using mysql replication?
<henkjan> no? then disable binary logging
<Rayn> the server only has 2G of ram and that's quickly filled with the amount of activity I get
<Rayn> yeah I am
<Rayn> and these are the slave logs anyway, not the master logs
<Rayn> I suppose it's only a problem for as long as the slave is behind the master, they'd be purged as soon as they're done with, maybe if I decrease the size of the logs that would help, but still, putting this stuff in a ramdisk seems like a bad idea
<zul> there ebox uploaded to universe so now we just sit and wait
<sommer> party!
<brewmaster> i'm having trouble connecting to my local apache webserver from the internet
<brewmaster> not sure what's wrong, i have my router forwarding port 80 to the proper machine...
<brewmaster> is there any setting i'm missing on the server machine to allow connections on port 80?
<brewmaster> a telnet IP_ADDRESS 80 yields "connection timed out"
<Rayn> can you load it ok internally?
<Rayn> if so, then it's your router
<brewmaster> yeah, internally it's fine
<brewmaster> it's odd with my router...
<brewmaster> I forward SVN requests the same way
<brewmaster> works fine
<Rayn> huh, must be something you missed in the config
<brewmaster> i have a linksys wrt54g for what that's worth
<Rayn> are you using the openwrt stuff?
<brewmaster> router config or server config
<brewmaster> openwrt?
<brewmaster> never heard of it
<Rayn> on the router, guess not :) it's a linux implementation for linksys wrt54g's
<Rayn> there's a really nice version I use at home.. lemme see if I can find it for you
<Rayn> ah, http://x-wrt.org/ but you need to check your serial against this list before you can know if you can use it http://wiki.openwrt.org/TableOfHardware
<Rayn> otherwise, you're stuck with linksys's OS, which is ok I guess :)
<brewmaster> hmm
<mruiz> hi all
<brewmaster> i'm at work
<brewmaster> worried that I'll take down the net for everyone...
<Rayn> heh, yeah better to do that while it's not busy
<brewmaster> is there anyway to tell it my connection attempt actually gets to the machine?
<brewmaster> or can i safely assume it doesn't (connection timed out)?
<mathiaz> mruiz: hi !
<mathiaz> brewmaster: are you sure that your ISP doesn't block port 80 ?
<Rayn> brewmaster: you can watch netstat, it should show some kind of connection
<Rayn> mathiaz: also a good point
<Rayn> brewmaster: 'netstat -na|grep 80|grep tcp' will list http connections
<brewmaster> mathiaz, i think you're right
<brewmaster> i guess i'll try on a different port in apache?
<mathiaz> brewmaster: you could setup your router to forward port 8080 to your server port 80
<brewmaster> ah
<brewmaster> good call
<brewmaster> lemme try
<mathiaz> brewmaster: and then connect to http://router_ip:8080/
<Rayn> 8080 is occasionally blocked too, as is 81 if you're especially unlucky
<henkjan> hmm, sun asking why we didnt order an 5120 in stead of t1000 for ubuntu release
<henkjan> this might getting interesting
<Rayn> oh that reminds me of a question: is there a java for ubuntu/sparc?
<Rayn> a sun-java I mean, I don't think gcj will cut it
<brewmaster> can i use some arbitrary port?
<brewmaster> 5167 or something?
<Rayn> brewmaster: sure
<brewmaster> so for forwarding on my router, it's 5167 to 80?
<brewmaster> or the other way around?
<Rayn> first way
<Rayn> if it doesn't work try it the other way ;)
<brewmaster> damn router
<brewmaster> automatically switches them around...
<Rayn> and if that doesn't work still, you can have apache listen on that port internally too
<brewmaster> yeah
<brewmaster> that was my next question :)
<brewmaster> apache2.conf?
<brewmaster> or the site's file?
<Rayn> ports.conf, add a Listen 5167 at the end
<Rayn> unless you've got Listen statements somewhere else
<brewmaster> okay
<brewmaster> sec
<brewmaster> awesome
<brewmaster> works
<brewmaster> (i think)
<brewmaster> telnet connects
<brewmaster> so I assume it's all good
<brewmaster> famous last words
<Rayn> hehe
<brewmaster> thanks a lot
<Rayn> np, enjoy
<brewmaster> now my boss can connect to trac and see my little progress ;)
<zul> mathiaz: samba patch from last night applied
<Rayn> brewmaster: careful giving too many measurements to management, if they slip even a little you'll catch hell about it ;)
<brewmaster> rayn, i'm not too worried
<brewmaster> small company
<brewmaster> i'm the only tech guy
<brewmaster> and i manage so many different things that i'd be hard to replace
<brewmaster> php, mysql, trac, svn, css, javascript, linux server admin, etc.
<brewmaster> if i ever catch hell: "rm -rf /" is the answer :)
<Rayn> hehe right on
<Rayn> I'm in the same position, but I still hear about it when the numbers slip ;)
<methods> whats that program that you use to make sure links are in place for startup scripts ?
<Rayn> I use sysv-rc-conf, but it's an addon and I'm not sure what the reccomended one is
<Rayn> but it's in apt
<henkjan> update-rc.d
<Nicke> (probably missing something obvious): Where do I configure postgresql? I have the package installed, but /etc/postgresql/ is empty
<Nicke> (this is on hardy, btw)
<sommer> Nicke: should be /etc/postgresql/8.3
<Nicke> sommer: Well, /etc/postgresql/ is completely empty for me...
<sommer> which postgresql packages do you have installed?
<lamont> ScottK: gutsty???? :-)
<Nicke> atleast postgresql, postgresql-8.3 and postgresql-common
<sommer> Nicke: and there weren't any errors when you installed them?
<Nicke> sommer: Not that I know, I used the tasksel in the installer
<Nicke> I can try to reinstall them ofcourse..
<sommer> Nicke: what's the output of dpkg -l | grep postgres
<Nicke> sommer: http://paste.ubuntu.com/5364/
<sommer> Nicke: looks good to me... you might try reinstalling, I guess
<Nicke> sommer: Then I will try that, thanks : ) Just got a bit confused since this if my first time dealing with postgres
<Nicke> is*
<Nicke> (and the init script just exists silently, but not starting any daemon)
<sommer> Nicke: np, there should be a /etc/postgresql/8.3/main directory with the config files
<sommer> but for whatever reason you don't have one ;-)
<sommer> I haven't done the tasksel for postgresql on hardy yet, but apt-get install postgresql has worked for me
<Nicke> sommer: Yeah, reinstalling gave me the config files and a running server.. thanks again : )
<sommer> welcome
<ScottK> lamont: I uploaded a source backport for gutsy to switch back to libdb4.3 and avoid the whole main/universe problem
<lamont> ScottK: yeah
<mathiaz> soren: is it possible to grow a gcow2 file ?
<soren> mathiaz: Hm.. It should be.
<soren> mathiaz: I'm not sure how, though.
<mathiaz> soren: I'm trying to figure out if I should gcow2 files or lv for my vms.
<mathiaz> soren: I can easily grow lv
<soren> Well, the beauty of qcow2 files is that you can create them at any size you want. They just grow as you use the space.
<mathiaz> soren: now I wonder if I could resize the root filesystem of a vm
<soren> mathiaz: Depends on your filesystem inside the vm.
<mathiaz> soren: right
<mathiaz> soren: IIRC there is a max size set for each gcow2 file
<mathiaz> soren: I think online resizing of ext3 is support now, in hardy
<mathiaz> soren: does ubuntu-vm-builder support lv ?
<soren> mathiaz: I don't understand the question, I think.
<soren> keescook: danpb's patch is fine. Please apply.
<soren> mathiaz: I'm not familiar with an upper limit of qcow2 images.
<soren> That does not mean there isn't one, though :)
<mathiaz> soren: Is it possible to say that the root.gcow2 file shouldn't be bigger than 2Gb ?
<soren> mathiaz: Sure. --rootsize
<mathiaz> soren: ok.
<mathiaz> soren:  so it seems that gcow2 files and logical volumes provide the same functionalities.
<soren> mathiaz: lv's give slightly better performance, but need to be allocated ahead of time.
<mathiaz> soren: ok. If you use --rootsize for gcow2, you'd also allocate ahead of time - in the sense you'd set a limit to the gcow2 file
<soren> mathiaz: Right. But that could by a million TB and then you wouldn't need to worry about resizing. Ever.
<mathiaz> soren: Right - I'm actually thinking about setting limits to the root devices.
<soren> Alright.
<mathiaz> soren: think about hosting provides with VPS
<soren> Oh.
<soren> Yeah, then you probably want LV's.
<mathiaz> soren: you sell a package with only 4 Gb of space
<mathiaz> soren: and you want to make sure it won't grow to more than that
<mathiaz> soren: and when a customer upgrades a plan, you can just add more space and resize the root fs online if possible
<soren> Right.
<mathiaz> soren: it seems that both lvs and gcow2 can be used in that scenario
<soren> YEah, but you don't want to shove 10 qcow2's with a max size of 4GB onto a 20 GB partition just to "save space" to begin with.
<soren> If the qcow2 can't grow, it's not pretty.
<soren> and then there's no point in using qcows.
<keescook> morning
<zul> morning keescook
 * keescook waves
<jdstrand> hi keescook!
<jdstrand> keescook: when you get a chance can you look at bug #199181
<ubotu> Launchpad bug 199181 in ubuntu-dev-tools "mk-sbuild-lvm should provide --personailty option" [Undecided,In progress] https://launchpad.net/bugs/199181
<mathiaz> soren: I've generated a qcow2 file with ubuntu-vm-builder. However when I boot it using libvirt, I get a grub shell
<keescook> zul: the diff you sent (Qeny?) is based on danpb or ian's patch?
<zul> danpb
<keescook> zul: sweet
<sommer>  
<sommer> woops
<keescook> soren: in vmware I can click 'suspend VM' and reboot my host, then unsuspend a VM.  is there anything like that for kvm?
<soren> keescook: Yeah, it's called save.
<soren> I'm running out now, but I'll be back later to help out.
<soren> keescook: Don't use save now.
<soren> It'll hang the process.
<soren> You need an updated kernel modules.
 * soren runs
<AtomicSpark> protip: if you can't ssh into your KVM virtual server, install openssh.
<good_dan1> okay i just moved one virtual machine to a new host and now its saying it doesnt have a network card
<AtomicSpark> what vm software?
<good_dana> microsoft virtual server 2005 r2
<good_dana> it was working on a different host machine with the same configuration
<AtomicSpark> ...
<AtomicSpark> i've never used it. i recommend you vmware server though.
<mathiaz> good_dana: the mac address of the network card has probably changed.
<mathiaz> good_dana: check in /etc/udev/rules.d/70-persistent-net.rules
<good_dana> the mac has definitely changed because it was bound to the physical network card of the old host machine
<good_dana> and etc/udev/rules.d/70-persistant-net.rules doesnt exist
<mathiaz> good_dana: which version of ubuntu are you running in the vm ?
<good_dana> 6.06
<good_dana> LTS
<AtomicSpark> !paste
<ubotu> pastebin is a service to post multiple-lined texts so you don't flood the channel. The Ubuntu pastebin is at http://paste.ubuntu-nl.org (make sure you give us the URL for your paste - see also the channel topic)
<AtomicSpark> I set up a DHCP and DNS server a few days ago, and now my xp hosts can't see eachother in the same workgroup. My DCHP file is here: http://paste.ubuntu-nl.org/58661/
<AtomicSpark> My instructor said that I needed to enable netbios option 2, to get them to broadcast. What do you think?
<good_dana> AtomicSpark: are you trying to ping via name or ip?
<AtomicSpark> It's when I use network neighborhood to browse for network shares or printers. None display after server install.
<AtomicSpark> I was using my router for DHCP before.
<mruiz> hey zul
<zul> hi mralphabet
<zul> grr..mruiz
<mruiz> I started to work on libdb transition. mathiaz sponsored my work on nss-updatedb and I want to continue :-)
<zul> ok sounds great!
<mathiaz> mruiz: could you also forward your patch to debian ?
<mathiaz> mruiz: don't forward the debdiff as it is.
<ScottK> Just keep in mind if it's a ruby related on that Debian doesn't have libdb4.6-ruby.
<zul> ruby has been taken care of
<zul> kind of...
<mruiz> zul, I want to work on reprepro. Which packages are you working on?
<zul> the ones listed on the wiki are the ones im not working on
<mruiz> zul, ok
<mruiz> mathiaz, how is the procedure to forward the patch to debian?
<Rayn> hey, anyone with experience PXE installing ubuntu server? Do you know if it communicates via serial ok?
<good_dana> Rayn: you're going to transfer an install over serial?
<good_dana> that seems like a bad idea
<Rayn> good_dana: no, just communicate with the installer via that
<Rayn> good_dana: I don't fancy sitting in this datacenter for hours, and I don't have KVM to these machines
<Rayn> but I do have serial
<good_dana> so you're just going to use console redirection? that should work fine
<Rayn> ok cool, just making sure before I leave here :)
<Rayn> thanks
<good_dana> good luck
<Rayn> thanks
<mathiaz> Rayn: have a look in the netboot directory on the ubuntu-server iso - there is a example file for pxelinux.cfg with serial console enabled.
<mathiaz> Rayn: use the following parameter on the kernel command line: -- console=ttyS0,9600n8
<mathiaz> mruiz: Have a look at http://www.debian.org/Bugs/ to see how to report bugs in Debian
<mathiaz> mruiz: have also a look at https://wiki.ubuntu.com/Bugs/ReportingToDebian
<mruiz> thanks mathiaz
<soulc> yo
<soulc> ah
<soulc> I need some help limiting a user from logging in
<soulc> via ssh
<Nafallo> DenyUsers IIRC
<Nafallo> check man sshd_config
<soulc> thanks
<owh> faulkes-: Ping
<soulc> ok I screwed up and left a user account with an eazy password
<soulc> someone logged in and installed wzd
<soulc> I need help quick to reinstall screen, ssh
<mindframe-> soulc, what
<mindframe-> what's wzd?
<soulc> http://blackpearl.drivehq.com/wzd.tgz
<soulc> that is what they dl'd
<soulc> I hate hacker a**holes
<mindframe-> looks like you need to redo your whole box
<mindframe-> backup the essentials and reinstall
<soulc> well screen wasn't installed
<mindframe-> it just looks like an ssh brute force script
<mindframe-> he was probly using your host for scanning others for some amount of time
<mindframe-> when did the compromise occur?
<soulc> http://paste.ubuntu-nl.org/58680/
<soulc> today
<soulc> I restarted and restricted user blog
<mindframe-> how secure are the passwords for the other accounts on the box/
<soulc> very
<owh> If a user has gained unauthorised access you need to assume that they gained further access. Just locking out one user is unlikely to be enough.
<mindframe-> what owh said
<soulc> shit
<soulc> shit shit
<soulc> shit
<owh> Depending on what your intentions are, I'd personally start with disconnecting it from the 'net.
<owh> For starters, don't panic, it's already happened, take a breath and talk through the process first.
<owh> Do you have a full system back up?
<soulc> yeah but I got stuff all set and now I have to start over
<soulc> no
<owh> How much data is on the server?
<soulc> but this guy was stupid enough not to 0 out the bash_history file
<soulc> webserver it is personal not a production server by no means
<mindframe-> he could have a backdoor installed :)
<owh> Perhaps so, perhaps not. It's possible that they left that for you to find. Using the 'blog' user lock out as a trip.
<ScottK> soulc: Then definitely nuke it.
<ScottK> Since it's not in production.
<soulc> crap
<owh> Oh, it's not in production?
<soulc> no this is my own thing..... in my house
<mindframe-> tuh oh
<ScottK> soulc: Just suck it up and do it.
<soulc> arg!
<mindframe-> soulc, might want to check any other boxes you have there for intrusion
<mindframe-> fire up wireshark on everything and watch
<owh> Then learn from your mistake, don't do it again, start from scratch. If you documented what you did to build the machine then re-creating it might not be so complicated.
<owh> I agree with mindframe-, there is an opportunity for an unauthorised user to gain further access to other systems in your network.
<owh> It's also possible that you only detected the login much later than it really happened.
<mindframe-> correct
<soulc> 2 win xp boxes and this ubuntu desktop
<mindframe-> soulc, are those xp boxes fully patched?
<owh> (Depending on when you built the server.)
<soulc> yeah
<owh> Security is a process, not a thing.
<mindframe-> are there any remote login services with weak passwords on those boxes?
<soulc> don't really know
<owh> Things like guest level file sharing etc.
<soulc> no that is off
<mindframe-> soulc, a couple of tips for internet ssh hosting: use AllowUsers to restrict logins to certain users, run sshd on a high, non standard port, use pubkey authentication if possible
<owh> I have a daily cron job that isn't running for some unfathomable reason. If I run the script from a terminal, it all works as expected. The script permissions are the same as the others in the cron.daily, the script name is vmware-backup. Until yesterday it was marked as #!/bin/bash, but all the others were #!/bin/sh, so even after changing that it still doesn't run. Ideas?
 * Nafallo never use non-standard ports :-)
 * owh neither.
<mindframe-> well it keeps the kiddies from even finding your ssh port.  they usually dont scan 1-65535
<owh> :)
<soulc> yeah
<mindframe-> of course you should have an IPS of some sort that blocks after a certain number of failures
<soulc> so allowusers restricts to the ones listed?
<mindframe-> yes
<soulc> better that denyusers
<Nafallo> there is also allowgroups if that would be more simple.
<soulc> too broad
<soulc> only 1 or 2 ppl have access to my server
<soulc> I installed fail2ban but nothing has been baned
<owh> soulc: No, you add users to the "ssh-allowed" (or what ever you decide to call it) group, then allow that group to ssh in. It gives you control by adding and removing users from a group without needing to change configuration files.
<mindframe-> soulc, just out of curiosity... will you run chkrootkit and rkhunter on that box to see if they detect anything?
<mindframe-> chkrootkit and rkhunter can be installed via apt-get
<soulc> ok
<soulc> did you look at the bash_history file?
<soulc> http://paste.ubuntu-nl.org/58680/
<mindframe-> yes
<mindframe-> like owh said they could have left what they wanted you to see
<soulc> true
<owh> Just because it's there doesn't mean it's real.
<soulc> ok
<mindframe-> that copy of screen could be modified to create a tunnel to a system he runs and he could still have control
<mindframe-> soulc: what ip address was the connection made from?
<owh> keescook: ping
<keescook> owh: hi!  I saw your new debdiff -- it looks good.  due to the alpha6 freeze I can't upload it until friday, but it's on my list of things to do tomorrow.  :)
<owh> Cool, just checking :)
<soulc> yeah can't use apt-get anymore
<owh> nijaba: Had a discussion yesterday with faulkes- about the survey. Have you got some time to talk?
<mindframe-> heh
<mindframe-> fry that installation asap
<soulc> 58.61.157.6
<nijaba> owh: yes, I spoke with him for an hour today
<owh> soulc: Is that because it's no longer connected to the net perhaps?
<owh> nijaba: PM?
<soulc> nope
<nijaba> owh: this morning (EST)
<soulc> it my be a bad dvd ron but I doubt it
<soulc> er rom
<owh> nijaba: I started making a very rough categorisation of the questions and emailed it to him. I'll send you a copy.
<soulc> what is razor-agent.log
<mindframe-> soulc: seriously disconnect it and do the forensics if youre interested...  it could be sending incriminating malicious traffic all over the net as you sit there.
<soulc> ok
<nijaba> owh: ok please do
<soulc>  /root/.pyzor/servers contents 82.94.255.100:24441
<mindframe-> oh yeah
<mindframe-> he got you good
<soulc> what is that?
<mindframe-> pyzor is something for spam filtering.  should it be there?
<owh> nijaba: You should have two emails shortly.
<soulc> yeah I am running a spam fliter
<soulc> works great
<nijaba> owh: got them, thanks
<owh> nijaba: I added an extra column to the questions.
<owh> soulc: That IP address belongs to XS4ALL Internet in Holland.
<soulc> which?
<owh> Uh, s/Holland/The Netherlands/ (or if you prefer, Nederland)
<owh> soulc: 82.94.255.100
<owh> soulc: Likely another compromised machine.
<mindframe-> nothing on dshield about either of those
<soulc> how about 58.61.157.6
<nijaba> owh: ok, I see.  Thanks :)
<owh> soulc: CHINANET Guangdong province network
<mindframe-> what a surprise
<owh> :)
<owh> nijaba: I'm sure we can clean up the categories I suggested, but the idea is that questions of the same category are asked at the same time.
<soulc> why do you say that?
<owh> soulc: You need to preface your responses with someone's nick, otherwise we'll have no idea what you're talking about or to whom.
<mindframe-> soulc, china is one of the most common sources for malicious traffic
<soulc> ha ha hah a ok
<owh> mindframe-: Before or after the USA :)
<soulc> mindframe oh really I didn't know that
<mindframe-> before i think
<mindframe-> usa has all the botnets
<mindframe-> or thats where they run
<mindframe-> heh
<soulc> ok mindframe I finally got those root kit apts to install it is the rom that is flaky
<mindframe-> ah
<mindframe-> comment out that junk :)
<mindframe-> soulc: those will only detect known rootkits... just curious if they will detect anything because ive never gotten a positive detection
<soulc> where do I look for rkhunter's log?
<soulc> got it
<owh> nijaba: So, what do you think about the categories?
<mindframe-> owh: i know a bunch of people who filter all traffic from china since they dont conduct business with them
<owh> mindframe-: I understand the sentiment, but ultimately it's futile. All it does is encourage traffic to be routed via an alternative - non-blocked - route.
<soulc> ok so rkhunter should have been installed at setup
<mindframe-> soulc i think you need to run it
<soulc> and chkrootkit comes back all not infected
<mindframe-> rkhunter --update && rkhunter --check
<owh> soulc: Standard Operating Procedure is to visit /usr/share/doc/{package} and RTFM.
<mindframe-> rkhunter puts an entry in cron to check once a day
<owh> soulc: If that fails, "man {package}" and RTFM.
<owh> soulc: If that fails, Google is your friend :)
<soulc> pretty much learn as I go type not too good in reading something and interpeting it
<owh> soulc: Well, if you're going to administer a server then you're going to have to hone your reading/interpretation skills.
<owh> soulc: Learn as you type is a good recipe for disaster.
<soulc> owh: this is "my" server I don't get paid
<soulc> believe that if I was working at this I would have tested and had others review before the box was put into production
<owh> soulc: It's not about who "owns" the server or if you get paid, it's about procedures and methodology. At some point you're going to be fiddling on a server owned by someone else. If you learn as you type, it could cost lots of money.
<soulc> true
<owh> soulc: If you use the learn as you type method, then you're not working in any structured process. A review by a peer is extremely likely to miss something. Which is why there is the Ubuntu/Debian way of doing stuff.
<soulc> ok I have had an fc server for years and no problems because I had been a rh user and knew how that worked
<Nafallo> also, people get spammed even from home servers
<soulc> I switched to Ubuntu cause I didn't want to install EVERYTHING when setting up a server
<owh> soulc: Just because it worked, doesn't mean it will continue to. Let me give you an actual example.
<good_dana> owh: i think you mis-read what soulc had typed he said he is the type of person to "learn he goes" not "learn as he type[s]"
<soulc> thanks gd
<owh> soulc: One of my colleagues was building an application which controlled a container crane in Rotterdam harbour. It used a Novell file-server to store data. I asked him what would happen if the Novell server ran out of disk space. He never thought of the problem. There was no process in place to even contemplate such an issue - this is in 1989.
<owh> good_dana: Yes, I did misread that.
<soulc> how do I refresh the paste webpage to get a clear page I always have to backspace over the id number then reload
<soulc> owh that was when 80 meg was all you would ever need for storage space...|-)
<Nafallo> hehehehe
<owh> soulc: In the above example, my point is that if there is a procedure to do something, then follow that procedure. If you don't like the procedure, write a new one, then use that. I realise that sounds pretty anal, but then it means that clients don't loose data as a result of your negligence.
<owh> soulc: 80 meg, try 20.
<Nafallo> hmm
<soulc> yeah I was referencing my first hd
<soulc> 1991
<Nafallo> think I still have one of those harddrives in storage somewhere...
<owh> soulc: Three years is a long time in storage systems :)
<soulc> yeah in 3 years we maybe using ss hd's
<owh> soulc: No "maybe" about it.
<soulc> chkrootkit output http://paste.ubuntu-nl.org/58693/
<Nafallo> ah
<Nafallo> ssd
<soulc> well for me price will have something to do with it
<owh> soulc: I visited the IBM Almaden research centre in 1997 and at the time we discussed the difference between HDD and SSD. At the time, all the technology was in the HDD head and in the SSD cells. We postulated that over time we would see more and more processing on the HDD platter which had already begun at the time. We postulated that it would reach a point where the processing on the platter would be analogous to the process
<soulc> wow rkhunter is quite extensive
<owh> Meanwhile, anyone got any suggestions on how to track down a cron.daily job that isn't running. run-parts --test shows my script as going to be run, but it never is.
<owh> The syslog shows the entry for cron.daily.
<owh> Hmm, I wonder if the other jobs run.
<soulc> the only thing in rkhunter is http://paste.ubuntu-nl.org/58694/
<owh> Well well well. On a standard ubuntu-server install, it appears that cron.daily isn't running.
<soulc> -rw-r--r-- 1 root root   0 2008-03-06 16:12 \x2fdevices\x2fpci0000:00\x2f0000:00:01.0
<soulc> ha ha ha
<soulc> drwxr-xr-x  2 root    root          60 2008-03-06 16:12 .initramfs
<soulc> is this something that is created at boot?  I rebooted the system at this time
<soulc> ok well thanks for you help I guess I need to start working again
<mruiz> bye ...
<mathiaz> owh: which release ?
<owh> mathiaz: gutsy
<owh> mathiaz: I've determined that hour/weekly/monthly *appear* to be running properly.
<mathiaz> owh: you've got nothing mailed to root ?
<owh> mathiaz: None of the daily ones run at all.
<owh> mathiaz: I'll have a squiz.
<mathiaz> owh: see bug 164281
<mathiaz> owh: see bug 194281
<ubotu> Launchpad bug 194281 in apt "/etc/cron.daily/apt uses gconftool" [Medium,Fix released] https://launchpad.net/bugs/194281
<mathiaz> owh: although it may only apply to hardy
<owh> mathiaz: No mail on the system that I could find.
<mathiaz> owh: do you have specific cron jobs in cron.daily ?
<owh> mathiaz: The standard ones and a vmware-backup script.
<owh> mathiaz: That patch appears to patch /etc/cron.daily/apt
<owh> mathiaz: I don't have that code in that file.
<owh> s/have/appear to have/
<mathiaz> owh: yes - that's what I thought - it's only a problem with hardy
<mathiaz> owh: if you remove vmware-backup, does it run ?
<owh> mathiaz: As far as I can tell, they've never run at all, even before the vmware-backup script was installed.
<owh> mathiaz: As in, I'm not seeing rotated logs or apt time stamps.
<owh> mathiaz: It's possible that it's related to the vmware-backup script being installed, but until yesterday it was a sym-link, which I replaced with a hard-link yesterday. I suspected that the sym-link would never run at all.
<owh> mathiaz: Hmm, a run-parts --test picks up the sym-link with no problems.
<owh> mathiaz: Would you expect no scripts to run if one fails?
<mathiaz> owh: it seems that if one script fails, then the ones that should follow aren't run.
<owh> mathiaz: I understood it to be in alphabetical order. If that's true, then this is the last script to run.
<owh> mathiaz: Yeah, the man page says: Files are run in the lexical sort  order  of  their  names
<owh> mathiaz: I suppose I can remove the vmware-backup script and check again tomorrow. That will at least tell us if it's caused by my script :(
<mathiaz> owh: well - I don't think so.
<mathiaz> owh: I'd make sure that the mail system is setup correctly
<owh> mathiaz: That makes two of us, but stranger things have happened.
<mathiaz> owh: and then setup the cronjob to mail output to root and specific user
<owh> mathiaz: Even if it isn't then why are all the other jobs running normally?
<mathiaz> owh: may be on the cron job in daily fails
<mathiaz> owh: but the cron job is not in weekly or monthly
<owh> mathiaz: Hmm.
<owh> mathiaz: The only thing in your argument that is possible is that if output is generated it barfs. Seeing that my vmware-backup script is pretty chatty, that's possible. I'm still unsure why other daily jobs wouldn't run though.
<mathiaz> owh: if output is generated, it should be mailed to root by default
<mathiaz> owh: and root is aliased to the user created during the install
<owh> mathiaz: pHONE
<owh> mathiaz: This was a standard gutsy server install. I don't recall answering any Debian-like questions about email. I looked in /var/spool/mail/* and found nothing.
<mathiaz> owh: did you install an mail server on it ?
<owh> mathiaz: Nope.
<mathiaz> owh: hum - that's why the output of the cronjobs are not available
#ubuntu-server 2008-03-07
<owh> mathiaz: I would have expected them to be logged in say /var/log/cron
<owh> mathiaz: Mail on this server makes no sense.
<mathiaz> owh: I don't think that cron would log the output of jobs to syslog by default.
<owh> mathiaz: Well according to the cron man page it does, only syslog needs to be appropriately configured AFAICS.
<owh> mathiaz: Ah /etc/syslog.conf has the cron entry commented out :(
<owh> Tsk, Tsk.
<owh> :)
<BizMAn8> everyone, i am setting up ubuntu server for the first time and i am editing the /etc/hosts file
<BizMAn8> what do i put as my localhost.local domain name for 127.0.0.1
<owh> mathiaz: So, once I've uncommented the cron entry in syslog.conf, which services do I need to restart?
<BizMAn8> and what do i put for my server's ip address server.example.com
<BizMAn8> i cant go further in the how to because i do not understand
<mathiaz> owh: /etc/init.d/syslog restart
<owh> BizMAn8: Any particular reason you're editing /etc/hosts, rather than answering the installer questions?
<owh> mathiaz: I just wondered if there were others that also needed restarting.
<mathiaz> BizMAn8: did you check the ubuntu server guide ? https://help.ubuntu.com/7.10/server/C/
<BizMAn8> im done iwth the installer
<mathiaz> owh: nope - only syslog
<owh> mathiaz: Hmm, all I have is /etc/init.d/sysklogd
<BizMAn8> im following a guide so that i can create a file and print server
<BizMAn8> and thats what i should edit next
<BizMAn8> i dont know what i need to put in a url address that includes my server?
<BizMAn8> is that for dynamic dns?
<mathiaz> owh: that's it
<owh> BizMAn8: Is that guide a Ubuntu-server guide, seeing that what you're describing doesn't from memory require any such editing.
<BizMAn8> yes
<owh> mathiaz: Yeah, the man page for the two are the same :)
<BizMAn8> http://howtoforge.com/ubuntu-home-fileserver-p3
<BizMAn8> tell me what u think
<owh> BizMAn8: Hmm, the first comment on that page indicates to me that the author is not a Ubuntu user doing things the Ubuntu way. Giving root a password is a really *bad* idea.
<BizMAn8> i didnt do tha tpart
<BizMAn8> just left as is
<owh> BizMAn8: From there the instructions seem to only get worse.
<owh> BizMAn8: Is this a workstation or a server installation?
<BizMAn8> server
<BizMAn8> 7.10
<BizMAn8> well server on a desktop
<owh> BizMAn8: Uh, is it a ubuntu-server with a gui, a workstation that you want to use as a server, what is it?
<BizMAn8> eventualy iwant it to be a ubuntu server with a gui
<BizMAn8> but for now i jus twant to set it up properly, so that it can interact with windows through samba
<BizMAn8> then from there i want to make it a file and print server
<BizMAn8> do some media sharing, etc
<owh> BizMAn8: From which CD did you install it?
<BizMAn8> server 7.10
<owh> BizMAn8: So, what's the bit about "(09:12:31) BizMAn8: well server on a desktop"
<rhineheart_m> owh: I've read your conversation.. what do you mean with giving root a password is a really *bad* idea?
<owh> rhineheart_m: There should never be a need to have a root user with a password. That's what sudo is for.
<BizMAn8> well im not installing it on a server
<BizMAn8> its a desktop
<owh> BizMAn8: Are you talking about hardware or software?
<BizMAn8> so my desktop will act as a server
<BizMAn8> hardware
<owh> Sigh
<rhineheart_m> owh: really? honestly.. I've been accessing my server with root.. since I followed the howtoforge installation instructions
<owh> BizMAn8: Run tasksel, choose samba-server, follow the prompts. Ask questions.
<owh> rhineheart_m: I'm not saying that you cannot, I'm saying that it's a bad idea.
<BizMAn8> so i do not need to edit the hosts file
<rhineheart_m> owh: I'm accessing my box with putty remotely.. with root the user... why you said it's  a bad idea?
<owh> rhineheart_m: If you don't understand why remote access to the root user is a bad idea then I am unable to assist you.
<rhineheart_m> owh: okay.. so how to remove the password set for root?
<owh> BizMAn8: The /etc/hosts file should already be fine and dandy. Leave it alone.
<BizMAn8> ok will do so
<owh> rhineheart_m: I suspect that all that needs to happen is deactivate the account, but I wouldn't do that before I checked that.
<BizMAn8> so install samba and run tasksel?
<owh> BizMAn8: tasksel will ask you what you want to install, one of the options will be to choose samba. Select it. Magic will happen.
<owh> Anyone here got comments on restoring the root user account back to the non-password state?
<BizMAn8> lol thanks owh
<rhineheart_m> Yeah...I want to restore it to non-password state..anybody in the house has an idea?
<BizMAn8> ok samba is installed
<owh> BizMAn8: On your Windows box you will have a Workgroup "MSHOME" that contains your server.
<BizMAn8> i have a workgroup alreadt
<BizMAn8> and will gie it that name
<BizMAn8> what do i do after that owh?
<owh> BizMAn8: Set up some shares.
<owh> BizMAn8: You'll also need to set up some samba users and passwords.
<BizMAn8> is that all in the smb,.conf file?
<owh> BizMAn8: The shares yes, the permissions yes, the samba users no.
<BizMAn8> where are the shares in the conf
<owh> rhineheart_m: Yes, it appears that locking is the way to go: sudo passwd -l root
<owh> BizMAn8: At the bottom.
<owh> BizMAn8: The items starting with [Thing] are shares.
<owh> BizMAn8: You can also comment out the home directories directive for example.
<BizMAn8> owh, do i need a create mask = 0777
<BizMAn8> and directory mask = -0777
<owh> BizMAn8: The comments in the file should explain that to you. Read from the top.
<rhineheart_m> owh: I have another username in the system. how could I change its password?
<owh> rhineheart_m: sudo passwd {user}
<BizMAn8> owh
<BizMAn8> when i try to create a user
<BizMAn8> it says fialed to modify password entry
<owh> BizMAn8: man smbpasswd
<owh> BizMAn8: Specifically the -a option.
<BizMAn8> i did sudo smbpasswd -a username
<BizMAn8> entered my password
<BizMAn8> retyped it
<BizMAn8> and go that error
<owh> BizMAn8: Does the user exist on your system?
<BizMAn8> no, i just read up on that
<BizMAn8> how do i add a user
<owh> BizMAn8: man adduser
<owh> BizMAn8: And in case you wonder about the difference between useradd and adduser: http://lists.debian.org/debian-powerpc/2004/09/msg00215.html
<rhineheart_m> owh: I did it already.. But I noticed that I cannot even update the system.. with this command.. sudo apt-get update.... m now in the terminal (putty) with another user
<rhineheart_m> *username
<owh> rhineheart_m: Is that user allowed to use sudo?
<BizMAn8> ok i got in
<BizMAn8> thanks man
<BizMAn8> appreciate it
<rhineheart_m> the system just tell me its not in the sodoers file
<rhineheart_m> *sudoers
<owh> rhineheart_m: Is this a server or a workstation?
<rhineheart_m> owh: server
<owh> Hmm.
<owh> rhineheart_m: Ah: udoÂ adduserÂ $userÂ admin
<owh> Uh
<owh> sudoÂ adduserÂ $userÂ admin
<rhineheart_m> you mean.. like sudo adduser $user bert?
<owh> No, like sudo adduser bert admin
<owh> That is add user bert to the admin group.
<owh> rhineheart_m: In most server environments I'd be going with on sudo user IMHO.
<rhineheart_m> that's the problem then.. I cannot sudo my box.. it will tell me m not in the sudoers list
<owh> rhineheart_m: Huh?
<owh> rhineheart_m: Which user installed the machine?
<rhineheart_m> yeah
<owh> rhineheart_m: Also, the group membership only happens after you login, so you need to logout and back in again.
<owh> s/you/the user/
<rhineheart_m> m the admin..
<rhineheart_m> I was the one who installed it.. but forgot my pass
 * owh shakes head.
 * foo shakes head at owh 
<owh> rhineheart_m: You likely haven't noticed yet, but if the "new" user isn't a member of admin already and you cannot log in as the original installer and you locked the root user, you won't be able to gain root privileges without rebooting into single user mode and clearing the original installer's password.
<owh> foo: Huh?
<foo> owh: I don't know if there is room for two 3 letter nicks. :)
<owh> foo: Look around you, there's more than two.
<rhineheart_m> owh: okay..so what should I do then?
<owh> rhineheart_m: First of all, is what I describe the exact state of affairs, or are the other salient details you didn't mention?
<rhineheart_m> owh: you mean.. I messed up already my root user?
<rhineheart_m> owh: and no turn-about?
<owh> rhineheart_m: I don't yet have enough information to answer that.
<rhineheart_m> owh: ohhhh....well can you tell me how to change the installer username? if ever I could manage to get into the machine??
<owh> rhineheart_m: Lets start at the beginning before we start getting excited. Where is the server, as in, is it in the same room as you?
<rhineheart_m> yeah.. it is
<musashi_> I can't get much help on the regular ubuntu channel. it was suggested this might be better. I got some help last night but not a solution yet. I need some help solving a software RAID 1 setup problem. The explanation is too long to post here. I posted it at https://answers.launchpad.net/ubuntu/+question/26489 my thanks to anyone willing to read it and help me.
<owh> rhineheart_m: Is it mission critical, that is, are other users currently using it?
<rhineheart_m> I dunno... our company's website is running there..
<owh> rhineheart_m: Are you the administrator?
<rhineheart_m> yeah.. I am
<owh> rhineheart_m: Does it have a console/keyboard attached?
<rhineheart_m> owh: nope.. but I have here
<owh> rhineheart_m: Are you currently connected to the server?
<rhineheart_m> yeah..but  I have webmin..and ssh server has its menus there..I got an access to webmin
<owh> rhineheart_m: ssh into the server
<rhineheart_m> okay...I can.. but the thing there the user I remember is not a member of admin
<rhineheart_m> and I forgot the admin username and pass
<owh> rhineheart_m: The /etc/passwd file contains all the users on the system. By running "grep 1000 /etc/passwd" you will find the first user that was created, generally by the installer.
<owh> rhineheart_m: You shouldn't need administrator privileges to find out which users there are on the system.
<rhineheart_m> owh: Okay I got the username.. but the password
<owh> rhineheart_m: Does the username jog your memory?
<rhineheart_m> owh: is this only more on remembering? what if...I can't really remember?
<owh> rhineheart_m: You can attempt to "become" that user by trying several passwords using "su - {user}"
<owh> rhineheart_m: If that is unsuccessful then you will need to reboot your server and do some magic. It's not invasive, but you will bring the server down during that time.
<owh> rhineheart_m: Before we get to that, I wonder something. Does webmin allow you to add users to a group?
<owh> rhineheart_m: If it does, then you should be able to add the user you're using to ssh in to the admin group. If you then login as that user, you should be a member of the admin group. The "groups" command will tell you what you are a member of.
<rhineheart_m> owh: okay. I got it.. it has a capacity to change a user password....but it's not encrypted.. I will  just change it later in the console...
<rhineheart_m> owh: mmmm....webmin rocks! I got an access back to administrator which is the superuser
<owh> rhineheart_m: Excellent. The sudo will normally work. You can then set the password for that user from a console.
<owh> s/The/Then/
<rhineheart_m> owh: thanks for the assistance...
<rhineheart_m> s/The/Then? what do you mean?
<owh> rhineheart_m: I'm just glad you didn't have to ruin your uptime :)
<rhineheart_m> owh: yeah.. Thanks a lot... :)
<owh> NP
<owh> musashi_: Hmm, that's a bit of a pickle you made yourself there. At this point I can only commiserate rather than offer actual assistance. Perhaps by far the quickest would be to boot off a CD, backup the system, rebuild it, but because I don't know what's actually broken, other than the symptoms you provide, I cannot advise you if that approach is akin to selling a car because the ashtray is full. That is, it will work, but i
<musashi_> owh yeah, i'm not too keen on reinstalling just yet. it's all good and should work fine... if it would just boot. i know there is a simple fix out there. i just don't know what it is
 * faulkes- yawns
<faulkes-> it has been a very long day
<sommer> what up faulkes-
<sommer> that's why I take a nap after work :-)
<faulkes-> which would have been what I would have done, had this not been my first day on a new job and having a pm exam right aftewards
<sommer> hey all, is there an apparmor profile for ldap-utils?
<josh1857> anyone around I am thinking about using ubuntu in a production envirornment but would like to chat with some others who are currently using ubuntu-server
<rhineheart_m> josh1857: I am using it.. it works great!
<kraut> moin
<tmadsen> mÃ¸jn
<rhineheart_m> I am running ubuntu gutsy server edition. I just want to ask if there's a script or software for ubuntu that will show the server status and information to the public in a safe way that can be accessed through http.
<soren> "server status"?
<soren> If you just install apache, the default page is one that just says "It works!". That sums it up pretty well, I find.
<_ruben> hehe
<rhineheart_m> I'm talking about how to show to the public the server status on real time]
<soren> Yes...
<soren> So am I.
<soren> If it responds and says "It works!", that's because it works. If it doesn't respond, that's because it doesn't work.
<soren> If you want more info than that, you need to be more specific.
<rhineheart_m> soren: m not asking here about how to know if the apache server is running.. of course without apache php based website can't run. What I asked about.. if there's a script or software for ubuntu that will show the server status and information to the public in a safe way that can be accessed through http?
<lionel> thanks soren for fixing xen-meta :)
<soren> rhineheart_m:  And I'm asking you what you mean by server status!
<soren> Whether it's running or not *is* the server's status.
<soren> If you want more information than that, you need to tell me what you want to know.
 * soren goes to lunch
<rhineheart_m> soren: no problem.. I found this.. http://info.shallax.com/index.php
<rhineheart_m> I am running ubuntu gutsy server edition. I just want to ask if there's a script or software for ubuntu that will show the server status and information to the public in a safe way that can be accessed through http.
<faulkes-> rhieheart: nagois, zabbix, zenoss
<nijaba> hey faulkes-, good morning.  I guess you meant nagios? ^
<rhineheart_m> is nagios supported by ubuntu?
<nawty> rhineheart_m: by supported, do you mean is it in the package tree?
<nawty> rhineheart_m: or installable?
<nawty> rhineheart_m: or do you mean, does canonical support it as a product?
<faulkes-> nawty: there are nagios packages available for ubuntu, which are installable
<nawty> faulkes-: of course, but I'm just checking with rhineheart_m what he meant by that :)
<rhineheart_m> nawty: sorry.. yeah..that's why I meant..
<nawty> rhineheart_m: what version of ubuntu are you using at the moment?
<rhineheart_m> nawty: gutsy
<nawty> rhineheart_m: http://packages.ubuntu.com/gutsy/nagios
<nawty> and, http://packages.ubuntu.com/source/gutsy/nagios
<nawty> rhineheart_m: does that answer your question?
<rhineheart_m> nawty: thanks..looking.
<nawty> rhineheart_m: np
<sommer> dendrobates: I was wondering if you have any opinions on bug #196809?
<ubotu> Bug 196809 on http://launchpad.net/bugs/196809 is private
<dendrobates> sommer: yes I do.  You have been doing a good job with the debuging.  I am packaging a new version today, that has much better error handling.
<dendrobates> sommer: I will get it in my ppa, and put a comment in the bug.
<sommer> dendrobates: cool, I just wanted to double check that you'd seen it ;-)
<sommer> thanks
<dendrobates> sommer: he needs to make sure he is using the fqdn of the DC.
<sommer> dendrobates: ya, from his replies I think he was.
<sommer> is it the fqdn of the dc or of the domain?
<sommer> from my testing I needed to use the fqdn of the domain
<sommer> I believe he did add the fqdn of the dc to the /etc/hosts file at some point, though
<Nafallo> anyone here with Juniper firewalls? :-)
<henkjan> Netscreen you mean?
<_ruben> from what ive seen of netscreens im not very fond of them .. have had to help some customers to configure their netscreen to interop with our openswan vpn installation
<frame45> does anyone know can u run a VOIP service with ubuntu server?
<_ruben> sure
<_ruben> collegue of mine is installing a new voip server (asterisk) on ubuntu as we speak
<frame45> could I make a server and then have it run 4 phone #'s to about 10 throughout our offices with viocemail for about 8 people
<henkjan> Nafallo: i do have a few here
<_ruben> frame45: depending on your hardware and other requirements i dont see any problem with that
<frame45> would there be a wiki page or anything where I can do some reading up and check out some hardware
<Nafallo> henkjan: solved it :-)
<Nafallo> thanks anyway
<henkjan> np
<_ruben> http://www.voip-info.org/wiki/view/Asterisk+hardware+recommendations
<frame45> _ruben: Thanks I'm going to have to do some research.
<spiekey> hi
<spiekey> how do i know which driver interface type (hostap/wired/madwifi/prism54) i am using for wlan0?
<zul> lsmod
<_ruben> no modules loaded
<_ruben> erm .. that looked semi-apropriate but was in fact my irc client stealing the focus
<henkjan> ufw++
<henkjan> never typing iptables again
<sommer> priceless?
<sommer> heh... kinda sounded like one of those master card commercials ;-)
<kraut> one general question: is it safe to give an user the possibility to use chroot /new/chroot via sudo as root? i am using a grsec-patched kernel, so it's not possible to mknod devices within the chroot.
<henkjan> i owe jdstrand a beer
<jdstrand> henkjan: glad you like it! :)
<henkjan> jdstrand: btw, currently i'm using ufw on a gutsy server
<mruiz> hi all
<jdstrand> henkjan: you should know that on reboot it may not be enabled on gutsy because of the way the initscript handles ipv6.
<jdstrand> henkjan: this will be fixed in the next upload
<jdstrand> (gutsy only)
<henkjan> ah, okay
<henkjan> well, nobody's using ipv6 nowadays :)
<henkjan> exept we at bit.nl
<jdstrand> henkjan: well, it may not start properly (it is still enabled).  so you may need to do /etc/init.d/ufw force-reload after a reboot
<jdstrand> it'll be fixed soon though
<kirkland> i'm looking for some help uploading to my ppa in launchpad
<kirkland> i found this page, https://wiki.ubuntu.com/SponsorshipProcess/ppaput which talks about ppaput, but it doesn't look like there is a ppaput in hardy
<zul> kirkland: gimme a sec
<zul> kirkland: you want to put something like this in your /etc/dput.cf file http://pastebin.com/m27809a75 and then do dput ppa *.dsc
<zul> of course change my userid for your userid ;)
<kirkland> zul: ;-)  cool, thanks.
<zul> help.launchpad.net also :)
<zul> mathiaz: ping when you are around
<mathiaz> kirkland: https://help.launchpad.net/PPAQuickStart
<kirkland> mathiaz: awesome, thanks.
<zul> hi foolano
<zul> mathiaz: got a sec for that samba stuff?
<mathiaz> zul: sure
<zul> mathiaz: for the no network bug there is a fix for it upstream in samba's bug tracker
<zul> https://bugzilla.samba.org/show_bug.cgi?id=5267
<ubotu> bugzilla.samba.org bug 5267 in nmbd "nmbd shuts down when network interfaces go down" [Normal,Resolved: fixed]
<mathiaz> zul: yop - saw that - I'm about to check this out
<zul> which basically means we can backport that patch
<zul> but other than that Im ready to upload
<zul> after ffe of course :)
<mathiaz> zul: the patch looks good.
<mathiaz> zul: I'd backport it to our current version of samba
<zul> yep
<mathiaz> zul: and ask slangasek what he thinks about the patch - he suggested to use an ifup hook to fix the issue
<zul> i was going to do that after lunch
<zul> I will do that
<mathiaz> zul: if upstream provided a patch, he shouldn't see any problem with that
<zul> not a problem
<nijaba> faulkes-: I have reordered the questions quite a bit according to owh suggestion (allmost all of them).
<faulkes-> nijaba: nods, understood, will look at it
<rhineheart_m> IS there a command that will free some RAM in gutsy?
<kraut> you don't need to free ram!
<rhineheart_m> thansk kraut. But is there a way to do it manually?
<kraut> not without risking a kernel panic
<kraut> or identify the process which consumes ram
<rhineheart_m> what do you mean with risking a kernel panic?
<kraut> but "cached" ram is ok and shouldn't be changed
<kraut> you know "kabooom"?
<rhineheart_m> nope..what I know about kabooom ---like cards. what is it?
<kraut> when you delete ram-pointers in the kernel-stack, the kernel will crash
<mralphabet> rhineheart_m: if you type "free" on the command line, how much cached memory does your system have?
<mralphabet> ie
<mralphabet>              total       used       free     shared    buffers     cached
<mralphabet> Mem:       2075184    2026908      48276          0     270980    1610524
<rhineheart_m>              total       used       free     shared    buffers     cached
<rhineheart_m> Mem:        255904     251628       4276          0      69720      42656
<rhineheart_m> -/+ buffers/cache:     139252     116652
<rhineheart_m> Swap:       746980      30776     716204
<J-_laptop> Is it possble to install a LAMP server, while hosting an external drive on the server to stream the media?
<mralphabet> well, you only have 256mb of memory . .. what exactly were you expecting to have happen? ;)
<mralphabet> J-_laptop: sure
<mralphabet> storage is storage
<rhineheart_m> its a server without GUI... no monitor...keyboard..and mouse..
<J-_laptop> mralphabet: cool, I just find that having having my desktop on all the time doing nothing is a waste of hydro when I can use my server instead which is clocked a lot lower and will be less harsh on the hydro
<rhineheart_m> online one website hosted there... do you think its not enough?
<rhineheart_m> *only
<J-_laptop> my server only has 256mb ram, and drupal/ wordpress run awesome on it
<rhineheart_m> so what can you say mralphapbet?
<mralphabet> rhineheart_m: well, it depends on how much traffic the one site is getting, but I can tell you that you still have memory available to other apps (which is what the cached memory is, available for other uses)
<J-_laptop> It would be nice to have LVM partitions to act as swap. More than one, but I don't know if it'd work how I am thinking
<mralphabet> so if you still have memory available, and the performance is acceptable, why would it not be fine?
<rhineheart_m> its okay.. m just curious knowing about hows
<mralphabet> and that's fine, but you should just trust the kernel to handle the memory allocation, it does so quite well.
<rhineheart_m> mralphabet: do you know about nagios?
<mralphabet> I am familiar with it
<rhineheart_m> can you recommend it for a production environment?
<faulkes-> it depends on the features you need it to provide but in general, it will support a production environment just fine
<faulkes-> unless you have some whacked out, one off no name vendor equipment nobody has heard of
#ubuntu-server 2008-03-08
<rhineheart_m> great faulkes :) can you recommend a server status monitoring web interface? like PHPSysInfo and nagios?
<rhineheart_m> the better and trusted one by ubuntu cannonical?
<faulkes-> rhineheart: the canonical answer of course, would be landscape
<faulkes-> I don't trust anything php that I didn't write myself
<faulkes-> even then, I still don't trust it
<faulkes-> nagios is your hot hot monitoring fun
<faulkes-> it is well supported by the entire community, not just ubuntu
<rhineheart_m> really? that sounds interesting...won't it eat most of my memory? won't it congest my LAN traffic?
<faulkes-> you have a production network?
<rhineheart_m> ah.. its not much of a production network. It is just an office with windows networking ( for files and printers sharing) and a web server where I'm planning to install the nagios. what do you think?
<faulkes-> you'll see more network congestion from windows constantly spamming to the broadcast address than nagios will create
<faulkes-> in short, you won't notice it
<rhineheart_m> mmmm...are you using nagios?
<faulkes-> yes
<faulkes-> although I just recently inherited this installation of it
<faulkes-> however, you just aren't going to notice it, not network-wise
<faulkes-> well, you will notice it, if you tell it to send you emails when a problem exists ;)
<rhineheart_m> you mean.. you can recommend it than phpsysinfo?
<faulkes-> thats subjective, it all depends on your needs and how concerned you are or may be about security or any of a dozen different factors
<faulkes-> from what we know, you have a small business network you want to monitor
<faulkes-> basicly anything will do at that level
<faulkes-> if you dont like one, you can always use the other
<faulkes-> it's not like you are going to be super glueing it to the cpu ;)
<rhineheart_m> okay. I've read your post talking about windows constantly spamming to the broadcast address? what do you mean with it? thanks..
<faulkes-> the smb protocol, to find stuff on the network, uses the network broadcast address
<rhineheart_m> okay.. you're taking about samba right? please explain it to me.. I can't understand what are you talking about with "windows constantly spamming to the broadcast address"
<Kamping_Kaiser> rhineheart_m, before you started asking in #ubuntu-* channels, have you ever administered anything before?
<rhineheart_m> Kamping_Kaiser: what do you mean..administered before? Like Samba? or phpsysinfo? I tried both already but found out that Samba eats most of my network resources...
<Kamping_Kaiser> rhineheart_m, no, i mean like been in charge of running a server
<rhineheart_m> Kamping_Kaiser: Yeah. I have a web server up and running and it is ubuntu gutsy no GUI
<rhineheart_m> Kamping_Kaiser: why?
<Kamping_Kaiser> rhineheart_m, i'm asking before you setup the ubuntu box
<rhineheart_m> Kamping_Kaiser: Are you asking if I tried any server other than ubuntu?
<nijaba> faulkes-: I have put on the server-survey wiki page a few suggestions for shortening survey.
<Kamping_Kaiser> rhineheart_m, not exactly, no
<rhineheart_m> Kamping_Kaiser: please make it clear..I can
<rhineheart_m> Kamping_Kaiser: I can't really get what you meant.. sorry..
<Kamping_Kaiser> i dont know how much clearer i can make it. Have you ever  been in charge of running a server ?
<rhineheart_m> nope. This is my first time to run a server..almost 2 months old..why?
<Kamping_Kaiser> because you understand none of the concepts behind running a server (even server/client relationship), so i wondered
<rhineheart_m> okay.. I admit that.. in that area maybe... so that's why I'm asking some of them here..
<rhineheart_m> Kamping_Kaiser: I have something to ask you.. hope you could shed light on this issue..
<Kamping_Kaiser> !private message | rhineheart_m
<ubotu> rhineheart_m: Please ask your questions in the channel so that other people can also benefit AND help you. Please don't PM a user in the channel without asking first, some find it rude.
<scoundrel> hello
<scoundrel> https://bugs.launchpad.net/ubuntu/+source/linux-source-2.6.22/+bug/199708 - guys, please, anyone have an idea about this?
<ubotu> Launchpad bug 199708 in linux-source-2.6.22 "OOM killer kills all processes on an "empty" server" [Undecided,New]
<sommer> scoundrel: do you have an issue with nagios?
<sommer> seems like it's killing that process a lot
<scoundrel> this is only one of the processes.
<scoundrel> Anyways, one process (nagios) just can't cause OOM in 32bit system
<scoundrel> with 16gb ram
<scoundrel> and this happens on 7 different servers with different sotware
<sommer> can you just disable oom?
 * sommer not very familiar with oom
<Kamping_Kaiser> 32 bit with 16gig of ram? is that a hacked kernel?
<scoundrel> hacked?
<scoundrel> PAE
<scoundrel> OOM - how can I disable it? It is one of kerne's basic features.
<Kamping_Kaiser> hacked - not stock
<sommer> scoundrel: have you seen this article: http://www.linuxdevcenter.com/pub/a/linux/2006/11/30/linux-out-of-memory.html
<sommer> there are some ways to manage oom towards the end
<scoundrel> it is ubuntu kernel.
<scoundrel> ubuntu server official kernel.
<faulkes-> "towards the end"
<sommer> scoundrel: you might also ask in #ubuntu-kernel
<sommer> hey faulkes
<faulkes-> that sounds so, final ;)
 * scoundrel is going to #ubuntu kernel
<sommer> faulkes-: me?
<faulkes-> no, sommer's comment
<sommer> woops didn't mean for it to be final... just that someone in kernel may no more, heh
<faulkes-> well, no, it made it sound like you were easing the kernel's pain towards the OOPS
<sommer> I'd like to think that I always ease the pain :-)
<sommer> the pain and the tension
<mralphabet> I am looking at the meeting notes from earlier this week and there is a comment for "Windows Integration: Dendrobates is waiting for an upstream release", is this referring to likewise-open?
<sommer> mralphabet: I believe so
<sommer> earlier today he mentioned that a new version of the package is almost ready as well
<mralphabet> sommer: thanks for the confirmation
<faulkes-> sommer: you're the morphine that keeps the channel alive eh? ;)
<sommer> faulkes-: heh... I can't claim the fame
<rhineheart_m> hello... can Portsentry be installed remotely? Can't it block the ssh server? thanks..
<zero_> good morning
<zero_> ssh public key auth - anyone?
* jougukny__ changed the topic of #ubuntu-server to: Ubuntu Server discussion and support || For general (not server specific) support visit #ubuntu || Get involved: https://wiki.ubuntu.com/ServerTeam/GettingInvolved || Guide to asking questions on IRC: http://www.sabi.co.uk/Notes/linuxHelpAsk.html || http://www.catb.org/~esr/faqs/smart-questions.html ||  Be patient.  Don't ask to ask, just ask.  || server guide: https://help.ubuntu.com/7.10/server/C/ || https://wiki.ubuntu.com/
<jougukny__> oops
<XiXaQ> how do I make /tmp use tmpfs?
<replicant_> anyone here works with dell PE1950? Do Xeon's Quad-Core support Xen? What about 8Gb Ram...? Will this work with Ubuntu Server to implement Virtualization?
<spiekey> Hello
<spiekey> i have changed my network cards in my box...now i have eth2 but only one network card installed
<spiekey> where does it assign the eth name to the network card again?
<nijaba> spiekey: man interfaces should tell you all you need to know
<spiekey> was it not /etc/iftab?
<nijaba> spiekey: in dapper, yes
<spiekey> and in gutsy?
<nijaba> spiekey: /etc/nework/ contains all the network related stuff
<nijaba> * /etc/network
<nijaba> spiekey: oops, sorry, in gutsy iftab was converted to /etc/udev/rules.d/70-persistent-net.rules
<spiekey> hehe, yep. :)
<Nafallo> the last update to ntp... WHY?!
<Nafallo> stop restarting my bloody daemons automatically just because I'm in the DC and want to use cross over to grab data.
<Nafallo> NOT a reason to restart ntpd and reset the poll intervalls.
 * faulkes- yawns
 * faulkes- looks at pile of pdf's that need reading
<faulkes-> hrmmm, supposed to get 50cm of snow today
<MenZa> faulkes-: sweet
<MenZa> faulkes-: I wish I was :(
<faulkes-> we already broke record snowfall in feb., most since 1956
<faulkes-> march is gonna be another record breaker
<und3va> could i talk to somebody about an ubuntu server installation?
<faulkes-> !ask
<ubotu> Please don't ask to ask a question, ask the question (all on ONE line, so others can read and follow it easily). If anyone knows the answer they will most likely answer. :-)
<und3va> anybody here from whom i can request some help regarding ubuntu server?
<faulkes-> !ask
<ubotu> Please don't ask to ask a question, ask the question (all on ONE line, so others can read and follow it easily). If anyone knows the answer they will most likely answer. :-)
<und3va> i've installed ubuntu server, then i'set up my ip address for my internet connection and then for my secondary lan card like this : 192.168.0.1 255.255.255.0, then i connected my windows machine to the secondary lan card. but when i try to ping it i get no reply, i've also installed ssh on my server
<faulkes-> from side do you try to ping, linux->windows or windows->linux?
<und3va> windows - linux
<faulkes-> and does the windows machine have a matching ip addr set to the same 192.168.0.0/24 network
<und3va> windows has 192.168.0.2 ip and 192.168.0.1 as gateway
<faulkes-> did you install any additional packages, such as firewall'ing we should be aware of?
<faulkes-> and how are you connecting the windows/linux box together (via cable? via switch?)
<und3va> i've installed  ubuntu server , then php-cli , mcrypt , mc, and ssh
<und3va> only lamp and i connect with cable
<Kamping_Kaiser> crossover or strait through?
<und3va> crossover
<Kamping_Kaiser> positive? :)
<faulkes-> I would first check cabling
<Kamping_Kaiser> and make sure you have it in the correft rj45 port
<und3va> i'm a newbie in linux and i'm trying to share my internet connection, but it's pretty hard :) the cable is ok, i've tried it before win- win and also now i see that i'm connected on windows
<und3va> to linux but i can't ping it.
<Kamping_Kaiser> und3va, does `sudo iptables -L` give you any output other then empty chains?
<faulkes-> I was just going to suggest doing -F
<faulkes-> blow away anything that might be there temporarily
<und3va> no only empty stuff
<und3va> do i need to add something in hosts?
<soulc> where can I get some help with fail2ban I am getting this error message in my logwatch file
<faulkes-> win-win is not a garrauntee of win-lin with cabling, depending on the card configurations
<soulc> http://paste.ubuntu-nl.org/58881/
<Kamping_Kaiser> last minute sugestion - recheck ethernet ports, and try telneting to port 22 on the lin box
 * Kamping_Kaiser goes to sleep - night all
<soulc> nigth
<soulc> er
<soulc> night
<und3va> it doens't work telneting
<faulkes-> soulc: I would hazard a guess it doesn't like the regex, I'm not a f2b expert
<faulkes-> und3va: if you cannot telnet on the linux machine to 192.168.0.1 22, then more information is needed
<und3va> ok
<und3va> tell what to tell you
<soulc> ok back to the conf fils
<faulkes-> I would past the output of /sbin/ifconfig to http://paste.ubuntu-nl.org/
<faulkes-> s/past/paste
<und3va> et0 is  my internet connection; eth1 is my other card . it has the following configuration : Address 	
<und3va> 192.168.0.1
<und3va> Network 	
<und3va> 192.168.0.0
<und3va> Netmask 	
<und3va> 255.255.255.0
<und3va> Broadcast 	
<und3va> 192.168.0.255
<Nafallo> ehrm
<faulkes-> send the actual output to http://paste.ubuntu-nl.org/
<Nafallo> there we go! :-)
<Nafallo> to quick for me ;-)
<faulkes-> was already in my copy bufer ;)
<faulkes-> s/bufer/buffer
<Nafallo> hehe
<und3va> it seems that i can't ping my linux machine.
<faulkes-> yes, but we need to see what's happening, which means, config information, and the easiest way to do that is to put it into the web paste url I provided
<faulkes-> can you access the internet from the server you setup?
<und3va> no
<und3va> it doesn't have iternet connection
<und3va> i'm on windows machine now
<faulkes-> do you have a usb dongle you can put on the server and save output to it?
<und3va> i have an usb stick but how can acces it in ubuntu server?
<faulkes-> attach it to the server
<faulkes-> if it doesn't mount automagically, it can be mounted relatively easily
<und3va> where does it get mounted?
<und3va> by default?
<faulkes-> usually /media/disk iirc
<faulkes-> just use a df command and look for that
<und3va> just a sec
<soulc> so what is failregex?
<und3va> i got something la like this [sdb] assuming drive cache
<und3va> when i've inserted it
<faulkes-> ok
<und3va> an then what should i do?
<faulkes-> dmesg | grep sdb
<faulkes-> look for the partition #
<faulkes-> for me, it looks like:
<faulkes-> [61135.334159]  sda: sda1
<faulkes-> that's when I insert my usb dongle into the server
<faulkes-> once you know the partition #, you can "sudo mount /dev/sdb# /mnt"
<faulkes-> # being the partition it sees there
<und3va> i have 119.772104 sdb: sdb1
<faulkes-> so "sudo mount /dev/sdb1 /mnt
<faulkes-> "
<faulkes-> you can then do commands and echo the output there
<faulkes->  /sbin/ifconfig -a >/mnt/ifconfig.txt
<faulkes-> dmesg > /mnt/dmesg.txt
<faulkes-> netstat -nr >/mnt/routes.txt
<und3va> i get permision denied
<faulkes-> preface the commands with sudo
<und3va> i triedthe same permision denied
<faulkes-> sudo umount /mnt ; mount -o rw /dev/sdb1 /mnt
<und3va> it works now
<und3va> ok
<und3va> so now what do i need to do, i copied the files to windows
<faulkes-> !paste
<ubotu> pastebin is a service to post multiple-lined texts so you don't flood the channel. The Ubuntu pastebin is at http://paste.ubuntu-nl.org (make sure you give us the URL for your paste - see also the channel topic)
<faulkes-> that ;)
<und3va> http://paste.ubuntu-nl.org/58885/
<und3va> http://paste.ubuntu-nl.org/58886/
<und3va> http://paste.ubuntu-nl.org/58887/
<und3va> anything faulkes?
<faulkes-> you have to be patient, I'm working on several things currently
<und3va> ok
<faulkes-> "sudo /sbin/ifconfig eth1 192.168.0.1 netmask 255.255.255.0"
<faulkes-> then try to ping the windows machine ip
<und3va> doesn't work
<faulkes-> try to ping 192.168.0.1
<und3va> i get reply
<faulkes-> put the usb dongle back on the server (it may have automatically unmounted, check using df, remount per previous if required)
<faulkes-> output again of "/sbin/ifconfig -a >/mnt/ifconfig.txt", "netstat -nr >/mnt/routes.txt", "arp -a >/mnt/arp.txt"
<faulkes-> make sure the cable is plugged into both machines properly
<und3va> http://paste.ubuntu-nl.org/58888/
<faulkes-> ok, first issue was eth1 didn't have an ip address
<und3va> and from arp i got nothing
<faulkes-> now it does
<faulkes-> make sure the cable is plugged into the right ethernet card, I know that may sound silly
<und3va> ok
<henkjan> 16:27 < bitrot> Link change: FastEthernet3/15 (Tendernet Rack) on rbfs1.kelvin.network.bit.nl went DOWN (UP).
<und3va> it is
<faulkes-> ok, well, eth0 is getting an ip from somewhere, did you manually configure eth0?
<und3va> yes
<und3va> and it is my internet connection
<und3va> and it works
<faulkes-> on the server?
<und3va> when i plug the cable
<faulkes-> ok
<faulkes-> well, again, eth1 is up, if it has status led's on the card at the back, I would look at them to make sure it thinks it's connected
<und3va> oooo
<und3va> it works now
<faulkes-> well then, life is good
<und3va> :))
<faulkes-> however,eth1 does not appear to be configured to start at boot
<faulkes-> I would look at /etc/network/interfaces
<und3va> ok
<und3va> and then?
<und3va> set auto?
<faulkes-> http://paste.ubuntu-nl.org/58894/
<faulkes-> or something like that;)
<und3va> :)
<und3va> i made it run
<und3va> thanks  a lot
<faulkes-> np
<soulc> yo
<soulc> so how do I fix that failregex error in the fail2ban log file
<soulc> http://paste.ubuntu-nl.org/58881/
<sommer> jdstrand: I noticed that apparmor won't let slapadd -l file.ldif import entries in enforce mode
<sommer> jdstrand: any advice?
<sommer> jdstrand: ah... I added: /home/sommer/file.ldif r,
<sommer> jdstrand: to /etc/apparmor.d/usr.sbin.slapd then reloaded the profile and it worked
<sommer> jdstrand: garr... that's kind of a conundrum
<sommer> jdstrand: I stumbled on the issue while updating the openldap docs... if need be I can document it to set slapd to complain mode while using slapadd
<sarthor> Hi, I am using ubuntu server 7.04, i have 80 Clients on my LAN (UTP cable + Wireless), Can i create user passwords for that users to dial my server? if yes what i will need to install and configure on my server? my clients are using windows xp, 2000 and some Linux also
<kraut> what exactly do you want and what do you mean with "to dial my server"?!
<sarthor> kraut, I want to my user to athunticate by user name password for accessing internet.
<crafton> Hi, I have a VPS hosting and for other band a domain registered on dreamhost, is needed to install a bind server on my vps for make subdomains?
<kraut> oh dear
<crafton> excuse my ignorance, i'm totally newbie
<kraut> crafton: please learn first some domain-basics, before you want to start
<crafton> ok. pardon me.
<crafton> bye
<Kamping_Kaiser> sarthor, yes you can, if you have the right hardware for it. you'll look at radius for authentication i expect
<Kamping_Kaiser> sarthor, although your second line makes it sound like you want an authenticating proxy, which i expect squid could provide
<sarthor> Kamping_Kaiser, I am not much expert, so please can you help more
<sarthor> Kamping_Kaiser, No. i dont want to athenticate clints only for squid.
<Kamping_Kaiser> sarthor, if you give us more information perhaps
<sarthor> Kamping_Kaiser, same like dsl dialer do, i need that.
<sarthor> Kamping_Kaiser, Like after dialing to my server, my server will check the user name and passwd and will assign the ip to that client, and if there is not login, passwd, my client shuld be in dark.
<Kamping_Kaiser> sarthor, tell us about what your trying to setup. where are the clients? internal/external? do you have special hardware? is it a private network? etc
<sarthor> Kamping_Kaiser, there in dsl of 4 mega in my home, and i have 1 p4 computer having 2 lan cards. 1 is connected to dsl modem, other to switch, and my clients are connected to that switch, out side of my home, in the near by plazza.
<nealmcb> I'm trying to set up ubuntu server gutsy on an old machine with 64 mb, and it worked fine until doing an upgrade, at which point I got an error about running out of space in /lib/modules/2.6.22-14-generic/volatile which is mounted as tmpfs
<nealmcb> I'm not having much luck finding out what that is mounted that way and how to disable it.  any tips?
<Kamping_Kaiser> sarthor, so thier connecting to the gateway over an internal network?
<Kamping_Kaiser> nealmcb, put more ram in
<nealmcb> well I guess it is mounted that way for speed.... but I don't know where it is mounted.  it is put in fstab in /etc/init.d/mtab.sh I guess
<nealmcb> Kamping_Kaiser: yeah  - well it's my brother's old machine, and I doubt that would be easy
<sarthor> in my server, i am using squid for sharing net, dhcp for assigning ips, and iptables.. masqurading..
<sarthor> My linux is working same like a router
<Kamping_Kaiser> sarthor, now look at squid authentication, or perhaps mac address filtering in iptables
<Kamping_Kaiser> nealmcb, :( i see
<sarthor> Kamping_Kaiser, clients can spoof mac address easily,, so my mac are already binded by dhcp as will as by iptables, and if i am athenticating clients via squid, so there is a lot of data traveling whick the squid do not know about that, like voice cam.
<sarthor> etc.
<sarthor> and 1 thing more.
<sarthor> some my client have virus in there computer, .. some time, the virus assign my server ip forcfully to the client pc,.. so my network stop working.
<Kamping_Kaiser> theres nothing you can do about clients who steal IP addresses, unless you have a proper switch which lets you lock them out
<Kamping_Kaiser> so i'll say again - you may want to look at radius.
<sarthor> Kamping_Kaiser, if you want that radius is good in my scenario, so i will like to install that, Can you please give me good link about that ?
<Kamping_Kaiser> sarthor, no i cant especially. its a long time since i've used it. i have to stress though - *read the provided doco*. it *does* help a lot, and it contains links
<sarthor> Kamping_Kaiser, Ok, thank you brother, you guided me, let me google . thanks again
<Kamping_Kaiser> sarthor, good luck with it
#ubuntu-server 2008-03-09
 * nealmcb finds /etc/default/linux-restricted-modules-common  - seems relevant
<sommer> zul: how's it going, did all the ebox packages get into universe?
<zul> sommer: almost all of them I need to prod the archive admins on monday
<sommer> ah gotcha, I just noticed that several weren't there, but are in your ppa
<sommer> another issue I noticed is that if you try the backup module... it just hangs there and doesn't complete
<zul> oh?
<sommer> there isn't much in the logs either... a statement about the progress routine, and then nothing happens
<sommer> one sec, I'll post it
<sommer> not progress indicator id supplied at /usr/share/ebox/ebox-make-backup line 15.
<sommer> ^^ from /var/log/ebox/error.log
<zul> k Ill take a look
<sommer> cool, thanks man
<sommer> nealmcb: have ubuntu on your xo yet?
<zul> sommer: doesnt tell me much so I submitted the bug upstream
<sommer> ya, I noticed that... kind of a strange error message to put in your code
<sommer> or you'd think that there would be a message of why there is no progress indicator id
<zul> yeah
<sommer> also, why would that cause the entire backup to not work... I could see if just the progress bar or whatever crapped out
<zul> not sure at all
<sommer> heh, there's a company based on ebox isn't there?
<sommer> or is it just one of their side projects?
<zul> it looks like one of their side projects
<sommer> ah... sometimes it feels like it was created as a reason to learn ajax to me :-)
<nealmcb> sommer: no ubuntu yet on the xo - but I've been thinking about it.  you like it?
<Kamping_Kaiser> i thought there was
<nealmcb> wow - restricted modules with an nvidia card take about 3 times as much memory as the kernel does!  if we have an "ubuntu on 64 mb" page, that is something to warn people about.  but it is easy to disable them with /etc/defaults/ as noted above.  but it isn't easy to find that, or find out what e.g. the "fcdsl drivers" do, which also take lots of space
<nealmcb> Kamping_Kaiser: sommer asked if I installed ubuntu on my xo and I said no - but in a way that was confusing.  I know it exists
<Kamping_Kaiser> ah right *grin*
 * Kamping_Kaiser must have missed that
<sommer> nealmcb: heck ya... ubuntu on the xo rocks
<sommer> nealmcb: I just picked up a kensington slimblade wireless kb and mouse... great accessory for the xo
 * Kamping_Kaiser is sort of bemused ubuntu fits on and runs ok
<sommer> or probably any ultra mobile pc :-)
<sommer> Kamping_Kaiser: heh... 2G SD card works wonders
<Kamping_Kaiser> sommer, ah, hax :0
<sommer> I'm also running  openbox instead of gnome, kde, etc
<sommer> not really, xo can boot from usb or sd
<Kamping_Kaiser> dietbuntu *heh*
<nealmcb> hmm - my brother got an odd error running tasksel, and now it seems hung.  he writes "ubuntu asked me to put the cd in the drive. I just hit enter... it asked again, I did put the cd in the drive and then it said:  "Exiting subroutine via next at /usr/bin/debconf-apt-progress line 153, <STDIN> line 7. "   and went on to ask me re mysql root login passwords"
<sommer> heh.. slim and trim, that's the way I like it
<nealmcb> he installed lamp with tasksel, and had cdrom in his sources.list
<nealmcb> sommer: interesting - thanks
<sommer> nealmcb: yep, is he installing gutsy?
<nealmcb> yes
<sommer> and lamp didn't install or it did?
<sommer> I may be confused
<nealmcb> heh - the $100 laptop with the $130 keyboard/mouse :-)
<nealmcb> but yeah - those are the big outages - just don't expect lots of them in africa
<sommer> ya... I took a couple of days for me to buy it, but in the end I was like it's only money
<nealmcb> lamp did install, but tasksel didn't exit or respond any more
<sommer> odd, seems like I've seen tasksel do that before, but I think it was during a hardy alpha
<nealmcb> #141601
<nealmcb> bug #141601
<nealmcb> bug 141601
 * nealmcb looks suspiciously at ubotu
<nealmcb> https://bugs.edge.launchpad.net/ubuntu/+source/debconf/+bug/141601
<pwnguin> ubotu died
<pwnguin> probably muted itself to prevent getting flooded off again before someone looks at it
<Kamping_Kaiser> hehe
<nealmcb> anyway - mine was a known bug - fix released, perhaps
<ubotu> Launchpad bug 141601 in debconf "tasksel packages stays at 100%" [Undecided,Fix released] https://launchpad.net/bugs/141601
<nijaba> morning
<nijaba> nealmcb: Regarding your tasksel problem: this is a known problem, fixed on hardy, which is the reason why in the JeOS tutorial we chose to use apt-get install lamp-server^ <- note the ^ at the end
<gopp__> what is the best way to get a fresh install of samba after I have seem to fucked up the current instal
<gopp__> I can not seem to connect to my samba file share
<gopp__> apt-get remove samba or what
<Kamping_Kaiser> gopp__, apt-get --purge remove samba (and any other needed package)
<gopp__> all I wanted to do is have my ubuntu computer act as a small domain controller
<gopp__> soo all I do know is install it apt-get install samba
<gopp__> thanks Kamping_Kaiser
<Kamping_Kaiser> gopp__, np. good luck
<mookid> I have one box and a dynamic DSL IP... will I still be able to play around with sendmail?
<gopp__> hmm for some reason in windows it keeps saying
<gopp__> network not found
<gopp__> I  reinstalled samba
<gopp__> the speficed network is no longer avaible
<Kamping_Kaiser> mookid, yes, but dont. use exim or postfix
<Kamping_Kaiser> gopp__, you'll proably have to reconfigure it
<Kamping_Kaiser> mookid, and using a dynamic, ip, i'd recomend usign your isp as a relay (smart host)
<moralbehav> i have got a server, i read the useridr in /home/unixuser/public_html , in the /home i have got chmod 700 * ,the owner (only) can edit, read, execute you files
<edneymatias> morning
<mookid> Kamping_Kaiser: I have to use sendmail - it's for a new job
<mookid> they use sendmail on the front end as a relay
<Kamping_Kaiser> moralbehav, can you say all that again?
<moralbehav> i have got a server, i read the useridr in /home/unixuser/public_html , in the /home i have got chmod 700 * ,the owner (only) can edit, read, execute you files
<moralbehav> the server can read public_html :'<
<moralbehav> and i must have got chmod 700 * in the index, becouse is a multi-user server
<Kamping_Kaiser> moralbehav, pastebin the output of `ls -lhd /home/unixuser/` and `ls -lhd /home/unixuser/public_html`
<Kamping_Kaiser> mookid, ew :(
<moralbehav> Kamping_Kaiser k
<moralbehav> Kamping_Kaiser http://www.pastebin.ca/935151
<Kamping_Kaiser> moralbehav, and what is going wrong exactly? apache *can* see files, or apache *cant* see files?
<mookid> Kamping_Kaiser: I think it's just a legavcy thing more than anything
<moralbehav> Kamping_Kaiser cant. i use cherokee
<Kamping_Kaiser> moralbehav, well whatever your using then
<Kamping_Kaiser> mookid, sendmail on ubuntu?
<mookid> sendmail
<mookid> :p
<CJari> hey
<Kamping_Kaiser> CJari, ello
<mookid> not on ubuntu lol - I'm just using ubuntu cos that's what they're moving onto eventualy anyway
<CJari> can anyone help me to setup ftp?
<Kamping_Kaiser> CJari, can i suggest you try everything else first?
<CJari> I have apache server
<CJari> and subversion
<Kamping_Kaiser> CJari, can you serve the files over http?
<CJari> Kamping_Kaiser : yes
<moralbehav> Kamping_Kaiser cant. i use cherokee
<Kamping_Kaiser> moralbehav, either make sense, or i'll just leave you for someone else to help
<CJari> so I was wondering if proftpd would be ready to be connect with my user(shell) name and password?
<Kamping_Kaiser> CJari, it can probably be done, but i dont use ftp
<CJari> ok
<nijaba> CJari: the reason why most of us do not enable ftp to transfer our file user our accounts is because ftp does not do encryption, so it means you login and password would be visible to anyone sniffing the network -> bad idea
<nijaba> CJari: instead we like using scp or sftp for example
<CJari> nijaba its ok for private server..
<CJari> anything that just works is ok :)
<nijaba> CJari: you mean private network?
<CJari> yeah
<nijaba> right
<CJari> I'm trying to get it working now, but I dont know where to look at the problem because the log files are empty
<Kamping_Kaiser> ftp is a horible protocol, encryption or not
<nijaba> what have you installed so far?
<nijaba> Kamping_Kaiser: well, quite right that it is DATED
<Kamping_Kaiser> nijaba, dated isnt the word i'd use. http://wooledge.org/mywiki/FtpMustDie
<nijaba> :)
<Kamping_Kaiser> :)
<CJari> I have installed proftpd
<nijaba> CJari: so can you connect to your server now? if not, what error do you get
<CJari> nijaba : it just says: "Can't establish connection"
<c1|freaky> what else should one use instead of ftp?
<Kamping_Kaiser> CJari, try and increase the debug level
<Kamping_Kaiser> depends what you need to happen
<Kamping_Kaiser> (i expect)
<CJari> unfortunrely there is not debug levels according to my knowledge
<CJari> it  may not be running at all
<Kamping_Kaiser> how can a service not have a debug level o_0
<CJari> because it logs everything I suppose
<CJari> I wonder this means: "ProFTPd is started from inetd."  it comes when I do this: "/etc/init.d/proftpd restart"
<CJari> Im not sure about the english, is it saying that it has or will be started later on?
<Kamping_Kaiser> run `ps aux |grep ftp`
<Kamping_Kaiser> however, in answer to your queston, i'd say its telling you taht it didnt start, because inet handles it
<CJari> right, thanks
<CJari> so that leads to question.. is the inetd running...?
<Kamping_Kaiser> unsure.
<CJari> hey cool I got it working, had to switch from inetd to standalone from the config
<Kamping_Kaiser> good work :)
<faulkes-> morning nijaba
<faulkes-> and all
<Kamping_Kaiser> faulkes-, good morning :)
<nealmcb> nijaba: right - thanks! later
<sommer> zul: another ebox issue... the log observer event doesn't seem to be configurable
<soneil> any suggestions on installing alpha6 into a VM?  -server dies because I don't provide pae, -alternate only shows a "normal" boot option, and jeos dies on bug 189013
<ubotu> Launchpad bug 189013 in ubuntu "JeOS (hardy alpha 4) installation fails @ "Select and install software" stage" [Undecided,Confirmed] https://launchpad.net/bugs/189013
<soneil> heh, ty ubotu
#ubuntu-server 2009-03-02
<tsrk> Is there any way for a non-administrative user to have something run automatically at startup/
<JanC> tsrk: afteror before that user logs in?
<tsrk> JanC, before, when the system starts up
<tsrk> like when apache starts
<JanC> tsrk: first of all you want to restrict what people can do in such a case
<tsrk> JanC, by default is there a way to do it?
<JanC> tsrk: not AFAIK, as it's potentially dangerous...
<tsrk> JanC, ok, but how is it any more dangerous than user crontabs?
<JanC> tsrk: well, if running as the user is okay, I guess user crontabs can already do what you want?
<tsrk> JanC, that wouldn't be ideal since I only want one instance running and it'd be best if I didn't have to wait for the next cron cycle for it to start
<ScottK> Regular init scripts start processes as a certain user all the time.
<ScottK> I'm not sure what you're asking for that's unusual.
<JanC> ScottK: except if he wants the user to "install" arbitrary things to start?
<ScottK> No, but the question was run, not install.
<ScottK> You can have an init script start some thing as any user.
<tsrk> I want something like a user crontab but just for starting things when the system starts
<ScottK> So write a script to do what you want and have an init script fire it off.
<JanC> and don't let users change it, except in a very controlled way...
<tsrk> ok
<tsrk> I'll try that, thanks
<hads> A user can start something at boot with cron via @reboot
<tsrk> hads, wow, thanks!  that's exactly what i wanted!
<tsrk> it makes so much sense :P
<hads> Cool :)
<jon_high9000> Hello, I was wondering is there a to setup a Mail Server so it can pull a pop3 account like Evolution or Thunderbird? I have gmail.
<oh_noes> is it possible to tell ubuntu-vm-builder or vmuilder vmbuilder to create an OVF Compliant image?
<twb> oh_noes: what is an OVF?
<oh_noes> Oopen Virtualization Format
<oh_noes> Open*
<oh_noes> Or in others words, I'm having no luck getting vmbuilder/ubuntu-vm-builder to create a VM that ESX/ESXi can import.
<twb> Ah, so OVF is a new native format for ESX, Xen and whatever Microsoft's native virtualization is called?
<oh_noes> I'm not sure specifically, but it's the first attempt to create a single image that all platforms support and can run
<twb> Cool.
<twb> qemu-img is a bitch
<twb> Not that I can actually help with your problem...
<oh_noes> twb: ironically .. your might have just give me a workaround.  I'm thinking I might have to use vmbuilder to spit out a XEN image, then qemu-img to convert to ESX
<oh_noes> twb: do you know what package qemu-img comes in?
<twb> oh_noes: qemu
<twb> oh_noes: to save you time
<twb> Supported format: parallels qcow2 vvfat vpc bochs dmg cloop vmdk qcow cow host_device raw
<oh_noes> twb: well,the interesting thing is that the vmdk `vmbuilder` is creating isn't a proper ESX vmdk
<oh_noes> and it cant be imported
<twb> That's probably because it has some plain text shit at the top
<twb> try #qemu, I don't know much about it
<oh_noes> Oh, really?  I didnt realize the vmbuilder to vmdk creation was actually a qemu problem.  Hrmmm
<uvirtbot> New bug: #335087 in samba (main) "samba segfault" [Undecided,Incomplete] https://launchpad.net/bugs/335087
<oh_noes> is it possible to apt-get install the developement/trunk version of vmbuilder?  (it has ESXi support I need)
<oh_noes> https://code.launchpad.net/~ubuntu-virt/vmbuilder/trunk
<Ethosser> hi guys, I don't seem to have a debian-sys-maint account even though i've installed LAMP server
<Ethosser> any ideas?
<jwstolk> hi. I have a server (firewall) with 4 nic's. I have set one nic as gateway  (the one connected to the DHCP ADSL modem), but DNS resolving still seems to use the wrong nic. how would I tell linux what nic to use for DNS?
<giovani> jwstolk: you set your default gateway/interface
<jwstolk> I did. (in /etc/network/interfaces)
<giovani> so when you run route?
<giovani> (pastebin the output)
<jwstolk> http://pastebin.com/m79ca1ae3
<giovani> and which interface do you expect/want your traffic going out?
<jwstolk> should go over eth2
<giovani> and where is it going?
<jwstolk> not sure. it was working when I had the 10.0.0.0 subnet on eth1. I can still ping google and my http servers on the 10.0.0.x subnet. but can't ping "www.google.com"
<jwstolk> (can if I use google IP directly)
<giovani> well what's your DNS set to?
<giovani> (cat /etc/resolv.conf)
<jwstolk> output: 10.0.0.138  (my ADSL modem)
<hads> Speedtouch
<giovani> well, you have your interfaces confused, probably
<giovani> because there's no way it's routing 10.0.0.138 over anything but eth2
<giovani> I bet you got them switched
<giovani> use ping -I ethX
<giovani> btw
<giovani> to confirm
<jwstolk> I'll have another look. I checks hardware addresses, etc.
<giovani> either there's some misconfiguration in your network
<giovani> or you have your wires crossed
<giovani> because your routes are fine
<jwstolk> ok thanks.
<giovani> and if you're able to get traffic to the internet ... then your computer can obviously contact .138
<giovani> since it's your gateway
<giovani> so if .138 is also your dns
<giovani> clearly you've broken dns or something
<giovani> if I were you, I'd be using a tap/hub
<giovani> and capturing traffic on each interface with another machine one by one
<giovani> until I isolated the problem
<jwstolk> (ping -I eth2 10.0.0.138   works fine)
<giovani> as it should
<giovani> and ping -I eth2 4.2.2.2?
<jwstolk> hmm. too
<giovani> ok
<giovani> now "traceroute 4.2.2.2"
<giovani> pastebin the output
<jwstolk> don't have traceroute installed yet, and apt-get is tricky without working dns...
<giovani> just copy the package over manually then
<giovani> it doesn't have any dependencies beyond libc
<giovani> usbkey, or something
<jwstolk> ok
<giovani> what release of ubuntu are you running?
<jwstolk> ubuntu-server 8.10, 64-bit
<giovani> hmm, packages search is down, lame
<giovani> http://us.archive.ubuntu.com/ubuntu/pool/main/t/traceroute/traceroute_2.0.11-2_amd64.deb
<giovani> just copy it over and run "dpkg -i traceroute_2.0.11-2_amd64.deb"
<jwstolk> thanks. (I was adding the ubuntu server to hosts...)
<giovani> yeah, that works too
<giovani> http://91.189.88.31/ubuntu/pool/main/t/traceroute/traceroute_2.0.11-2_amd64.deb
<giovani> any luck?
<jwstolk> hosts didn't work.
<giovani> what?
<jwstolk> trying wget
<giovani> I gave you the url with an ip
<giovani> hello?
<jwstolk> wget also doesn't work. I think I better re-check the cabeling. I will be back later.
<giovani> ok
<giovani> well I'm off to bed
<jwstolk> ok thanks
<kraut> moin
<jwstolk> traceroute does have dependencies. like send  :-(
<_ruben> jwstolk: whats the exact contents of /etc/resolv.conf? and you could modify your /etc/apt/sources.list and replace the hostnames by ips, no need to download packages manually then
<jwstolk> something else is going on. I added the package server to the hosts file, and even wget with IP's doesn't work.
<jwstolk> resolv.conf: http://pastebin.com/m2db01509
<_ruben> oh .. i misread your comment on using wget with ip's
<_ruben> resolv.conf looks good
<jwstolk> strange that wget doesn't work but ping does.
<_ruben> that's a diff problem
<_ruben> $ curl -I http://91.189.88.31/ubuntu/pool/main/t/traceroute/traceroute_2.0.11-2_amd64.deb | grep Loc
<_ruben> Location: http://archive.ubuntu.com/ubuntu/pool/main/t/traceroute/traceroute_2.0.11-2_amd64.deb
<_ruben> it redirects to the fqdn
<jwstolk> oh
<_ruben> use 213.136.29.211 instead .. its the dutch mirror which doesnt do any redirecting
<jwstolk> well, I copied traceroute using an usb stick, but now I need "send"...
<jwstolk> I'm wondering it would be simpler to re-install ubuntu, with the modem connected to the correct nic in the first place.
<_ruben> just read a bit more history .. so you just changed the network port you hooked the modem on to? .. could you pastebin a small network diagram (which nic goes where), and the output of 'ip route' and 'ip addr'
<jwstolk> 213.136.29.211 was the one I added to my hosts file. didn't work.
<jwstolk> I insatlled ubuntu while connected using the on-board nick. then I configured the other 3 nics in /etc/networks/interfaces, and moved the modem to the new nic.
<jwstolk> I a added firewall rule to allow everything from the firewall to the internet.
<jwstolk> I'm logged into the firewall over SSH from the same subnet (and same nic) as the ADSL modem. (so the nic itself works)
<Deeps> try using nameserver 4.2.2.2
<Deeps> open public recursive dns server
<_ruben> oh .. there are firewall rules in places as well .. then please pastebin the output of 'sudo iptables-save' .. and i do assume you restarted the networking of that box after changing wires and editing the interfaces file
<jwstolk> yes
<jwstolk> while box, several times
<_ruben> ok
<_ruben> (or flush all firewall rules to make sure those dont interfere)
<jwstolk> iptables shows 279 lines. is that usefull? (I'm using "vuurmuur"). I think I should just sort out some things instead of waisting everyones time here. I'll be back later if thats ok.
<_ruben> it could very well that vuurmuur isnt aware (yet) of your altered nic usage
<jwstolk> I installed vuurmuur after the change
<_ruben> didnt work befure you installed vuurmuur either ?
<jwstolk> didn't try
<_ruben> so it could be a vuurmuur config problem
<_ruben> so i'd try disabling it for a bit, and see if anything changes
<jwstolk> I already disbaled vuurmuur. should I flush the iptables rules as well?
<_ruben> if iptables-save still shows 279 lines, then yes
<_ruben> for a complete flush: echo -e "*filter\n:INPUT ACCEPT\n:FORWARD ACCEPT\n:OUTPUT ACCEPT\nCOMMIT" | sudo iptables-restore
<jwstolk> that fixed it
<jwstolk> I can ping www.google.com  now
<_ruben> firewalls are the first thing to disable when troubleshooting network problems (when possible ofcourse)
<jwstolk> started vuurmuur, no ping anymore. it's the problem
<jwstolk> ok thank you.
<_ruben> :)
<_ruben> firewalls are a good thing, but only when properly configured :)
<jwstolk> I have only accept rules, including one that alows everthing from firewall to internet.
<_ruben> "only accept rules", but probably a default policy of DROP or REJECT
<jwstolk> yes
<_ruben> and only allowing from firewall to internet isnt enough, you'd have to atleast allow (inbound) related/established traffic for instance
<_ruben> tho i kinda assume (or hope actually) that vuurmuur takes care of that
<_ruben> and that's why i prefer to write my own firewall scripts/configs personally :)
<jwstolk> :)
<jwstolk> could have something to do with the fact that my hostname isn't "firewall" for some reason. after I added a rule for "any" the google ping works
<jwstolk> I must hav picked the wrong host name the last time I re-installed ubuntu-server
<_ruben> i never user vuurmuur myself (only know it by name), cant really help with its config ;)
<_ruben> 'hostname' oughta tell you its hostname
<_ruben> as do most (bash) prompts
<jwstolk> it was on the prompt, I just didn't notice it before
<achilles> hello, I'm trying to restrict ssh access only to one user, I added "AllowUsers MyUser " in ssh_conf but others can access
<_ruben> achilles: you need sshd_conf
<_ruben> ssh_conf is for the client
<achilles> _ruben, oh thank you
<Ethosser> guys anyone know a guide on how to setup ubuntu server to connect to mssql?
<Ethosser> cause all im finding is shit guides that don't work
<Ethosser> and people doing "freetds ffs"
<_ruben> freetds is what a collegue of mine used ages ago, worked reasonably back then (years ago)
<Ethosser> I can't seem to find a guide tho
<Ethosser> one that works :D
<jwstolk> _ruben: I think I found my problem (the biggest one at least) the Internet is slightly bigger than just the local sub-net where my ADSL modem is...   I just installed the last nic (5th) and it's going great.
<AnRkey> i have url --url http://192.168.254.254/ubuntu/ in my ks.cfg file for my local repo to be used. the installer still looks at http://za.archive.ubuntu.com/ubuntu/... for the packages file though and not my local repos, how can i see why this is happening?
<AnRkey> kickstart issue
<AnRkey> soz :)
<_ruben> jwstolk: why so many nics btw?
<jwstolk> seperate wan/lan/home/wifi/dmz
<jwstolk> it's a firewall :)
<_ruben> jwstolk: ah .. had some trouble coming up with 5 zones that'd reside behind a dsl link (which tend to be for home usage) :)
<jwstolk> we don't need a very fast network
<sommer> morning all
<fevel> hi guys
<fevel> I need to get the first two lines from a file and transform into user and pass on htpasswd
<fevel> can anyone give me a hand?
<cemc> fevel: maybe like this:  head -2 /tmp/testfile.txt | awk -v ORS='' '{print $1":"$2}'
<cemc> thx
<cemc> (wrong win)
<thefish> anyone know dhcpd at all? i have a subnet { with 2 range xxx.xxx.xxx.xxx yyy.yyy.yyy.yyy statements, but these dont seem to be working
<cemc> thefish: paste conf please
<thefish> cemc: you want the entire conf?
<thefish> the culprit line is just the range... bit
<thefish> was working with just one
<_ruben> thefish: you need to define a shared-network in order to have 2 ranges for a single interface
<thefish> _ruben: ok thanks, what is a shared-network
<thefish> and the ranges are on the same /24 network
<thefish> its just a non-contiguous space
<_ruben> thefish: oh .. then shared-network isnt what you're looking for
<_ruben> do you get any error when loading such a config?
<thefish> no error
<thefish> ah, it seems now a client got an anddress in the new range :)
<thefish> and all i did was think "i wish it would work" three times :D
<_ruben> 2nd range wont be used untill first is full
<thefish> cool, thanks _ruben
<cemc> [15:23:55] <cemc> fevel: maybe like this:  head -2 /tmp/testfile.txt | awk -v ORS='' '{print $1":"$2}'
<fevel> im trying something like this
<fevel> awk '{system("htpasswd -bp "$1" "$2" passwds")}' users
<Doonz> hey does anyone know what text based browser works well with a linksys router
<sommer> Doonz: I like w3m, but links would probably work as well
<Doonz> unfotrtunately they dont render the stupid conguration pages right
<Doonz> configuration*
<Doonz> ive tried: elinks, lynx, links, links2, w3m
<sommer> Doonz: do they use javascript or something?
<axisys> i wish ubuntu installation has option to setup a nic bonding during install
<axisys> what is that site where you submit your feature request?
<sommer> axisys: probably brainstorm.ubuntu.com
<Doonz> sommer yeah
<axisys> sommer: yep.. thats the one.. thnx
<sommer> Doonz: then I'll bet you're out of luck for using a text browser... at least I don't know of any that can do javascript, but there may be one and I just don't know
<sommer> axisys: np
<Doonz> ok
<JanC> some versions of (e)links can do (limited) JavaScript
<JanC> http://elinks.or.cz/documentation/manual.html#ecmascript
<axisys> i know x2100 has fake raid nvidia raid.. anyidea if x2100 m2 has similar raid as well
<axisys> ?
<yann2> ?
<yann2> what's your problem with x2100?
<axisys> yann2: i don't
<axisys> yann2: i am wondering if x2100 M2 also have fake raid controller?
<yann2> define fake?
<yann2> I've had many disk issues with a x2100 if it has a weird controller that may explain
<axisys> yann2: https://help.ubuntu.com/community/FakeRaidHowto
<yann2> weird. don't think I had to do that. I think i must have had a normal raid card
<axisys> when i enabled the raid in bios ubuntu recognized it.. and after installation when i take one of the disk out it remounted the root as read only
<axisys> no wonder why recommend not to use nvidia fake raid
<axisys> now i am installing it again by disabling the raid in bios and installing with software raid
<axisys> how do I boot from a livecd iso over the network?
<mathiaz> kirkland: is powernowd still installed by default on -server?
<kirkland> mathiaz: no
<mathiaz> kirkland: IIRC it wasn't necessary anymore.
<kirkland> mathiaz: not needed
<mathiaz> kirkland: ok - thanks.
<Ethosser> guys, i'm tar'ing up my intranet on ubuntu
<Ethosser> I can untar if just fine on the box, but when I copy it up to windows it won't open with 7zip or winrar
<Ethosser> any ideas? XD
<simplexio> Ethosser: tar.gz ? should work in winrar, not 100% about bzip
<oCean_> Ethosser: don't know anything about windows, but 7zip should do it according to docu. What options to tar do you use? -> creating a .tgz (tar cvfz) ?
<Ethosser> http://pastie.org/private/scqhgnnoinakjxj0ocsqw
<Ethosser> i've tried with 7zip too
<oCean_> Ethosser: I really have no idea at all about windows... It could be that the .tgz throws it off. Try tar cvf first, than gzip www.tar - this way you should end up with www.tar.gz - maybe 7zip does know how to handle that?
<Ethosser> thanks mate, i'll give it a go :)
<Deeps> Ethosser: winrar can handle .tgz, as can winzip
<Ethosser> hmm
<Ethosser> I thought so
<Ethosser> Wonder what's going on
<Deeps> entirely possible 7zip's just having a baby over the .tgz extention instead of .gz
<jerrymcfarts> Hello, I am having a problem. I am running Folding@home. But it wont shutdown when i tell it too.
<jerrymcfarts> I am running it manually through a terminal, and I run it in SMP mode. I use the "ctrl+c" to to get back to the bash console, but when I issue "top" the FAHCORE is still running
<jerrymcfarts> killall FAHCORE and killall fah6 seem to work, my CPU gets relieved, but the processes get reinstated
<jerrymcfarts> and top shows they are back up and running
<jerrymcfarts> kk 'killall -9 fah6' worked
<jerrymcfarts> thanks all
<jerrymcfarts> :-) didn't think about the -9 option until i was typing it out
<axisys> how do I change this line so that I can see the OS from console ? currently I need to connect a monitor to see the grub ..
<axisys> /boot/vmlinuz-2.6.27-11-generic root=/dev/md0 ro quiet splash quiet
<axisys> may be vga=txt ?
<giovani> from console?
<giovani> a monitor is your console
<cemc> axisys: you mean thru serial ?
<axisys> cemc: yes :-)
<orudie> how can i make a file executable ?
<malakhi> orudie: chmod +x file_name
<giovani> cemc: https://help.ubuntu.com/community/SerialConsoleHowto
<giovani> it's more than just working with grub
<giovani> that might be a tad out of date -- so use common sense
<ScottK> cemc: The Dapper clamav backport is done today.  Thanks again for your help.
<cemc> ScottK: that's good news
<drbobb> cemc: followed your advice, but it still didn't work
<cemc> drbobb: about the grub installing thing?
<drbobb> yeah
<drbobb> i mean i ran setup from inside grub
<giovani> sorry cemc, that was meant for axisys
<cemc> giovani: yeah, i got it ;)
<cemc> drbobb: and did it install correctly?
<drbobb> now it finds stage1.5 on the hdd, but gets stuck there
<drbobb> yeah the message was that it succeeded
<drbobb> so i'm still stuck with keeping a boot floppy in the fdd all the time
<drbobb> (not that i need the fdd for anything else)
<cemc> and you have a simple SATA hdd on sda, and that's it ?
<cemc> nothing fancy ?
<drbobb> weird, i've installed linux on ~100 pc's or so, never seen this before
<cemc> me neither
<drbobb> well there is a plain ATA controller, two channels, only thing on it is the dvd/cd
<giovani> drbobb: did you try just starting fresh with a new install?
<drbobb> and a onboard SATA in addition to that
<drbobb> yes it was a fresh install, from the hardy server edition
<giovani> but you've just tried to repair since, no? did you try just doing a reinstall since the problem started?
<drbobb> nope, why should i reinstall
<drbobb> it works fine, other than grub
<giovani> because you've tried 5 ways of repairing and it's not working?
<drbobb> only tried reinstalling grub in 3 different ways
<giovani> ...
<giovani> I clearly wasn't trying to be exact
<drbobb> via grub-install, and under grub's native shell
<giovani> the point being, you've tried every repair method we can think of
<giovani> and it hasn't resovled the issue
<drbobb> right
<giovani> so ... it may be time to cut your losses, and try and full reinstall, in case this is some odd problem that won't be fixed with these solutions
<drbobb> only other idea i can think of is to try lilo insted
<giovani> ...
<giovani> heh
<giovani> have fun
<drbobb> my best guess is that maybe the bios is buggy in some way
<drbobb> cause iiuc grub uses bios calls to load its stuff from the hdd
<drbobb> i did some stressing of the machine and it seems to be working fine, other than that booting issue
<drbobb> i mean like a full kernel recompile, and an rsync of a few dozen gigs of data across the LAN
<pjsturgeon> Anyone know what could be stopping WoL from working? Got ubuntu server 8.10 wired mobo ethernet connection. supports pumbg and is set to g using an init.d script that is working
<pjsturgeon> using DHCP and a BT Home Hub router/modem (which is always good fun...)
<pjsturgeon> nobody wants to get involved with Wake on Lan support? heh
<docta_v> anyone know of a good batch scheduling system? only thing i can find is this arcane thing called job scheduler
<JanC> docta_v: what do you mean by "batch scheduling system"?
<dsmith-work> Reminds me of something on AIX.
<JanC> dsmith-work: and what did that do?
<dsmith-work> Kind of like a printer queue, and in fact, used a lot of the same machinery.
<dsmith-work> You could submit batch "jobs" to it, kind of like cron.
<dsmith-work> But it would run them in sequence, not at a specific time.
<JanC> ah, something to emulate pre-multitasking operating systems?  ã
<JanC> (j/k)
<dsmith-work> Well, aix.
<JanC> I suppose it would need support for priorities and rescheduling and such
<docta_v> something that supports job chains and multiple batch servers
<docta_v> so if a batch server dies you can rerun the chain on another system, etc.
<docta_v> or if a chain fails you can rerun with the correct order
<maswan> docta_v: slurm is the sensible batch scheduler
<JanC> ah, that sounds like you might want to look into some of the cluster-related packages
<maswan> docta_v: don't know if it does any of the fancy stuff though, but it does batch execution
<andol> kirkland: What happend to bug #296952? Not enough background from me?
<uvirtbot> Launchpad bug 296952 in mysql-dfsg-5.0 "mysqlhotcopy failed on table with hyphen in name" [Undecided,In progress] https://launchpad.net/bugs/296952
<docta_v> cool i will take a look
<kirkland> andol: hi there
<kirkland> andol: actually, i think it was the Alpha Freeze
<kirkland> andol: i'll get that uploaded
<andol> kirkland: great
<Nafallo> oooh debdiff
<Nafallo> that's easy enough :)
<Rafael_> ebox vs webmin: i am newby and i know everybody says that ebox is supoorted and webmin no, i have play with the 2 and find webmin esier and with more functions that ebox..WHY should i use ebox????
<jpds> !webmin | Rafael_
<ubottu> Rafael_: webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system. See !ebox instead.
<Rafael_> jpds: can you please elabore a little your answer?
<jpds> webmin will probably break your system.
<Rafael_> thanks
<sjad9> Sorry for the noob question, but how do I get snmpwalk to show the dskTable?  Right now it just shows very basic system info.
<areay> how can i setup centralized logins for my network, so that home folders and usernames/passwords are kept on a server?
<oh_noes> Anyone using the latest ESXi support in vmbuilder from trunk?
#ubuntu-server 2009-03-03
<Thirtysixway> how long can I extend a usb cable?
<Vog-work> areay: LDAP
<areay> Vog-work, i've messed around with openldap a little, but it seemed way overcomplicated for what i want... is that the only way to do it?
<Vog-work> Depends on what you want to do and what your clients on the network will be.
<Vog-work> If they are all windows clients then SAMBA is fine.
<areay> Vog-work, they're all ubuntu clients
<Vog-work> If you have windows and samba servers and you want single sign on then LDAP is basically the only way to go.
<Vog-work> areay:.... all ubuntu clients...
<techsupport> how can i archive a directory and it's contents with tar ?
<areay> Vog-work, sorry i don't get what you're saying... do i have to use LDAP if i'm only authenticating ubuntu clients? i would have thought it would be easier to authenticate clients using the same o/s as the server...
<Vog-work> Areay I was assuming that you r clients were windows not ubuntu
<areay> Vog-work, ahh fair enough... after switching to ubuntu on my personal pc, i started to hate using windows for business.. it was weird
<areay> Vog-work, so Samba is cool, right? if so that makes things a lot easier (i think)
<Vog-work> Samba is great if you are using windows style shares and AD
<Vog-work> (Active directory)
<Vog-work> But for an all out ubuntu netowrk I'm considering some other things.
<areay> Vog-work, it's annoying that it's been made so difficult to do... it should be an included feature of ubuntu
<Vog-work> techsupport: GO here for some help with tar. http://www.linfo.org/tar.html
<Vog-work> areay: It isn;t difficiult to do.... most of the time you would just ssh into the ubunti server from the client for your work. I'm just trying to get a better idea of what you want to accomplish
<Vog-work> areay: Nfs is probably the way to go.
<Vog-work> http://czarism.com/easy-peasy-ubuntu-linux-nfs-file-sharing
<giovani> areay: what's so difficult?
<areay> Vog-work, i need file sharing and centralized logins too... i've used XDMCP before but it's buggy and it uses all my network bandwidth
<Vog-work> areay: is that simple enough :)
<areay> Vog-work, the file sharing part is easy, it's just the logins
<giovani> uh
<Vog-work> That just soulds like a server with users and groups set up
<giovani> why is it that every company in the world manages then?
<areay> Vog-work, because they all pay for windows server 2003
<giovani> uh
<giovani> what?, no
<areay> i meant giovani
<giovani> centralized linux logins are not hard, and are incredibly common
<giovani> many solutions available
<Vog-work> I don't own any win 2k3 servers and do just fine... but that won't help you with your problem
<areay> okay well i've followed like 5 or 6 different guides on openldap and none of them work
<areay> each one took at least an hour
<giovani> heh
<giovani> well there's you problem
<giovani> your*
<giovani> "following guides" probably means doing things you don't understand ... not a good idea
<Vog-work> What I think you want is just a single server with the ability to set permissions on directories
<areay> giovani, you're right, i don't really understand LDAP or Active Directory... the closest i've come is working on a windows server
<giovani> areay: well ... either hire someone to do it, or learn
<giovani> plenty of books on the topic
<Vog-work> Samba is the closest thing there is to widows sharing.
<giovani> copying stuff blindly from guides and then claiming that it's ubuntu's fault ...
<giovani> is not accurate
<areay> i shouldn't have to follow guides
<giovani> you're right ... you should know how to do it by learning
<areay> i'm talking about centralized logins of *ubuntu* systems
<areay> it should be integrated
<giovani> I don't know what "integrated" emans ... ubuntu provides the packages
<giovani> just like with any other application
<giovani> s/emans/means/
<areay> the packages are provided, but configuration is a nightmare
<Vog-work> areay: So you want ubuntu clients to be able to log into a ubuntu server. Each with their own username and password.
<giovani> no, it's not
<giovani> you simply haven't made a serious effort to learn
<areay> giovani, i shouldn't have to, it's a simple task
<giovani> it's not in windows
<areay> sure it is
<areay> there's a gui
<giovani> Active Directory has multiple 1000+ page books dedicated to the topic
<giovani> areay: if you want a gui to manage your server, you don't belong here
<areay> you just add groups, users, and computers, and they all login
<areay> i don't want a gui to manage my server
<giovani> then there's no problem
<giovani> every company in the world manages to do it -- you're the one having the problem, yet you think it's ubuntu's fault?
<areay> every company in the world?
<areay> Vog-work, yea thats pretty much what i need
<giovani> every one of size, sure
<areay> i have 12 employees and a very limited budget
<areay> so we're not of size
<giovani> 12 employees? I've worked in companies of one :)
<areay> lol
<giovani> it's just about education
<giovani> don't get mad because you have to learn
<giovani> if you're not interested in learning how -- then linux is not for you
<areay> i'm not mad... please don't get me wrong... i'm not mad, and i'm not blaming ubuntu or the developers of openldap... i'm just surprised there isn't an easy-to-use tool for setting it up
<Vog-work> giovani: Instead of pointing out what areay dosen't know perpahps pointing him towards some good literature somewhere would be better.
<giovani> because other people don't see the need?
<giovani> it's easy
<giovani> Vog-work: I would be happy to recommend some books -- he's made it clear he doesn't want to have to learn
<giovani> so, I won't be providing them
<areay> there's like 20 config files you have to edit, and if you improperly configure the clients you can't login
<giovani> going to make dinner
<malakhi> it is *not* "easy." Of course, neither is Windows.
<twb> areay: there is a turn-key solution for Ubuntu as an ldap auth *client*
<twb> areay: unfortunately setting up the server is still rather confusing, especially if you are not already familiar with LDAP.
<areay> twb, thats kind of the impression i've got...
<Vog-work> Actually I see the areay is frustrated with the results he's been getting so far and he came to a channel where all he's heard is rtfm with a side helping of eliteism
<malakhi> areay: I haven't tried it, but ebox has a module that provides a web-based gui for configuring ldap
<areay> malakhi, thanks i'll check that out
<twb> Currently we still run NIS internally because LDAP is such a pain :-P
<areay> Vog-work, lol
<areay> this really isn't the first place i come when i need help
<areay> i scour the net for like a week before i come here
<Vog-work> Areay: Now yeah I agree with giovani in regards to taking the time to learn. It is time consuming but rewarding.
<Vog-work> Have you gone to the ubuntu fourms adn looked at what other people have done in your situation?
<areay> Vog-work, that's how i've solved most of my linux problems... i've got a pretty good setup here and i've only had to ask here three times
<Vog-work> Because it is a pretty common scenario
<Vog-work> Ok sometimes it's just knowing the proper search terms to look for.
<areay> i've been searching "ldap samba 8.10" in google
<Vog-work> Let me dig around a bit and see what I can find.
<areay> thanks for ur help
<Vog-work> areay: Are you comfortable in the command line or do you want to work in gui only?
<areay> command line's cool
<areay> it makes me feel important :)
<Vog-work> Ok, but if things get fscked up can you fix things from there.
<areay> it depends on how bad they get... i'm usually okay; i haven't had to completely reinstall ubuntu for like 5 months (i've been using it for 6 months now)
<Vog-work> Ok no offence but it sounds like you are pretty new to the command line.
<Vog-work> You need to work in it daily to really learn linux (Ubuntu) server administration
<areay> i've been using linux command lines on and off for like 8 years... i think the key there is on and off tho... i've never really used it intensively
<areay> just basic stuff... compiling and such
<Vog-work> Ok, so can you set up directories and user permissions?
<areay> yeah
<areay> mkdir, chmod, chown, and chgrp
<Vog-work> OK cool.
<Vog-work> Do you have the ability to get / send private messages in IRC?
<Vog-work> Best to take this part off channel
<areay> yeah sorry i just wasnt paying attention before
<twb> !RUTE
<ubottu> documentation is to be found at http://help.ubuntu.com and http://wiki.ubuntu.com - General linux documentation: http://www.tldp.org - http://rute.2038bug.com
<twb> I highly recommend that textbook for those who want to learn to do things "the unixy way", including CLI.
<JanC> twb: if you mean the "rute" site, what license does that book use?
<twb> JanC: I don't remember, sorry.
<JanC> it's also a bit outdated  ã
<twb> It is.
<JanC> but might be useful still
<Vog-work> Oh and this is my favorite site for ubuntu guides... http://howtoforge.com/howtos/linux/ubuntu
<Vog-work> Now guides are nice to get started, but you need to get you hands dirty and get into real system administration.
<Vog-work> Once you figure out that shell scriptiong can automate lot's of tasks and you start making your own or chenging others then you'll really start having "fun"
<Vog-work> Sometime ver frustrationg fun but it feels great once you conquer a problem.
<JanC> twb: Machtelt Garrels has some (possibly) useful books too: http://tille.garrels.be/training/
<Vog-work> And you learn a lot too.
<JanC> Vog-work: indeed
<J-_> I'm trying to setup my /etc/network/interfaces file with dhcp. In the file, what would the broadcast IP be?
<J-_> Would the broadcast IP be the IP address on the WAN side? And, if it is, do I really need to set it up since my IP address is dynamic.
<JanC> J-_: if an IP on your LAN is like 10.10.1.100 and the network mask is something like 255.255.0.0, then the broadcast address is 10.10.255.255
<JanC> (if that was your question)
<J-_> I think I figured it out :) I put it as 192.168.1.255
<JanC> so your network mask is 255.255.255.0  ã
<J-_> Now I'm trying to configure DNS. Do I create a file: /etc/resolv.conf and put the DNS servers in there?
<twb> You shouldn't need to specify a broadcast address in /etc/network/interfaces.
<JanC> twb is right, DHCP should set that
<twb> JanC: even for static allocation
<J-_> okay, I'll remove it
<twb> At least, that's what I *remember*.
<J-_> Should network, and gateway be the same IP?
<giovani> yep, not required with DHCP
<giovani> J-_: DHCP sets all of that
<twb> I may be confusing it with the obsolete "network" declaration.
<twb> giovani: DHCP *can* set all that, it doesn't have to :-)
<J-_> So, I just need to put 'auto eth0' 'iface eth0 dhcp' below the loopback network interface?
<giovani> twb: no need to be pedantic -- in the real world, unless he has a highly specialized setup, it will be providing his subnet mask, his gateway, and his dns
<giovani> from which, his broadcast address will be calculated locally
<JanC> giovani: and his IP address
<giovani> it this a pissing contest?
<giovani> clearly, we know dhcp provides his ip
<giovani> s/it/is/
<J-_> I'm also using dynamic IP
<JanC> giovani: well, DHCP doesn't have to  ;-)
<J-_> wish I had static
<giovani> J-_: is this your ISP providing DHCP?
<twb> giovani: I don't *have* to be pedantic; I enjoy it :-)
<J-_> I guess so. I'm not totally sure, it's not cable internet.
<giovani> twb: which is fine ... I think, when appropriate
<JanC> J-_: many DHCP server implementations have an option to link an IP address to a MAC addres and/or a hostname
<giovani> but, when troubleshooting an average user, it simply adds to confusion
<giovani> JanC: except we just established his ISP is running it :) -- so, they'll be making that decision
<J-_> Yeah I'm pretty much confused now. :)
<giovani> J-_: you don't need to set anything that you're trying to set
<giovani> simply use dhcp
<giovani> it'll handle everything
<JanC> J-_: do you have a router between you and your ISP ?
<J-_> yes
<giovani> then your router is providing the dhcp to your computer, not the ISP
<J-_> modem, and router.
<JanC> (I already suspected this, as no ISP I know uses 192.168.1.*)
<J-_> it's setup as dhcp on this laptop, I setup my server as a static LAN IP. My WAN is dynamic
<giovani> J-_: alright, well, since the internal network is yours -- you don't have to use DHCP -- that's your option, however, if you choose to set a static ip, make sure it's not in the range that your router assigns via DHCP
<giovani> i.e. your router may assign 192.168.1.100-150 via DHCP -- don't use IPs in that range for static settings
<JanC> giovani: some routers support "static DHCP" though
<twb> JanC: the good ones
<giovani> JanC: yes, a few, however, I'm guessing that's a tad over his skill level to be investigating at the moment
<twb> The ones that run Linux instead of IOS :P
<giovani> uh
<giovani> IOS does static DHCP
<twb> Apparently the one that got deployed in my next remand center doesn't :-/
<J-_> In hardy should /etc/resolv.conf already be there? I just opened a new file. I want to add my DNS server to it.
<J-_> servers*
<twb> giovani: admittedly it might just be that their contractors are stupid idiots
<giovani> J-_: once again ... if you use DHCP ... you don't need to set it manually
<giovani> J-_: if you don't use DHCP, then you can set that manually, however, it'll be overwritten by DHCP and/or your interfaces file settings
<J-_> When I had my server going I used afraid.org DNS servers.
<JanC> some routers require you to use "static DHCP" if you want to set up forwarding & DMZ & such
<giovani> JanC: really? which ones? NEVER seen such a requirement -- albeit it would be intelligent
<JanC> giovani: at least my router makes it difficult if I don't use static DHCP  ;)
<giovani> what do you mean makes it difficult?
<JanC> giovani: but I just filed a GPL violation complaint about it, so maybe it's not really a good example  ;)
<giovani> which manuf?
<JanC> Eminent
<giovani> never heard of them
<twb> Vendor OSes are stinky
<twb> Yay for OpenWRT
<giovani> heh
<twb> echo $MAC $IP >>/etc/ethers && killall -USR1 dnsmasq
<giovani> openwrt has come in handy, yes
<twb> ...you now have fixed DHCP
<JanC> this thing has only 6.3 MiB of RAM according to /proc/meminfo
<giovani> not abnormal
<giovani> some of the linksys get by on 2MiB
<J-_> What defines eth0? Does eth0 also define my WAN address, or is it strictly internal?
<twb> My expensive Asus WL-500g Premium has 32MB of RAM and something like 8MB of non-volatile storage.
<giovani> J-_: whichever network interface is brought up first :)
<twb> I think current OpenWRT wants about half that.
<J-_> ohlawd
<JanC> it's a Texas Instrument AR7 based ADSL modem/router
<giovani> J-_: that's how windows works too
<giovani> and virtually every other OS
<twb> JanC: well, you're hosed then.  You can't drive an ADSL modem using Free software, because the only drivers for them are priorietary.
<JanC> twb: my Asus WL-500gP got fried by a lightning strike at my neighbours  :-(
<twb> JanC: bummer
<J-_> Here's another question. I think I'm thinking of dhcp wrong in regards to interal IP. I'm using a static internal ip, would eth0 see the internal IP I gave it in my router?
<giovani> twb: there are some adsl modems with open drivers
 * J-_ palms a little
<JanC> my neighbours roof got a serious hole in it, but I lost my router, LCD, display & an USB disk
<giovani> J-_: I don't understand your question
<twb> giovani: I stand corrected.
<giovani> twb: not that there are a lot -- but here's one: http://speedtouch.sourceforge.net/
<giovani> ADSL is on its way out anyway
<JanC> giovani: heh?
<giovani> ?
<JanC> not in .be
<giovani> ok?
<JanC> ADSL2+ is the only way out of the cable monopoly here...
<giovani> hardly a world sampling :)
<twb> In .au most areas still use satellite
<giovani> yeah, we've got a sprinkling of ADSL2+ here as well
<giovani> but cable has a clear cost advantage per speed
<giovani> and fios/ftth is expanding, and is super-cheap per speed
<twb> Of course, in the city centers there is now ADSL2+, but most suburbs are ADSL1
<giovani> I think in NYC only Covad offers ADSL2+
<giovani> and it's pricey
<J-_> My WAN ip is dynamic, while my internal IP for my server is static. Should I be using, 'auto eth0' 'iface eth0 static'?
<giovani> 3-4x what I'm paying for cable of the same speed
 * ScottK is a big fan of the FIOS.
<giovani> J-_: no
<giovani> sorry, yes
<giovani> it should be static then
<JanC> giovani: if the cable monopolist restricts you to 20 GiB / month for 43 euro / month...
<J-_> Okay, whew.
<giovani> ScottK: yeah, too bad verizon sucks ass
<twb> giovani: cable requires laying new cables.  That's kind of expensive for most of .au's geography.
<giovani> twb: I wasn't suggesting cable for australia?
<ScottK> giovani: My alternative is Comcast which is MUCH worse IME.
<giovani> australia is probably going to see more WISPs
<giovani> ScottK: agreed
<giovani> once wimax pricing comes down a bit
<giovani> we'll see more regular wisps adopting it
<ScottK> I've actually had little trouble with Verizon.  The biggest service outage I've had is when Comcast cut the fiber running cable to the neighbors.
<giovani> they'll see speed gains over their old proprietary wireless systems
<giovani> ScottK: support is a nightmare, but, yeah, we have a 50/20Mbps link at work
<JanC> Wimax has the same problem as WiFi: it's shared
<giovani> cheap as hell
<giovani> JanC: "shared" is not accurate
<giovani> there will be no wireless protocols in this world that have dedicated frequencies per customer, that's not a flaw of a protocol
<giovani> but they are not "shared"
<giovani> because of the way frequency hopping is implemeneted in newer protocols
<giovani> wifi is not really used in the WISP world much
<giovani> most WISP equipment is proprietary, built on the 802.11a polling spec
<JanC> well, looking at what Wimax providers provide here, they do have a bandwidth problem...
<giovani> yeah, that's not a limitation of the protocol really
<giovani> that's a limitation of how much money they want to spend, and how they're going to engineer their sector antennas
<JanC> ADSL is the only technology here where you can get (almost) unlimited  trafic
<giovani> wimax equipment is still extremely expensive compared to the proprietary alternatives, so it's hard to justify the switch
<JanC> so, that's why I changed from cable to ADSL...
<giovani> yeah, US cable companies have started to implement a soft cap of 300GB/mo
<giovani> but it's not explicitly advertised, nor enforced as a hard cap
<giovani> not heard of DSL companies doing anything -- but their slower speeds would prevent much over 300GB/mo even at 24/7 usage
<JanC> if the local cable company would have provided a hard cap at 100 GiB, I wouldn't have changed  :P
<giovani> I abuse work's 50/20 fios
<giovani> peg about 30/10 of it 24/7/365
<giovani> no complaints from verizon :)
<JanC> but 20 GiB / month was jus t too limiting
<giovani> yeah, that would suck
<JanC> just updating jaunty every day would get you there I think...
<giovani> haha
<giovani> yeah, I push around 100-250GB/mo regularly on my home cable
<giovani> which is 10Mbps, and costs about $50
<giovani> /mo
<JanC> right, I think I will do about 100 GiB this month
<JanC> and maybe less next month
<JanC> and my ADSL2+ link is tuned at 15 Mbit/s
<JanC> and costs me about 35 euro / month
<orudie> how do you uncompress a .tar file ?
<giovani> that's good pricing
<JanC> a 15 Mbit/s cable connection would cost me 43 euro / month and after 20 GiB they would cap me at 3 KiB/s
<giovani> orudie: tar -xf file.tar
<giovani> or tar -xvvf file.tar if you want to see the progress
<JanC> and the 20 GiB / month cap is what really drove me away
<giovani> definitely understandable
<JanC> I'd happily pay 43 euro for cable if it had a reasonable transfer limit
<JanC> as cable is much more stable
<tsrk> Are there any packages upgrades that require a system reboot to take effect?  If so, how do I know if I need to reboot?
<JanC> tsrk: kernel upgrades are the most obvious example...
<tsrk> yeah, but what about ones that I don't recognize as such?
<tsrk> especially security updates that get installed automatically/
<JanC> tsrk: and in the next Ubuntu release there is an optional screen profile that includes a "you must reboot" indicator
<tsrk> where is that indicator?
<tsrk> on login?
<JanC> also, I hope you don't install updates automaticly on servers
<JanC> tsrk: not on login, but in a status line at the bottom
<tsrk> i do... (the "important security updates"), is that bad?
<JanC> there is a way to get this at login too (using MOTD)
<tsrk> ah ok
<JanC> tsrk: all this is about the next release though
<JanC> and I think installing security updates automaticly is bad on a server
<tsrk> well, most packages that are installed on my server are also installed on my desktop so at this point I just reboot my servers if one of my desktop updates that's also on my server requires me to reboot
<tsrk> why is that?
<JanC> I prefer reviewing the changes and think about what effects they could have on my server system
<tsrk> that's what i do with other updates
<JanC> if they don't impact the security of my server, but break functionality, I don't install them right away  ;)
<tsrk> so far i guess i've been lucky on the breaking functionality bit (or lack thereof)
<JanC> of course that means you must understand the real impact & dangers
<tsrk> hmm, yeah, sometimes i don't really know what all the updates are, i have to admit
<tsrk> well, that's actually more true on my desktop where i don't worry about it as much
<JanC> often I have to investigate too  ;)
<tsrk> ah ok
<ScottK> Subscribe to the security announcements.
<tsrk> is there a way to "de-upgrade"?
<tsrk> i am
<ScottK> Those will tell you if you need to reboot.
<tsrk> ah ok
<tsrk> that's ubuntu-security-announce@lists.ubuntu.com?
<JanC> ScottK: and most of the time they tell you what part of the software is impacted too
<tsrk> (that's the one i'm subscribed too)
<JanC> tsrk: right
<ScottK> tsrk: I think so.  I read them on RSS.
<tsrk> ok
<JanC> tsrk: but subscribing to a general security announcement list is useful too
<tsrk> non-ubuntu?'
<JanC> that way you can sometimes read about security issues before Ubuntu has a security release
<JanC> (even if Ubuntu is generally quite fast about security releases)
<tsrk> ok
<JanC> and subscribing to upstream security/announce lists is good too
<JanC> e.g. if you use web apps
<tsrk> ok, will do
<JanC> "subscribing" can be using mail or RSS (like ScottK prefers apparently) or whatever means, as long as you read it very regularly
<ScottK> Yes.  ubuntu-nl has an RSS feed for it.
<JanC> protocol isn't important, the information is
<ScottK> Agreed
<oh_noes> anyone know how to update /etc/apt/sources.list inside vmbuilder's "--exec script.sh"?
<oh_noes> Is it possible to install a package, but to tell apt-get which repo to use?  apt-get -mirror "http:/local/url" install my_package_name ?
<p_quarles> oh_noes: yes; iirc, the option is -t $repo_name
<oh_noes> Does that include the type? I mean main | universal etc
<oh_noes> I want my_package_name to come from $MIRROR and inside $REPO, or equivalent to  "deb http://local/rep nightly"
<p_quarles> oh_noes: in the repo name you gave, the release name would be "nightly"
<p_quarles> that's what apt-get -t would specify
<oh_noes> hrmm, my problem is my /etc/apt/sources.list is "deb http://local/ubuntu main"
<oh_noes> but I want to install a package, that reside its the equivalent of "deb http://local/repo nightly"
<oh_noes> I can't update sources.list .. so im hoping I can just pass it on the command line  to apt-get?
<p_quarles> oh_noes: well first of all, those aren't valid urls
<hads> wget the package and dpkg -i
<p_quarles> oh_noes: second of all, I already answered your question: apt-get  -t nightly $package-name
<p_quarles> hads: and if a package in an available repository overrides that for some reason, your solution fails
<hads> Okay, I'll go back to what I was doing.
<p_quarles> hads: :P ; don't be that way; I was just adding a point that could potentially be a problem; it's a decent solution
<hads> It's the only solution if "I can't update sources.list"
<oh_noes> p_quarles: yes I know they arent 100% valid, I just shortened them for IRC.
<oh_noes> p_quarles: how does $(apt-get  -t nightly $package-name) know to use http::/local/repo/
<oh_noes> I need it to use 'repo', not 'ubuntu' for the URL location
<p_quarles> oh_noes: google apt-pinning
<p_quarles> web sources will be far better than an irc explanation, hence my telling you to google it
<p_quarles> it's complex and not always perfect, but if your needs go beyond what -t can do, that's what you want :D
<oh_noes> thanks.
<^law^> hello
<^law^> does anybody know how to get list of services?
<giovani> what do you mean a list of services from where?
<maxagaz> hi
<maxagaz> how to ckeck the free space on a hard drive in order to extend the size of a partition ?
<didrocks> kirkland: I really like your idea on /var/lib/ecryptfs/$USER as a symlink on a removable media. You should blog something on it "Security in Ubuntu, what to do?" ;) (I didn't find anything similar, even in the Debian Security Guide)
<leonardo> hello guys
<leonardo> I need test my page from outside of my net
<leonardo> please type this
<leonardo> opensim.servehttp.com (serve ..no server)
<leonardo> can you see the page?
<tku> moin
<cemc> leonardo: connecting to...
<cemc> not working
<leonardo> grrr , thanks cemc
<cemc> firewall ?
<leonardo> I can't find the problem ..let me test...off the fire
<cemc> see if apache is listening on port 80
<cemc> netstat -nlp |grep apache
<cemc> sudo
<leonardo> yep, it is ... I am running this server on a virtaul machine...in xp
<leonardo> and..in my net...I can see just perfect
<leonardo> but ...from outside nothiing
<|HSO|SadiQ> I try to ssh into a server and I can't get color into the ls command...can anyone help me?
<leonardo> the ports ar open
<cemc> leonardo: virtual machine?
<cemc> like which one ?
<leonardo> virtualbox
<cemc> and what kind of networking did you set up for the guest ?
<leonardo> test it now cemc please
<leonardo> interface host
<cemc> nope, not working
<cemc> connection refused now
<cemc> you're getting closer :-)
<leonardo> hehe
<leonardo> I think...the virtual box is the problem
<cemc> |HSO|SadiQ: try ls --color=auto
<leonardo> because the no-ip works fine
<|HSO|SadiQ> that works...but not if I put it in .bashrc
<cemc> leonardo: the host is winxp, and guest is ubuntu?
<leonardo> I am on XP and I am runnig ubuntu in virtaulbox
<cemc> |HSO|SadiQ: what release is that you're ssh into? on my hardy there's an alias ls='ls --color=auto' when i log in
<cemc> leonardo: and you have that IP address on the virtualbox? and if you ping it from outside, it gets to the guest ?
<|HSO|SadiQ> 8.04 (I didn't install it)...and it has root user enabled(the guy that installed it is a debian user)
<|HSO|SadiQ> that alias works for root user...but not the normal one
<cemc> |HSO|SadiQ: what shell does the normal user have?
<leonardo> the no-ip account and soft are installed on ubuntu (virtaulbox)
<|HSO|SadiQ> echo $SHELL
<|HSO|SadiQ> /bin/bash
<cemc> leonardo: no-ip account ?
<leonardo> when I type the address (noip) opens my router setup
<leonardo> because i have dynamic ip
<|HSO|SadiQ> cemc, this is the user's .bashrc(for now): http://paste.ubuntu.com/125659/
<leonardo> cemc, can you test it one more time please
<cemc> leonardo: not working
<leonardo> ok, thanks anyway cemc ;)
<cemc> |HSO|SadiQ: I have the same thing in my .bashrc. can you check the file's permissions and owner?
<cemc> leonardo: if you try a ping from outside, does it reach your ubuntu guest? do you see it with tcpdump on eth0 ?
<|HSO|SadiQ> cemc, -rw-r--r--  1 hso  hso   499 2009-03-03 08:41 .bashrc
<leonardo> cemc: the ping are perfect...this is very strange
<cemc> |HSO|SadiQ: and what does echo $TERM say ?
<|HSO|SadiQ> xterm
<cemc> it sould work, hm
<cemc> leonardo: and you really sure that apache is listening on 190.138.162.68:80 ?
<leonardo> yep, are listening on 80 port ... is there another file to set up?
<leonardo> wich .conf because apache2 ...tells me..he is listening on 80
<cemc> leonardo: don't look at the conf, look at netstat output
<drbobb> hey, it's been a while since i built kernels on my own.. how com are the *.ko files produced by building with make-kpkg a whole LOT larger than those that come with a binary linux-image package?
<drbobb> and i do mean a LOT, like 6x or so
<mufasis1> can anyone help me real quick im trying to install ubuntu server on a proliant dl320 with raid1
<mufasis1> im at the partitioning part
<mufasis1> anyone here
<mufasis1> ?
<cemc> mufasis1: what do you want to know?
<mufasis1> how i should partition and if i should use lvm
<mufasis1> in the bios of the server its setup as raid1
<mufasis1> it has two identical 80gb HD
<mufasis1> im kinda confused how i need to do the partitions though
<mufasis1> if i let ubuntu decide it will just do / and a swap
<mufasis1> is it better to manually do individual partitons for /var /home /usr etc?
<cemc> mufasis1: well, that's up to you, what do you use that server for, what are your preferences, etc
<_ruben> there's no general best way of partitioning a machine
<drbobb> i'd say that kind of depends on what you'll be using that machine for
<_ruben> !best
<ubottu> Usually, there is no single "best" application to perform a given task. It's up to you to choose, depending on your preferences, features you require, and other factors. Do NOT take polls in the channel. If you insist on getting people's opinions, ask BestBot in #ubuntu-bots.
<mufasis1> well i got this server for free and its kinda of a project to learn so i want a basis for web hosting and file hosting on my network
<cemc> mufasis1: I usually just have a / (20gb), and a /store, without lvm
<mufasis1> i want some secure
<mufasis1> something*
<mufasis1> im still kinda confused is LVM using for raid or how does that work
 * _ruben doesnt have a single box without lvm :p
<_ruben> !lvm
<ubottu> Tips and tricks for RAID and LVM can be found on https://help.ubuntu.com/community/RaidConfigurationHowto and http://www.tldp.org/HOWTO/LVM-HOWTO
<_ruben> lvm really doesnt have anything to do with raid (other than that lvm has some support for raid0 (which isnt raid))
<drbobb> if you plan to serve filesystems on the LAN via nfs, it definitely is better to make the exported tree a separate partition
<mufasis1> that raid link is broken
<cemc> it's working for me, maybe you did a wrong copy-paste ;)
<_ruben> searching for raid configuration on help.ubuntu.com yields quite some articles
<simplexio> mufasis1: something secure ? 2*hd, then use raid1 + dmcrypt
<amel_enis> HELP:i have a problem in mysql :ubuntu server8.10.
<amel_enis> can I explain my prb?
<amel_enis> I instaled ubuntu server 8.10 so the lamp too
<simplexio> amel_enis: usually its only way to get help. in future you can start converstaion. hey, i have problem, my mysql wont start. it gives me error X .. all in same line
<amel_enis> but when i configure the database ,i have this message:Starting MySQL database server mysqld                                                                                                             [fail]
<amel_enis> yhanks
<amel_enis> ths
<amel_enis> ok
<amel_enis>  I try to reconfigure mysql server but the prb persist
<amel_enis> i try to remove mysql server in synaptics (remove all) and to reinstall, but the prb persist
<amel_enis> i can send the log
<simplexio> amel_enis: i dont use mysql , but if i recall right you need to do some pre-start stuff like create db, and users
<simplexio> amel_enis: throw log into pastebin
<amel_enis>  /etc/init.d/mysql start
<amel_enis>  * Starting MySQL database server mysqld                                                                                                             [fail]
<amel_enis> amel@ubuntu:~$ tail /var/log/syslog
<amel_enis> Mar  3 10:41:48 ubuntu mysqld[18100]: InnoDB: The error means mysqld does not have the access rights to
<amel_enis> Mar  3 10:41:48 ubuntu mysqld[18100]: InnoDB: the directory.
<amel_enis> Mar  3 10:41:48 ubuntu mysqld[18100]: InnoDB: File name ./ibdata1
<amel_enis> Mar  3 10:41:48 ubuntu mysqld[18100]: InnoDB: File operation call: 'create'.
<amel_enis> Mar  3 10:41:48 ubuntu mysqld[18100]: InnoDB: Cannot continue operation.
<amel_enis> Mar  3 10:41:48 ubuntu mysqld_safe[18106]: ended
<amel_enis> Mar  3 10:42:01 ubuntu /etc/init.d/mysql[18259]: 0 processes alive and '/usr/bin/mysqladmin --defaults-file=/etc/mysql/debian.cnf ping' resulted in
<amel_enis> Mar  3 10:42:02 ubuntu /etc/init.d/mysql[18259]: Could not open required defaults file: /etc/mysql/debian.cnf
<amel_enis> Mar  3 10:42:02 ubuntu /etc/init.d/mysql[18259]: Fatal error in defaults handling. Program aborted
<amel_enis> Mar  3 10:42:02 ubuntu /etc/init.d/mysql[18259]:
 * simplexio slaps amel_enis 
<Hellsheep> Would have been better to pastebin it
<simplexio> amel_enis: not that way
<Hellsheep> pastebin.com
<simplexio> amel_enis: usually you paste those long log files into pastebin.com, then paste link to content
<Hellsheep> Random question, is here a good place to ask how to use a Linux Server as a "router" so to speak.
<simplexio> amel_enis: and problem is that you dont have permission to execute it, try sudo /etc/init.d/mysqld start ? oor similiat
<simplexio> Hellsheep: dont know about good places, but you can try iy here
<Hellsheep> Well, basically i am planning on setting up my Ubuntu server to be more than just a standard server on the network
<Hellsheep> I was planning on routing the net through it to abuse IP tables or something similar to that to record bandwidth or download usage on my network
<amel_enis> ok i try this: the result: sudo /etc/init.d/mysqld start
<amel_enis> [sudo] password for amel:
<amel_enis> sudo: /etc/init.d/mysqld: command not found
<Hellsheep> But the problem i have is that i have never done anything like that, and i don't know if it's as simple as plugging the modem into the server, then plugging a ethernet cable into a router from the server and then using a router to route the connections through that.
<domas> amel_enis: 'mysql'
<simplexio> amel_enis: look for mysql something file in /etc/init.d/
<Hellsheep> I know it'd take a bit of configuring, but where do i start?
<simplexio> Hellsheep: i havent done that kind router systems before, i use transparent bridge my self. but it should be easy. attleast that connection sharing
<amel_enis> the same result
<amel_enis> amel@ubuntu:~$ sudo /etc/init.d/mysql start
<amel_enis>  * Starting MySQL database server mysqld                                                                                                             [fail]
<amel_enis> amel@ubuntu:~$
<_ruben> amel_enis: do you have the file /etc/mysql/debian.cnf?
<Hellsheep> Also, what kind of Network card would i need?
<Hellsheep> Because i'm sure a single 1 port ethernet wont work
<amel_enis> no
<_ruben> Hellsheep: any card would do really
<Hellsheep> I need a network card that would allow information to be passed into the server from the modem, then route the internet out into the router to the other computers
<simplexio> Hellsheep: something that works :), you need just 2 ethernet card on computer , im assuming that adsl box has ether connection
<Hellsheep> Do you know of anything that would be helpful?
<Hellsheep> Sure does
<simplexio> Hellsheep: modem ?
<Hellsheep> IConnect Access 621
<Hellsheep> And they both use ethernet to connect to each other atm
<Hellsheep> So would i be able to use the onboard ethernet then a PCI ethernet
<Hellsheep> or would i need 2x PCI
<Hellsheep> Because i know sometimes it conflicts and PCI overrides the on board
<Hellsheep> so sometimes on board doesnt work if there is a PCI installed
<amel_enis> yes i have etc/mysql/debian.cnf
<simplexio> Hellsheep: cant help with bad hardware, but in theory its easy. some interface which has internet , then N interfaces which have connection which you want (ethernet usually), add iptables NAT and it should work
<_ruben> amel_enis: it appears to be a rights issue .. purge mysql-server (not just remove, purge removes configs as well), then reinstall
<amel_enis> my be i try this but I try this again
<Hellsheep> simplexio, i take it you're referring to the shitty OpenNetworks modem? ;P
<amel_enis> thks
<Hellsheep> Oh, i have to ask this
<Hellsheep> Is it possible to shutdown my ubuntu sever and save a image so when it next boots, it reloads all the processes that were running etc
<simplexio> Hellsheep: i think suspend to disk does that
<Hellsheep> That would save me starting up the processes one by one each time, because my rc.local doesnt seem to work
<simplexio> but i dont use that stuff at all on my computers so cant help with that.
<Hellsheep> Hmmm
<Hellsheep> Okay
<Hellsheep> and is it normal
<Hellsheep> if i start up a process in console
<Hellsheep> for when i close console, the process closes also
<simplexio> Hellsheep: for normal programs, yes
<simplexio> Hellsheep: if you start programs in daemonixed mode then they dont die
<Hellsheep> I see
<Hellsheep> Ty
<simplexio> i dont recall right words it. but it has somehting to do with parents,child, forking, threads and job control
<simplexio> Hellsheep: but if you want run some program that dosent have option to daemonize it all times, you can start console , then screen and then under screen start for an example top, or iptraf etc...
<simplexio> Hellsheep: and when you kill console, screen and stuff under it keep on runnign
<amel_enis> hi
<amel_enis> i try and this is the result:amel@ubuntu:~$ sudo apt-get --purge remove mysql-serverLecture des listes de paquets... Fait
<amel_enis> Construction de l'arbre des dÃ©pendances
<amel_enis> Lecture des informations d'Ã©tat... Fait
<amel_enis> Les paquets suivants ont Ã©tÃ© installÃ©s automatiquement et ne sont plus nÃ©cessairesÂ :
<amel_enis>   libstrigiqtdbusclient0 libclucene0ldbl mesa-utils libwildmidi0 libqca2
<simplexio> amel_enis: use that pastebin when you paste more that one line
<amel_enis> sorry it s my first use ,then i dont know how use pastebin
<_ruben> nor do i know enough french to understand a word of that output
<simplexio> and i recommend using english as default language on system. there is much more ppl whoi can help you
<amel_enis> then any idea???
<amel_enis> to resolve my problem
<simplexio> did you try to reisntall stuff?, dpkg-reconfigure mysql could help
<simplexio> or not
<amel_enis> i try this but the same result
<simplexio> im familiar only with postgresql
<amel_enis> not prb ,ths
<simplexio> i think there is some howto setup mysql for ubuntu in net. my best quess is that you havent done something that you should have
<amel_enis> ok
<Hellsheep> simplexio
<Hellsheep> Do you know if my system will work if i use onboard ethernet for one and PCI ethernet card for the other
<Hellsheep> Because it will register two network interfaces right?
<Hellsheep> eth0 and eth1
<Hellsheep> hopefully?
<Hellsheep> Is anyone familiar here on how to set up a system that the modem sends the internet information into the server computer via ethernet, the server then sends it out to a router via another ethernet card and then the router transmits the data and routes it to all the computers on the network
<Hellsheep> If you are, i could really use some help on setting up the network cards.
<oCean_> Hellsheep: forums seem to be down (I get database error) I think that searching for "bridge" should give some helpful info
<Hellsheep> Thanks.
<Hellsheep> :)
<Hellsheep> I'll have to search tomorrow i guess.
<Hellsheep> Seems the forums are down for the long run. =P
<Hellsheep> Thanks though.
<oCean_> When searching through google, links might be available by clicking on 'in cache'
<oCean_> well, partially available anyway.
<Hellsheep> Yeah, i noticed. :D
<Hellsheep> Thanks guys
<simplexio> henkjan: da
<incorrect> I am trying to find what package might have socketbits.h
<_ruben> incorrect: apparently none: http://packages.ubuntu.com/search?searchon=contents&keywords=socketbits.h&mode=exactfilename&suite=intrepid&arch=any
<incorrect> thanks,  I did that too, i just thought i must have done something wrong
<kirkland> didrocks: ;-)  sure, I'll do that
<calin> hello
<calin> can anyone help me with a postfix problem: I send email form PHP scripts which are suexeced and i want to add the Sender header to the email with the user which is sending the email
<ScottK> calin: Sender is part of the body of the message.  Not postfix's problem.
<calin> ScottK: in DomainKeys sepcification it says that A conforming email MAY contain a single RFC2822 "Sender:" header from which an email address with a domain name can be extracted.
<ScottK> calin: This is true, but postfix doesn't mess with the RFC2822 body.
<ScottK> That doesn't mean the MTA should insert the header, but that it may be present.
<calin> ScottK: aham, but do you know how can i set this header before sending the email? because if i only set the From: header the mail ends up in the spam folder
<ScottK> calin: Also you should probably be spending your effort currently on DKIM, since even Yahoo! is switching.
<ScottK> You need to do it in your PHP script.
<calin> I already installed DKIM (and it's working good for gmail)
<calin> ok
<ScottK> It's also very unlikely to change the result, but that's a separate issue.
<calin> thanks
<piti> hi. I'd like to install debugging symbols for php5 on hardy, but there isn't any package for it. I show there was one for intrepid. Have I a way to retreive symbols when I have a crash ?
<JanC> piti: do you have the repositories listed here: https://wiki.ubuntu.com/DebuggingProgramCrash ?
<piti> hum, I guess no. ddebs are for debugging ?
<_ruben> yes
<piti> thanks. I didn't know that debug syms were on separate repos
<uvirtbot`> New bug: #337255 in apache2 (main) "apache2 mod_proxy race condition" [Undecided,New] https://launchpad.net/bugs/337255
<domas> hi! how do I find out how loaded my I/O subsystem is? (another tricky question)
<_ruben> iostat, as part of the sysstat package
<incorrect> vmstat is your friend
<dmaran> Anyone point me to a good explanation of "compat" in the NIS nsswitch.conf
<dsmith-work> dmaran: http://www.daemon-systems.org/man/nsswitch.conf.5.html
<JanC> dmaran: did you read the manpage?
<JanC> especially the "Interaction with +/- syntax (compat mode)" topic
<dmaran> Yes, I read the man page.
<dmaran> I am trying to grasp what it means though, so it is saying that it uses NIS first but just adds the options associated with +/- ?
<dmaran> as +::::: is everything from NIS so compat just says ok you can block JoeUser?
<dsmith-work> (my understanding) compat means files but also using +- syntax in files.
<nealmcb> !screen
<ubottu> Screen is a window manager for terminal sessions, also useful over SSH. The 'screen-profiles' package provides very useful additional utilities. See https://help.ubuntu.com/community/Screen
<Jeeves_> Hi all!
<Jeeves_> Anyone here ever used the iscsi-function in the installer?
<Jeeves_> (Hardy, that is)
<dsmith-work> Nice.  Didn't know there was an info bot in here.
<maDChoPR> what is the recommended DNS server for Ubuntu server?  Bind or OpenDNS ?
<maDChoPR> nevermind
<LMJ> I used to pick dnsmasq maDChoPR
<Vog-work> maDChoPR: I recommend avoiding the PITA that is admining you own DNS server and let zoneedit.com do it for you for free. Well free as long as you have less than 5 tld..
<domas> unbound!
<domas> Vog-work: I find that most of those services don't support LOC records! :(
<Vog-work> domas: For me zoneedit handles everything I need it to, it's capable of more htan what more DNS services can do.
<Vog-work> domas: Yeah I don't see an immeadiate setting for loc records but apparently loc records are available from them on a pay basis. No details on how to follow up on that though.
<nealmcb> kirkland: note that ljl didn't want to put "screen-profiles" in the main version of the screen factoid partly since it isn't in an active release yet.  but it is noted in the factoid when the request comes from #ubuntu-server
<maDChoPR> so let me explain a predicament i'm in.. Our ISP supplied a router that they control and won't let us access.  It offers DHCP addresses to everyone.  If i have a static address on the network it can't get passed the router.  I would like to be able to use Bacula to backup the hosts on our network... but the hosts receive a DHCP address.  I was told i could use hostnames but that I need a DNS for the hostname resolution on our ne
<maDChoPR> i was actually planning on running my own DHCP server and DNS in house
<maDChoPR> and natting that through a firewall that i also build... into the router supplied through our ISP
<giovani> double NAT
<giovani> = messy messy
<giovani> what type of connection is this? and in what country?
<maDChoPR> i'm in ohio
<maDChoPR> united states
<maDChoPR> and it's just a crappy dsl line
<maDChoPR> yea, it would be a double nat, your right.
<maDChoPR> one nat i have no control over, and my firewall would be hooked into it -- the second nat would be on the firewall itself serving the rest of my computers
<maDChoPR> please note that connectino from our ISP is free.. it's for promotional purposes for the ISP
<maDChoPR> we've had the connection for more than 6 years now.
<maDChoPR> giovani: any advice would be helpful, any clarification you need please ask.
<maDChoPR> it wouldn't be NAT'd in parrellel though... if that's what you mean, the NAT from the router to the firewall, then the firewall will supply NAT to the rest of the network ... it should work from what i am thinking.
<maDChoPR> this is only until we get a real service provider where we can controll the router
<maDChoPR> that could take a year or two though
<giovani> is the router and modem one item? or are they separate?
<giovani> maDChoPR
<Vog-work> double NAT is messy but it would be the most simple solution if the bacula system is on the same network.
<Vog-work> the moden could then be treated as a dumb modem.
<giovani> well, if the router is a separate device ... the most simple solution is to replace it and forge its MAC address :)
<JanC> giovani: what's the problem with double NAT ?
<Vog-work> That's true, if the bacula system is on the other side of the router dyn DNS would have to be setup to account for the IP address changing.
<giovani> JanC: sigh, it's horribly messy, NAT alone is messy
<giovani> I don't want another pedantic argument though, so I'm leaving it at that
<Vog-work> giovani: It's nescesarry with Todays limited IP space.
<giovani> Vog-work: yes, but double-nat isn't
<giovani> the bottom line is -- there's probably a way around this, so, settling for the easy, yet bad route, is not one I would advise
<Vog-work> In this situation it is. I know of other people who use double NAT as a form of network obfuscation when used in vonjunction with the MAC spoofing you suggested.
<drbobb> aaghhh i'm getting a machine check exception panic on my desktop workstation
<Deeps> needs moar ipv6
<giovani> Vog-work: what is "network obfuscation"?
 * Vog-work Hopes drbobb keeps good backups
<drbobb> the message says it's a hardware failure, but two hours of googling have failed to answer what actually might be failing
<Vog-work> giovani: Basically a practice where you use NAT to hide services that are running on you network from external hosts. A poor mans firewall.
<Deeps> very poor man
<giovani> Vog-work: I don't know how that relates to double-nat, but ok
<giovani> most NAT implementations ARE firewalls also
<Vog-work> Deeps: Agreed, At the time I asked why and ther was a logical answer I don't remember.
<giovani> default ingress deny, egress allow, with connection state tracking
<giovani> that's how 99.9% of nats are ... and that's a firewall
<Deeps> Vog-work: "dont know how to setup a stateful firewall, default inbound deny, default outbound accept" is the only logical answer i can think of, heh
<drbobb> Vog-work: the machine passes fsck ok, but panics soon after
<Vog-work> giovani: I'm not promoting use of the idea, just mentioning what I have seen out in the wild.
<giovani> Vog-work: but double-nat doesn't accomplish that, single-nat will just fine -- so I'm unclear how that relates to this particular situation
<Vog-work> giovani: It dosen't it was a point of conversation.
<giovani> ok ...
<giovani> well back to maDChoPR's problem -- I'd like to know if the modem and router are separate devices, if so -- there is a much easier solution
<Vog-work> giovani: Double nat might be necessary if the router and modem are the same device. Wait's for maDChoPR 's response.
<giovani> Vog-work: well, technically not -- ADSL is a standard, he can always replace the modem and router together, but, that's more trouble, because it requires buying hardware
<giovani> or *gasp* switch ISPs
<Vog-work> It would also require the ISP to provide account information to allow the modem to connect.
<giovani> only if they're using PPP
<giovani> they may not be ... it'd probably be faster to just brute force the router's password
<Deeps> can usually dump the current modemrouter's config and pull it out
<giovani> Deeps: except that he doesn't have access
<Vog-work> Yeah, I don't htink that's something the general user really knows how to do.
<giovani> yeah ... this isn't a general-user situation
<giovani> a general user wouldn't need to run their own dhcp
<Vog-work> Bull crap, general users do that every day to allow internet connection sharing.
<giovani> uh ... regular users wouldn't have a problem using the built-in dhcp in the router
<giovani> 100% of them do
<giovani> a regular user has no clue what dhcp is
<giovani> much less a desire to run their own server
<Vog-work> And neither would maDChoPR if he had access to it.
<giovani> agreed
<giovani> but he's not a general user, obviously
<Deeps> so how does his adsl router relate to ubuntu server exactly? ;)
<Deeps> (getting back on topic ;)
<Vog-work> Yeah but having the knowledge to setup a dchp server and the knowledge to dump a config from *any* modem router is fairly different.
<J-_> I'm trying to setup my interfaces file once again. Is the 'network xxx.xxx.x.x setting my router's IP?
<giovani> J-_: no
<giovani> read the manpage -- we went over this for over an hour yesterday
<J-_> No, you argued about it with 2 or 3 other people about it yesterday.
<giovani> no? we didn't
<J-_> Heh
<giovani> you clearly weren't listening ... do we need to paste logs? just read the documentation provided for the file
<cemc> don't waste your breath :)
<Vog-work> giovani: Why don't you just paste RTFM every time soneone asks for help it would be a lot simpler and a lot less antagonistic.
<giovani> Vog-work: were you here yesterday when we walked him through it? if not ... then you're not in a position to be lecturing
<giovani> it's one thing to explain it, in great detail once
<Vog-work> I'm just going off of personal experience. The last few days. Personally I like it when people adopt ubuntu as a platform and try not to scare them away when they ask for help.
<drbobb> heh, seems quite a few ppl have experienced the same MCE panic, with the exact same code
<ewook> morning all.
<drbobb> but google finds only questions and no answers:(
<giovani> Vog-work: likewise, as long as the help is reasonable -- I've had no less than 5 people in here yell and scream anytime someone talks about an ubuntu package that relates to a gui, because this is #ubuntu-server -- if I help someone do something non-ubuntu related once, and they come back for the same information again, they're not going to get another personal explanation
<Vog-work> giovani: Agreed, let someone else help them. I'm not disputing the fact people need to look stuff up, I'm pressing for no response instead of calling someone out for not learning fast enough.
<maDChoPR> giovani: the router and modem are seperate items
<maDChoPR> giovani: sorry - running around
<giovani> maDChoPR: great, then chances are (no guarantees), that you can simply forge the MAC address of the router, and take it out
<giovani> you may not even have to do that ... but it's probable that you will
<giovani> Vog-work: well, we differ on that -- I think that just ends up in a constant cycle where they find someone new who wasn't here the past X times they asked for extremely basic help that was given
<maDChoPR> giovani: well, i don't want to get on my ISP's bad side... when you say 'take it out' do you mean the current router?  that might cause alarm on my ISP's end.
<giovani> yes, I do mean that
<giovani> I would advise against any solution involving double NAT
<giovani> strongly
<giovani> you're clearly free to go that route ... but I think it's a horribly bad solution where a simple one exists
<ewook> giovani: yes and no. first NAT with a DMZ, second nat with 'ppl' behind :)
<giovani> ewook: nope
<maDChoPR> giovani: understood regarding double nat; what exactly is the simple solution?  taking out the router that my ISP put into place isn't a choice.
<Vog-work> giovani: Yeah I've watched that happen, but over the years as an OSS and linux advocate I've found that if you press too hard on self help you can make anti linux zealots.
<giovani> maDChoPR: that's the simple solution -- I've done it dozens of times
<maDChoPR> ewook: that is what i plan on doing
<giovani> Vog-work: I don't believe one has that much control over an individual, anyone who turns out that way was doomed to begin with, imo
<Vog-work> giovani: people eventually learn how to help themselves, not everyone is a self starter, it's a common problem for managers.
<ewook> maDChoPR: could work, but adds trouble - and that's prolly what giovani speaks of.
<Vog-work> maDChoPR: Your ISP shouldn't even know about it it sounds like they just don't want to have to support your network.
<J-_> How do I determine my 'iface eth0 inet static' interfaces entry?
<J-_> ifconfig doesn't show it.
<maDChoPR> alright, thank you, what if my ISP tries to log into the router?
<maDChoPR> i'm not trying to create bad ground between my business and the router
<maDChoPR> er i mean the ISP
<Vog-work> maDChoPR: Just fake that your having netowrk issues your self and swap the router back in... :)
<giovani> your isp is violating your consumer rights
<giovani> virtually no isps do this except the ones that cater to shit-stupid client companies
<Vog-work> giovani: not sure about that it is a free service....
<maDChoPR> giovani: it's free internet, we aren't a consumer.. they give us internet to market to the wireless community in this area.
<giovani> Vog-work: what?? an ISP is NOT a free service
<giovani> free internet?
<giovani> oh no
<Vog-work> giovani: see maDChoPR 's explanation above
<giovani> please don't run your business on free wireless
<maDChoPR> we have a partnership.. they give us free internet and they market to our patrons in house.
<ScottK> giovani: Also 'consumer rights' varies widely in different legal jurisdictions, so the odds of you knowing if someone else's rights are being violated are probably pretty low.
<maDChoPR>  giovani well it's not wireless we're using.. it's the wired part of the wrtg that we use.
<giovani> ScottK: I didn't mean legally, consumer rights is a term used to discuss fair practices, as established by consumer advocates
<J-_> !interfaces
<ubottu> Sorry, I don't know anything about interfaces
<ScottK> That's also a term that has different meanings in different palces.
<giovani> J-_: man interfaces
<maDChoPR> giovani: thanks for the talk though.. makes me want to push my business into getting it's own internet connection for once and for all.
<J-_> I have
<giovani> maDChoPR: I recommend it -- it's not a good thing to not have control like that
<giovani> if you need cheap business-friendly dsl
<giovani> look at speakeasy
<giovani> they're far more liberal than most ISPs
<maDChoPR> i don't think speakeasy serves in my area :(
<giovani> ah
<giovani> newedge?
<maDChoPR> i used speakeasy on the west coast
<maDChoPR> i will look into newedge
<giovani> speakeasy delivers whever covad is -- so just worth looking it up
<giovani> http://www.newedgenetworks.com/
<maDChoPR> yea, i think i tried just recently our zip code on speakeasy's site.. i'll try again
<giovani> ah ok
<giovani> they usually want a phone number, not a zip
<maDChoPR> ah can't remmber the details...
<maDChoPR> will re-look
<giovani> because the CLEC is based per CO, rather than for a whole area
<giovani> maDChoPR: have you considered explaining the predicament to your isp?
<giovani> and trying to negotiate the use of your own router
<leonel> scottK  Being registered in alitoh for clamav  what can I do there ??
<ScottK> IIRC it gives you access to the Git repo for the packaging.
<ScottK> Which I desparately need to update for Ubuntu stuff.
<leonel> ok
<leonel> so just get the git   or  update too ?
<maDChoPR> giovani: i have tried to open a dialogue with the ISP.... my understanding is that the backend are all on crack and i don't want to deal with them anyway.
<maDChoPR> the frontend guys seem nice though.
<giovani> sounds like a company you'd want to do business with :)
<ScottK> leonel: If you can update the Ubuntu branch that'd be reat.
<maDChoPR> i know their backend guys are fueled not by caffiene but with meth
<giovani> J-_: this is the example in /etc/network/interfaces by default -- can you figure things out from here? http://www.pastebin.ca/1352138
<maDChoPR> speakeasy can't locate me!
<maDChoPR> lol
<giovani> locate you?
<giovani> you put in a valid landline phone number
<maDChoPR> yea, still nothing
<maDChoPR> we got different numbers, let me try those
<leonel> scottK because I've been told that I can  update the  cherokee  branch
<giovani> or try http://www.covad.com/
<ScottK> Great.
<leonel> so let me see what I can do ..
<leonel> worst thing can happen is to get banned :-P
<ScottK> leonel: The branch should be updated to have each Jaunty upload as a separate commit.
<leonel> scottK ol
<leonel> ok
<maDChoPR> giovani: covad found it and doesn't offer it in my area.. newedge check happenign now
<giovani> maDChoPR: ah ok
<Vog-work> J-_: Pretty good document covering a lot of command line net config under ubuntu https://help.ubuntu.com/7.10/server/C/network-configuration.html
<maDChoPR> giovani: newedge covers our area though
<giovani> maDChoPR: alright, well those were just two I have worked with -- there are others, I'm sure, I'd also look into any fiber services like fios or uverse
<drbobb> ok so i presume nobody has any help to offer on diagnosing MCEs
<giovani> those are really cheap given the speeds they deliver
<giovani> drbobb: MCEs?
<drbobb> machine check exceptions
<giovani> ah, nah, sorry
<giovani> other than to know that they're usually failing hardware
<maDChoPR> yea, newedge seems a little weird at first look!  earthlink email addresses??
<giovani> cpu/memory usually
<giovani> maDChoPR: earthlink owns them
<drbobb> it's pretty clear i must replace some h/w but i have no idea which piece
<giovani> maDChoPR: I'm not recommending them or anything -- definitely evaluate your options
<giovani> drbobb: yeah ... I think you just have to do testing
<giovani> drbobb: there are cpu and memory testing apps
<drbobb> actually my guess would be the mo-bo
<maDChoPR> giovani: ahh rad thanks for that statement.
<Vog-work> drbobb: Have you run  a memtest86+ on the system yet?
<drbobb> but that's just as good as dumping the whole pc
<drbobb> Vog-work: sure i did, for an hour or so
<drbobb> no errors were reported
<Vog-work> HOw old is the motherboard?
<drbobb> (on a regular boot it takes 2or 3 minutes to panic)
<drbobb> uh, about 3 or 4 ys.
<Vog-work> I was getting MCE's on another machine that was getting blown capicitors
<drbobb> the capacitors look fine at first glance
<drbobb> i tried moving the ram chips around, and removing 1 or 2 of them
<drbobb> but it made no difference
<Vog-work> Check for bulging on the tops of them check under good light sometimes it is hard to see.
<drbobb> (sigh) i'll probably have to dump the whole deal
<Vog-work> If it's ram cpu or mobo problems it is very difficiult to diagnose. ONly other thing I can thing of is if the hard drive is failing and swap space might me corrupted.
<Vog-work> All in all it's a lot of work to figure out.
<ScottK> drbobb: If it's 3-4 years old it's already used up most of it's design service life and you may be better off just to get a new motherboard.
<drbobb> well i ran smart tests not too long ago and the drive was reported as ok
<drbobb> ScottK: yeah but that basically amounts to buying a whole new system
<Vog-work> SMART is crap, hd manufacturers cripple it so that they don't have to warranty drives as often.
<ScottK> Could be.  I don't know what the business cost of spending a lot of time sorting it out is.
<Vog-work> drbobb: hardware is really cheap nowadays, depending on your needs.
<drbobb> cheap as in bang for buck - yes. cheap as in low-reliability: even more true
<J-_> What's a good program, or script to use with afraid.org DNS entries and Hardy?
<Vog-work> J-_: I'm not sure what you are asking for.
<maDChoPR> where would i go for recommendation for ISP's .. my first choice is speakeasy.net
<maDChoPR> i realize thi smay not be the right channel for this question
<axisys> just install a server with software raid .. but dmesg is complaining about md
<axisys> http://pastebin.com/f1d5cb7dc
<axisys> mdstat is not showing any activity http://pastebin.com/f5061dcac
<axisys> sda1 is showing faulty http://pastebin.com/f5d6d5af7
<docta_v> are there any utilities that will allow you to audit /proc on two similar systems and list any relevant differences?
<amel_enis> hi:help:i install ubuntu server 8.10 and i have this prb:**http://paste.ubuntu.com/125950/ ***and the log is:http://paste.ubuntu.com/125984/
<amel_enis> anyone to help me
<amel_enis> please
<giovani> everything is in french
<giovani> can't really read it
<amel_enis> yes
<giovani> #ubuntu-fr?
<amel_enis> i haven t a solution
<amel_enis> there
<giovani> sorry
<amel_enis> not prb
<drbobb> it's not hard to read, the key lines are in English
<drbobb> but i haven't seen this error before
<giovani> drbobb: I was taking into consideration the eventual language gap in troubleshooting
<drbobb> Can't create test file /home/mysql/ubuntu.lower-test
<drbobb> looks a little suspect
<drbobb> that's a nonstandard location, perhaps /home/mysql doesn't exist at all?
<drbobb> amel_enis: what does `getent passwd mysql' return?
<amel_enis> this the result:http://paste.ubuntu.com/125997/
<jimmygoon> Any major show stoppers that would make anyone strongly recommend against intrepid for a server... (its just a personal tickering playground, nothing "mission critical")
<giovani> jimmygoon: none at all -- everyone I know does
<amel_enis> drbobb:i send the result any idea
<drbobb> amel_enis: i don't think you read me correctly
<blue-frog> amel_enis: getent passwd mysql  not passwd mysql
<amel_enis> ok
<amel_enis> http://paste.ubuntu.com/125999/
<amel_enis> blue-frog: any idea please
<amel_enis> drbobb:I send the result
<ScottK> jimmygoon: The only warning I would give is try it in the Live CD first.  I've had kernel problems on some hardware.
<jimmygoon> ScottK, too late. its already made :P
<jimmygoon> ScottK, plus they offer as a standard config so I'm not worried about that. thanks for the heads up though
<drbobb> hmm then i don't know why InnoDB was looking for /home/ysql
<amel_enis> ????????????
<ScottK> If it's hosted, then yes, I wouldn't worry.
<drbobb> rather /home/mysql
<drbobb> amel_enis: i understand you have no data under mysql at the moment, yet?
<amel_enis> yes
<drbobb> i would suggest purging mysql-server-5.0 and installing it again
<amel_enis> i try this solution but the problem persist
<drbobb> ie. apt-get --purge remove mysql-server-5.0
<amel_enis> yes i try this command
<drbobb> you sure you included --purge?
<amel_enis> yes
<amel_enis> i sure
<amel_enis> and i reconfigure mysql but the problem persist
<amel_enis> i try many method to remove mysql and begin
<amel_enis> but the problem persist
<amel_enis> NOTE :/home in another partition
<drbobb> amel: what is in /var/log/syslog just above the lines you put in the pastebin?
<amel_enis> 1 min
<amel_enis> http://paste.ubuntu.com/126005/
<amel_enis> the /home in alone partition
<jimmygoon> hum, now for apache2 vs lighttpd vs nginx
<JanC> vs. cherokee vs. ...  ;)
<jimmygoon> lol I think I'll probably just go with apache2 for now
<amel_enis>  drbobb:any idea
<drbobb> amel_enis: those are the same lines as before, i asked about what comes before them in the logfile
<amel_enis> 1 min
<amel_enis> http://paste.ubuntu.com/126006/
<drbobb> (sigh) that's a later piece not an earlier one, you do realize that the file is growing often
<drbobb> I was wondering what came before the line that says "InnoDB: the directory."
<amel_enis> 1min
<amel_enis> http://paste.ubuntu.com/126009/
<amel_enis> drbobb:the /home in a alone partition
<drbobb> ok, that doesn't matter
<drbobb> the point is, mysql has no business to be looking for /home/mysql, which probably doesn't even exist
<drbobb> or does it?
<drbobb> try `ls -ld /home/mysql'
<amel_enis> ok
<amel_enis>  ls -ld /home/mysql
<amel_enis> drwxr-xr-x 3 mysql root 4096 2009-03-02 22:05 /home/mysql
<drbobb> oh, where did that come from?
<drbobb> was there a mysql previously installed on that machine?
<amel_enis> but i desinstall mysql
<amel_enis> and reinstall
<amel_enis> if i anderstand your question
<drbobb> yes, right
<amel_enis> and the problem persist
<amel_enis> :'(
<amel_enis> drbobb, any idea????????
<amel_enis> please
<drbobb> mysql's install script are pretty hairy, i don't think i can figure out what's wrong
<drbobb> amel_enis: the bug that hit you seems to have been reported already
<drbobb> although it's not quite the same, as it doesn't seem you were trying to change the defaults in mysql in any way
<drbobb> hmmm
<amel_enis> ok
<drbobb> amel_enis: is /var/lib/mysql a symlink, by any chance?
<DragonLord-> How do I check when I installed Ubuntu Server?
<amel_enis> if i aderstand :root@ubuntu:/var/lib/mysql# ls
<amel_enis> debian-5.0.flag  mysql
<amel_enis> and mysql is a symlink
<drbobb> what about /var/lib/mysql itself?
<amel_enis> amel@ubuntu:~$ /var/lib/mysql
<amel_enis> bash: /var/lib/mysql: is a directory
<drbobb> ls -ld /var/lib/mysql
<drbobb> ?
<amel_enis> drwxr-xr-x 3 mysql mysql 4096 2009-03-03 20:07 /var/lib/mysql
<drbobb> oh so you meant /var/lib/mysql/mysql is a symlink
<amel_enis> and var/lib/mysql is a symlink
<drbobb> ?
<drbobb> because /var/lib/mysql is not a symlink, as shown by the line above
<amel_enis> yes  /var/lib/mysql/mysql  is a symlink
<drbobb> ok in any case i think the solution would be
<drbobb> purge mysql-server-5.0
<drbobb> delete /var/lib/mysql
<drbobb> install mysql-server-5.0
<amel_enis> ok i try this solution
<drbobb> my guess being that /var/lib/mysql/mysql points to /home/mysql
<drbobb> for whatever reason
<drbobb> someone must have set it so at some point, it wouldn't happen by itself
<drbobb> and that runs afoul of apparmor:
<drbobb> http://ubuntuforums.org/showthread.php?t=782224
<amel_enis> ok
<amel_enis> ths
<amel_enis> drbobb: but the problem persist
<amel_enis> ????
<axisys> i am still wondering why the md0 (/) and md1 (swap) showing degraded mode and pointing to /dev/block/254:1 and 254:2 intead of /dev/sda1 and sda5
<drbobb> amel_enis: ls -ld /var/lib/mysql/mysql
<drbobb> ?
<axisys> i am having the exact same problem http://ubuntuforums.org/showthread.php?t=1034772
<axisys> dont see any fix
<amel_enis> 1 min
<amel_enis> drwxr-xr-x 2 mysql root 4096 2009-03-03 23:23 /var/lib/mysql/mysql
<amel_enis> the same
<drbobb> uh no, it no longer is a symlink
<Vog-work> I'm trying to find out what the package linux-headers-2.6.22-14 is used for. I was going to uninstall a package and dpkg was going to remove it. It looks like somethign needed for gui interface but I am not sure.
<amel_enis> yes var/lib/mysql/mysql is a symlink
<drbobb> well you just demonstrated that it is not
<amel_enis> how?
<drbobb> hint: the first char is 'd', not 'l'
<amel_enis> sorry i dont anderstand
<drbobb> then i'm sorry, you need a crash course in unix
<drbobb> and i need some sleep
<axisys> looks like I am facing the same bug
<axisys> https://bugs.launchpad.net/ubuntu/+source/mdadm/+bug/126499
<uvirtbot`> Launchpad bug 126499 in mdadm ""No devices listed in conf file were found" due to mdadm RAID1 array UUID different from actual UUID reported by vol_id" [Undecided,Confirmed]
<amel_enis> ok
<amel_enis> goodnight
<drbobb> c.u.
<uvirtbot`> New bug: #337094 in samba (main) "FFe request: samba 3.3.1" [Undecided,Fix released] https://launchpad.net/bugs/337094
<deplanear> my lighttpd's (apt-got in 8.04.1) init script starts but doesn't stop; can anyone tell me (i'm a newb) the best way to see more output from that init script to see where it's having the problem?
<Faust-C> deplanear, /var/log/daemon.log
<Faust-C> deplanear, /var/log/messages
<Faust-C> deplanear, /var/log/debug
<deplanear> Faust-C: thanks (unfortunately no mention of anything related to it there..)
<Faust-C> check the other logs as well
<deplanear> ok
#ubuntu-server 2009-03-04
<tbielawa> Greetings
<uvirtbot`> New bug: #337534 in mysql-dfsg-5.0 (main) "install fail my video player" [Undecided,New] https://launchpad.net/bugs/337534
<tbielawa> Can anyone point me at a definitive list showing the details between configuration of a linux-image-virtual kerbel and a generic kernel?
<tbielawa> Research so far suggests the -virtual flavor is mostly slimmed down in terms of devices compiled in
<tbielawa> :)
<JanC> tbielawa: exactly
<JanC> tbielawa: VMs don't need a lot of devices
<tbielawa> JanC, thanks for the confirmation. I just started to dig around package sources. you saved me some time :-)
<JanC> there might be some other changes, but in general, it's optimized for running in VMs
<tbielawa> Can you speak on the delta between -server and -virtual?
<maxb> tbielawa: the relevant bit of the source: http://kernel.ubuntu.com/git?p=ubuntu/ubuntu-jaunty.git;a=tree;f=debian/sub-flavours;h=f40a10bee9057abd5604a3fa8da6d7d918f1956f;hb=HEAD
<tbielawa> Thanks maxb
<tbielawa> In my work place we've set up enough infrastructure to finally roll out on a much bigger scale with the virtualization
<tbielawa> So last steps before that gets going fully is performance tuning and tweaking
<tbielawa> I'd appreciate any helpful resources for that topic.
<^law^> hello anyone can help me to make my db2 autostart in my ubuntu server?
<JanC> ^law^: eh, DB2 has no init script?
<uvirtbot`> JanC: Error: "law^:" is not a valid command.
<JanC> shut up uvirtbot`  :P
<^law^> when i want to connect to my db2 db for each times i start my server i must invoke "db2start"
<^law^> i want to make it autostart. have any idea?
<^law^> anybody?
<JanC> like I said, you proably need an init script
<JanC> or if you have one, you need to mak sure it's started
<^law^> hmm is  it possible to add some in inittab?
<^law^> hmm is  it possible to add something in inittab?
<JanC> normally, init scripts go into /etc/init.d/* and they are symlinked from the directories that indicate what script to start or stop for a certain runlevel
<JanC> do you know how sysvinit works?
<JanC> (in the future upstart should do this, but for now you need the sysvinit machinery)
<^law^> hmm
<JanC> I guess you didn't install DB2 from an Ubuntu-specific package...
<^law^> my ubuntu is intreoid
<^law^> intrepid
<^law^> n it seems there is no db2 packge forit
<^law^> so i install manually
<^law^> formerly i can autostart my aolserver by adding a line in inittab
<^law^> i found the line in the internet
<^law^> but now cn't find for db2
<JanC> hm, there were DB2 packages for Ubuntu in the past
<JanC> maybe you can steal something out of these
<^law^> but now i already succeed install it
<^law^> n now i just wanna make it autostart
<^law^> JanC, for making one autostart we can do it by editing inittab or adding initscript in /etc/init.d rite?
<JanC> ^law^: I suggest writing an init script
<uvirtbot`> JanC: Error: "law^:" is not a valid command.
<^law^> wat is the diffrent by adding initscript n editing inittab?
<JanC> that way you can at least shut it down properly too
<^law^> but now i can do db2start to start the dbmanager n db2stop to stop it
<^law^> it just won'y autostart
<JanC> you want it to "autostop" too...
<^law^> no
<^law^> i'm wondering wat line must i add into my initttab
<JanC> well, if you don't care about possible dataloss, fine for me...  ;)
<^law^> wat u mean by dataloss?
<JanC> if you don't stop DB2 properly before a shutdown or reboot...
<^law^> hmmm
<^law^> when shutdown/reboot must stop db2?
<^law^> i never do tat?
<twb> ^law^: Ubuntu has no inittab.
<uvirtbot`> twb: Error: "law^:" is not a valid command.
<twb> ^law^: PS: please pick a less silly nick in future.
<uvirtbot`> twb: Error: "law^:" is not a valid command.
<JanC> twb: if you create one, it's used
<^law^> a?
<^law^> my ubuntu server have inittab
<twb> JanC: what package is responsible for that?  upstart-sysvinit-compat ?
<^law^> i just fresh installed it 2 days ago
<JanC> yeah, see  /etc/event.d/rc-default
<twb> JanC: thank you, I did not know that.
<JanC> if it has, ^law^, it's because you created it
<JanC> it's not there by default
<twb> JanC: unless he's running something ridiculously old, like 6.04
<JanC> maybe
<^law^> no
<twb> But I suspect more likely is that he's done a third-party sharball install or something for db2, which has "helpfully" created it because "shucks, ALL systems are SysV dontcherknow"
<^law^> i didn't create it
<^law^> no
<^law^> i install db2 manually
<^law^> without any 3party
<twb> ^law^: that's what I'm saying.
<uvirtbot`> twb: Error: "law^:" is not a valid command.
 * JanC kicks uvirtbot`  :P
<twb> JanC: its not uvirtbot`'s fault that people choose stupid nicks
<twb> Excuse me, I'm a grumpy old man and I'm not used to "polite" channels like #ubuntu*
<JanC> twb: it could check nicks before sending error messages  ;)
<twb> JanC: while we're at it, let's fix IRC
<Hellsheep> Hey, i have a thread posted in the forums i was wondering if someone can look at please.
<Hellsheep> http://ubuntuforums.org/showthread.php?p=6833609#post6833609
<Hellsheep> Is anyone here able to help with a networking issue?
<twb> Hellsheep: can you give a one-sentence description of the problem, so I can decide whether I can be bothered dealing with a web forum?
<Hellsheep> Connecting my network like this: Phone Line>Modem>Server>Router/switch>windows PC's so basically i want to know how to set something like that up, and configure the server to process the internet and route it out
<Hellsheep> i can explain more if you like
<twb> Sorry, I'm not interested.
<Hellsheep> No problem
<kraut> moin
<piti> Hi
<piti> I have a strange behavior: I'm not able to set on php core option "allow_url_fopen" to on. The conf file is already setted to on, but the configuration doesn't seem to reload
<piti> I use lighttpd so the conf file is /etc/php5/cgi/php.ini, and tried to reload with /etc/init.d/lighttpd restart
<piti> and it's on a gutsy box
<cemc> piti: other conf options do work ?
<piti> hum good advice: it seems not to
<piti> does it use an other conf file than the one I'm on ?
<cemc> piti: maybe you want to take a look in /etc/php5/cli/php.ini ?
<cemc> depends on how you're using php from lighttpd I think
<piti> I use fastcgi
<piti> but it hasn't changed anything with /etc/php5/cli/php.ini too
<cemc> hm, strange
<cemc> not working for me either
<piti> hum, on a hardy box, I don't have any trouble
<Blank`laptop> oh, lighttpd can only use the cgi php?
<Blank`laptop> i've never used anything on linux other than apache2 so i've never fiddled with it
<Blank`laptop> i manage to massively screw my intrepid installation up when i accidentally started chown'ing everything to www-data
<Blank`laptop> exim is still stuffing up, but i'm not sure how to fix it... perhaps a apt-get purge exim4?
<_ruben> reinstall? :)
<Blank`laptop> a reinstall?!
<Blank`laptop> entire server?
<_ruben> for the average server its faster to reinstall than trying to get all perms back in order
<piti> Blank`laptop: chown everything to www-data is a bad start
<Blank`laptop> yeah that was accidental
<Blank`laptop> i was meaning to type ./ as the folder to chown
<Blank`laptop> however i forgot the dot...
<cemc> oops ;)
<Blank`laptop> i managed to break the operation
<Blank`laptop> however i had no idea how far it got
<Blank`laptop> so i started chowning most folders to root
<Blank`laptop> then got issues with mysql and exim...
<piti> I guess it's easier to reinstall instead of retrieving original owner of each file
<Blank`laptop> i was trying to compare things to another installation of server i had on a spare drive
<Blank`laptop> brb
<piti> cemc: so you don't have any clue ?
<eolo999> hi, i bought a new machine to experiment with kvm and i'm was worrying if 8.10 is the right choice. The machine should offer some prduction services too so i am tempted to stay with 8.04. The new kvm technologies developed in Intrepid justify going on a not LTS release?
<cemc> piti: no clue yet, it's not working for me either, but it did work at some point, so I have to check
<ttx> eolo999: if the main purpose of the machine is testing kvm, I'd go for the latest. This is an area that sees quick improvements.
<ttx> fwiw, "experiment with kvm" and "offer production services" on the same machine doesn't really sound right.
<eolo999> ttx: thx, i know still a ihave to create a stable service while investigating kvm... it's not my choice...
<eolo999> ttx: can i backport new vm tools to 804?
<ttx> eolo999: I'd say the intrepid kvm is less likely to lock up your server, so it's probably a better choice to run intrepid
<ttx> if you intend to upgrade that machine before intrepid support ends
<hads> Hardy kvm doesn't do anything bad here.
<eolo999> what do you mean with 'lock your server'?
<hads> I have a Hardy box running five KVM guests with 260 days uptime
<ttx> hads: yes, it's pretty solid. Though looking at KVM changelog, they keep on nailing new kvm crash issues, so running a later version shouldn't hurt
<ttx> eolo999: I'd say it's more a matter of how long you want to keep this machine without upgrading it.
<ttx> hardy LTS has longer support (obviously) than intrepid.
<hads> Yeah, I'm sure there are situations that I don't run into which cause issues.
<eolo999> thx guys i go for 810!
<Doble> just out of interest hads - what guests are you running?
<Blank`laptop> back
<ttx> eolo999: have a great time with kvm ;)
<hads> Doble: A mixture of Hardy and Intrepid
<eolo999> ttx: ;)
<Doble> what do they run ?
<Doble> your guests
<simplexio> i saw one intrestin kvm patch on lkml, no idea if its in mainiline kernel though. it allowed run something like 64 windows client on 16G ram, it shared identical memeory blocks between virtual clients
<hads> Doble: mail/web/etc. nothing too exciting
<Doble> alright, cheers, i have to head off now - seeya
<piti> cemc: you think I should fill a bug about it, or am I doing something wrong ?
<cemc> probably you're doing something wrong ;) I am sure it does work, I tested some clamav stuff and it worked then, not sure what's happening now, but right now I'm in the middle of something, will look at it later
<piti> ok, no problem
<Hellsheep> Hey
<Hellsheep> Is anyone available to help me with a networking issue
<blue-frog> shoot
<piti> hum, I tried launching the cgi from cli, and it seems to take care of my conf. maybe that's about old php threads which hadn't reload configuration
<piti> ok, I manually killed every php-cgi threads then reload, and it is ok now
<cemc> piti: good to know
<piti> cemc: so you think it's like a bug ?
<_ruben> restarting lighttpd isntead of reloading it probably would've done the trick .. and i dont think its a bug, more a usability issue of sorts :)
<piti> _ruben: I already restarted lighttpd, but this didn't worked
<piti> on a hardy box, all went fine doing that
<piti> (I even tried to stop thhe server, then start it after few seconds)
<_ruben> hmm .. if restarting lighttpd leaves rogue php-cgi processes behind, that i'd qualify as a bug
<oly> hum, can some one direct me to the file to modify ldaps apparmour profile, not used app armour before but its stopping me creating a second database
<_ruben> /etc/apparmor.d/path.to.file
<_ruben> to control the 'rules' for /path/to/file
<oly> cool, got it cheers
<Hellsheep> blue-frog, thanks for the offer. :) I forgot about IRC, ended up asking my brother instead.
<oly> hum, got another question regarding slapd if any one knows, when starting it, slapd ignores my slapd.conf file unless i pass it the -f parameter with a path
<oly> anyone know what may be causing this ?
<mih> hello ! to everyone ! I have an Intrepid with cups,samba,kerberos. I want to make from it - print server, release station, all authentication by kerberos, on Active Directory. All is ok except the xp station that doesn't authenticate to the CUPS server !
<oly> i get the feeling its something todo with /etc/ldap/slapd.d folders
<mih> I see the printers on the cups server but after installing the drivers I get access denied and none of the print jobs I send from the xp get to the cups...
<uvirtbot`> New bug: #337037 in samba (main) "MS Office reports "Access Denied" when saving to samba share" [Undecided,New] https://launchpad.net/bugs/337037
<piti> when does uvirtbot` decides to tell there's a new bug ?
<_ruben> when its a bug thats  assigned to the server team iirc
<piti> ah, ok
<piti> thank you
<Blank`laptop> hmm... i'm wondering if i've screwed up something else, look at what happens when i try to ping anything, even localhost
<Blank`laptop> ~$ ping localhost
<Blank`laptop> ping: icmp open socket: Operation not permitted
<Blank`laptop> however... just found out that if i sudo ping, it's fine... i'm almost 100% certain i've screwed something else up permissions wise
<cemc> Blank`laptop: firewall ?
<cemc> heh
<Blank`laptop> chowning most things accidentally to www-data then chowning almost everything to root is a bad idea
<Blank`laptop> >.<
<cemc> reinstall :)
<cemc> for how long have you been trying to revive it now? :) a couple of hours maybe?
<cemc> you would've reinstalled it and configured it by now
<Blank`laptop> cemc: about a month or two
<ubuntnoob> if i have a file/print server, should i have it behind a router? or should i configure it to be the router itself?
<ubuntnoob> !if i have a file/print server, should i have it behind a router? or should i configure it to be the router itself?
<ubottu> Error: I am only a bot, please don't think I'm intelligent :)
<mario_> Hi, how can use Logical Volume with jeos?
<_ruben> dont recall jeos having any issues with lvm
<_ruben> then again, i havent used jeos that much
<mario_> I want to assign a logical volume to a guest, i have to add it in the xml configuration file of libvirt?
<_ruben> oh .. i thought you meant lvm within jeos
<_ruben> never used libvirt
<yadu> Hi,i'm a student at CET, India.
<thewrath> hey all
<thewrath> anyone here?
<yadu> We, are planning to set up a mirror for Ubuntu in our college.
<yadu> It would be very nice if someone could help
<thewrath> kool
<sommer> yadu: do you have a specific issue?
<thewrath> so people can download it i presume there yadu ?
<thewrath> where is the apache2.conf file located in 8.04 lts
<thewrath> i completely forget
<sommer> thewrath: /etc/apache2
<thewrath> ty
<thewrath> thought so but i must of had a misspelling
<sommer> thewrath: tab complete is your friend
<thewrath> yeap lol
<thewrath> its not hard to set up a self signed ssl for ur web correct?
<sommer> thewrath: nope not hard
<sommer> !serverguide
<ubottu> The Ubuntu server guide may be found at http://help.ubuntu.com/8.04/serverguide/C/
<thewrath> ty
<sommer> thewrath: there's a section on certificates in the serverguide that has instructions
<thewrath> i did it on my old laptop that had issues so i am trying ot duplicat everything
<thewrath> hi domas
<thewrath> Permission ddenied: make_sock: could not bind to address 0.0.0.0:80 no listening sockets avaiable, shuttind down unable to open logs
<thewrath> apache failed to do force-reload
<thewrath> why
<domas> hi!
<thewrath> all i did was added this after the only <directory stuff>
<thewrath> UserDir public_html
<thewrath> UserDir disabled root
<thewrath> <Directory /home/*/public_html> AllowOverride FileInfo AuthConfig Limit Options Indexes SymLinksIfOwnerMatch IncludesNoExec
<sommer> thewrath: did you use sudo ?
<thewrath> duh
<thewrath> id idnt
<thewrath> as you can see how tired i am atm
<thewrath> sommer: genius and a life saver
<sommer> thewrath: heh, I give you permission to take a nap
<thewrath> lol
<incorrect> I am trying to allow a user to sudo to another user without a password
<thewrath> hmm
<thewrath> not sure if you are able to do that
<incorrect> thewrath, is that directed at me?
<thewrath> sommer: guide have how to install services for irc server?
<thewrath> yes i always thought to sudo you needed a password
<incorrect> NOPASSWD works
<sommer> thewrath: not yet, but it's on my list for karmic
<incorrect> just i can't change the user
<thewrath> karmic?
<sommer> incorrect: you might try giving sudo access to su
<sommer> thewrath: the next ubuntu release
<thewrath> 9.04?
<thewrath> i didnt think that was called karmic
<sommer> thewrath: 9.10
<incorrect> sommer, can you tell me how to run su over ssh?
<thewrath> where can i find a good tutorial how to install services
<thewrath> sommer: all right awesome
<incorrect> su complains that it needs a terminal
<sommer> incorrect: well you'd ssh first then su to the other user... not sure if you can limit which user with su though
<yann2> ttx > around?
<ttx> yann2: yes
<incorrect> i want to ssh host su - user -c script
<yann2> I got issues with java on ubuntu hardy, I got pointed to you :) i suspect a memleak
<yann2> I thought maybe you could help?
<yann2> (related to: http://bugzilla.zimbra.com/show_bug.cgi?id=34040 )
<sommer> incorrect: ah, ummmm I've done something similar, but what I did was ssh sudo -u user /usr/local/bin/script
<ttx> yann2: Probably not, but tell me more :)
<uvirtbot`> bugzilla.zimbra.com bug 34040 in Other - Server "Zimbra java consumes all memory on Ubuntu 8.0.4 64bit" [Blocker,New]
<incorrect> sommer, can you do it with nopassword?
<yann2> ttx > there is a bug on zimbra's bugzilla, that is ubuntu specific
<ttx> looking
<sommer> incorrect: if you configure sudo to execute the script with NOPASSWD
<sommer> incorrect: and setup ssh keys
<yann2> beyond the fact that the bug is affecting me and is scary, I am a bit afraid that it may put some shadow over future support for ubuntu
<incorrect> sommer, strange keeps asking me for a password
<thewrath> any suggestions for installing irc server services
<thewrath> nickserv, etc
<sommer> incorrect: which part the ssh to the host, the sudo, or a command in the script itself?
<yann2> looks like that in the end  http://monitoring.thehumanjourney.net/munin/server/zimbra.server-memory.html
<incorrect> well i set user ALL=(ALL) NOPASSWD  thinking this would let them sudo -i user2
<sommer> incorrect: do you want them to have an interactive shell?  or just execute a script then exit?
<ttx> yann2: looks like a Sun JVM bug in the 1.5 version shipped in hardy
 * ttx looks more
<incorrect> sommer, either
<yann2> ttx > is what I think too :)
<ttx> yann2: would it run with sun-java6 or openjdk-6 instead ?
<yann2> oh wait wait I think I pointed this to  you too early
<yann2> I think they bundle their own java (ever heard of zimbra?)
<yann2> sorry about that... got no idea why the bug then :(
<ttx> well they must bundle a buggy JVM version
<joe-mac> has anybody here ever noticed apt-proxy spitting out 404s when it's low on memory?
<sommer> incorrect: you might try ssh user@host sudo -u user script
<ttx> ttx: doesn't seem completely ubuntu-specific, see "We have seen this behavior on SLES for a number of 5.0 versions." comment
<ttx> yann2: ^
<yann2> uh, missed that one.
<thewrath> does anyone have experienc with setting up irc server?
<yann2> right this is partly good news :)
 * incorrect goes and bangs his head against the wall
<yann2> thx for your help ttx , sorry I should have remembered that java was bundled
<incorrect> sommer, i am stupid
<ttx> yann2: np
<thewrath> ttx: any knowledge of irc?
<sommer> incorrect: did it work?
<incorrect> sommer, i had it right apart from a typo
<sommer> incorrect: heh, it happens
<ttx> thewrath: yes, as in "I'm currently using it".
<thewrath> well i mean setting upa  irc server
<thewrath> i think i found some stuff for the scripts
<thewrath> but i want to install the services
<ttx> thewrath: then, no: no knowledge of setting up any irc server.
<thewrath> does anyone?
<thewrathjr> okay i think i got this working fine now can someone say something
<thewrath> okay now try
<thewrath> what is command to remove some things that the sudo-get remove didnt
<thewrath> like when you install something but it has to haev other things installed
<maxb> Perhaps you are thinking of "apt-get autoremove" ?
<thewrath> yes
<thewrath> pefect
<thewrath> thank you
<thewrath> hmm
<andol> cjwatson: I must say I appreciated reading your bug rant on bug triage. To me it was definitely educational. Not sure how much I have "sined" so far, but I will very much try not to do so in the future.
<cjwatson> andol: thanks :-)
<giovani> someone has claimed the $1000 djbdns prize!!
<domas> sbeattie: so strange to see whole bug description to be revamped
<domas> giovani: haha,how?
<giovani> domas: http://article.gmane.org/gmane.network.djbdns/13864
<sbeattie> domas: prepping for an SRU.
<sbeattie> domas: any chance you could test one of the kernels I pushed into my ppa and give feedback?
<domas> sbeattie: I tried them on a VM, it seemed to work, though I didn't try in live environment
<sbeattie> domas: but you didn't see the leak you were seeing before, right?
<domas> nope
<domas> you have my testcase though :)
<sbeattie> cool, can you add a comment to that effect?
<sbeattie> yep, thanks for synthesizing it down to that, very much appreciated.
<kirkland> didrocks: http://blog.dustinkirkland.com/2009/03/ubuntu-encrypted-home-with-2-factor.html
<didrocks> kirkland: thanks a lot :)
<kirkland> didrocks: thanks for the nudge :-)
<axisys> on a nvidia raid devicemapper how can I tell the raid1 disks are sync after putting a new disk? looking for a /proc/mdstats time file
<ubuntnoob> hello!
<ivoks> gr... why did dell put ubuntu on worst hardware... ever
<giovani> ?
<ivoks> after two weeks a key droped from keyboard
<ivoks> two months after purchase - disk died
<ivoks> on the same dell vostro a860
<JanC> if you want good hardware, why do you buy from Dell?  ;)
<HAN67431> hello all
<HAN67431> need help with dovecot and postfix saslauth
<ivoks> JanC: they have good servers, so i tought.... :)
<ivoks> HAN67431: just ask
<HAN67431> k
<HAN67431> i followed the server guide for postfix and saslauth with dovecot
<HAN67431> everything work fine
<HAN67431> outlook 2007 can authenticate using smtp auth and thunderbird but windows mail (vista) makes no attempt to authenticate, i have tried 2 diffrent pc's
<HAN67431> and from the mail.log it only tries to send the mail
<HAN67431> other client first authenicates then send the mail
<HAN67431> windows makes not attempt
<ivoks> then vista mail is broken
<HAN67431> i have a another server (centos with cyrus sasl) and with windows mail it work 100%
<giovani> get a packet trace
<ivoks> maybe you configured wrong auth mechanism on client?
<giovani> then we can see what's actually going on rather than guessing in the wind
<HAN67431> well, i only select "my outgoing server requires authenication" with the username password...
<ivoks> and did you configure postifx to accept plain text authentication?
<HAN67431> and windows mail work fine with my other server
<HAN67431> yes
<giovani> once again
<giovani>  a packet capture would remove all of the guesswork
<ivoks> broken_sasl_auth_clients = yes
<ivoks> ?
<HAN67431> yes
<HAN67431> broken_sasl_auth_clients
<HAN67431> yip
<ivoks> giovani: there's not much you can see in crypted traffic :)
<giovani> ivoks: who said it's encrypted?
<giovani> I didn't hear him mention encryption
<ivoks> right, you have a point there...
<ivoks> it should be crypted, anyway
<ivoks> HAN67431: smtpd_tls_auth_only
<giovani> indeed it should -- however, for the purposes of troubleshooting, it would be helpful to remove that, so as to reduce the number of variables
<giovani> ivoks: he has to set up TLS first ... but ok
<ivoks> HAN67431: is that set?
<incorrect> my servers have 32gb of ram,  i don't feel like turning over 48gb of disk over for swap,
<ivoks> HAN67431: if not, set it to no
<giovani> incorrect: then don't?
<HAN67431> i have TLS Support
<ivoks> JanC: smtpd_tls_auth_only = no
<ivoks> doh :)
<incorrect> is there any reason why I should not just run with 2gb of swap, just in case i spill over a bit?
<ivoks> JanC: sorry :)
<HAN67431> tls_only is set to no
<HAN67431> want to see my main.cf config?
<ivoks> HAN67431: not really :)
<HAN67431> lol
<giovani> incorrect: not that I know of -- the guidelines are just that, guidelines -- and most of them are antiquated anyway -- you have to do what's best for your environment
<incorrect> giovani, thanks for that, I was in that frame of mind too
<giovani> I haven't used more than 25-50% swap in nearly 10 years :)
<HAN67431> well this is that i test enviroment
<HAN67431> i have been using centos
<HAN67431> testing out ubuntu
<ivoks> incorrect: guideliness: if server_has_ram =< 2GB; then SWAP = server_has_ram * 2; else: SWAP = 2GB
<giovani> HAN67431: I've told you what would make troubleshooting easy
<ivoks> HAN67431: ok, then put your main.cf somewhere
<giovani> incorrect: afaik, in 2.6, swap files are just as fast as swap partitions -- would give you more flexibility -- http://lkml.org/lkml/2005/7/7/326
<HAN67431> http://pastebin.com/m26fceb49
<incorrect> giovani, the idea is I am never going to touch swap
<incorrect> if i do something has gone wrong
<incorrect> but i don't want the system to die
<giovani> incorrect: swap will be used sometimes, even if you don't run out of ram
<HAN67431> its really weird that only windows mail saslauth wont work...
<giovani> so, having none would not be great -- but 2GB is probably plenty
<incorrect> giovani, you can set swappiness to 0
<giovani> HAN67431: not really ... microsoft breaks stuff all the time
<giovani> incorrect: yes, you can
<HAN67431> lol
<ivoks> and apple too
<incorrect> giovani, 2gb was what i was thinking
<giovani> incorrect: I'd go with that then -- report back if there are any issues -- I'll be curious if there are
<ivoks> apple mail will at some point just refuse to connect to server
<ivoks> and spit that 'server is broken'
<giovani> smtpd_banner = $myhostname ESMT
<giovani> I think you accidentally lost a "P" there
<ivoks> without even establishing tcp connection
<HAN67431> lol yes
<incorrect> giovani, i will have 200 odd machines this year, so its got to be right
<giovani> incorrect: you have 200 machines with 32GB of ram?
<giovani> smtp_use_tls = yes
<incorrect> giovani, i have 90 with 8 right now, 25 with 32, and 5 with 16 but 6tb per box
<giovani> you've also duplicated this line
<incorrect> ill be buying another 60 next month
<ivoks> giovani: um...not?
<giovani> incorrect: gotcha -- well, if you have a network that large, you should know that you should have non-production machines to do stress-testing on before deploying anything
<ivoks> #
<ivoks> smtpd_use_tls = yes
<ivoks> #
<ivoks> smtp_use_tls = yes
<giovani> oh sorry
<giovani> my mistake
<HAN67431> ?
<incorrect> giovani, sort of, but nothing of the larger machines
<giovani> HAN67431: nothing, ignore it
<HAN67431> i am using tls
<giovani> so you've told us
<incorrect> I really should publish my openldap packaged 2.5.15, and bdb 4.7,  I have n-way replication working
<jmedina> incorrect: how is your n-way setup?
<incorrect> jmedina, works pretty well
<HAN67431> something tells me that it is a config issue with dovecot because why would cyrus saslauth work?
<giovani> HAN67431: doubtful
<HAN67431> on my centos box
<jmedina> incorrect: have you been monitoring your contextCSN?
<giovani> because your config is probably slightly different
<giovani> HAN67431: why is it that I've asked like 10 times for a packet capture ...
<jmedina> I have seee a lot of inconsitencies with earlier versions
<incorrect> jmedina, i backported bdb4.7 and built new packages for 2.5.15 where the contextCSN problem was fixed
<jmedina> incorrect: do you have hardy packages? :D
<HAN67431> i am on it
<incorrect> jmedina, i do
<incorrect> jmedina, its for hardy
<incorrect> i need to setup reprepo
<giovani> HAN67431: it's just a quick tcpdump server-side
<jmedina> incorrect: I can test them, I only use openldap on hardy
<jmedina> incorrect: are you using any load balancer?
<incorrect> jmedina, don't need to, i have loads of servers around the place, so i have all the local ones to each data centre/network setup
<ivoks> HAN67431: dovecot sasl doesn't support MD5 and others
<ivoks> HAN67431: it supports only 'login'
<ivoks> HAN67431: cause you can't decrypt user password from shadow
<incorrect> jmedina, i am using haproxy to load balance my data centre's that works pretty well
<incorrect> next i've got to get bonding configured during my pxe install
<HAN67431> i am not using secure password authentication on the server
<jmedina> incorrect: so you point your apps to a local replica?
<incorrect> jmedina, yes, if you list them, they fail over
<jmedina> incorrect: lets write a wiki about thease I can help testing
<incorrect> there is already plenty on it
<jmedina> but not the ubuntu way :D
<incorrect> I should fix the errors on the official guide
<jmedina> I have used simple syncrepl using two servers in apps configs, with only one master
<jmedina> how is the setup in the clients? lets say a proxy squid
<HAN67431> http://pastebin.com/m69fb136e
<HAN67431> tcpdump
<incorrect> I have pretty much all my systems slaving off ldap now
<jmedina> and how is managed fail over?
<jmedina> that is my doubts
<incorrect> jmedina, try setting multiple uri's in your ldap.conf
<jmedina> ok
<incorrect> i have it a bit like my /etc/resolv.conf
<incorrect> a master and then if that isn't there it fails over
<incorrect> you could use a load balancer
<incorrect> haproxy would work nicely for it
<HAN67431> pop3 work 100% with windows mail its just smtp-auth that it wont do,
<HAN67431> like i said tried it on two pc with windows mail same thing
<HAN67431> outlook 2003/2007 no issues
<HAN67431> using debug_auth in dovecot.conf
<ivoks> HAN67431: http://www.vistax64.com/vista-mail/88396-smtp-auth-windows-mail.html
<ivoks> HAN67431: you are not alone
<HAN67431> outlook auths but windows mail makes not attempt to auth
<HAN67431> yes i did have a look at that but why does it work with cyrus-saslauth
<HAN67431> i have no issues
<Zerqent> HAN67431: .. smtp-auth and dovecot.. are you trying to use an imap/pop3 server for smtp?
<ivoks> Zerqent: dovecot can export authentication to postfix
<Zerqent> ivoks: aha, didn't know that =)
<HAN67431> no dovecot has its own sasl mechimisn
<ivoks> HAN67431: users are in sql, ldap?
<ivoks> on in passwd?
<HAN67431> no normal system users
<HAN67431> passwd
<HAN67431> this is the guide i followed step by step
<HAN67431> https://help.ubuntu.com/8.10/serverguide/C/postfix.html
<ivoks> HAN67431: did you check 'Lon on using Secure Password Authentication'?
<HAN67431> yes
<ivoks> why?
<ivoks> uncheck it
<HAN67431> tried it
<ivoks> it must be off
<HAN67431> it is
<jmedina> incorrect: are you uploading the packages?
<HAN67431> anyway in the log file it show no attempt to authenticate
<HAN67431> where with outlook it show sasl authenication=plain ....etc
<incorrect> jmedina, not sure where a good location would be
<ivoks> HAN67431: i don't know... i'll have to test that on my own; but i don't have vista
<jmedina> incorrect: lauchpad?
<incorrect> jmedina, not used it
<HAN67431> log file windows mail
<HAN67431> http://pastebin.com/m686cad65
<jmedina> incorrect: maybe in a PPA
<jmedina> that is the place afaik
<HAN67431> outlook 2007
<HAN67431> http://pastebin.com/m7bbb2461
<incorrect> jmedina, ill make you a tar.bz2
<HAN67431> anyway if someone have vista please test it with windows mail and ubuntu with this guide
<jmedina> incorrect: thanks
<ivoks> HAN67431: you are missing couple of lines in first one
<HAN67431> if someone sees something can i they drop me a email jancarel.putter@gmail.com
<jmedina> ivoks: it looks like copy paste doesnt work
<jmedina>  in the wikis :D
<giovani> HAN67431: where's the packet capture?
<ivoks> jmedina: :)
<jmedina> HAN67431: why not debuging smtpd in postfix (master.cf)
<HAN67431> http://pastebin.com/m69fb136e
<HAN67431> the first one is windows mail
<giovani> uh
<giovani> but that doesn't show us the actual contents
<HAN67431> second one is outlook 2007
<giovani> heh
<giovani> that's just the summary view
<ivoks> HAN67431: and you are missing couple of lines on it
<giovani> what good is that?
<HAN67431> ?
<giovani> sigh
<ivoks> HAN67431: log doesn't start with 'NOQUEUE'
<giovani> we need a PCAP
<giovani> so we can see what the client is trying to do, if anything
<giovani> to authenticate
<ivoks> HAN67431: it starts with clien=unknown...
<ivoks> client
<giovani> tcpdump -i ethX -s0 -w file.pcap
<incorrect> jmedina, there is a little bug with the packaging of bdb utils, you have to chmod the executables into running,, I was lazy when i backported it
<incorrect> jmedina, also i've only built 64bit debs, you should be able to compile 32bit ones if you need
<jmedina> incorrect: which executables? db4-restore and like that?
<incorrect> jmedina, yes
<HAN67431> where can i send the file to or upload it>
<incorrect> jmedina, chmod 755 is easy enough
<jmedina> incorrect: there is a launchpad service for upload
<giovani> HAN67431: I don't know -- you tell me -- a web server ... somewhere
<jmedina> ivoks: you know where can incorrect upload some packages for testing?
<ivoks> jmedina: ppa?
<ivoks> or they are already binaries?
<jmedina> ivoks: I dont know how do it with ppa, binaries
<incorrect> jmedina, ill drop them on my server,
<jmedina> damn, when I was tring to learn how to contribute con server team this crisis bring me a lot of work, more time out of office
<ivoks> i'm not sure there's anything for binaries :/
<ivoks> anyway... 23:35; time to leave
<giovani> HAN67431: you made sure SSL/TLS was off when you did the packet capture right? because that's the only way we can read it
<HAN67431> yes
<HAN67431> but i vim the file cant read anything but i disabled SSL/TLS on the client
<HAN67431> the file is in pcap format
<giovani> vim? it's a pcap, it's a binary
<HAN67431> o
<giovani> just post it somewhere
<HAN67431> ok
<giovani> then we'll see what type of auth the client is attempting, if any
<HAN67431> but the contents or the fiel itself
<giovani> that'll tell us if the server is misconfigured, or the client
<giovani> the file itself
<HAN67431> where?
<giovani> the contents aer the same thing as the file -- it's a binary
<ivoks> 'night
<giovani> you don't have a webserver?
<HAN67431> mmmm...
<HAN67431> no
<giovani> hah
<giovani> good luck then
<HAN67431> http://196.212.34.107/file.pcap
<incorrect> jmedina, you can get them at http://www.badape.net/ldap/
<giovani> HAN67431: problem found
<giovani> your client is not attempting to authenticate AT ALL
<giovani> it simply connects and begins sending mail
<jmedina> incorrect: where did you backported these p[acagkes?
<giovani> and is getting relay denied
<giovani> HAN67431: either you've misconfigured your client, or the client is broken
<HAN67431> yes
<incorrect> jmedina, they were built on my opertons
<jmedina> incorrect: 114M?
<giovani> HAN67431: this is not a server problem whatsoever
<incorrect> jmedina, that is the source
<giovani> your client makes no attempt to authenticate
<HAN67431> i have permit sasl_authenicated
<incorrect> and everything you need to rebuild
<giovani> HAN67431: that's not the problem, please read what I just wrote
<HAN67431> as i said it work with outlook 2007
<HAN67431> cant be the client
<giovani> it is the client
<giovani> I can tell you without a doubt
<HAN67431> two pc cant have the same issue
<giovani> yes they can
<giovani> if you'd like to argue with me ... go ahead ... I'm going to stop here
<giovani> your pcap trace shows very clearly the client making no attempt to authenticate whatsoever
<HAN67431> thank you...anyway for your help
<HAN67431> yes
<HAN67431> i know
<giovani> your client is broken, or doesn't support PLAIN auth
<giovani> since that's all you're offering it
<HAN67431> but ok i hear what you say and its all good
<giovani> it's not all good :)
<jmedina> incorrect: could you please leave the files until tomorrow?
<jmedina> I cant download them right now
<HAN67431> but why does it work with cyrus-sasl
<incorrect> jmedina, not a problem
<jmedina> thanks
<giovani> HAN67431: possibly because cyrus is offering something more than PLAIN auth -- it's possible windows mail doesn't support PLAIN auth
<incorrect> jmedina, i might get organised and setup a repository
<incorrect> i built one for my server farm
<incorrect> its 11pm here
<jmedina> incorrect: that will be good, but for backports I think the better way is usea a PPA
<HAN67431> so dovecot can only do plain auth
<giovani> HAN67431: no ... you've just not configured it to do anything else
<jmedina> here 17
<incorrect> jmedina, a ppa?
<ScottK> jmedina: What's wrong with backports?
<giovani> HAN67431: you need to edit /etc/dovecot/dovecot.conf
<jmedina> ScottK, sorry, there is nothing wrong, it was my english
<incorrect> i've been building my own packages for 10 odd years
<giovani> and edit the part that says "mechanisms = plain" and add something else -- like cram-md6
<giovani> md5*
<giovani> "mechanisms = plain cram-md5"
<giovani> like that
<ScottK> Actually it's probably login you want.
<giovani> I don't know that this will solve your problem -- but it's possible
<jmedina> I have digest auth, /me preferes starttls
<ScottK> Older MS clients don't support plain, they support login
<giovani> ScottK: this is a new ms client
<giovani> ScottK: Windows Mail
<giovani> (visa equivalent of Outlook Express)
<ScottK> Dunno about that one.
<giovani> vista*
<ScottK> Might still need login then.
<giovani> HAN67431: add "login" for good measure then as well
<ScottK> cram-md5 is a shared secret mechanism, so it would take additional setup.
<giovani> i.e. "mechanisms = plain login cram-md5"
<giovani> ScottK: shared secret? it's a challenge-response
<giovani> based on the password and the challenge being md5ed
<giovani> no additional setup -- most clients support it out of the box
<HAN67431> lol thats the issue
<giovani> what is? :)
<HAN67431> windows mail uses login
<HAN67431> lol
<HAN67431> not plain
<giovani> HAN67431: ok ... so less arguing next time about how it's the server
<HAN67431> thank you very much
<HAN67431> lol
<giovani> packet captures save the day once again :)
<giovani> people get too caught up in their high-level troubleshooting tools
<HAN67431> i think you did
<giovani> ScottK came through with the windows loving login-only knowledge, never knew that myself
<HAN67431> thanks scottK
<Hans67521> sorry i am still very noob when it comes to ubuntu/linux
<Hans67521> but thank for helping me solving my problem....
<giovani> you're welcome
<ScottK> Hans67521: You're welcome.
#ubuntu-server 2009-03-05
<jmedina> hi there
<jmedina> any one here with experience with trendnet external modems
<jmedina> ?
<lukehasnoname> nope
<roy_hobbs> Is there anywhere I can lookup what the different options specifically do during the server install on the screen to select various servers.  Like LAMP, DNS, Virtual Host, etc.
<roy_hobbs> I'm most uncertain as to what the "Basic Ubuntu Server" option does.
<jmedina> roy_hobbs: install one machine for each option, run dpkg -l on each machine and compare the output (diff)
<twb> roy_hobbs: the source code will tell you.  The only difference those check-boxes do is the list of packages installed by default.
<roy_hobbs> twb: thanks, do you know offhand what "basic ubuntu server" does?
<twb> roy_hobbs: I don't remember ever seeing that checkbox.
<roy_hobbs> JeOS
<twb> roy_hobbs: so, no.
<twb> roy_hobbs: it's quite safe to leave nothing checked, and then manually install anything you want with aptitude.
<jmedina> roy_hobbs: a linux with network nothing else :D
<twb> If I had to guess, I would say "basic ubuntu server" probably corresponds to the "ubuntu-standard" or "ubuntu-minimal" metapackages.  You can see what they depend on by examining them (e.g. aptitude show ubuntu-minimal) on an installed system.
<uvirtbot`> New bug: #338043 in mysql-dfsg-5.0 (main) "mysql 5 installation crashes if no new root password supplied" [Undecided,New] https://launchpad.net/bugs/338043
<Shanix> hi all, has anyone tried install the redhat-cluster-suite on hardy 8.04.2 ?
<sommer> Shanix: I know some people have, but haven
<sommer> 't myself
<Shanix> I tried to setup the environment, but seem to getting some error, wondering if I was setup the wrong way or a bug?
<Shanix> it's https://bugs.launchpad.net/ubuntu/+source/redhat-cluster/+bug/338047
<uvirtbot`> Launchpad bug 338047 in redhat-cluster "soft lockup - CPU#0 stuck for 11s! [clurgmgrd:4587]" [Undecided,New]
<thewrath> anyone there that can help me with irc services
<twb> I want to encrypt syslog traffic (which basically means I need TCP).  I lean towards rsyslog since that's the new Debian default.  Anyone want to weigh in with opinions for/against rsyslog?
<fbond> Hi.  Where is the appropriate place to set LANG: /etc/environment, or /etc/default/locale?
<fbond> (To set a system default, that is.)
<fbond> Or is it best to set both ... ?
<twb> fbond: it should already be set somewhere by default.
<axisys> anyone here can help me with my question?
<axisys> https://www.redhat.com/archives/dm-devel/2009-March/msg00012.html
<twb> Hmm, apparently not on Ubuntu.
<twb> Oh wow, 8.04 still defaults to ignoring the Recommends field.
<ScottK> twb: What do you mean "still"?  Why would you expect it to change?
<twb> It changed in Debian a while back
<twb> Obviously Ubuntu hadn't caught up by 8.04 :P
 * ScottK doesn't remember which turned it on first.
<ScottK> But since the first Debian release with is on was just released last month and 8.04 was released almost a year ago, I think caught up is an odd way to put it.
<twb> Hence the ":P"
<xiambax> how do i update package list and sources for ubuntu server?
<ScottK> xiambax: What are you trying to do?
<xiambax> download ubuntu-xen-server
<xiambax> im updating list now
<xiambax> so maybe something will come of this
<kraut> moin
<tsrk> I have two machines.  When I try to SSH from one to the other, the login is incredibly slow (takes about 5 seconds for the password prompt to appear).  When I SSH to any other machine it works fine.  When I ssh to the server from any other machine it works fine.  This problem only occurs with this combination of client and server.  What on earth could be causing this?
<sbeattie> tsrk: dns lookup problems of the ip address of the client machine by the server is the likely culprit. Otherwise use 'ssh -vvv ' to see where things are stalling.
 * hads agrees
<tsrk> well, it works on other machines on the same network
<tsrk> (and it shouldn't be able to look up any of these ips, all internal)
<tsrk> 1 sec, i'll grab the ssh -vvv log thing
<tsrk> this is where it gets stuck:
<tsrk> debug2: key: /home/tsrk/.ssh/id_dsa ((nil))
<tsrk> next line is debug1: Authentications that can continue: publickey,password
<hads> Add 'UseDNS no' to your sshd_config
<tsrk> yeah it was the dns (i added it to my hosts file) but why does it work on some but not others (all with default config)?
<Doble> hi
<Doble> can anyone give me a hand with pure-ftp ?
<_ruben> Doble: might wanna ask a more precise question in order to get (useful) answers
<Doble> thanks ruben, im talking to someone now, will see how it goes and will ask again if we can't work it out :)
<Doble> does anyone know how to stop pureftp? I want to start it with the -l switch and point it at a database file for virtual users, but I can't start it because it's already running! (I get the error: Unable to start a standalone server: Address is already in use)
<Doble> also - complete ubuntu newbie here :)
<simplexio> Doble:  /etc/init.d/pureftpd stop
<_ruben> unless its handled by (x)inetd
<simplexio> Doble: or killall -9 pureftpd (or what ever that program executable is called )
<simplexio> killall -9 is last option
<Doble> @ simplexio I get the same error when trying to tell it to "stop" as when I just try to run it
<Doble> @ ruben what do you mean handled by inetd ?
<simplexio> Doble: and normalway to address someone is start line with username: <inert your message here>
<simplexio> Doble: you can allways use killall -9 programname
<Doble> siplexio: sure, will try that
<Doble> simplexio: haha ! sweet, it worked, I was able to start the service with the -l switch and it read from the database like it's supposed to, and i can login as my virtual user, great!
<simplexio> sure.. when someone dosnt bahve, just try ti kill it, and it it wont work then use kill -9
<simplexio> and that may cause some problem if used in real life
<Doble> lol
<Doble> can someone explain to me the difference between init.d and ... i don't know, system services? I know there's a difference but basically I want to run pureftp as a service when the server boots, and im guessing since it's currently running as init.d that is linked to my user account ...
<Doble> ...that it is linked *
<Doble> or i should say - is being run AS my user account, and not as the 'system'
<Doble> for example, when I run "sudo pure-ftpd -l puredb:/etc/pure-ftpd/pureftpd.pdb" in one of my screens, the screen 'freezes' - im guessing because it is busy doing what I told it to - if I open a new screen, I can access the FTP, but as soon as I CTRL-Z the screen which I ran the command in, I can't FTP to it anymore - therefore the pureftp server is being run as my user account and not as a service
<simplexio> Doble: ctrl-z freezes program, you can do bg after thatto allow it run backround
<simplexio> Doble: init.d scripts are systems services which are started when system is on defined runlevel, and does screen mean one terminal window or screen the program
<Doble> simplexio: screen the program
<simplexio> Doble: in screen ctrl-a n open new windows
<Doble> simplexio: yeah, screen is working fine i think, i just need to work out how to run pureftpd as a daemon
<simplexio> ctrl+a n, next screen, ctrl+a p previous, in all terminal program ctrl+z suspend bg, allow suspended program to run and fg brings backround job to foreground. right way to detach screen is ctrl+a d, and you get it back using screen -rd coomnd
<simplexio> Doble: probably you need to edit /etc/pureftpd or similiar file to change defaults
<Doble> simplexio: what does the & command do? for example: /usr/sbin/pure-ftpd &
<simplexio> Doble: it starts program in backround
<simplexio> Doble: read and learn http://www.abrillant.com/doc/linux/index.html , that one look nice, it explain what &, && do
<Doble> simplexio: thanks for the help !! I seem to have gotten it running in the background, and using the database, so the virtual users are working - fantastic! I did the following: sudo pure-ftpd -l puredb:/etc/pure-ftpd/pureftpd.pdb &
<Doble> simplexio: now i just need to work out how to get it to run every time the system starts
<simplexio> Doble: or you could have done : pureftpd , then hit ctrl z, and give command bg
<Doble> simplexio: ahh i just tried that- now i think i understand how ctrl-z works, cheers
<oCean_> Doble: is there no /etc/init.d/pure-ftpd script? That one should launch the daemon at every startup
<Doble> oCean_: ah yes, i'm looking at that now - sorry I'm totally new to linux so really fumbling around here, I'll see if I can work this out
<oCean_> Doble: actually, you can run "sudo /etc/init.d/pure-ftpd start" (or stop) by hand, every time you want to start/stop. During machine startup, the script will be executed using 'start'
<Doble> oCean_: I see - how do I get the script to run pure-ftpd with the -l switch which tells it to acess the database for virtual user information? do I have to edit the init.d script ?
<cemc> Doble: you should have an /etc/pure-ftpd directory
<oCean_> Doble: all config files are probably in .... yes, like cemc says :)
<Doble> ahhh ...
<cemc> Doble: check if you have in there a conf/PureDB
<Doble> cemc: yes i just found that - it points at the right puredb file
<cemc> ok, now you go to /etc/pure-ftpd/auth
<cemc> and make a link to that file
<cemc> something like: ln -s ../conf/PureDB 60puredb
<cemc> you take a look in the auth directory where other methods are enabled probably
<cemc> unix, pam
<Doble> cemc: okay, this is where the guide I was following lost me as well - why do I have to make a link? I don't understand what that does, sorry
<Doble> cemc: I understand what a link does, but why does the daemon need it ?
<cemc> you make a link to enable that particular auth method
<Doble> cemc: hmm okay ..
<cemc> so when pureftpd starts, it looks at that directory and enables that auth method
<cemc> actually it's a bit more weird, you have that conf directory and from parsing that a command line parameter list is generated
<cemc> and pureftpd is called with those parameters
<cemc> because pureftpd doesnt have config file support, all options have to be given as command line parameters
<Doble> cemc: so it parses the files that are in the auth directory, and processes whatever has the lowest number?
<cemc> it processes them all
<cemc> and when you try to login with a user it tries with every auth method,
<cemc> until one works
<Doble> aaaahhhh
<Doble> okay, now I understand how this works
<Doble> great, going to try this
<cemc> so if you want only virtual users, you can delete the unix and pam ones
<cemc> and leave only the PureDB link there
<cemc> ummm
<cemc> better scratch that :)
<Doble> so for example, if I delete the unix link - I won't be able to log in using my user account (which isn't in the database file) ?
<cemc> you don't remove the files, you edit them,
<cemc> and put 'no' in them instead of 'yes'
<Doble> ah
<cemc> yeah, it should work as you said
<cemc> because then you will have only puredb authentication
<cemc> and only users in puredb can log in
<Doble> okay, one more question - what is pam ?
<cemc> http://www.kernel.org/pub/linux/libs/pam/FAQ - read this :)
<Doble> heh, okay, cheers
<Doble> okay, im in /etc/init.d and im trying to stop the pure-ftpd daemon, but when i type "sudo pure-ftpd stop" i just get "Unable to start a standalone server: Address already in use"
<Doble> I can just kill the process but I'd like to know why I can't stop it
<cemc> try sudo ./pure-ftpd stop
<cemc> better yet get used to sudo /etc/init.d/pure-ftpd stop
<cemc> :)
<Doble> cemc: ah that worked
<Doble> cemc: so what was i doing wrong? I don't really follow .. sorry
<Doble> also - it worked! Thanks very much simplexio, oCean_ and cemc :)
<cemc> Doble: it's not enough to be in that directory, you have to specify explicitly to run that script frm that directory
<oCean_> Doble: great! The thing that you were 'doing wrong' is that, calling an executable (pure-ftpd in this case) without the path specified (e.g. /etc/init.d) it will *not* call the script in your current directory, rather than the pure-ftpd daemon itself
<cemc> what you did there was actually running the pure-ftpd daemon from /usr/sbin or so
<oCean_> indeed
<oCean_> unix is sweet :)
<Doble> ahhh I understand
<Doble> thanks both
<cemc> yw
<Doble> okay ... i can connect to the server but I can't upload anything - I get a permissions error
<cemc> virtual user ?
<Doble> cemc: yes
<Doble> I can download files however
<cemc> you have to check the owner of the directory you want to upload to
<cemc> it has to be the same as the uid/gid you gave the virtual user
<cemc> is it ?
<Doble> how do i check ?
<cemc> well, how did you add the user to puredb ?
<Doble> i used pure-pw
<simplexio> Doble: ls -l , then chown user:group filenami , changes owned:group, chmod changes file permissions
<cemc> ok, and there you had to specify userid and groupid
<Doble> yep, I made it's userid "ftpusers"
<Doble> I just don't know how to check/change the owner of the folder I made under /home/ftpusers for the virtual user
<cemc> Doble: try what simplexio said
<Doble> haha briliant
<Doble> i chmod'd the user and group to ftpuser:ftpgroup and now it's working perfectly
<Doble> simplexio: cemc: THANKS VERY MUCH ! huge help for this newbie hehe
<cemc> you mean you chown'd the directory to ftpuser:ftpgroup
<Doble> yes, sorry that's what i meant
<Doble> once again thanks very much
<Blinkiz> Hi there. I want to know what packages is installed when doing a installation of Ubuntu 8.04 JeOS. Does it exst such list on the web somewhere?
<incorrect> I am using the network install system,  I've been trying to set passwords however the md5 hash i put in doesn't seem to work
<incorrect> does anyone know how to generate the hash the right way?
<ivoks> kickstart?
<ivoks> kikstart adds hashed strings into the file
<incorrect> kickstart isn't that redhat?
<rgreening> ScottK: ping
<ScottK> rgreening: pong
<rgreening> heya ScottK, I saw an announcement on a new email stack.
<rgreening> I was wondering if similar exists for security,..
<rgreening> like proper ufw, tcp wrappers, log chacking, rkhunter, etc...
<rgreening> if not, it would be a great project for next UDS
<ScottK> ufw is in the default install.
<ScottK> A lot of the tools for that are in Universe too.
<ScottK> It might though.
<rgreening> I know for myself, I had to manually setup these tools.
<ScottK> Nothing says there can't be community maintained meta- stuff in Universe.
<rgreening> I was thinking a meta package with some same default settings would be nice
<rgreening> ya
<rgreening> would you be interested in helping me spec something?
<ScottK> Much of the trick though is that by policy one package can't modify another's setting directly.
<ScottK> Sure.
<ScottK> So the packages you want to modify need to provide a mechanism to externally control configuration.
<rgreening> ScottK: maybe a script to setup these...
<ScottK> For the mail server stuff I had to add a couple of helper scripts to postfix for the purpose..
<ScottK> Yes.
<rgreening> ScottK: have you applied to go to UDS?
<ScottK> I have.
<rgreening> ok, if I get to go, we can spec it out there.
<zul> <ScottK> I have.
<rgreening> IMO, an easy "lockdown" setup tool would be extremely beneficial
<salsa> Hello. I installed ubuntuserver and need java version > 1.6.0_04 but in repos there is only java version "1.6.0_0". Am I wrong ? I'm installing tomcat6 and this java automaticaly is installed.
<^law^> it just a little bit lower version i guess it is ok :)
<salsa> it is not for my app
<^law^> salsa,then how you install ur tomcat? via apt-get?
<salsa> it requires this 1.6.0._04 version
<salsa> aptitude
<salsa> ^law^: I use aptitude
<uvirtbot`> salsa: Error: "law^:" is not a valid command.
<axisys> how do I check the raid1 sync status ?
<axisys> i posted a question on dm-devel as well
<axisys> https://www.redhat.com/archives/dm-devel/2009-March/msg00012.html
<cemc> axisys: cat /proc/mdstat
<axisys> cemc: i am using hardware raid controller .. ubuntu picked up the raid controller actually during install
<axisys> cemc: check the url to see how is my setup https://www.redhat.com/archives/dm-devel/2009-March/msg00012.html
<oly> I have been testing postfix, can anyone tell me if i can setup a system or use postfix to forward mail to two servers
<oly> the aim being to keep the current server running, and test on the second
<giovani> forward mail to two servers?
<oly> so both machines would recieve all mail,
<giovani> ask in #postfix
<oly> okay,
<axisys> is there a ubuntu development channel where I can ask about the mdadm bug ?
<axisys> i already posted a question here
<axisys> http://www.nabble.com/linux-software-raid-td22317338.html
<axisys> but so far no soln
<ScottK> axisys: Here isn't a bad place.  There's also https://bugs.launchpad.net/ubuntu/+source/mdadm/+filebug
<Chipzz> axisys: yes there is an ubuntu development channel and no you can't ask your question there (explicitely against channel rules)
<incorrect> can you put public ssh keys into ldap?
<axisys> ScottK: i am aware of the bug channel.. i actually referenced that bug in my email thread link above
<axisys> ScottK: hoping there is a fix
<ScottK> axisys: OK.
<axisys> ScottK: thnc
<axisys> ScottK: thnx
<axisys> Chipzz: hmm.. it is already in the bug database .. so i guess i wait until they have a fix
<axisys> Chipzz: thnx
<ScottK> axisys: If it's not already marked confirmed, adding a comment that you have the bug too and making it confirmed would be useful.
<axisys> ScottK: ok .. i will do that right away.. thnx
<axisys> ScottK: updated w/ comments
<kraut> moin
<BUGabundo1> guys need a few tips: gonna setup a virtualbox with ubuntu server over winServer 2k8. anything I should know before hand?
<axisys> i need to setup a well lockdown anon ftp server.. anyone can point me to a link?
<viezerd> BUGabundo1: I am not sure if it will work for virtualbox, but ubuntu jeos is optimized for use in virtualization
<BUGabundo1> ok
<BUGabundo1> but why not Ubuntu-Server?
<BUGabundo1> or is jeos similar ?
<viezerd> actually, it is server but with a somewhat tuned kernel
<BUGabundo1> ah ok
<BUGabundo1> will download it then
<viezerd> http://www.ubuntu.com/products/whatisubuntu/serveredition/jeos , I use it on vmware esxi product , but I am not sure if it will work well in virtualbox
<BUGabundo1> the last one is hardy
<BUGabundo1> http://cdimage.ubuntu.com/jeos/releases/hardy/
<BUGabundo1> no ibex
<BUGabundo1> there's also no ibex server image
<BUGabundo1> strange
<JanC> you're looking in the wrong place  ;)
<BUGabundo1> link please!
<BUGabundo1> can't see it in releases or cdimage
<BUGabundo1> http://cdimage.ubuntu.com/ubuntu-server/releases/
<viezerd> BUGabundo1: http://www.ubuntu.com/products/whatisubuntu/serveredition/jeos
<BUGabundo1> http://releases.ubuntu.com/8.10/ubuntu-8.10-server-i386.iso
<BUGabundo1> found it
<giovani> jeos is now part of the server install
<giovani> so no need for a seprarate ISO anymore
<BUGabundo1> oh ok
<incorrect> jeos is just fancy talk for not installing extra cruft
<BUGabundo1> yah
<BUGabundo1> I know that
<incorrect> i remember when i install debian no a 32mb usb stick
<giovani> incorrect: and for installing a different kernel
<giovani> afaik
<incorrect> giovani, i don't know, I always build my own custom kernel, stock kernels aren't great for servers
<giovani> incorrect: great or not -- it's part of the differentiator for JeOS install
<BUGabundo1> so do I have to check some box on install?
<incorrect> my opterons have weird behaviour if i don't compile the kernel specifically for them
<giovani> BUGabundo1: you want JeOS specifically? you're running in a virtualized environment? if so -- in the server installer, there'll be an option for JeOS
<giovani> when you get to package selection
<BUGabundo1> giovani: running on VirtualBox over Win Server 2k8
<BUGabundo1> 32 bits
<giovani> ok
<BUGabundo1> gonna run an internal linux server: LAMP, dovecote,postfix, jabber
<Deeps> '# Download the server ISO image, boot from it, press F4 on the first screen and select "Install a minimal virtual machine"'
<Deeps> oh, he's gone
<BUGabundo> back
<BUGabundo> IM crashed
<ryanprior> If I start up a new Ubuntu Server instance with KVM, how do I ssh into it?
<BUGabundo> so do I choose F4
<BUGabundo> and them minimal virtual machine?
<BUGabundo> giovani: ^^^^^
<giovani> BUGabundo: yep, I guess that works
<BUGabundo> doing so
<filipe_xD> a
<BUGabundo> filipe_xD: b
<akincer1> I'm trying to enable remote MySQL access and I have 1) commented out bind local host IP  and 2) GRANT ALL ON dbname.* TO dbuser@'client_ip_address' IDENTIFIED BY 'PASSWORD';
<akincer1> Still doesn't work
<akincer1> any ideas?
<BUGabundo> just a quick question
<BUGabundo> I choose PT language
<BUGabundo> but ended up with ENG keyboard
<BUGabundo> how can I change it?
<giovani> it should've asked you during the keyboard setup
<BUGabundo> it did
<BUGabundo> on the beginning
<giovani> right, and you didn't set it properly?
<BUGabundo> I did
<BUGabundo> but it is not correct
<giovani> sounds like a bug
<BUGabundo> really?
<giovani> well ... heh
<BUGabundo> nobody else uses server on other languageS?
<giovani> of course people do ...
<giovani> but I don't
<BUGabundo> and its not fixed?
<BUGabundo> lol
 * BUGabundo looks at LP
<giovani> and it may be a problem with your specific language
<giovani> in the installer
<BUGabundo> I'll try to reconfigure console-setup
<BUGabundo> but without auto complete and the '-' anywhere to be found
<BUGabundo> its HARD
<giovani> you can just find an image of a Us keymap
<giovani> and then find the key you need there
<giovani> http://www.saunalahti.fi/janij/blog/images/2007_feb_us_keyboard_layout.png
<BUGabundo> for a laptop over RDP, over Virtual Box?
<BUGabundo> that place is just echoing 'Âº' for me
<giovani> rdp? why would you be using that?
<BUGabundo> its a win server 2k8 hosting
<BUGabundo> even worse
<BUGabundo> it would seem that my password is not what I thought it was
<BUGabundo> cause it did not use the same key layout
<BUGabundo> so I can't ssh
<BUGabundo> grrr
<BUGabundo> wordaround it
<BUGabundo> typed on the cli the password to see what char it was
<BUGabundo> LOL
<giovani> clearly starting fresh would be a better idea
<giovani> I bet what happened was, the virtual machine is not emulating your keyboard layout
<BUGabundo> naa
<BUGabundo> maybe
<BUGabundo> if it isn't it's a bug
<BUGabundo> on VB
<giovani> so your virtual machine is probably emulating a US layout
<BUGabundo> but that is SUN BTS
<BUGabundo> I can do what I want over ssh now
<BUGabundo> and I'll add a pgp key latter
<BUGabundo> so no more pass
<BUGabundo> now to setup dovecot
<BUGabundo> does it use PAM by default?
<giovani> it uses whatever you tell it to use
<giovani> I don't know which is default -- just look at the config
<BUGabundo> nano is not installed?
<BUGabundo> duh
<giovani> yes it is
 * BUGabundo warns: this is first ubuntu server install
<BUGabundo> Get:1 http://pt.archive.ubuntu.com intrepid/main nano 2.0.7-4 [298kB]
<BUGabundo> it is not
<giovani> I guess the ultra-minimal jeos install doesn't include it
<giovani> I don't use it ... so
<BUGabundo> at least with the minimal jeos it is not
<BUGabundo> yeah
<BUGabundo> gona try install some metapage
<BUGabundo> ubuntu-minimal already in
<BUGabundo> out of ideas
<akincer1> mysql remote access, anybody here able to help?
<giovani> BUGabundo: ubuntu-standard
<ikonia> akincer1: mysql -h is your friend
<BUGabundo> giovani: yeah was going to try that nex
<BUGabundo> *next
<BUGabundo> is it too much overkill??
<akincer1> sigh
<akincer1> I'm not starting from scratch
<BUGabundo> ubuntu-standard:
<BUGabundo>   Installed: (none)
<akincer1> everything is as it should be for it work.
<akincer1> but it doesn't
<giovani> BUGabundo: it includes nano -- but you already installed that
<giovani> so you may have everything
<giovani> http://packages.ubuntu.com/intrepid/ubuntu-standard
<BUGabundo> doing so now
<akincer1> ikonia: Still getting an access denied
<akincer1> as I was before
<BUGabundo> work done for today! going to the gym. thanks for the help giovani
<akincer1> nevermind, I figured it out
<axisys> i see two ftp server setup on howtoforge
<axisys> http://www.howtoforge.com/howtos/ftp
<axisys> anyone has tried anyone of them?
<AtomicSpark> I want to mount a users home from a server. SSHFS seems to be all the rage (people hate NFS apparently), but what is the difference between using SSHFS and SFTP? SFTP is what Ubuntu desktops use when you choose connect to server... ssh.
<Deeps> sshfs isn't supported in ubuntu
<AtomicSpark> Not by default or not at all? The package is there, optional.
<Deeps> packages in 'universe' are not supported, and are available for you to use at your own risk
<Deeps> you'd be better served using nfs or samba
<ScottK> Not Supported as in not by default and if you have a support contract with Canonical it's out of scope.
<AtomicSpark> Good points.
<ScottK> Deeps: Not supported by Canoncial != Not Supported
<Deeps> ## N.B. software from this repository is ENTIRELY UNSUPPORTED by the Ubuntu
<Deeps> ## team, and may not be under a free licence. Please satisfy yourself as to
<Deeps> ## your rights to use the software. Also, please note that software in
<Deeps> ## universe WILL NOT receive any review or updates from the Ubuntu security
<Deeps> ## team.
<Deeps> 'this repository' == universe, as seen in the apt sources.list
<ScottK> Yes.  The "Ubuntu Security Team" is Canonical.
<Deeps> ok
<ScottK> For example there is zero difference in how much support clamav gets in the releases it's in Universe versus in Main.  I pretty much deal with it either way.
<ScottK> There are packages in Universe that are well supported and ones that have zero support.
<ScottK> This is also true in Main, but the ratios are different.
<AtomicSpark> Deeps: I get my support from the community. But when you said unsupported, I thought you ment didn't work at all. :P
<AtomicSpark> ScottK: It's true that a lot of things are moving into main, especially for server apps.
<Deeps> AtomicSpark: that isn't what i meant at all, sorry
<AtomicSpark> clamav of course for mail servers
<jdstrand> what in main gets zero support? Some things are absolutely a lower priority than others, but that is different than no support
<jdstrand> ScottK: ^
<ScottK> jdstrand: I don't have an example handy, but I have run across packages that see very little love that are in Main.
<ScottK> jdstrand: One sort of example is that the Python transition was declared done in Main days ago and I just uploaded a rebuild for tdb today because it wasn't done.
<jdstrand> ScottK: I can assure you that if there is a CVE assigned to it, we are aware of it and working towards getting it fixed (keeping prioritizing in mind)
<jdstrand> oh, well I was speaking of security support
<ScottK> jdstrand: Absolutely.  My comment wasn't really about security support (sorry for not being clear), but general package maintenance and support contract coverage.
<jdstrand> ScottK: oh ok :) I may have missed part of the conversation. sorry :)
<ScottK> I was certainly less than clear.
<jdstrand> heh
<ScottK> The "ENTIRELY UNSUPPORTED" bit about Universe really bothers me.
<jdstrand> yeah. I saw that and didn't like it. I should probably be rephrased. Is there a bug on it?
<ScottK> Good question.  What package would that be?
<jdstrand> that's a good question. I bet mvo would know
<ScottK> Would you ask him please?  I really need to get some $WORK done, but keep getting distracted by IRC.
<mmrnhrmn> is this the right place for questions about server features?
<ivoks> yes
<mmrnhrmn> Okay, I read the topic ;)..does ubuntu have any packages to implement an RFC-3161 time stamp authority?
<AtomicSpark> Do you use adduser or useradd, and why?
<ivoks> i really don't know the answer on that question
<ivoks> adduser - it's pluggable
<ivoks> and, by default, it uses useradd in the end
<AtomicSpark> And it creates the group and home. :P
<AtomicSpark> By default of course.
<mmrnhrmn> ivoks, thats okay...it seems like its a very hard question to answer.  i havn't had a lot of luck in my research
<ivoks> AtomicSpark: /etc/adduser.conf
<ivoks> AtomicSpark: tweak it to your liking
<ivoks> AtomicSpark: adduser --help is also useful
<ivoks> mmrnhrmn: that's about syncing time?
<AtomicSpark> ivoks: commands without a userful --help are annoying.
<ScottK> AtomicSpark: Looking at man pages is often going to be more rewarding.
<jdstrand> ScottK: fyi, I'm told it's apt-setup-udeb
<ScottK> jdstrand: Thanks.
<AtomicSpark> ScottK: Of course. :) But some --help just tell you what the flags are without even saying what they *are*.
<AtomicSpark> ScottK: But that's just lazy developers ;)
<mmrnhrmn> ivoks, its involved in digital signing..as part of signing a file, a time stamp is added to verify when it was actually signed
<ivoks> ah... i see
<mmrnhrmn> ivoks, used with a Certificate Authority its supposed to take care of the 'when', while the CA does the 'who'
<ivoks> so, it could be necessary for some high trust systems
<mmrnhrmn> ivoks, its part of OpenSSL, but I can't see how to implement it...i've learned a lot, but not enough
<AtomicSpark> So, I have a small network and I want to set up SSO. However, manually entering all the LDAP entries would be a pain (and learning it in a live run isn't a good thing). Is there anyway that OpenLDAP can just pull unix accounts? For example, I just create everyone I want to be in the directory on the server using the adduser command and everything else is automagic!
<ivoks> migrationtools - Migration scripts for LDAP
<ivoks> but, true, ldap lacks good (like, easy to use) manager
<ivoks> with it, it would take over world in a storm
<AtomicSpark> It's "in discussion" for jaunty. It looks like they want a better default setup.
<ivoks> that's something else
<ivoks> DIT
<ivoks> that's what's our supported tree structure
<ivoks> not how to manage it
<ivoks> well, python ldap library is quite good, so, someone just have to dig in :)
<AtomicSpark> I see. Well we still need some decent cl or gui tools. Fedora is rockin' that.
<ivoks> there was nice tool
<AtomicSpark> Using a text file is confusing for me because I don't know waht "defaults" to put in there and how it will look in the Personal Information GUI client thing.
<ivoks> directoryassistant?
<AtomicSpark> And heh, eBox apparently keeps breaking. But yeah, I'll look into the migrationtool thing. I'm pretty sure I've seen a way to sync unix users -> ldap.
<ivoks> luma
<ivoks> gq
<cemc> yeah, I would like some nice ldap tutorial, crash course myself ;)
<AtomicSpark> The problem is, there is not a decent one that explains both client and server, and they all are different from eachother. :P
<cemc> anybody, any tips ?
<ivoks> directoryassistant looks quite good for very basic account management
<cemc> if ldap is that useful and good and whatnot, why isn't there a decent manual for it? :)
<ivoks> cemc: good = complicated to explain
<cemc> I was thinking to have an address book for thunderbird:)
<ivoks> bacula is the best backup software in the world, but to hard to learn
<ivoks> cause it's so flexibile
<cemc> psotfix's good and has good doc too ;)
<ivoks> same goes for openldap
<ivoks> cemc: but postfix isn't that powerfull as sendmail :D
<cemc> it's powerful enough :-P
<giovani> ivoks: hahaha, what?
<cemc> the powerful/configurable ratio is higher as for sendmail :-P
<cemc> heh
<ivoks> giovani: ?
<giovani> ivoks: did you really just say that sendmail is more powerful than postfix?
<ivoks> giovani: hehehe
<ivoks> ah, that...
<ivoks> triwial-rewrite EOD :D
<ivoks> trivial
<giovani> I might want to get ahold of whatever you're smoking
<ivoks> :)
<ivoks> lat!
<cemc> :)
<ivoks> that was the name
<ivoks> gq is also quite good
<davmor2> Hi Guys on first boot after installing mail on Jaunty is see a piece of text that sends alarm bells ringing.  It reads Info: If you have trouble with authentication failures, enable auth_debug setting. See http://wiki.dovecot.org/WhyDoesItNotWork  is this deliberate or can it be turned off?
<ivoks> right, i've seen that too
<ivoks> maybe we should remove it
<ivoks> did you install dovecot-postfix package?
<ivoks> or mail task in installer?
<ewook> window new hide
<ewook> oops
<davmor2> ivoks: from a standard install I did tasks for ssh, lamp, mail
<ivoks> irssi! :)
<ivoks> davmor2: ok
<ivoks> mathiaz: i didn't check; does mail task installs dovecot-postfix now?
<ewook> sry *_* not my keyb right now.
<mathiaz> ivoks: no
<mathiaz> ivoks: to do that - a MIR has to be written for dovecot-postfix
<mathiaz> ivoks: we should not really be hard
<mathiaz> ivoks: and then the mail-server preseed can be modified
<ivoks> davmor2: if you are interested in testing some new mail features, you could install dovecot-postfix package
<davmor2> ivoks: My plan is to test it :)
<ivoks> mathiaz: i see... i think we should do that
<ewook> ivoks: oh? there's a pre-bundled pack of those two?
<ivoks> ewook: just configuration... detalis here: http://blog.init.hr/?p=3
<ivoks> yay... early testers :)
<cemc> :)
<ewook> I love you!
<ewook> weehoo. that was a nice feat :)
<cemc> where do I get the latest jaunty image?
<ivoks> lol
<ivoks> cdimage.ubuntu.com
<ivoks> cemc: http://cdimage.ubuntu.com/daily/current/
<ivoks> note that it might be broken :)
<cemc> :)
<ivoks> maybe you should get alpha release
<cemc> whichever is better to test dovecot-postfix on
<ivoks> http://cdimage.ubuntu.com/releases/jaunty/alpha-5/
<ScottK> mathiaz: Since dovecot-postfix is a new binary in an existing Main package a full MIR isn't needed.
<davmor2> ivoks: Now that makes more sense I just got the same message after installing dovecot-postfix but at least now it is at an appropriate place and time :)
<mathiaz> ScottK: hm - right. We could just ask a archive admin to move the package from universe to main.
<ivoks> davmor2: the message is well... stupid, if you ask me
<ivoks> we should remove it
<ivoks> on start, program shouldn't say that it might be broken :)
<ScottK> mathiaz: Generally.  Or even just seed it and wait for them to catch it in component mismatches.
<ivoks> .......if it isn't :)
<ewook> ivoks: now, when is the nice-figured SA/clam pack comming? ;)
<davmor2> ivoks: I agree :)
<ScottK> ivoks: No.  Since all programs might be broken, all programs should have such warnings.
<ivoks> ScottK: on start? :)
<ScottK> ewook: Probably next release.
<ScottK> ivoks: I'm being sarcastic.
<ivoks> yes, probably next release...
<ewook> seriously?
<ScottK> ewook: Next as in the one after Jaunty (Karmic)
<cemc> that's the plan :)
<ScottK> ivoks: Are you coming to UDS?
<ivoks> ScottK: i hope :)
 * ScottK too
<ewook> 2h for a complete server setup then.. 1h install - add some stuff - 45min tweaking - done.
<cemc> ewook: then do an image of it, and you're all set, right? :)
<ScottK> ewook: I've gone from a stack of parts sitting on a table to a server in production in less than 4 hours.
<ewook> neato.. we need to start implementing ubuntu into our VPS-system for sure now.
<ewook> ScottK: well, heh.. I'm not that fast :)
<ivoks> ScottK: we should expand postfix interface to master.cf
<ewook> cemc: lol.
<ScottK> ivoks: The script I did could certainly use more flexibility.
<ivoks> ScottK: it's amavis centric, right :)
<ScottK> ewook: It started as a one hour maintenance window to replace some old hard drives and then went badly wrong, so I didn't have extra time.
<ScottK> ivoks: Yes.
<ScottK> ivoks: I had the amavis docs in hand when I wrote it.
<ewook> ScottK: that's nice working indeed. Think it took me 5h for a Centos-install up and connected.
<ewook> had help setting up the cables tho :P
<ScottK> Cables weren't an issue here since there had been an existing box that went sour.
<ScottK> My wife wasn't happy to find out her new computer was delayed though.
<ewook> hahaha
<ewook> thank god this was at work - and I am not married.. If I did marry - it would be a tech I'd marry...
<ivoks> ubuntu-server; makes your wifes lives easier
<ivoks> life
<ivoks> bah
<ivoks> english.
<ScottK> ewook: I'm a consultant and for some of my stuff I have a small data center (4 servers) in the basement.
<ewook> ScottK: I eny you.. I don't have a basement since I live in an apartment :P
<ivoks> davmor2: if you find any errors or have suggestions, let us know
<ewook> envy even
<davmor2> ivoks: will do
<ewook> ivoks: hrm, do you have the conf-files on the web somewhere (open, so I don't have to crack open a .deb :P )
<Shanix> hi all, has anyone tried setup the RHCS on 8.04.2?
<JanC> cemc: there is a free book about LDAP from IBM
<ivoks> ewook: eh...
<ivoks> Shanix: yes
<ivoks> ewook: grab the source :p
<JanC> search on http://www.redbooks.ibm.com/
<cemc> JanC: thx, will do
<ivoks> Shanix: any problems?
<ewook> ivoks: I'm not used to grabbing the source.. this be the second time I get that reply and, I don't feel less stupid :P
<JanC> http://www.redbooks.ibm.com/Redbooks.nsf/RedbookAbstracts/sg244986.html
<ivoks> ewook: the package containes one configuration file for dovecot and after installation runs postconf
<JanC> it refers to IBM's own LDAP server, but there are some chapters that explain LDAP too
<ewook> aah.
<ivoks> ewook: so, you should really get postinst file from it
<ewook> ivoks: true. boy, I need to get home and try it out :)
<ivoks> lol
<ivoks> mathiaz: evolution crashes on me when i try connecting on exchange
<ivoks> mathiaz: but i found that it's not evos problem, but openchange lib
<ivoks> mathiaz: or, misconfigured exchange...
<ivoks> i have to found another exchange enironment...
<ewook> *shrugs*
<ewook> that's an un-holy marrige.
<ivoks> well, it's not
<ivoks> that's a very important milestone
<ewook> yes - that's why it's a unholy marrige :)
<ewook> Gargoyle: hmm... kix?
<ivoks> if openchange gets cosy with exchange... we would have open source replacement for it
<ivoks> wihtout additional plugins
<ivoks> for outlook
<ewook> that would be nice, really nice..
<ivoks> a drop in replacement
<ewook> but if I hadn't changed employee, you would have taken me out of work :)
<Gargoyle> ewook: kix?
<ivoks> not me; i'm not doing anything on it :)
<ewook> Gargoyle: kixtart?
<ewook> Gargoyle: or you just have the same nick as someone on the forum over there :)
<Gargoyle> Ahh, no - not clue about kix
<Gargoyle> s/not/no
<ewook> Gargoyle: my bad then :)
<Gargoyle> np. :)
<Gargoyle> BUt I am the original! :-)
<Gargoyle> :P
<ewook> That's what everyone says :P
<Gargoyle> I have the email address to prove it!
<ewook> lol :)
<Gargoyle> How are all the ubuntu server peeps? Not been talking in here much lately.
<Shanix> ivoks, yes, I have create a bug yesterday, if you don't mind take a look and tell me if it's reproducable on your side as well
<Shanix> ivoks, https://bugs.launchpad.net/ubuntu/+source/redhat-cluster/+bug/338047
<uvirtbot`> Launchpad bug 338047 in redhat-cluster "soft lockup - CPU#0 stuck for 11s! [clurgmgrd:4587]" [Undecided,New]
<ivoks> i've seen that
<ivoks> bug
<ivoks> not in production
<ivoks> hm... 'dlm: Can't create listening comms socket'
<Shanix> ivoks, also, everytime when the system boot up, it always said, waiting for fenced to join the fence group until it times out, is there anyway to prevent that?
<ivoks> Shanix: when both are up it still says that?
<Shanix> ivoks, yes
<ivoks> Shanix: don't ever use .local domains
<ivoks> if they don't connect to each other when both are up, there is some name resolving issue
<ivoks> using .local could do that
<ivoks> since .local in ubuntu is like on mac, reserved for zeroconf/bonjour
<ScottK> ivoks: Except doesn't that use 5353?
<Shanix> ivoks, um... even if I defined the IP in the /etc/hosts ?
<ivoks> Shanix: yes
<ScottK> But the advice not to use .local is good.
<Shanix> ivoks, ok, I see. let me try again
<ivoks> ScottK: err...? :)
<ivoks> ScottK: mdns is used for name resolving, and that's part of avahi/bonjour/zeroconf/whatever
<davmor2> Out of curiosity does Ubuntu not include the mail option in ebox?
<ScottK> I don't think it ever got packaged.
<ScottK> I remember looking at a package early in the Intrepid cycle, asking lots of questions, and then I don't know what happened after that.
<cemc> when installing dovecot-postfix, it changes main.cf ?
<ivoks> eh...
<ivoks> it adds custom configuration
<ivoks> if you didn't have configured home_mailbox, it will add it
<cemc> shouldn't that be commented a bit in main.cf ? maybe a warning or something?
<ivoks> if you had it, it will change it
<cemc> like in the dovecot-postfix.conf in /etc/dovecot
<ivoks> cemc: man postconf
<ivoks> postconf can't write comments
<ivoks> it's not like we are editing main.cf
<cemc> oh, got it
<cemc> makes sense :)
 * cemc would've edited main.cf ...
<cemc> :)
<JanC> ScottK: applications use something like nsswitch, they don't know if a name was resolved through /etc/hosts, mDNS or DNS
<JanC> (nsswitch being part of glibc)
<ScottK> Go look at the amount of .local traffic on the root DNS servers.  It's pretty broken architecturally somewhere.
 * ScottK has forgotten the details.
<ivoks> it's apple vs. microsoft :)
<ivoks> but, hm, yes... we could backup main.cf before running postconf
<ivoks> or something...
<cemc> so one would be able to do a quick diff or something to see what exactly changed
<ivoks> fwiw on removal, we clean up dovecot specific stuff from postfix
<ivoks> we don't leave postfix in non-working situation
<ivoks> anyway, feedback is welcome
<ivoks> on mailing list, as a comment on blog post or here on irc
<ivoks> bugs on lp (source: dovecot)
<ivoks> i'm going to close the lid now... it's too late here
<cemc> nite nite
<ivoks> night
<cemc> is there any faster and lighter wiki than mediawiki?
<cemc> I kinda have a slow machine and mediawiki moves very slow at times
<SuperQ> kirkland: ping
<AtomicSpark> So I've followed the ubuntu server guide to the t and I can resolve hostname, but not hostname.example.com nor example.com . I have my search and domain (resolv.conf) to example.com and my bind files match the ones in the guide. What could be wrong?
<AtomicSpark> figured it out, apparently bind6 doesn't like the .local domain. Silly Windows Server habbits. :P
<giovani> .local is currently a non-advised technique by Microsoft, btw
<AtomicSpark> I figured as such.
<AtomicSpark> To get dhcp to add the least hostnames to my dns master, do I use ddns? Maybe, ddns-update-style?
 * AtomicSpark man's
#ubuntu-server 2009-03-06
<AtomicSpark> Apparently I need to configure dns-sec and possibly apparmor prevents dhcp from updating stuff in /etc/bind
<giovani> why do you need dns-sec?
<giovani> (it isn't a bad idea ... but need?)
<AtomicSpark> I don't know. :P
<AtomicSpark> All the guides suggest it, but I really haven't found a decent looking guide on the topic.
<giovani> hah
<giovani> don't bother
<giovani> it's an advanced topic
<giovani> it doesn't sound like you're ready for that
<AtomicSpark> http://www.cahilig.org/debian-and-ubuntu-ddns-with-bind9-and-dhcp
<Deeps> iirc, the preferred location for zones that need to be writable by bind is /var/cache/bind
<JanC> AtomicSpark: is this for a large network?
<AtomicSpark> JanC: No. ~10 computers, but not being able to resolve hostnames is annoying. espeically when there is a shared printer. :P
<Deeps> /etc/apparmor.d/usr.sbin.named contains the apparmour profile, defining what dirs can be read, written to and executed from
<Deeps> and by the sounds of things, you dont /need/ dnssec
<AtomicSpark> Deeps: Yeah. I saw that.
<JanC> AtomicSpark: then maybe use dnsmasq ?
<JanC> it's much easier to setup for this sort of thing...
<JanC> it does both (simple) DNS & DHCP
<AtomicSpark> Hmm. Can't find the key. AppArmor is probably hiding it.
<AtomicSpark> Deeps: so I copy the local zones to /var/cache/bind then update the named.conf.local paths?
<AtomicSpark> Hmm. Time to try dnsmasq or just fall back onto the router. :P
<ryanprior> If I start up a new Ubuntu Server instance with KVM, how do I ssh into it?
<hads> Use the IP address you gave it?
<twb> ryanprior: "with KVM" or "within KVM"?
<twb> ryanprior: in the case of the latter, you need to get its network up, using e.g. -curses or -vnc :0 long enough to tweak its network config.
<ryanprior> I start it like so: kvm -hda my.img
<ryanprior> So, with kvm.
<twb> Er, if my.img is your Ubuntu server, then that server is running *within* kvm.
<ZykoticK9> Ubuntu 8.10 JOES - is it possible to install ssh-client without it brining in x11-common, and the various x11 libs?  or the ssh server for that matter?  or will I have to just install the full version of server for this to work?  I am testing with VirtualBox 2.1
<JanC> heh
<JanC> don't install the recommends
 * JanC thinks "install recommends by default" should be disabled on ubuntu-server 
<ZykoticK9> JanC, was that directed to me?  it includes these packeges in the "the following extra packages will be installed" section, there are more "suggested" but i'm not even including those???
<JanC> ZykoticK9: use the '--no-install-recommends' option for apt-get
<JanC> "recommends" is stronger than "suggests"
<hads> Mmm recommends can be annoying
<ZykoticK9> JanC, thank you :)  that cuts the list down DRAMATICALLY.  thanks, great tip!
<JanC> I disable this on my system by default  ;)
<JanC> systems
<JanC> even on desktops
<ZykoticK9> JanC, how is that done?
<JanC> put "APT::Install-Recommends "0";" in /etc/apt/apt.conf
<ZykoticK9> JanC, Thank you.
<JanC> this behaviour is probably useful for many desktop users
<ZykoticK9> JanC, even more so on server I'd imagine.
<JanC> I mean that Install-Recommends "1" is probably useful for most desktop-users
<JanC> the default behaviour
<JanC> but on servers, it often sucks
<ZykoticK9> gotcha :)  Thanks again.
<JanC> and if you want a desktop that only has the dependencies you need/want, it's useful too
<JanC> if they want recommends installed by default, then this is a bug in the packaging anyway
<JanC> so you might want to file a bug report
 * JanC goes to sleep now
<twb> JanC: for Debian, at least, the Debian Policy manual's definition of Recommends makes it sound like it *should* be opt-out.  The real problem is all the assholes who made packages using Recommends instead of Suggests because, at the time, they had the same semantics (opt-in).
<twb> ...that's my view, anyway.
<ZykoticK9> JanC, with your tip I was able to install ssh client & server without brining down a bunch of stuff I did NOT want.  I found it INSANE that you had to install X in order to have SSH on the console.
<JanC> it's 7am here   ;)
<JanC> twb: agreed
<hads> twb: Language
<twb> hads: sorry.
<hads> np
<giovani> wow, are we really that stuck-up about language here?
<twb> giovani: it's not worth arguing about.
<giovani> but it's worth making people feel like they've done something wrong?
<hads> http://www.ubuntu.com/community/conduct
<JanC> well, many of those people didn't do that because they are assholes, but because everybody else did it, I guess  ;)
<twb> JanC: let us say they did it out of ignorance, then
<giovani> hads: I didn't see any mention of "curse words" in there
<JanC> something like that (and because the Debian guidelines weren't clear enough, probably)
<giovani> but maybe I missed it
<JanC> giovani: some people don't like "curse words", so avoiding them isn't bad
<JanC> OTOH, nobody kicked or banned twb   :P
<giovani> JanC: I think making people feel like they've done something wrong by using certain words is counter-productive, but alright -- I'm going to bed
<twb> Personally, I consider it linguistic apartheid.
<JanC> then why say sorry  ;)
<twb> JanC: because it appeases the crazies who complain
<twb> JanC: and because I don't care particularly about #ubuntu-server
<Silberling> Hi Guys.
<Silberling>  I'm having trouble with an Intel SDS2 + Intel Gbit Coppercable + Adaptec 2610SA SATA RAID.
<Silberling> Both PCIX Devices run extremely slow and i don't know why
<Silberling> running 8.10 server
<uvirtbot`> New bug: #338556 in net-snmp (main) "[jaunty] libsnmp-python: Depends: python (< 2.6)" [Undecided,Confirmed] https://launchpad.net/bugs/338556
<harrisony> my brain aint working today it seems, so ive got some possibly stupid DNS questions, I've just got a new vps running ubuntu server. could I run bind on it and use it as my master server? (and then set the name server to be the ip address of the vps)
<cemc> harrisony: sounds like it should work
<harrisony> would that also work for RDNS?
<harrisony> if i was to go host <ip address of vps> would it respond with what I set it as?
<hads> That is for your provider to setup
<harrisony> got i
<harrisony> t
<hads> I don't know if I'd trust my DNS to a VPS but
<harrisony> I don't my provider (prgmr.com) offers dns for me so unless i find some free thing or another plan
<hads> Depends how important your services being up are really.
<harrisony> had a feeling it wouldn't work out :P
<sergevn> lo
<uvirtbot`> New bug: #264808 in ant (main) "Package does not work with JDK 5" [High,Fix released] https://launchpad.net/bugs/264808
<Barre> 12:49 -!- stefan_can [n=stefan@83.217.112.50] has joined #ubuntu-server
<Barre> 13:01 -!- DragonLord- [n=ask@84-217-68-182.tn.glocalnet.net] has joined #ubuntu-server
<Barre>  [13:02] [Barre(+ei)] [5:FreeNode/#ubuntu-server(+cnt)] [Act: 1] [165 nicks (@0 %0 +0 165)]
<Barre> [#ubuntu-server] /hilight
<Barre> sorry
<uvirtbot`> New bug: #338720 in php5 (main) "Function lookup problem after calling setlocale(LC_ALL, "tr_TR")" [Undecided,New] https://launchpad.net/bugs/338720
<uvirtbot`> New bug: #338704 in nagios3 (main) "description missing in nagios config" [Undecided,Confirmed] https://launchpad.net/bugs/338704
<frzz> hi there. I get the impression the oom-killer is disabled on server kernels
<frzz> anyone can confirm this ?
<frzz> and maybe give a hint on how to enable/disable it ?
<uvirtbot`> New bug: #333460 in libpam-ldap (universe) "[Hardy][LDAP]client authentication broken" [Undecided,New] https://launchpad.net/bugs/333460
<ScottK> frzz: How is it you have this impression?
<frzz> ScottK: wrote a simple program that mallocs and memsets memory
<frzz> the system juste becomes unresponsive
<frzz> if I do the same on a desktop kernel, the process just gets killed and I get a "out of memory killed" or something in dmesg
<RainCT> Hey
<RainCT> I'm wondering, can Debian be updated to Ubuntu? :P
<ScottK> Sarge -> Dapper was doable.  After that, not so much as you need the sysv -> upstart transition we did in Edgy
<mjeanson> zul: Hi, I was wondering what was going on with the update to the redhat-cluster-suite package mentionned in LP#290399, I can't seem to find it, even in proposed
<zul> mjeanson: we are waiting for hardware to test its in my ppa right now
<mjeanson> zul: hum, I only have production systems running redhat cluster which makes me a bit nervous to test this update
<zul> mjeanson: yes I realize that Ill see what I can do to speed the process up
<mjeanson> zul: do you know if anybody is in the process of testing it?
<zul> mjeanson: not that I am aware of it
<mjeanson> zul: I may be able to try it this evening, I have a maintenance window
<zul> mjeanson: if you can that would be great
<mjeanson> zul: do you need specific testing done?
<zul> mjeanson: just needs to see if scsi_fencing works
<mjeanson> BrunoXLambert: not on vacation?
<mjeanson> zul: I'm not using this fencing method, is the fix specific to it?
<BrunoXLambert> mjeanson, sure am.
<zul> mjeanson:  it is
<mjeanson> zul: I have been running in a similar race condition with the gfs control deamon, I had hope the patch addressed that
<zul> mjeanson: ok the scsi_fence thing is something else then ttx ^^^
<ttx> mjeanson: wasn't accepted in -proposed yet. You can test the one in my PPA though. It's the same.
<ttx> https://launchpad.net/~ttx/+archive/ppa
<mjeanson> zul: just checked the patch and it definitely applies to the control daemons, so I'll try it tonigh
<mjeanson> zul: I'll report the result of my tests in the launchpad bug, will that be enough to have it accepted?
<zul> mjeanson: it should
<mjeanson> ttx: oups, had not notticed it wasn't zul talking anymore
<mjeanson> ttx: have you tried the package yourself?
<ttx> mjeanson: no, but someone else did already (on a private bug)
<mjeanson> ttx: any additionnal information in the private bug which may be useful to me?
<ttx> mjeanson: no, it's a copy of the public one.
<ttx> except the tester data/ok
<mjeanson> ttx: cause I haven't been able to steadily reproduce this problem
<Discipulus> Hello, do any of you have experience with SPARC servers? Specifically a E5500
<mathiaz> sommer: hi - is there a section on auth-config-client in the server guide?
<incorrect> I am creating a preseed config for my servers,  however I noticed i am having problems configuring my bonded network
<incorrect> so i thought i would cheat and wget http://server/net_`hostname`  however that doesn't seem to work
<sommer> mathiaz: yeppers
<sommer> mathiaz: also ldap-auth-client
<mjeanson> ttx: btw, why ins't it in proposed?
<ttx> mjeanson: waiting for SRU review afaict
<mjeanson> ttx: I may be all mixed up but I tought it needed to be in proposed to be reviewed?
<ttx> mjeanson: yes, but the SRU rationale must be accepted for it to be accepted in -proposed.
<ttx> zul: ^ am I right ? Is it the reason it's stuck in limbo right now ?
<zul> thats right
<zul> ttx: but also we didnt have the hardware to test it until recently as well
<stgraber_> about that SRU thing for redhat-cluster-suite, according to https://wiki.ubuntu.com/StableReleaseUpdates the process seems to be that once the bug is valid on LP it should be uploaded to -proposed then will be reviewed by the archive admins when it's in the queue. Once validated it'll be added to -proposed. The SRU team then will make sure it fixes the issue and will +1 the bug to get it uploaded to -updates.
<genii-around> Hi. I'm having difficulties aggregating 3 connections with bonding driver. Is there anyone around who might have some experience with it?
<stgraber_> 11:55 < sbeattie> hrm, well, the SRU team can't accept it until there's an upload. Wonder what happened there.
<stgraber_> 11:55  * sbeattie goes to read the scrollback in #ubuntu-server as well.
<stgraber_> zul: ^
<genii-around> Some more specific info on the bonding driver setup: lan is on 192.168.0.X, dhcp served by eth0. eth1,eth2, and eth3 each connect to a router/modem and are static by router 192.168.1.(2,3,4) routers are static 192.168.1.(12,13,14) bond0 gets 192.168.1.1  mode5
<genii-around> Default route is bond0. Masquerading is on. No router IPs are in resolv.conf or routes, only actual nameserver IPs. Dhcp sever passes bond0 IP as gateway,and actual nameserver IPs.This setup is currently working but lookups can take anywhere upwards of 60 seconds. Clients are various OS
<genii-around> Work requires me, but if anyone has thoughts/insight on the subject I'll check scroll on returning
<J_P1> hi all
<uvirtbot`> New bug: #338411 in samba (main) "Cannot retreive share list if samba client and server have the same hostname" [Undecided,Confirmed] https://launchpad.net/bugs/338411
<ewook> whaat.. that shouldn't even be possible.
<cemc> ;)
<ewook> who in the world filed that..
<cemc> something should complain if that's the case, ain't it ?
<ewook> well, yes..
<ewook> I live Steve Langasek for explaining the obvious.
<dantalizing> thats a bug in the network administrator
<JanC> I think the installer proposes the same name each time...  ;)
<JanC> same hostname
<tx2650> AJ247, if he`s using remote desktop stuff, then gui is obligatory or not
<tx2650> Hi. Has anyone any experience on building promise tx2650 driver? I cant build it on .27 kernel.
<Discipulus> Anyone have experience with Sparc Servers? Specifically E5500?
<Traveler> Hey I'm trying to install on an old Dell PowerEdge 6450.  The install fails so I try a media check.  I know the CD is good, but the media test is failing.  (I actually have two of these 6450s and they behave the same.)
<dguitar> Traveler, How do you know they are good? Are they burned discs?
<Traveler> Yes, I checksummed the image, the disk, and read the media check on two separate computers.
<dguitar> Burn them @ a slower speed
<Traveler> s/read/ran
<dguitar> Like 4x
<Traveler> Can we just assume the disk are ok?  I ran the check on other computers.
<Traveler> dguitar, i burned them at 1x
<dguitar> hmmm, nm then ;)
<Traveler> oops
<Traveler> I think the problem might have to do with old hardware.
<Traveler> I've tried enabling and disabling every combination of optios in the BIOS.
<orudie> hi question. I installed roundcube webmail client a few weeks ago, how can i now find out which version i installed
<oomkiller> can anyone tell me how to allow any ipv6 forwarding from ipv6 interface
<oomkiller> i am getting this in the logs: L Mar  6 13:57:24 router kernel: [ 1144.038605] [UFW BLOCK FORWARD]: IN=eth0 OUT=sixxs SRC=2001:4830:1600:013a:71c2:9ee6:c701:6ad5 DST=2001:4860:a003:0000:0000:0000:0000:0068 LEN=80 TC=0 HOPLIMIT=63 FLOWLBL=0 PROTO=ICMPv6 TYPE=128 CODE=0 ID=0 SEQ=24
<oomkiller> when trying to ping from an internal compute
<jdstrand> oomkiller: adjust /etc/default/ufw to have: DEFAULT_FORWARD_POLICY="ACCEPT"
<jdstrand> oomkiller: you'll also want to adjust /etc/ufw/sysctl.conf to have:
<jdstrand> net/ipv4/ip_forward=1
<jdstrand> net/ipv6/conf/default/forwarding=1
<oomkiller> yeah i already have the sysctls, lemme see if the forward policy setting makes it work
<jdstrand> oomkiller: that assumes you want to route all traffic on the FORWARD chain. if not, leave the default policy alone and add ip6tables-restore style rules to /etc/ufw/before6.rules as necessary
<oomkiller> jdstrand: well that would be ok, i only want to enable all for ipv6
<jdstrand> oomkiller: be warned, DEFAULT_FORWARD_POLICY does both ipv4 and ipv6 when ipv6 is enabled
<oomkiller> well what do i need to put in before6.rules to only do it on ipv6
<jdstrand> -A ufw6-before-forward -j ACCEPT
<oomkiller> hmm i had that and it didnt work
<oomkiller> didnt block the packets, but didnt work
<jdstrand> I'd verify your sysctls
<jdstrand> sysctl net/ipv6/conf/default/forwarding
<oomkiller>  net.ipv6.conf.default.forwarding = 1
<oomkiller> i know its forwarding, or at least trying to, since it was blocking it before
<oomkiller> and it works from the box
<oomkiller> and i can ping6 the router
<oomkiller> from this machine
<jdstrand> is this for NAT? do you have POSTROUTING setup? If not, see /usr/share/doc/ufw/README.gz and/or https://help.ubuntu.com/8.04/serverguide/C/firewall.html
<oomkiller> i dont want NAT on ipv6, but i do want it on ipv4
<oomkiller> all i want to do is route all my LAN ipv6 over my tunnel which is running on the router
<jdstrand> not sure what the problem is. seems clear ufw is no longer blocking though
<oomkiller> yeah
<oomkiller> its just not forwarding
<joinAD> i am trying to add some ubuntu machines to a active directory domain
<joinAD> using likewise
<joinAD> heres my syntax..
<joinAD> sudo domainjoin-cli join syrtime-local ACCOUNT PASS
<joinAD> with a - i get a message telling me to make sure ports are open to syrtime-local
<ttx> joinAD: you should have complete domain name instead of "syrtime-local"
<ttx> something like test-ad.company.com
<joinAD> ok.. so the server name, then domain like smallbiz.syrtime.local?
<ttx> no. The domain name
<ttx> domain name is syrtime.local ?
<joinAD> yes
<ttx> there is a bug with .local domains... let me check it up
<joinAD> actually i think its syrtime-local
<ttx> then it's incorrect, you need a fqdn there
<ttx> http://doc.ubuntu.com/ubuntu/serverguide/C/likewise-open.html
<joinAD> yes... when i use the - i get the message about ports
<joinAD> i wonder if server08 is not playing nice with a non windows machine
<ttx> https://bugs.launchpad.net/ubuntu/+source/likewise-open/+bug/205236
<uvirtbot`> Launchpad bug 205236 in likewise-open "Joining .local domains doesn't work out of the box in Hardy" [Low,Confirmed]
<joinAD> thanks for link
<ttx> I test with w2k8 server. it works
<ttx> good luck ;)
<joinAD> nice
<joinAD> these older win 2k machines run nice under hardy
<joinAD> yeah a nslookup on the IP returns smallbiz.syrtime.local
<joinAD> so i guess it is the syrtime.local
<orudie> if i installed package with dpkg , can i remove it with apt-get purge ?
<AdamDV> Hey, I need some update-motd help.
<orudie> i installed roundcube with dpkg and got hacked
<orudie> the package that ubuntu provides is insecure
<orudie> which is old version
<AdamDV> No, it is't
<AdamDV> Then build from source.
<orudie> how can i completely remove roundcube ?
<orudie> if i installed it with dpkg
<orudie> i tried apt-get purge roundcube, it removes, but then when i do apt-get install roundcube it installs and the database and other stuff is still there
<orudie> like i didnt even have to configure any files
<AdamDV> sudo apt-get remove roundcube-webmail --purge && sudo apt-get autoremove
<orudie> and it still works
<AdamDV> How bout instead of installing from repo, you install from source, its quite easy.
<AdamDV> I did.
<AdamDV> http://go-techo.com/staff/mail
<orudie> AdamDV, cool i will
<orudie> AdamDV, that completely removed roundcube thanx
<AdamDV> :D
<orudie> AdamDV, do you think you can help me out with installing the latest version 2.0 ?
<AdamDV> No problem, you managing a server first time?
<orudie> AdamDV, its for my company
<AdamDV> SUre
<AdamDV> No problem :D
<orudie> AdamDV, lol no, just not used to installing from source
<AdamDV> first, go to http://roundcube.net
<orudie> AdamDV, never needed to
<AdamDV> Heh :D
<AdamDV> Does this server have a GUI?
<orudie> ok i'm there
<ScottK> AdamDV: Are you going to be around to help him with security updates?
<AdamDV> Yes
<hads> heh
<orudie> why ?
<AdamDV> You like being hacked?
<orudie> dude
<AdamDV> :D
<orudie> this host I assume is not hacked yet
<AdamDV> Thats what security updates are for.
<orudie> my other one is , which is not as important as this one
<ScottK> AdamDV: Because what you're recommending is not supported here
<AdamDV> Also, ScottK: The 2.0 release is much more secure.
<AdamDV> Alright, orudie, join #techo
<AdamDV> :D
<ScottK> Generally we try to use the packaging system here.
<AdamDV> But, it isn't always best
<ScottK> Yes, but it didn't purge the way he thought it would seems a pretty trivial reason to throw out the whole system.
<AdamDV> Err...
<orudie> AdamDV, back
<AdamDV> ALright
<SuperQ> I don't know if anyone here cares about this, but I have been doing some tests of kvm performance
<SuperQ> I built 2.6.28-8 on my hardy based kvm-84 server
<SuperQ> (yea, I backported kvm/libvirt/kernel from jaunty)
<SuperQ> I added hugepages=7000 (16G opteron machine) to the host kernel
<SuperQ> and I booted a test VM with and without hugepages support (-mem-path /hugepages)
<SuperQ> adding -mem-path /hugepages (with the appropriate hugepages mount path) improves a linux build speed by ~5-6% inside the VM
<orudie> AdamDV, thanx for your help
<orudie> i'm out
<orudie> gotta drive home
<orudie> its friday
<AdamDV> :D
<AdamDV> Netsplit!
<roy_hobbs> Hey.  I just installed Kerberos5 according to the Ubuntu Server Guide.  When I went to test it by doing "kinit user/admin" I got the message kinit(v5): Cannot contact any KDC for realm 'TEST.LOC' while getting initial credentials
<roy_hobbs> I ran kinit from the same machine the server is running on
 * oli_ 
<oli_> exit
<olcafo> me
 * olcafo 
<orudie> hi
<orudie> dave
<orudie> around ?
#ubuntu-server 2009-03-07
<tmh__> my /dev/sdb suddenly became /dev/sdd and now when I try to reassemble my RAID5 md device it thinks sdd is a spare and not active. how can I tell it to reassemble so they're both active?
<Turl1> hello, I think one of your update servers has been compromised
<Turl1> updating complains about your signatures being invalid
<Turl1> the server is ar.archive.ubuntu.com
<Turl1> W: Error de GPG: http://ar.archive.ubuntu.com jaunty Release Las siguientes firms fueron invÃ¡lidas: BADSIG 40976EAF437D05B5 Ubuntu Archive Automatic Signing Key <ftpmaster@ubuntu.com>
<Turl1> (Translated: GPG Error: .... The following signatures were invalid: .....
<Turl1> can anyone confirm the system being compromised?
<tmh__> is there a separate RAID help channel?
<Deeps> tmh__: assuming you're using linux software raid (mdadm), you could look for a channel specialising in mdadm (#mdadm, maybe?)
<Deeps> Turl: no errors polling ar.archive's hardy repository, it may be a glitch with jaunty?
<Turl> Deeps: no BADSIG there?
<Turl> or maybe my GPG broke then?
<Deeps> maybe
<tmh__> nope, no #mdadm. any idea on what network?
<Deeps> tmh__: nope, google may be of more assisntance though, there are a bunch of linux raid wikis which are very useful
<tmh__> well, I've tried googling for a day now
<Deeps> helped me when i had a bunch of raid disks repartitioned inadvertently
<Deeps> (the linux raid wikis, that is)
<tmh__> so will it fuck up my raid every time the drive letters change?
<tmh__> any way to define my RAID component arrays by UUIDs instead of drive letters?
<bromic94> what do you guys hav running on your servers?
<Nafallo> . . .
<Nafallo> ehrm
<Nafallo> server stuff?
<bromic94> Nafallo: what specific?
<ScottK> Ubuntu server stuff
<bromic94> come on i am serious
<bromic94> like apahce, etc
<Nafallo> yes. apache etc.
<giovani> lighttpd, postfix, opensshd
<giovani> dovecot
<goofey> Nafallo: rsnapshot
<uvirtbot`> New bug: #339061 in samba (main) "package samba-common 2:3.2.3-1ubuntu2 failed to install/upgrade: " [Undecided,New] https://launchpad.net/bugs/339061
<psteyn> Hi.  I have a 32bit install of ubuntu intrepid ibex on a live server with the usual LAMP, but the server is an opteron with 8gb of ram, and I'd like to reinstall with a 64bit version, can I just backup my mysql dbs etc as usual?
<giovani> psteyn: sure, why wouldn't you be able to?
<psteyn> didnt think it would be a big deal, just havent migrated from 32bit to 64bit yet..wanted to make sure before I get started
<psteyn> but thats good. :)
<giovani> I don't think the mysql backup db is any different
<psteyn> and backing up mysql is just /var/lib/mysql and /etc/mysql stuff basically?
<giovani> no ...
<giovani> you use mysqldump
<giovani> not something you just run -- might need to get familiar with it
<psteyn> ok
<psteyn> yeah, i know how that works..just thought if im gonna do a complete reinstall I might just move the folders instead of using the dump
<psteyn> but no worries, will dump :]
<giovani> nope, that'd be a messy way
<giovani> mysqldump is fully portable, and clean
<psteyn> cool, ill do it the right way then
<giovani> good luck :)
<psteyn> Thanks :)
<mib_pq35h3hh> hi
<mib_pq35h3hh> hi
<mib_pq35h3hh> i would like to set up ubuntu server domain controller which has no internet
<mib_pq35h3hh> which is for windows clients
<rdw200169> so far, i don't see any problems with what you want to do... do you have a question about it, mib_pq35h3hh ?
<mib_pq35h3hh> so how can i do without internet
<mib_pq35h3hh> ?
<rdw200169> well, you need the samba packages, you can get those at packages.ubuntu.com
<giovani> without internet :)
<rdw200169> what i mean is, on a computer that has internet, *like the one you're using right now, mib_pq35h3hh *, you download the packages and transfer them to the server
<simplexio> thereis tool for that
<simplexio> just cant remeber now what its called
<mib_pq35h3hh> okok
<simplexio> mib_pq35h3hh: http://ubuntuforums.org/showthread.php?t=42862
<simplexio> one howto for it. but i think there was even easier wau for it
<simplexio> mib_pq35h3hh: http://blog.mypapit.net/2007/03/put-apt-get-repository-on-dvdcd-ubuntudebian.html
<simplexio> mib_pq35h3hh: last one is aptoncd .. that is probably easiest way
<rdw200169> there are only a few packages for samba, personally, i would just transfer the .deb's by hand, and do a little dpkg -i to get the job done
<giovani> rdw200169: that's messy
<rdw200169> well, aptoncd requires you to install the packages on the host, b/c it uses /var/cache/apt/ to find files
<rdw200169> of course, you could do the old --download-only
<rdw200169> but who wants to do that?
<rdw200169> especially for a one-off situation like this, just seems faster (as opposed to messing with aptoncd) to just d/l the packages and throw them on a thumbdrive right quick
<rdw200169> now that i think about it though, everything he needs may be on the ubuntu server cd.  don't quote me on this though, i'm not sure
<rdw200169> i just know that samba is a tasksel option during the install
<simplexio> isnt ssh client in default install
<rdw200169> yes, the server too
<rdw200169> like, openssh-server
<simplexio> just started to think that why i nhell someone need install samaba to machine which hasnt internet conenction.. i mean easiest way is just change cables for few minutes
<mib_pq35h3hh> hi
<mib_pq35h3hh> rdw200169: hey
<mib_pq35h3hh> simplexio:
<rdw200169> mib_pq35h3hh, i suppose you've caught our long argument over this matter
<mib_pq35h3hh> simplexio: i know APTONCD but it is not ok
<mib_pq35h3hh> coz i dont know how to do on CLI mode
<mib_pq35h3hh> i dont wanna waste my CD everytime no R+W CD in hand
<rdw200169> then do it my way (score one for me!)
<mib_pq35h3hh> what way?
<rdw200169> scroll up, i described it in detail
<mib_pq35h3hh> i m now using from windows XP
<mib_pq35h3hh> how can i download and do that?
<rdw200169> you can download packages as .deb files from packages.ubuntu.com
<rdw200169> like giovani said, its messy.  but, it works
<giovani> yep
<giovani> do it however you can
<giovani> but if possible -- use apt
<mib_pq35h3hh> rdw200169á: i h ave tried downloading .deb files from packages.ubuntu.com
<mib_pq35h3hh> rdw200169: but I have never been successful in installation coz there are so many nested dependencies
<rdw200169> mib_pq35h3hh, true...
<giovani> yeah
<giovani> which is exactly why that's messy
<giovani> and not recommended
<mib_pq35h3hh> rdw200169: so how can download to get all in one complete even for one pacakge  called squid3 or sth like that
<rdw200169> back in the day, when i was overseas and working from a internet cafe (really bad situation) i would have to make a list of the packages i needed
<rdw200169> then spend a few hours following dependencies hoping i got everything i needed from packages.ubuntu.com
<mib_pq35h3hh> rdw200169: yes. i have list
<mib_pq35h3hh> arr
<rdw200169> if you can get a printout of the packages you have, or something like that (like a copy of dpkg --get-selections) you can cross reference that
<rdw200169> with dependencies mentioned on packages.ubuntu.com.  then just get what you don't already have
<mib_pq35h3hh> so if u install that so many .deb files, how did u install?
<rdw200169> dpkg -i *.deb
<mib_pq35h3hh> so put all in one folder before running that?
<rdw200169> sometimes it gets screwy and comes back with missing dependency errors
<rdw200169> but i run it a few times and i'm good
<rdw200169> yeah
<giovani> mib_pq35h3hh: I really advise against this
<mib_pq35h3hh> ok. suppose my downloaded folder is squid,   command is dpkg -i /squid/squid3.deb??
<rdw200169> fine.  come up with a better solution
<giovani> why can't he download the repository somewhere?
<rdw200169> not everyone has endless supplies of bandwidth...
<mib_pq35h3hh> giovani: u all said the only place is packages.ubuntu.com
<giovani> mib_pq35h3hh: what? I didn't say that
<mib_pq35h3hh> the thing is i have no internet at my home ubuntu server. my home is without internet
<giovani> rdw200169: then they should find a local isp or something that offers a repository, I know many that do
<rdw200169> that was me, and i didn't mean it's the only place to get packages.  its just the only place to get *individual* packages in a simple manner
<mib_pq35h3hh> in my work i m using internet on windows XP and which is under monitoring
<rdw200169> what, and drag the server there?  i doubt an ISP would allow that!
<mib_pq35h3hh> so i can't install virtualbox in my XP.
<giovani> no, an isp might not count any download caps wthin their network though
<mib_pq35h3hh> so i can't do APTOnCD or APTonFLash drive or whatever
<giovani> how did you get ubuntu in the first place?
<mib_pq35h3hh> from freeshipment
<giovani> ah
<mib_pq35h3hh> from shipit.ubuntu.com
<giovani> ask someone to ship you a few dvds of the repository :)
<mib_pq35h3hh> i heard DVD has only multiple languages
<mib_pq35h3hh> not pacakges of all server compoents
<giovani> that's not what I meant
<giovani> nevermind
<rdw200169> what packages do you need for samba
<rdw200169> the regular ubuntu server cd has: samba, samba-common, samba-tools, smbclient (and all their dependencies)
<mib_pq35h3hh> actually all i wanna is to build fine domain controller like windows' Active directory
<giovani> it's just not that simple
<mib_pq35h3hh> some said LDAP or OpenLDAP is better that SambaPDC
<giovani> samba just recently started supporting that
<rdw200169> oh jeez, you're talking about ldap and all that
<rdw200169> and kerberos
<mib_pq35h3hh> coz i m thinking of large clients support
<giovani> large clients?
<giovani> why would a huge network not have internet access though?
<mib_pq35h3hh> about thousands clients
<rdw200169> i take it you wanna do Single Sign on too
<giovani> ...
<mib_pq35h3hh> ur question make sense
<mib_pq35h3hh> but if my testing in  my home is ok, i can trust myself to apply for that Linux admin's job
<mib_pq35h3hh> without having such handling many clients experience, how can i win?
<rdw200169> i'm gonna have to go with giovani on this one.  hook that sucker up to an internet connection or something.  you're gonna need *lots* of packages
<giovani> mib_pq35h3hh: maybe you can find wireless internet access near your home
<mib_pq35h3hh> i m wondering why Opensuse or Fedora DVD has all in one complete server components without having to download again
<mib_pq35h3hh> ?
<giovani> because they don't offer nearly rhe number of packages ubuntu offers
<mib_pq35h3hh> like known Squid, mail, Firewall, DNS, with their own DVD alone it is ok
<giovani> I don't think fedora or opensuse ship free dvds do they?
<mib_pq35h3hh> yes. i dont deny ubuntu has many offer of packages
<mib_pq35h3hh> but it is nothing without internet
<giovani> well honestly
<mib_pq35h3hh> we can buy them easily.
<simplexio> mib_pq35h3hh: i dont see problem here, i mean you can share your internet connection in 1minutes, another ethernet controller cost anout 10e and after that testing much easier
<giovani> not many people deploy linux without any internet access whatsoever
<mib_pq35h3hh> i wish i could have internet. brothers
<mib_pq35h3hh> but so so expensive
<mib_pq35h3hh> here
<giovani> http://wiki.ubuntu-id.org/DistribusiDvdReposUbuntu
<giovani> it seems some local ubuntu groups distribute DVDs
<giovani> in areas that don't have internet
<giovani> maybe you should look into that for your local area
<giovani> find your local ubuntu user group --- maybe they can make dvds for you
<mib_pq35h3hh> ok. my country is lonely island which nobody wanna help. ok i will check it
<giovani> what country are you from?
<mib_pq35h3hh> myanmar
<mib_pq35h3hh> i dont understand languages on http://wiki.ubuntu-id.org/DistribusiDvdReposUbuntu
<giovani> that's indonesian
<giovani> maybe you can find a local Myanmar linux group
<giovani> that can help you get some repository dvds made
<Doble> hey folks
<cemc> hey
<mib_pq35h3hh> yes
<Doble> i'm a windows sysadmin who'se just learning linux, and a friend of mine has asked me to help him build a network for his small business
<mib_pq35h3hh> Doble:  i m MCSE too
<mib_pq35h3hh> Doble : but shit in ubuntu world
<Doble> cool
<Doble> heh, i dont have an MCSE, but I've been a windows sysadmin for about 3 years
<Doble> he basically wants some simple network stuff like DHCP and DNS, was wondering if anyone had any tips for me
<Doble> key things are a file server
<Doble> needs a lot of storage
<mib_pq35h3hh> how can i know that indonesian language?
<Doble> mib_pq35h3hh: try using google translate
<mib_pq35h3hh> aww
<giovani> Doble: unlikely they'll have an indonesian to burmese :)
<mib_pq35h3hh> giovani: hey dude, are u kidding? coz u r ubuntu guru?
<Doble> giovani: ah :( bugger
<giovani> mib_pq35h3hh: what? yes ... that was sort-of a joke -- in the scheme of world affairs, both languages are pretty obscure -- unlikely google translate would translate between the two
<Doble> you are actually right .. burmese isn't listed
<mib_pq35h3hh> that sucks
<mib_pq35h3hh> btw, how can i change my nick?
<giovani> /nick newnick
<mib_pq35h3hh> i m using mibbit.com web iRC chat
<naymyowin> ok thanks
<Tommy_nmw> thanks
<Tommy_nmw> u all are geeks
<Tommy_nmw> in ubuntu hardy server, i found many spelling errors
<Tommy_nmw> shy on testing team
<Tommy_nmw> hey
<Tommy_nmw> what r u all doing?
<harrisony> !offtopic | Tommy_nmw
<ubottu> Tommy_nmw: #ubuntu is the Ubuntu support channel, for all Ubuntu-related support questions. Please use #ubuntu-offtopic for other topics. Thanks!
<Tommy_nmw> i can't find it
<Tommy_nmw> by using mibbit.com
<Tommy_nmw> http://www.mibbit.com/chat/# ( please look at)
<Tommy_nmw> i can't join #ubuntu
<ScottK> I guess he's gone.  He couldn't join #ubuntu because he was banned.
<jpds> Actually, we ban all proxy/web chat users.
<Boski-PL> I cant mount raid0 on ubuntu nor can i boot XP off it
<ivoks> ?
<cemc> are there any major gotchas in moving an ubuntu server install from a vmware to a real box?
<cemc> besides grub, net, partitions :)
<ivoks> never tried that..
<cemc> I've installed a hardy in a vmware, got it all configured, now it's ready to replace FC4 on my server
<cemc> should the NIC be detected automatically, or do I have to delete something from /etc/udev/ ?
<cemc> like 70-persistent-net.rules
<ivoks> delete its content
<ivoks> hm... initramfs
<cemc> good point. what else?
<ivoks> right... check /etc/initramfs-tools/conf.d/resume
<ivoks> imho, that should be it
<cemc> we'll see shortly ;)
<cemc> that persistent-net will be regenerated on boot ?
<ivoks> yes
<cemc> btw, I tried dovecot-postfix a bit yesterday,
<cemc> specifically the managesieve part, with thunderbird addon,
<cemc> it works great, but there were times when it couldn't connect to it, just timed out
<cemc> have to test it some more
<cemc> I mean the sieve add-on in thunderbird couldn't connect to the managesieve on port 2000, I saw packages going back and forth, but in the end it timed out
<ivoks> i noticed that too with thunderbird plugin
<cemc> when it connects, it works without problems, even the on-the-fly syntax checking
<ivoks> that's awsome feature :)
<ivoks> i'll test it with kmail (it has native support for protocol)
<cemc> found one other thing (didn't dig deeper tho),
<ivoks> so that'll help in point the problem
<cemc> when I tried to filter a mail and deliver it to another folder,
<cemc> it gave an error that the Mailbox doesn't exists,
<cemc> I have one other setup with dovecot LDA and sieve,
<cemc> and there the folder gets created automatically
<cemc> and the mail delivered there
<cemc> inside ~/Maildir/.folder
<ivoks> we are talking about extensions?
<ivoks> like username+folder@domain?
<cemc> nope
<cemc> sieve filter
<ivoks> i see
<cemc> I don't know how exactly is the policy,
<cemc> one has to create the folder manually from say thunderbird through imap,
<cemc> or it should be created automatically
<cemc> by dovecot
<ivoks> imho, automaticaly isn't quite nice...
<ivoks> i don't want dovecot to do mkdir in my home
<cemc> ;)
<ivoks> what if i make an error in sieve script?
<cemc> true
<ivoks> i'll have to check how that was handled
<cemc> I actually thought of that, but I like not getting a delivery error ;)
<ivoks> i didn't consider that use case at all
<cemc> in fact it's ok because the mail remains in the mqueue i think
<cemc> and there's a clear message in the logs
<ivoks> i'm not sure it stays in the queue
<ivoks> since, postfix delivers to dovecot, which then fails
<cemc> oh, I was wrong,
<cemc> it delivers it to the INBOX
<cemc> after the error
<ivoks> that sounds quite nice
<cemc> yep, sorry about that
<ivoks> good, finally some feedback :)
<cemc> one more thing then,
<cemc> the default sieve filter directory is /home/<user>/sieve
<ivoks> yes
<cemc> wouldn't it be better if it were .sieve ?
<cemc> so it's a bit hidden
<ivoks> i was thinking about that too
<cemc> but then, maybe somebody wants to update it via ftp,
<cemc> and ftp could be set up not to show . files
<cemc> :)
<ivoks> i think 'sieve' is ok... we have 'mail', which could be classified as the same type of directory (nice, good stuff, but maybe should be hidden?)
<cemc> but one could argue that the majority will update it via some sieve client, connecting to the manager...
<cemc> so they really don't have to see that sieve directory especially if they could delete it by mistake ;)
<ivoks> i expect majority to upload it via ftp
<ivoks> people will find howtos on net and then just copy paste it in a file
<ivoks> and then upload it via ftp/sftp
<cemc> mhm
<ivoks> maybe in time, if we add support for managesieve to evolution and webmail, maybe then clients would have bigger share
<ivoks> it's hard to tell
<cemc> yep
<ivoks> i'm not sure if any distribution does this by default
<ivoks> i would think that most of them (if not all) bet on procmail
<cemc> I was using maildrop before I heard about dovecot LDA and sieve
<ivoks> yeah, maildrop is popular too
<cemc> but I have virtual users from database, etc, so it's a bit more complicated
<cemc> ut with dovecot it all got a lot easier ;)
<ivoks> hehe
<ivoks> i have one setup with part of the users in sql and part in ldap
<cemc> one thing that concerns me a bit tho
<cemc> dovecot's "time moved back, I'm gonna kill myself" policy :)
<ivoks> :)
<ivoks> use ntp, not ntpdate
<ivoks> ntpdate does a very bad thing
<ivoks> it changes the clock
<cemc> I know, I am using ntp
<cemc> but still ;-) if dovecot's tied in to postfix's sasl, delivery and whatnot... :)
<ivoks> heh...
<ivoks> hm... that gives me an idea
<ivoks> dovecot-postfix should depend on ntp-server
<ivoks> so that we take care of that stuff...
<ivoks> or, recommend/suggest it
<cemc> yep, should be pretty mandatory because of this
<ivoks> at some point, when upstart gets fully functional, upstart will take care of that
<cemc> I think under 5 seconds dovecot gives a warning, and above it it just dies
<ivoks> but we are talking about upstart for couple of years now and i think we might never see it :)
<cemc> :)
<ivoks> so, basically, everything is ok with our dovecot-postfix integration
<ivoks> ?
<ivoks> except for those preferences, which we can't set up for everybody :/
<cemc> can't say for sure after 20 minutes of testing ;) did that yesterday
<ivoks> :)
<ivoks> ok
<cemc> have to test it some more, but it appears to be ok at first glance
<ivoks> ok...
<ivoks> well... it's time to close the lid and move away from computer for today...
<ivoks> take care
<Hans67521> how do i enable digest-md5 authenication on dovecot
<Hans67521> getting the following error
<Hans67521> Fatal: auth(default): DIGEST-MD5 mechanism can't be supported with given passdbs
<krunk-> howdy
<krunk-> I need to install the 32bit version of the pam libs on my 64 bit server.
<krunk-> can I do this with apt, or do I need to copy them from another distro?
<krunk-> another 32bit server that is
<pjsturgeon> samba question: How to set guests to read (globally on all shares) and users to write? The following config seems like it should work but does not http://pastie.org/410272
<pjsturgeon> before anyone mentions it, i have asked on the samba channel and nobody is around. figured some of you guys may well know
<roy_hobbs> Do I need to add a host principle to kerberos for each host on my network that might have a user try to authenticate?
<sommer> roy_hobbs: yes
<roy_hobbs> I've set up Kerb5 but I'm having trouble getting it to work with PAM on the client
<roy_hobbs> kinit works fine from the client though (without a host princ)
<sommer> roy_hobbs: eh, I may be wrong :)
<roy_hobbs> =)
<sommer> roy_hobbs: the pam-auth-config utility can help configure pam and kerberos
<roy_hobbs> actually, to be more specific.  I'm able to authenticate and log in via kerb if there is a kerb user with the same username as one already on the  client.
<roy_hobbs> sommer: what packages is that part of?
<roy_hobbs> when i tried to log in from gdm using a kerb5-only username, I got a message saying couldn't set group, authentication failed
<roy_hobbs> "cannot set your user group; you will not be able to log in. contact your system administrator"
<sommer> roy_hobbs: which release are you using?
<roy_hobbs> intrepid
<sommer> roy_hobbs: woops it's pam-auth-update
<sommer> roy_hobbs: that should give you a menu listing authentication options
<roy_hobbs> sommer: hmm, doesn't mention anything about kerberos
<roy_hobbs> What I did was create a common-krb5 with the line "auth    sufficient      /lib/security/pam_krb5.so use_first_pass"
<roy_hobbs> the did @include common-krb5 in pam.d/gdm and pam.d/login
<sommer> roy_hobbs: do you have these packages: krb5-user libpam-krb5 libpam-ccreds
<roy_hobbs> yup
<sommer> roy_hobbs: and your /etc/krb5.conf is configured?
<roy_hobbs> yeah with my realm, both kerb servers, and admin server
<roy_hobbs> it must be because kinit works just fine
<sommer> roy_hobbs: ya, I'd agree with that... do you have auth-client-config installed?
<roy_hobbs> yeah i just ran it
<roy_hobbs> it asked me if i wanted to overwrite the common-* files
<roy_hobbs> The profiles I was able to enable are 1) Unix auth, and 2) ConsoleKit Session Management
<roy_hobbs> That's where i'd expect to see kerb
<sommer> roy_hobbs: you might try reading through: http://doc.ubuntu.com/ubuntu/serverguide/C/kerberos.html#kerberos-linux-client
<roy_hobbs> That's where i started
<krunk-> would it be possible to get someone on 32 bit ubuntu to upload a few libraries for me so I can grab them? I need libsepol, libselinux, and the pam_unix.so and pam_nologin.so libs
<sommer> roy_hobbs: mmmm... when I do sudo pam-auth-update Kerberos is listed
<sommer> roy_hobbs: you have libpam-krb5 installed?  just to double check
<sommer> roy_hobbs: also you should see messages in /var/log/auth.log related to kerberos
<roy_hobbs> yes
<roy_hobbs> libpam-krb5 is there
<roy_hobbs> I do, but i'm not sure how to interpret some of the errors
<sommer> roy_hobbs: can you pastebin?
<roy_hobbs> yeah i'm going to, but now i'm getting something different, lemme take a second to recreate what was going on before
<roy_hobbs> ah man did he leave?
<jpds> kirkland: Was the directory for the private-home-directory unencrypted folder moved to ~/.Private ?
<dinsdale07> If I install the 9.04 alpha version now - can I update along the way until the release version without reinstalling?
<jpds> Yes.
<axisys> i am planning to install asterisk on my ubuntu server.. i just got a fxs/fxo card.. which version do I install? 1.4.x or 1.6.x ?
<giovani> axisys: that would be a question for #asterisk
<axisys> giovani: asking there too.. thnx :-)
<giovani> axisys: ubuntu only offers the 1.4 branch packaged, 1.6 is brand new
<giovani> I don't know anyone running 1.6 yet
 * Nafallo thinks giovani tries to say "1.4" :-)
<axisys> giovani: i see.. i wanted to go with 1.4 but this guy in asterisk chnl suggesting 1.6 ..
<giovani> axisys: well that's his recommendation -- ask him
<giovani> this is really not the channel for this conversation
<axisys> sure
 * dazman attempt to use mini.iso netinst for a server
<eagles0513875> hey guys im having issues starting shoutcast on ubuntu server :( any ideas as to what command i issue
<eagles0513875> !shoutcast
<ubottu> Sorry, I don't know anything about shoutcast
<eagles0513875> !info shoutcast
<ubottu> Package shoutcast does not exist in intrepid
<cemc> eagles0513875: I think there's no shoutcast package, you have to download it from their site
<eagles0513875> cemc i did and i have it configured
<eagles0513875> im having issues starting the binary
<cemc> what's the error message exactly?
<eagles0513875> i keep issuing ./sc_serv sc_serv.conf and it doesnt work
<cemc> what's it say ?
<cemc> ...ing
<cemc> :)
<eagles0513875> its saying that sc_serv cannot execute binary file O_o
<cemc> can you paste the error somewhere?
<cemc> the command you issue and the response you get
<eagles0513875> the command i issue is ./sc_serv
<cemc> are you by any chance running on 64bits ?
<eagles0513875> ya
<eagles0513875> is that the problem
<cemc> try installing libc6-i386
<cemc> apt-get install libc6-i386
<cemc> then try to run the ./sc_serv again
<eagles0513875> thats what im looking for
<eagles0513875> let me try libc6 cuz on shoutcast site it says it runs with glibc6
<eagles0513875> is libc6 the same as glibc6
<cemc> yeah, but you have to install libc6-i386 because that sc_serv binary was compiler for 32 bits and you're trying to run it on 64 bits, it need the correct libraries. if you install what I said it should work
<eagles0513875> :) installing it now
<eagles0513875> thats what i was looking for actually but was looking for glibc6
<axisys> failing to compile dahdi on 2.6.27-11
<axisys> http://pastebin.com/d5d9036f9
<eagles0513875> cemc: thanks its working :)
<cemc> cool
<eagles0513875> now im having connection issues to it
<cemc> eagles0513875: what issues?
<eagles0513875> connecting to the shoutcast server now lol cemc i think since its running on a vm im using the wrong ip for the wrong vmnet adapter
<axisys> i was missing the build-essential pkg
<eagles0513875> cemc: ill figure it out eventually
<cemc> maybe you wanna see what ip it's listening on, you can also specify an ip in the config file to listen on, etc
<cemc> netstat -nlp |grep sc_
<eagles0513875> cemc: i need to set it up on a static ip and forward to that port on the bridged ip
<cemc> huh?
<eagles0513875> i have the ip wrong in my routing table on my router
<eagles0513875> and i need to setup the vm its bridged connection with a static ip instead of a dynamic ip
<dazman> netinst images > *. :p
 * dazman random comment of the day
<dazman> sigh
<cemc> dazman: ?
<dazman> cemc, Heh, just wondering why Ubuntu "Basic Ubuntu Server" task has to install so much stuff for. :p
<dazman> openoffice stuff, for example.
<dazman> Is that actually a bug?
<cemc> hmm
<cemc> openoffice in ubuntu server?
<cemc> :)
<dazman> Installing OpenOffice Dictionaries?
<dazman> Well, only the dictionary, thesaurus etc.
<MatBoy> mhh, my fifo logfiles keep empty...
<dazman> This isn't the ubuntu-server CD, it's the netinst but with Basic Ubuntu Server tasksel selected.
<MatBoy> oh, stay empty
<MatBoy> I can' t get them filled :(
<dazman> like, wpasupplicant.
<dazman> Yea, I really need that on a server.
 * dazman runs
<dazman> I fear the netinst image isn't as good as the full server iso.
<dazman> infact, even a box I installed using the server ISO has wpasupplicant
<JanC> hm, that's in 8.10, I guess
<JanC> fallout of some changes in apt where recommends of packages to install are selected by default too
<dazman> :s
<dazman> It just took me about 10 minutes too convince aboman that it was doing it, too :P
 * aboman hides
<aboman> its in 8.04 as well
<aboman> scary
<dazman> thunderbird-locale-en-gb
<dazman> Heh
 * dazman looks on launchpad
<dazman> removing stuff leads to all sorts of package hell.
<JanC> hm?
<JanC> I told apt to behave as I want, no problems...
<dazman> Well package dependencies are all over the place, when you have certain parts of openoffice installed it seems.
 * dazman is downloading the server ISO currently
<dazman> jaunty infact, as I figured it'd be stable enough by now and just a nice easy upgrade come release day.. :)
<JanC> jaunty hasn't even seen its first beta release  ;)
<orudie> hi quesiton. HOw would i competely remove a program ?
<orudie> i did apt-get purge progrname but it didnt uninstlal completely
<JanC> orudie: what do you mean by "completely" ?
<creAtion> Does anyone know who is best to contact about a regional specific repository not being available?
<creAtion>   http://nz.archive.ubuntu.com is not available for desktop or server
<cemc> creAtion: try writing to mirrors@ubuntu.com
<JanC> creAtion: if you know or can find the admin, that's the best I guess, otherwise try #ubuntu-mirrors or the address cemc gave
<creAtion> thanks guys, appreciate it :)
<hads> What? nz.a.u.c works.
<hads> As does nz2
<hads> Ok well maybe nz is having a temporary issue, I'm sure Citylink will fix it when they get a chance.
#ubuntu-server 2009-03-08
<cliebow> anyone comment on openldap 2.4.11 in intrepid and syncrepl issues?
<sommer> cliebow: do you have a specific error?
<cliebow> just doesnt work..i had it runnnning Thursday..on reboot friday..stopped working...i see nothing in logs at 32767 to describe what is wrong
<sommer> cliebow: you'll get errors if you start slapd in a terminal with: sudo slapd -F /etc/ldap/slapd.d -h ldap:/// -d -1
<sommer> cliebow: there might also be errors in /var/log/syslog
<cliebow> ive been watching syslog..a lot..ill try a manual start..
<cliebow> agaoin
<cliebow> * host: 169.244.3.137  port: 389  (default)
<cliebow>   refcnt: 2  status: Connected
<cliebow> i cant see anything suspicious..
<kriel> Okay, so. I just made my very first software raid5 using mdadm. Woo. Now, what do I need to save so that if my OS drive happens to die; I can still recover this RAID?
<decembre> hello
<decembre> I have a problem with my small server and a run-parts task
<decembre> can anybobdy help me ?
<baldaris> hey can any one help me with implementing sasl using postfix..
<baldaris> any one?
<cemc> baldaris: http://www.postfix.org/SASL_README.html
<cemc> you read that and still no luck ?
<baldaris> yeah i have setupup postfix..and i am able to send mails from my server
<baldaris> but when i am trying to send mail from outside server..it says relay access denied..
<baldaris> the username and password i am using for authentication is working..
<baldaris> i am not sure where i am messing it up..
<cemc> can you post main.cf ?
<baldaris> yeah sure..
<cemc> in a pastebin... :)
<baldaris>  http://www.pastebin.ca/1355734
<baldaris> when i open telnet for mydomain name, i get 250 for all options..
<cemc> and you sure the SASL authentication part is working?
<baldaris> yeah i wrote the php script..to check for username and password and it it returned 250 okay
<baldaris> is something worng..?
<cemc> it should work as far as I can tell from the config, but what php exactly? how is SASL set up to lookup users/passwords?
<baldaris> i am trying to send e-mail from remote host using my dedicated emial server..
<baldaris> email server..
<baldaris> for sending a suth request
<baldaris> fputs($smtpConnect,"AUTH LOGIN" . $newLine);
<baldaris>     $smtpResponse = fgets($smtpConnect, 515);
<baldaris>      echo $smtpResponse."<br/>";
<baldaris>     $logArray['authrequest'] = "$smtpResponse";
<baldaris> similary i can send request for username and password and get the responce i am getting..
<cemc> and how is that php script tied into postfix ?
<baldaris> i am using SMTP to connect server, port, username,password
<baldaris> do you want me to paste the code..
<RoyK> hi all. I keep trying to backup this dvd, but it fails http://pastebin.com/m1dadd537
<cemc> baldaris: I think I misunderstood. you have a remote server and you're trying to send mail with a php script through another mailserver with authentication
<cemc> ?
<baldaris> yeah right
<baldaris> i have a dedicated mail server
<baldaris> and i am trying to send a mail from another hosting account, and to use my email server,from outside i am using smtp
<baldaris> check this paste..
<baldaris> http://www.pastebin.ca/1355739
<baldaris> ?
<cemc> did you try sending from that remote with simply telnetting?
<cemc> just to see if it works
<baldaris> yeah i am able to send mail using telnet
<baldaris> and i am able to send mail using this script which is uploaded in my server..
<cemc> from the same machine ?
<baldaris> yeah
<cemc> I mean from the hosting machine?
<baldaris> i can send mail via telnet from my dedicated server...
<baldaris> from my laptop , remote hosting account i am able to send mail via telnet
<baldaris> but when i use this php script to send mail , it gives me relay access denied..
<cemc> and can you see the error message in the maillogs on the mailserver?
<cemc> does it say it's authenticated?
<baldaris> yeah wait let me check..
<baldaris> i am checking mail log and auth log
<baldaris> okay
<baldaris> warning sasl authentication failed
<baldaris>  warning: do not list domain mails.me.com in BOTH virtual_mailbox_domains and relay_domains
<baldaris> reject: RCPT from unknown[ip]: 554 5.7.1 <me@live.in>: Relay access denied; from=<$rom=<me@mails.me.com> to=<me@live.in> proto=SMTP helo=<mails.me.com>
<baldaris> so does that mean i am messing up with sasl authentication..
<_ruben> and 'from=<$rom=<me@mails.me.com>' doenst look too sane either
<cemc> ;)
<cemc> not so much
<cemc> keep an eye on the logfiles when trying stuff
<baldaris> sorry i actually changed mail address before posting..
<baldaris> i hope its okay with you..
<baldaris> so any idea..where i am messing up, you said mail.cf file is okay
<cemc> well it looks ok, but you just said the sasl auth is failing
<cemc> that's where the problem is I suppose
<baldaris> yeah thats what is says in log
<baldaris> but if its failing, why i am able to send mails..
<baldaris> it shouldnt send mails...right..
<cemc> wait a minute
<baldaris> k..
<cemc> in the php file, you sending auth login first, then helo ?
<cemc> not good
<cemc> helo, auth login, mail from, rcpt to, it should be in this order
<baldaris> k..
<cemc> try putting the helo first, at least my postfix doesn't let me auth login before helo
<baldaris> yeah i did it...
<baldaris> yeah now i am getting Authentication failure in my acript too..
<baldaris> so i guess there is something wrong in the settings..
<baldaris> smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd
<baldaris> in my  main.cf file this is missing..
<baldaris> and relay host is empty
<cemc> I'm not sure you need that smtp_sasl_password_maps
<baldaris> okay and i am not having sasl_passwd file also..instead i see a sasl forlder a file named smptd.conf
<baldaris> somethings in guide , are confisuing me
<cemc> yeah, that's where you set sasl from there it should look up username and password
<cemc> sasl is a framework for authentication. postfix uses sasl to get some user authenticated, but you have to set up sasl to get the usernames and passwords from somewhere
<baldaris> ooh
<mrwes> I have Ubuntu 8.04 Desktop running and I'd like to change that to 8.04 Server Edition, I a separate partition for /home formated ext3. Does the server edition use a /home partition too?
<mrwes> I want to use it mainly for a home file and print server
<mrwes> hrmm
<racecar56> it is posible
<racecar56> however remember: server additions are for SERVERS, not casual desktop PCs
<racecar56> i mean server operating systems
<mrwes> Yes I plan to run the server headless and use ssh to acces it
<mrwes> I'm planning a 10GB / , a swap and the rest /data formated NTFS
<mrwes> I have windows machines accessing it too
<jtaji> that's no reason to use ntfs, use ext3, and samba for the windows machine to access
<mrwes> ahh Ok -- I'd rather do that yes
<racecar56> mrwes don't make a NTFS partition, samba can share them even on linux FS
<mrwes> does the server edition use /home for the administrator account /home ?
<mrwes> read and write ?
<mrwes> from a Windows XP laptop?
<Jubez> hi, i deleted a file by mistake
<Jubez> how do i retrieve it?
<Jubez> sorry, real newbie
<racecar56> rm?
<racecar56> if so then idk
<racecar56> google should help
<racecar56> gotta go bye, good luck
<Jubez> i just highlighted it and pressed delete, heh
<racecar56> ahhh its in the recycle bin
<Jubez> i have the desktop installed on server version
<racecar56> thats nuts
<Jubez> where's my recycle bin?
<Jubez> i was just testing it out
<racecar56> i don't know but if you are using gnome then you should haave it on the bottom right
<racecar56> i have to go now, good luck
<Jubez> ah, my screen was sized wrong
<Jubez> couldnt see that
<Jubez> hehe, thanks much!
<wesouler> hi all
<Jubez> hello
<wesouler> Did anybody install Ubuntu 8.10 amd64 server on to IBM X3650? After reboot  there is a blinking cursor in the upper left side of the screen ...what's happen?
<roy_hobbs> I've been struggling with OpenLDAP for a while now and only just came across Fedora DS and Apache DS.  They both seem fairly robust, and both have nice GUIs to work with.  Why do people seem to favor OpenLDAP so much?  Am I missing something?  Am I at a distinct disadvantage by using apache or fedora?  (I'm leaning towards fedora because it's c/c++ as opposed to java)
<domas> fedora DS is opensourced Sun stuff
<domas> for a while it wasn't opensourced
<domas> so, openldap existed ;-)
<roy_hobbs> domas: i read that fedora and openldap both spawned from netscape
<roy_hobbs> fedora ds i should say
<domas> ghm, I remember using netscape ldap back in 1.0 times, and it wasn't similar to openldap ;-)
<domas> maybe I remember it wrong? ;-)
<domas> openldap started from umich clone
<domas> haha, I remember running umich ldap though %)
<roy_hobbs> http://directory.fedoraproject.org/wiki/FAQ#How_is_Fedora_Directory_Server_different_from_OpenLDAP.3F
<roy_hobbs> What I'm really interested in though is if there are actually any major reasons to use openldap.  Fedora DS just seems so much more polished.
<chrisadams> hi guys
<chrisadams> I'm trying to set up an ubunut server to accept connections from an external host - is this the right way to do it? http://ubuntuforums.org/archive/index.php/t-247947.html
<eagles0513875> hey guys i have my shoutcast server setup
<eagles0513875> but for some reason when people try and connect with windows media player it complains about a missing codec what could i be missingf
<jpds> Ogg?
<eagles0513875> mp3
<eagles0513875> i have lame ffmpeg installed
<wesouler> Is Anybody install Ubuntu 8.10 amd64 server on IBM X3650 with Raid 1?
<giovani> wesouler: haha ... unlikely you'd find someone with that exact setup
<wesouler> giovani ,i installed sucessful,but after reboot ...there is a blinking cursor on the top.
<cemc> eagles0513875: does it work if you connect with winamp?
<wesouler> Is grub missing?
<giovani> wesouler: hardware raid-1 I presume?
<wesouler> yes
<giovani> grub might be missing, or corrupted
<wesouler> hd0 hd1->raid 1
<eagles0513875> cemc: dont have anyone to test for me
<giovani> you can either try a new install (verify the md5 of the iso before burning, verify the burn after burning, and then do a media check)
<eagles0513875> this desktop doesnt have speakers cemc im streaming form my laptop
<cemc> eagles0513875: what's the url ?
<eagles0513875> cemc: http://ecs.is-a-geek.com:60100/listen.pls
<wesouler> i think there is a bug with the Raid.
<eagles0513875> the issue is with windows media player bitching about a codec thats missing
<giovani> wesouler: if it's hardware raid, that's not likely
<cemc> eagles0513875: not working for me either, I'm on linux, with xmms
<wesouler> I google someone got same problem.
<giovani> wesouler: then why come here? if there's a problem with the raid, it's not related to ubuntu
<cemc> eagles0513875: unknown ASF streaming type, this is what mplayer says
<eagles0513875> its an mp3 stream
<cemc> you said it was mp3
<eagles0513875> streaming through shoutcast
<cemc> well, it doesn't seem to be mp3 :)
<eagles0513875> O_o
<wesouler> I doubt ubuntu 8.10 may not support IBM Xserials Raid control device....
<cemc> if it's not working with mplayer, it's won't work with anything :-)
<cemc> hehe
<eagles0513875> cemc try vlc
<eagles0513875> ull see it says mp3
<giovani> wesouler: hardware raid doesn't require software drivers to function
<cemc> I have a shoutcast server myself, I'm relaying a 128kbps mp3 stream, and it's working on all these players
<eagles0513875> in another channel it said mplayer said the stream siad libmod
<eagles0513875> wtf
<eagles0513875> then maybe u can help me iron out the kinks
<cemc> not sure, I'm only relaying what's coming in
<eagles0513875> cemc: how did u manage to get it working with media player
<eagles0513875> ur shoutcast server to work with media player
<wesouler> giovaniï¼Can i use rescue disk to fix the grub's  problem?
<giovani> wesouler: you can ... if it isn in fact grub's problem
<cemc> eagles0513875: never tried with media player, winamp, xmms, and mplayer
<eagles0513875> are u on a windows machine by any chance cemc
<eagles0513875> no im using vmware workstation on vista 64bit
<eagles0513875> and server is 64bit
<eagles0513875> ubuntu server
<cemc> installed vlc, and not working with it either, it wants to connect to `http://ecs.is-a-geek.com:60100/'
<eagles0513875> http://ecs.is-a-geek.com:60100/listen.pls that is the link
<eagles0513875> its working in vlc and im on windows with the /listen.pls
<eagles0513875> with out liste.pls its just the link to the stats site
<giovani> eagles0513875: you must not know what a pls is
<giovani> a pls is just a file that tells the player where the stream is
<giovani> your pls points to http://ecs.is-a-geek.com:60100/
<giovani> so that better be the server
<wesouler> giovani: thanks ,I think i must find out what's happen, there is no error or warning, i
<wesouler> It's too hard to a newbee
<wesouler> :)
<eagles0513875> giovani: playlist
<eagles0513875> giovani: its for linux only
<eagles0513875> ohhhhh shit
<eagles0513875> nm
<eagles0513875> lol
<giovani> eagles0513875: first of all ... this is not related to #ubuntu-server as far as I can tell
<giovani> so ... I suggest you take this to where it's appropriate
<eagles0513875> giovani: im hosting it on ubuntu server just it digressed ill be good now
<giovani> that doesn't mean it's related to ubuntu server
<giovani> you run adobe acrobat on windows, but you don't go to microsoft for help when something goes wrong, right?
<eagles0513875> ya
<giovani> so unless this is an error with something ubuntu-specific (which I highly doubt it is) -- you either need to go to the support channel for the software you're running, or figure it out on your own
<VolVE> hey all, I have 8.10 server running happily but I want to use some X apps, so I have Xming on my Windows box and it runs individual X apps from the server just fine, but is there any way to get a full desktop running via Xming?
<giovani> VolVE: it should be capable of it, yes
<giovani> but the specifics of how you do it are probably in its documentation
<VolVE> to which "it" are you referring? that's the part I'm not sure of :)
<VolVE> sorry perhaps I've confused the issue
<VolVE> I am not clear what packages I should install on the server and then run to instantiate a desktop :)
<roy_hobbs> Does anyone know why the LDAP+Kerberos section was removed from the latest Ubuntu Server Guide?
<chrisadams> when you have a terminal responding really sluggishly, what's the best way to diagnose the problem?
<chrisadams> via ssh
<chrisadams> I'm ssh'ing into a virtual server, and it's slower than it normally is
<chrisadams> cpu is barely being used
<cemc> chrisadams: maybe network congestion ?
<cemc> stuff being uploaded from the server
<chrisadams> on a 128mb vm, I've got 8mb of free memory
<cemc> it's slow when you're typing, or it's slow when running some command?
<chrisadams> slow when typing
<cemc> probably network problems
<cemc> full bandwidth or something like that
<giovani> chrisadams: how did you determine cpu usage?
<giovani> run vmstat 5 5
<giovani> and paste the output somewhere
<giovani> but yes, could also be network congestion
<JanC> or slow network virtualisation
<chrisadams> giovani: voila - http://gist.github.com/75850
<chrisadams> I'm afriad I don't fully undertstanf that output
<giovani> alright
<giovani> yep, either a virtualization issue, or a network congestion issue
<giovani> who's your VPS provider?
<chrisadams> memset
<chrisadams> memset.com
<chrisadams> they're based in the UK
<chrisadams> i suspect it might be some torrenting on this local wifi network...
<chrisadams> thanks for your help anyway
<giovani> haha
<shadowhand> hello
<shadowhand> can anyone point me to a guide on how to compile my own PHP for Ubuntu?
<baldaris> i am a newbi..create a new file , upload it in /var/www ie index.php
<baldaris> and check it in browser if it works..
<shadowhand> erm
<shadowhand> i said "compile php"
<shadowhand> not "use php"
<shadowhand> i am perfectly aware of how LAMP works on Ubuntu, thanks
<baldaris> ooh okay
<chrisadams> shadowhand:  - this any good? http://articles.slicehost.com/2008/12/11/ubuntu-intrepid-installing-apache-and-php5
<shadowhand> chrisadams: nope
<shadowhand> i need to _compile_ PHP, not install it
<shadowhand> i can certainly do the config/make/make install process, but i would rather compile a proper .deb file
<JanC> ah, but packaging is not (only) compiling  ;)
<domas> shadowhand: 'apt-get source php', then use debuild or whatever was the command
<JanC> shadowhand: if you just want it to be easy to install & uninstall, you could use 'checkinstall' as the quick & dirty solution
<shadowhand> thanks JanC, domas
<shadowhand> btw, are you aware that PHP is broken when using custom session handlers?
<shadowhand> kirkland: ping?
<domas> "PHP is broken" should be enough
<domas> shadowhand: though we're using custom session handlers ;-)
<shadowhand> custom, at what level?
<shadowhand> in particular, KohanaPHP sessions are 100% broken
<domas> we provide our php code to handle sessions
<shadowhand> what do you mean? and who is "we"?
<domas> the site I and few other people run :)
<shadowhand> well, i am not sure what the deal is
<shadowhand> i just discovered the problem
<shadowhand> but the session is being re-created every load
<shadowhand> so nothing is being properly persistent
<domas> shadowhand: is this what you're talking about: http://forum.kohanaphp.com/comments.php?DiscussionID=2176&Focus=15489#Comment_15489 ? :)
<shadowhand> domas: 100% sure that is not it
<shadowhand> i am using native sessions already
<domas> ok :)
<domas> just first glance
<shadowhand> i think it is actually http://forum.kohanaphp.com/comments.php?DiscussionID=1933
<shadowhand> but can't be sure
<domas> simple race condition? :)
<shadowhand> nah
<shadowhand> even if i just do: $session = Session::instance(); and nothing else on the page, my session_id() changes every single page
<shadowhand> and all session data disappears
<JessicaParker> hi can anyone provide advice on the best method to send mails out please ?
<JessicaParker> nearly there on the server set up but don't really know how to get emails sent out - i.e. should i install a mail server ?
<giovani> JessicaParker: send mail from where? from mail clients not on the server, or from a website hosted on the server?
<JessicaParker> website hosted on the server
<JessicaParker> i was looking at using gmail but it looks like need to configure ssl
<JessicaParker> are there any other options available ?
<JessicaParker> drupal to be specific
<giovani> you can either use an SMTP server from your ISP, or a provider, such as gmail, or you can run your own
<giovani> running your own mail server isn't simple ... so I wouldn't advise it if you haven't done it before
<JessicaParker> own isp wont allow it as it is a dedicated server that im getting
<giovani> ok, well there are other mail providers
<giovani> gmail isn't the only one
<JessicaParker> gmail does not seem to allow it as it requires a secure connection
<JessicaParker> do the other providers steal the email address and use them for spam ?
<giovani> ... uh, what?
<JessicaParker> i was looking at the commercial smtp services but was worried about security
<giovani> you can't be that worried about security if you don't want to use an encrypted smtp connection
<JessicaParker> so basically if i want it secure i need to ssl on the server
<storrgie> quick question, I originally set up my database and was using it through an ssh tunnel 'ssh -p 4252 -X -L 3306:127.0.0.1:3306 user@server.net' however I think that I messed with the root account because now I cannot access the database using this method with mysql administrator
<giovani> storrgie: ok? and?
<storrgie> giovani: what should i check? to fix this thing
<storrgie> i know you set up different locations for a user
<storrgie> % is wildcard
<giovani> storrgie: #mysql
<storrgie> giovani: asked it there... not too many people are working in there now
<giovani> fewer here
<storrgie> giovani: well if u dont have an idea thats fine, i was just putting it out there
<giovani> http://dev.mysql.com/doc/refman/5.0/en/resetting-permissions.html
<giovani> it's all in the manual
<storrgie> its not the password, its the login type i think
<storrgie> i can ssh to the box and login through terminal access
<giovani> what do you mean login type?
<storrgie> um...
<storrgie> you can specify where the user can login from
<giovani> yes
<giovani> so?
<storrgie> like 127.0.0.1, or localhost
<giovani> that's also in the manual
<storrgie> i might have deleted 127.0.0.1
<giovani> you can check the logs
<giovani> to see that that's the problem, first
<giovani> if it is
<giovani> read the manual, it's addressed there
<storrgie> giovani: i think its something else, the mysql.users table is intact
<giovani> then #mysql is where you need to go to get support
<storrgie> giovani: chill bud, the issue is regarding my hosts.allow file
<storrgie> thats clearly a ubuntu-server question
<giovani> what's in your hosts.allow file?
<storrgie> well... mysqld was not in there
<giovani> why would it need to be?
<storrgie> this database should only be accessable by inside users,
<storrgie> it would need to be because my hosts.deny is set to ALL:ALL
<giovani> ok ... well then you need to allow mysql
<storrgie> well my question is, does this mean the mysql server is accessable now from the outside world? none of the users can login from % so it should be ok... but i dont know what kind of other exploits exist for mysql
<giovani> setting ALL:ALL denies access to all services on all systems
<giovani> as the wording implies
<giovani> so you'll need to explicitly allow access to those you want
<storrgie> giovani: then maybe i should be reading about iptables instead of using the hosts file?
<giovani> I'd think so ...
<shadowhand> domas: fyi, found the error
<shadowhand> it had nothing to do with Ubuntu, naturally
<shadowhand> just a stupid configuration setting that was preventing cookies from being set
<storrgie> when apache starts it says its going to use 127.0.0.1.... where do I specify my IP in here?
<genii> storrgie: in /etc/apache2/ports.conf
<genii> eg:  123.45.67.89:80       or so
<hads> Or in virtual hosts
<storrgie> i have the virtual hosts set up
<storrgie> u mean the default one?
<pjsturgeon> I have 4 shares all using the same global settings. 1 share is just a folder, 3 of the shares are symlinks to files on a second harddrive. the normal folder allows read/write fine BUT the symlinks will not allow write
<pjsturgeon> nobody? the permissions are all the same, cant think what could cause an "access denied" message
<pjsturgeon> i have made a new user called "samba" and added it to the smbusers text file. I gave it a password with smbpasswd -a. I can write to some shares, but not others
<genii> Perhaps the files have different owners other than the user "samba"
<pjsturgeon> the samba user is set on the admin list, so it should write as root. all files are set as root, both the ones currently there and the ones i add to the working share
<pjsturgeon> my config http://pastie.org/411178
<genii> If the samba user is an admin in the samba subsystem, it does not equivelate to being in the admin goup on the local box
<pjsturgeon> samba is a user on my ubuntu box. it is set as an admin using only the smb.conf line "admin users = samba"
<pjsturgeon> i am trying to access from my macbook using that login
<genii> Perhaps set a specific write list for one of the problemmatic shares which has that username
<pjsturgeon> the 4 shares are just comment and path
<genii> pjsturgeon: Did you do: smbpasswd -e samba            to enable the name , after you added (-a) it?
<pjsturgeon> i didnt :)
<genii> pjsturgeon: So maybe it's falling back to the "bad name" account or so
<pjsturgeon> hmm it didnt seem to help
<genii> pjsturgeon: Did you restart samba after you added the user?
<genii> (added/enabled)
<pjsturgeon> i have just enabled the alreadt added users, restarted samba, disconnected my current session and reconnected again
<pjsturgeon> same effect
<pjsturgeon> do you not find it odd the symlinks wont work and the normal folder share works fine? Not sure what tests to run to find out the differences
<pjsturgeon> run a few ls -lah and it all looks the same
<genii> I had actually a similar issue before with samba/macos but cannot recal the fix right now :(
<pjsturgeon> http://pastie.org/411191
<genii> pjsturgeon: Hm. Who are the native owners of the dirs in /media/second-drive/music
<genii> /media/second-drive/<wherever>    rather
<pjsturgeon> it is all root
<genii> (before symlinks)
<pjsturgeon> ahh
<pjsturgeon> hmm they are too root
<pjsturgeon> ran ls -lah /media/second-drive and all is root drwxrwxrwx
<genii> Since even system users require to use something like sudo or su before they can modify areas owned by root, I'm suspecting this is perhaps your issue.
<genii> Bah, left already
<pjsturgeon> i pointed samba straight at /media/second-drive/video and rebooted, no better
<pjsturgeon> restarted samba i mean sorry
<genii> Since even system users require to use something like sudo or su before they can modify areas owned by root, I'm suspecting this is perhaps your issue.
<genii> If the areas were owned by admin for instance, no additional auth would be needed
<pjsturgeon> should everything be set to user samba?
<genii> pjsturgeon: That would be the simplest way
<pjsturgeon> take admin list out and put in "force user = samba"?
<genii> pjsturgeon: The files/dirs themselves... if feasible should be in a user/group which the samba login name can natively write to normally if you just logged onto the local box with that name.
<genii> pjsturgeon: Otherwise, to map the samba user to whichever user does have proper rights there
<pjsturgeon> ok. i set the files/folders within the symlinks but the symlinks themselves wont let me chown
<genii> Thats normal
<pjsturgeon> ok
<pjsturgeon> will i need to change my config now to use force user/group?
<pjsturgeon> i will only ever have this one login for samba
<genii> You chowned to username "samba" ?
<pjsturgeon> yes on all the files/folders within the symlinks
<pjsturgeon> i guess no force user is needed if im logged in as that user
<genii> Then no need to force
<genii> Yes, exactly
<pjsturgeon> bah! no changwe
<pjsturgeon> restarted samba, still no write access
<genii> pjsturgeon: The mac box may need to have it's network info refreshed also, it does cache the known states, etc
<pjsturgeon> hmm, how to do that? dnsflush?
<genii> Not sure on a mac, I don't work with them enough
<pjsturgeon> will restart, brb
<pjsturgeon> no luck
<pjsturgeon> not sure where the logs are for this, or how to enable them. how to find out what the access denied is being caused by?
<genii> The samba log should be somewhere like /var/log/samba    or so. Also if an auth issue check those
<pjsturgeon> one thing, i am not 100% but i seem to remember this working earlier today (letting me write to the symlinked folders etc). I then faffed about by removing samba user and trying to add it again as a passwordless user on the ubuntu box. it then wasnt working so put it as a user with the same password
<pjsturgeon> think any confusion could have been caused there? as i said i can write to some folders so think i got it back to original state ok
<pjsturgeon> which log file? got a few and none have any useful content
<pjsturgeon> tail -f ing the log.mylaptop file shows nothing when i attempt to write
<genii> pjsturgeon: /var/log/auth.log  has samba/regular logins info etc
<pjsturgeon> http://pastie.org/411223
<pjsturgeon> nothing nticeable
<genii> pjsturgeon: I'm outta immediate ideas. Other than maybe wipe the symlinks, login on the box as the user, make the symlinks new so they have that user as their owner
<pjsturgeon> yea might be an idea
<pjsturgeon> wouldnt i need to sudo to do that anyway? so they;d still be root
<pjsturgeon> samba is not in the sudoers file.  This incident will be reported. :-/
<pjsturgeon> aha! the files within the symlinks are not actually chowned
<genii> You don't need sudo to make symlinks to dirs not owned by you...just that when you try to ls/write there etc no-go
<pjsturgeon> i am trying sudo chown samba.samba -R . and it will not let me :S
<pjsturgeon> if i can sudo the content then make  the symlinks as you suggest i bet it will work, but i cant change the ownership of these files
<genii> should be samba:samba  and not samba.samba
<pjsturgeon> still doesnt work (i have done it that way before)
<pjsturgeon> i read this http://ubuntuforums.org/showthread.php?t=470355
<pjsturgeon> perhaps my disk is mounted badly?
<pjsturgeon> i use the line... /dev/sda1       /media/second-drive vfat user,fmask=0111,dmask=0000,iocharset=utf8 0 0
<genii> unix permissions do not work on fat/vfat/ntfs
<pjsturgeon> >.<
<genii> So yes, I'd suggest to look at that
<pjsturgeon> this is my problem? using FAT32 disk... i guess it no longer matters the format if i am using samba? I had to have the fat 32 before as it was plugged directly into my xbox. now content is streamed
<pjsturgeon> ok, i will reformat the damn thing somehow
<pjsturgeon> anyone know of an easy way to reformat vfat to a more samba friendly format without wiping content? :-(
<genii> The simplest thing is just copy off all the files somewhere, format, copy back. But failing that, if less than 50% used, you can resize to 50/50 with one vfta, one ext then copy from the vfat to the ext, then expand the ext to entire drive
<pjsturgeon> if only, its a 500gb hdd
<pjsturgeon> never mind. cheers guys!
#ubuntu-server 2010-03-08
<Volkswagner> makes two of us.  Perhaps because I was mentioning networking via cli
<MTecknology> sounds like it could be a bug though
<MTecknology> apport-bug dhclient  maybe?
<Volkswagner> since dhclient is working, would't the issue be with the version of debian-installer?
<MTecknology> I'm not sure, I think my mind is going too many places to give you any decent help though. I'm sorry
<Volkswagner> debian5 installer has no issue, Ubuntu 8.04 see's the card/interface, but has issues with hard disk recognition.  A bug which was fixed in 8.10 or 9.10
<MTecknology> Volkswagner: If you can track it down to one package I'd definitely file a bug against it - sorry that I can't help you more. You could go back into #ubuntu and if they say to come back here tell them we said no :)
<agentk> I have a kvm guest that reports 66% of 492mb ram used. Yet ps aux output only adds up to 7.6%. What should I search for to get to to bottom of it?
<MTecknology> agentk: kvm on the host is saying that the guest is using 66% of its allocated 492mb ram; and the guest itself says it's only using 7.6% of its allocated 492MB ram?
<agentk> No. This is directly from the guest.
<MTecknology> hm?
<agentk> free -m: total 492: -/+ buffers/cache:        326        165
<MTecknology> oh
<MTecknology> I don't have the answer, just curious if maybe you were looking at two different numbers
<agentk> no prob
<agentk> free -m reports  326mb used. Adding up all the rss columns in ps -A -o pid,rss,command reports 49mb used. Ramdisk usage: 68kb. Not sure where else to look.
<MTecknology> agentk: could you pastebin free -m?
<MTecknology> just so I can see all of it in pretty columns and swap
<agentk> http://pastebin.com/giJzE3zd
<agentk> Am I misunderstanding it?
<MTecknology> agentk: your ps total equals your buffers
<MTecknology> agentk: I think your misunderstandind the ps output
<MTecknology> I don't use ps enough to help with that
<agentk> Ok. How would you recommend finding what is using the most memory?
<MTecknology> top
<MTecknology> then ">" will bring you to sorted by memory usage
<agentk> Which column should I look at in top? The %MEM column still only adds up to the 49mb.
<MTecknology> agentk: ya, no idea why..
<agentk> Not a prob. Thanks for your input.
<MTecknology> agentk: sorry I couldn't help more - somebody in here should come along
<MTecknology> just most peoples weekend now
<agentk> Oh yeah. I forget about that being in australia.
<agentk> I've just found that removing ureadahead and rebooting has corrected most of the output. Will try reinstalling and removing it again.
<agentk> Ouch. Reinstalling ureadahead hides chews an additional 50% of the memory. Memory actually gone! Not just buffered.
<MTecknology> agentk: perhaps no readahead?
<hans67521> hi i am busy building my own ubuntu distro
<hans67521> i am stuck with an installer
<hans67521> the system has no gui
<hans67521> any ideas how to get a system installer
<agentk> MTecknology: Yip. Removed it off all the servers now. Now to track down how it got installed.
<hans67521> where can i get the ubuntu-text installer files
<persia> hans67521: Why do you need your own distribution?  Are there changes you need that would be unsuitable for others?
<GhostFreeman> Is there a way I can set up ubuntu to give a system beep when the machine reaches the login prompt?
<AtomicSpark> The answer is yes!
<GhostFreeman> ok, how can I do it? I've got this machine sitting next to me and I want to access it using ssh over fighting with monitor cables
<AtomicSpark> I assume you only have ubuntu-server installed?
<GhostFreeman> Yes
<AtomicSpark> See this thread http://ubuntuforums.org/showthread.php?t=1247451
<GhostFreeman> thanks
<AtomicSpark> Ignore the last post. That person is silly for being in old ways. :P
<GhostFreeman> lol
<AtomicSpark> Same people that troll GDM and think gnome should be ran as the current user.
<AtomicSpark> Anyone famiular with the directories inside /var/lib/libvirt?
<AtomicSpark> GhostFreeman: congrats. you've brought to the attention that my pc speaker doesnt work in lucid.
<GhostFreeman> i'm afriad the same for mine as well
<AtomicSpark> You're running lucid?
<GhostFreeman> no, 8.04 LTS
<GhostFreeman> that's the latest LTS right?
<AtomicSpark> Maybe the beep command doesnt work.
<persia> man beep
<AtomicSpark> Yes, that's the current released LTS. Next one will be April 29th.
<GhostFreeman> wouldn't know haven't tried it
<persia> It doesn't just make a sound on the PC Speaker.
<AtomicSpark> Cute. Even has the listed notes. You could play a song!
<AtomicSpark> Now to figure out why I am not getting output. I shall check bios settings.
<lifeless> kirkland: heh, my dns/dhcpd server now has uec sc/cc/walrus/nc on it
<lifeless> kirkland: fixing some teething issues, but pretty straightforward so far.
<kirkland> lifeless: neat
<lifeless> with lucid fwiw
<adelie42> hello, trying to setup my computer as a gateway. I have firestarter installed. I have active internet. the client is getting an ip address via dhcp, but can not ping either direction, no addresses resolve on client. I am lost as what do do next.
<adelie42> hello ChmEarl!
<ChmEarl> adelie42, hey
<persia> Anyone happen to know how well qemu/kvm works for amd64 guests in an i386 environment (where the chip doesn't support x86_64) ?
<ChmEarl> persia,  type >sudo qemu-system-x86_64 --help   do you get anything but err?
<persia> ChmEarl: I don't have any devices that have a processor that lets me test, unfortunately.
<ChmEarl> get some or kvm is /dev/null
<persia> Hrm?
<ChmEarl> you can do some testing with qemu kqemu to get a feel for the whole thing in absence of HVM
<persia> If I launch qemu on a x86_64 system telling it to be 32-bit, and try to run a 64-bit guest, is that a valid test?
<ChmEarl> you have one layer too many
<ChmEarl> on x86_64 system qemu is 32 bit and qemu-system-x86_64 is 64 bit
<persia> RIght.  What I want to know is whether qemu-system-x86_64 works properly on a 32-bit processor.
<ChmEarl> let me see...
<ChmEarl> well this box is i686 and qemu-sustem-x86_64 exists and runs without err
<persia> Does the processor support x86_64 extensions?
<ChmEarl> oh yes it does... good ques
<persia> That's what makes it hard to test for me :)  I don't have the processor to be sure I'm not working around a bug.
<ChmEarl> so the box is bit capable, but this install is 32 bit
<ChmEarl> 64 bit capabe
<ChmEarl> I have an old 32 bit notebook with no lm ability, and I run qemu (32 bit) fine
<persia> Can you run qemu (64 bit) on that?
<ChmEarl> never tried.. cause I only do quickie tests - no permanent installs
<persia> If you get a chance to test sometime, and you can let me know, I'd appreciate it.  No real rush.
<ChmEarl> BTW its intel single core so 100% sure that qemu has way to do 64 bit over there
<ChmEarl> no way
<persia> Well, I know I can run qemu-arm on a single-core x86_64 box.  It really just depends on how the qemu x86_64 stuff is implemented.
 * persia isn't cool enough to understand from the code
<Jeeves_> Mogge!
<Err404NotFound> can someone tell me why this (http://pastebin.com/keRbL654) isn't allowing telnet in port 25? i am totally lost
<jiboumans> good morning
<mealstrom> Err404NotFound: check MTA configuration if iptables is ok.
<Err404NotFound> mealstrom, i can telnet locally, thats fine, so mta allow, something has to do with iptables
<mealstrom> Err404NotFound: can you telnet 80 port?
<Err404NotFound> mealstrom, got it... i must define my ips in rcpthosts of qmail...
<_ruben> rcpthosts lists domains, not ips
<eekeek> Verizon DynamicDNS zoneedit setup with virtual hosts keeps pointing to the 000-default site rather then the one I want /etc/apache2/sties-enabled/domain. Anyone ever have this problem?
<FireCrotch> eekeek: does sites-enabled/domain contain a ServerName line containing the domain name that you're trying to use?
<eekeek> FireCrotch: yes the ServerName is there.
<FireCrotch> eekeek: and I assume you've reloaded apache's configuration since enabling the site?
<eekeek> yep.
<eekeek> I think it might have something to do with the listening port.
<eekeek> Verizon blocks port 80
<FireCrotch> Oh yeah, that'll cause problems. what port are you trying to use instead?
<eekeek> at least on non-biz accounts.
<eekeek> 8080
<eekeek> so i think i'm just configured wrong with where and what i'm listening on.
<FireCrotch> Can you pastebin your sites-enabled/domain file?
<eekeek> pastebin - ? I'm still new to IRC and LAMP
<persia> !paste
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://tinyurl.com/imagebin | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<eekeek> I see. Unfortunately I'm on a different computer right now.
<FireCrotch> Are you able to ssh to the web server?
<eekeek> But in my /sites-enabled/domain file it starts <VirtualHost *:8080>
<eekeek> FireCrotch: I have much to learn (and I'm trying). I don't even know what ssh is yet.
<FireCrotch> I see.  ssh is the secure shell protocol, it lets you remotely login to a machine
<eekeek> I see.
<eekeek> I don't know if this needs to be changed but the ports.conf file is Listen on 80 and NameVirtualHost *:80
<FireCrotch> You may be having problems if you don't have NameVirtualHost in your configuration
<FireCrotch> ports.conf should have listen on 8080 and namevirtualhost *
<eekeek> FireCrotch: Ok I'll give that a tyr.
<eekeek> Upon apache reload: error VirtualHost *:80 mixing ports and non-* ports wit a NameVirualHost.....
<FireCrotch> eekeek: I think changing the NameVirtualHost *:8080 will resolve that
<eekeek> FireCrotch: I seem to be missing something. upon reload [warn] _default_ VirtualHost overlap on port 80
<eekeek> Does there need to NameVirtualHost in the /sites-enabled/domain file?
<eekeek> or only in the ports.conf
<FireCrotch> eekeek: No, you don't need it the domain file
<eekeek> k.
<eekeek> There wasn't one, just wanted to double check.
<FireCrotch> eekeek: Oh I think that [warn] may be because there's a virtualhost on port 80 defined, but no namevirtualhost for port 80 defined.  Add NameVirtualHost *:80 also to the ports.conf
<eekeek> k
<eekeek> FireCrotch: well no errors upon reload, but no luck establishing a connection with the server now.
<FireCrotch> eekeek: Is this going to be the only domain you're hosting on the server?
<FireCrotch> If so, you may be better off just setting the 000-default to listen on port 8080
<eekeek> FireCrotch: Yes, for my learning it could be, but it would be nice to beable to have more than one.
<FireCrotch> eekeek: Alright, let's see if I can straighten this out then :)
<eekeek> FireCrotch: awesome :)
<FireCrotch> eekeek: ports.conf should have NameVirtualHost *:80, NameVirtualHost *:8080, Listen 80, Listen 8080
<FireCrotch> separate lines, of course
<eekeek> FireCrotch: ah we are missing a Listen 80. I'll give that a shot.
<FireCrotch> eekeek: sites-enabled/domain should have <VirtualHost *:8080> and ServerName yourdomain.com
<eekeek> FireCrotch: Ok ports.conf looks good and sites-enabled/domain looks good to.
<eekeek> FireCrotch: hmm still taking me to the 000-default site.
<eekeek> FireCrotch: just a random guess, but should I change 000-default to <VirtualHost *:8080> as well?
<FireCrotch> No, that won't solve the problem.  you do have sites-enabled/domain pointing to a different document root than 000-default has, right?
<eekeek> FireCrotch: yep, just double check. It points to /var/www/domain/
<eekeek> FireCrotch: I found this thread - http://ubuntuforums.org/showthread.php?t=851313 - and skunkbad says something about 'symlink' ?
<FireCrotch> eekeek: are you sure that we're working with the file sites-enabled/domain and not sites-available/domain?
<eekeek> FireCrotch: yep, /etc/apache2/sites-enabled/domain
<FireCrotch> in that thread, he's just recommending that you have the actual files in sites-available and put a symlink (basically a shortcut) to it in sites-enabled. but since you have the file in sites-enabled, that's not necessary
<eekeek> FireCrotch: k
<FireCrotch> eekeek: alright, let's take a look at /var/log/apache2/access.log
<FireCrotch> specifically at the end of it
<eekeek> k
<FireCrotch> hm that's probably actually not going to tell me anything useful lol
<FireCrotch> um
<eekeek> FireCrotch: wow lol
<eekeek> I wouldn't even know where to begin with all those lines.
<FireCrotch> in the sites-enabled directory, do this: unlink 000-default
<FireCrotch> then restart apache and see if things work properly
<eekeek> FireCrotch: and how might one go about 'unlinking' the 000-default file?
<FireCrotch> type exactly what I typed
<eekeek> FireCrotch: k
<eekeek> FireCrotch: [warn] NameVirtualHost *:80 has no VirtualHosts
<FireCrotch> eekeek: I figured it would give you that :) does the site work now properly on port 8080?
<eekeek> FireCrotch: Are you saying change from 80 to 8080 on one of the files? OR like www.domain.com:8080 ?
<FireCrotch> www.domain.com:8080
<FireCrotch> does that work?
<eekeek> FireCrotch: www.domain.com:8080 takes me to the router login page.
<eekeek> FireCrotch: www.domain.com "Not Found" Apache blah blha blha Port 80
<FireCrotch> I've had that problem before - it would send me to the router's login page instead of the web server haha
<FireCrotch> what is the domain that you're using?
<eekeek> nfotown.com
<FireCrotch> ok, http://nfotown.com  takes me to a 404 Not Found page.  Is the directory that it's pointing to empty?
<FireCrotch> also, I thought you said that your ISP blocked incoming port 80
<eekeek> FireCrotch: nope, there is an index.html file in there
<eekeek> FireCrotch: it is my understanding verizon does block port 80
<FireCrotch> verizon is most certainly not blocking port 80
<eekeek> would that page suggest otherwise?
<FireCrotch> when I go to http://www.nfotown.com, I get a plain HTML page with www.nfotown.com inside an <h2> on it
<FireCrotch> www.nfotown.com:8080 and nfotown.com:8080 both refuse the connection
<FireCrotch> So it appears to me that you're not going to need to have apache on 8080
<FireCrotch> you can do everything on port 80 just fine
<eekeek> FireCrotch: strange the index file has a <h3>NFOtown.com</h3>
<eekeek> FireCrotch: ok i'll try removing all of the 8080
<FireCrotch> so your ports.conf should just have Listen 80 and NameVirtualHost *:80
<eekeek> FireCrotch: It works :)
<FireCrotch> Great
<eekeek> FireCrotch: sry for the bad info on the ports :(
<FireCrotch> eekeek: oh, it's okay :)
<eekeek> FireCrotch: Thanks for sticking with me on this one. :)
<FireCrotch> eekeek: you're welcome :) if you have any other problems, feel free to highlight me here and if I'm around I'll try to help ya out :)
<eekeek> FireCrotch: awesome. I'm going to now try making another virtualhost to test to see if that works right - fingers crossed.
<FireCrotch> good luck :)
<eekeek> FireCrotch: Success with the second domain! :) Thanks again. I learned some good stuff. Have a good one!
<FireCrotch> eekeek: Glad I could help!
<uvirtbot> New bug: #534324 in qemu-kvm (main) "Can't run uncompressed (vmlinux) kernels" [Undecided,New] https://launchpad.net/bugs/534324
<jayvee> in libvirt, I get all these iptables rules added on bootup to my virbr0 interface that I don't want
<jayvee> I think it's related to the fact that I can only choose "isolated virtual network" or "forwarding to device with NAT" as my network options
<jayvee> In actual fact, I want neither. I want a plain virbr0 interface that libvirt doesn't add iptables rules to â access control, NAT, or otherwise.
<jayvee> but I don't see a way to configure that.
<jayvee> any ideas?
<nicknewbie> http://pastie.org/859350 -- This is a multiwan script I'm working on, based on the info on this page http://lartc.org/howto/lartc.rpdb.multiple-links.html -- I'm trying to take these instructions, and turn them into a script that can just be edited with the right variables to give multiwan setup. I think it would be good for the community, but I do need some help, can someone take a quick look?
<jMCg> Hello happy people.
<jMCg> I was wondering how realistic it is to get a few ``wishes'' implemented in Ubuntu that deviate from Debian's ways...
<jMCg> The reason I'm considering to throw things at Ubuntu, rather than at Debian is that I've known Debian's slow ways, and they tend to be.. slow.
<persia> jMCg: Deviations are possible.  This would be a bad time to push them (unless they fix critical bugs), as Ubuntu is nearing release freeze.
<persia> Coordination with Debian is generally preferred though.
<jMCg> persia: I've already heard that it's close to freeze -- I didn't expect to be this fast with Ubuntu either ;)
<jMCg> Here's an example: https://bugs.launchpad.net/ubuntu/+source/php5/+bug/12296
<uvirtbot> Launchpad bug 12296 in php5 "PHP5 or PHP4 for apache2-mpm-worker" [Wishlist,Confirmed]
<jMCg> My suggestion is to simplify the whole she-bang by merging all mpm packages into one package as Fedora for instance does.
<persia> That's unlikely to be addressed.  PHP4 went EOL 2007-07-13
<jMCg> persia: https://bugs.launchpad.net/ubuntu/+source/php5/+bug/12296/comments/11
<uvirtbot> Launchpad bug 12296 in php5 "PHP5 or PHP4 for apache2-mpm-worker" [Wishlist,Confirmed]
<persia> Ah, then the description needs some work.
<jMCg> That's probably the easiest part...
<jMCg> I've been much considering to pester Stefan Fritsch directly.. but don't know how to approach him yet.
<persia> But if you find a good way to solve the issue, and submit code, it can be reviewed.  I suspect it's unlikely to get added during the freeze, but potentially for the next cycle (but I don't make these decisions, so am not authoritative)
<jMCg> I see. So, if I come forward with a set of debian/rules thingies, everybody will be perfectly happy.
<jMCg> I should've known this means work for me.
<persia> Who itches, scratches :)
<jMCg> Yeah.. I know, I know... I just thought I'd go to the doc, and he'll say: Put this cream on the itch and it'll go away. Or, Putheth thees leech on yer skin, and leteth it suck yer greezy and heretic blood! or something like that.
<persia> heh
<mealstrom> hi, where is better to post some suggestions about packege debian-installer/preseed ?
<Noble> Is there a way to pull mail off a POP server, and somehow store it locally (In a database or something)?
<persia> Lots of them :)
<persia> fetchmail is widely recommended for the pull (although there are other options).
<persia> The storage depends on your preference.  Pushing it into some local mailserver is a common approach.
<Noble> Is it possible to configure fetchmail to push the mail into MySQL?
<jMCg> Nope, you'd have to scrip something to do that for you...
<Noble> I see. By default, how does fetchmail store the pulled mails?
<_ruben> by sending it to the local mta
<persia> Well, or sending it somewhere.
<Noble> Is it possible to dump the files raw onto the disk?
<uvirtbot> New bug: #534365 in openssh (main) "openssh-server bug reporting issue" [Undecided,New] https://launchpad.net/bugs/534365
<Noble> If I get this straight, fechmail can pull mail into procmail?
<_ruben> Noble: iirc yes
<_ruben> been ages sinces i used fetchmail
<Noble> Is it just me, or is the whole load of mail-protocols and servers just SERIOUSLY more bloated and complicated than it needs to be?
<_ruben> all depends on your needs 'n wishes i guess
<Noble> I mean: http://www.hypexr.org/gfx/mail_system_flow.png
<persia> Noble: There are many options, but they are needed.
<persia> Noble: So you need repositories (IMAP/POP/etc. servers), and you need clients (mutt/squirrelmail/etc.) and you need filters (procmail/spamassassin/etc.).  The easiest way to tie all these together without  pain is to have a standardised interface to MTAs to be able to accept mail and send it.  Filters mimic this (or can be inlined), repositories consume and clients push.
<persia> The "simple" way to achieve what is in the diagram is to only have one client with 4 mailboxes configured.
<persia> But that doesn't meet the needs of whoever set that up.
<Noble> I see.
<Noble> Gonna have to read up on this.
<zul> ttx: do you want me to do the bzr merging for samba bugzapping thing on thursday?
<zul> hey smoser
<smoser> hey
<sommer> morning
<ttx> zul: ber merging ?
<ttx> bzr merging ?
<zul> ttx: yeah i just saw your blog post
<ttx> zul: you mean keeping up a branch with all the bugfixes that will flow in on Thursday, and release it at the end of the day ?
<zul> ttx: yep
<ttx> zul: we'll use a branch at ~bugzappers, I think... but yes, since you end your day after I do, you'll upload the result :)
<ttx> zul: feel free to blog about it sometime... Maybe check with pedro when he'll annoucne the bugday
<zul> k hopefully its not crackfull
<ttx> zul: about openvpn papercut bug 427701
<uvirtbot> Launchpad bug 427701 in server-papercuts "OpenVPN client always runs" [Medium,Confirmed] https://launchpad.net/bugs/427701
<zul> ttx: yep
<Italian_Plumber1> I am attempting to copy some data off of a DVD that has some parts on it taht cannot be read.  Is there a way to tell the copy command (or a different one) to skip any files it cannot read, and go on to the next one?
<ttx> I can change the default, but it will change the default behavior for people on upgrades
<ttx> zul: should I modify /etc/default/openvpn on upgrades so that I set the default explicitely for those who upgrade ?
<ttx> i.e. if you don't have anything set, uncomment AUTOSTART="all" so that you don't fall into the new default value ?
<zul> ttx: i think you might to check to see what the user has and ask the user what they want to do
<ttx> zul: I think setting AUTOSTART="all", for those that were using the default value in karmic and before, is the best way
<zul> ttx: agreed
<zul> ttx: people get upset when things change or go missing ;)
<ttx> especailly network connections.
<zul> especially
<uvirtbot> New bug: #534412 in eucalyptus (main) "VNET_PRIVINTERFACE is not set correctly in a multi-network install" [High,New] https://launchpad.net/bugs/534412
<Pierreb> whats wrong with this line? useradd -d /ftproot/$1/$1 -g ftpusers -k /etc/ftpskel -s /bin/false $1
<Pierreb> its for a bash script but it says the syntax is wrong
<cemc> Pierreb: try echo "..." 'ing it
<\sh> Pierreb: -g <gid> -G <GROUP NAME>
<\sh> Pierreb: -g <gid of group ftpusers> or -G ftpusers
<\sh> oh damn...I'm not updated anymor
<\sh> forget my statement
<Elad> where can I start troubleshooting to find out what is being restarted on my server? I looked at my iptables this morning and they have been cleared out, the apache log shows a graceful restart (last night), but when I do 'uptime' it shows that the server has been up for 5 days
<gypsymauro> hi
<gypsymauro> there is a way to install proxmox-ve on ubuntu?
<merlijn-> hi, which kernel is recommended for ubuntu as a xen guest?
<sherr> gypsymauro: Proxmox is a complete OS (Debian Lenny based). See their wiki. You do not install on top of other OS's.
<sherr> Elad: Might just be "logrotate" (man logrotate). See log files daemon.log, syslog etc.
<Elad> sherr, why would logrotate cause it to do strange things like that? Or will the man pages tell me why?
<diago> if I edit nsswitch.conf, what needs to be restart to take affect
<hggdh> kirkland: ping (re. UEC tests)
<kirkland> hggdh: pong
<hggdh> kirkland: what would I have to do on the UEC testing? Where can I find docs? What's the meaning of life, universe, and everything?
<hggdh> kirkland: seriously, I am worried this may be too much for me, too soon
<Jeeves_> Hmm
<Jeeves_> I'm having a weird issue with lucid, pxe boot and debootstrap
<Jeeves_> debootstrap tries to download /ubuntu/dists/lucid/main/binary-amd64/Packages instead of /ubuntu/dists/lucid/main/binary-amd64/Packages.bz
<zul> hggdh: the answer is 3
<hggdh> heh
<kirkland> hggdh: give me a minute to make a pot of coffee, before i answer
<Elad> sherr, I just looked at the man pages for logrotate, and I reviewed my daemon.log and syslog, but I don't see any reason why my iptables would be cleared out
<BulleTh0> Hello.. if I have to network cards in a box, how to I make them both work in the same time ?
<BulleTh0> They are connected to the same switch.
<BulleTh0> With the ips .252 and .253. They wont work both in the same time :|
<genii> BulleTh0: If they are on same segment, the first one which matches as a route to somewhere else will be used
<BulleTh0> Sorry, I don't understand what you mean genii. I want to use them as an "alias"...
<BulleTh0> A phizical alias :)
<BulleTh0> They have the same gateway, the same netmask and the same nameservers.
<BulleTh0> If I ifdown eth0 && ifup eth0, eth1 dies. If I do the same thing with eth1, eth0 dies.
<demonspork_> how do I restrict available ports to a specific user so that he can't bind any process to a port that I don't permit?
<kjoller> Okay, I have finally made the security plunge - I have installed exim4 on my web/asterisk server. How do I test if it is a spammers playground, or if I have secured it properly?
<kjoller> I have set it up only to listen from 127.0.0.1, but is this enough?
<kjoller> could packages not be spoofed or something like that?
<kjoller> And could that cause some spamfilters to reject the mails being received?
<genii> BulleTh0: Since both adapters use same gateway, netmask, etc  then eth0 will almost always be used, unless it is not up in which case it will go to eth1
<BulleTh0> And how do I make them be alive in the same time?
<screen-x> BulleTh0: if your switch supports it, you could use lacp
<BulleTh0> My switch is shit.... sorry abut the bad word.
<BulleTh0> It's not a switch with management.
<zul> jdstrand: ping have you though of getting 9013-apparmor-dont-clear-caps.patch and 9014-apparmor-remove-unloaded-profile-is-not-fatal.patch upstreamed yet?
<BulleTh0> genii, screen-x Is this good anymore http://www.howtoforge.com/network_bonding_ubuntu_6.10 ? Looks kinds old.
<genii> BulleTh0: The bonding driver instructions don't change much, so most of it is still applicable. Your switch and whaver lays beyond it need to support 802.3ad specification for this to work
<screen-x> BulleTh0: bonding mode 6 claims to work without switch support, but I haven't tried it.
<jdstrand> zul: 9013 I submitted last month. 9014 I only recently wrote, but am planning on sending upstream, yes
<zul> jdstrand: cool...just working on libvirt for server dailies so was just wondering ;)
<jdstrand> zul: I upstream everything. just didn't have time yet on 9014 since 0.7.6+ requires a lot of work to even run on Ubuntu atm
<zul> jdstrand: oh poo
<jdstrand> zul: talk to mdeslaur-- he tried the 0.7.6 merge recently
<jdstrand> zul: he might be able to tell you some of the problems-- I plan to fix all that (and more), but not for at least two weeks
<zul> k
<jdstrand> (vacation and more pending items)
<zul> vacation is over rated ;)
<BulleTh0> genii, http://easytrade.com/english/Member/ProductCatalog/ProductCatalogItem_ProductID_PD0000012426.htm this is my switch
<demonspork_> I have a server that isn't responding to incoming requests, such as trying to log in to SSH. This same server is currently holding my nickname (demonspork) and the process that is accomplishing this is responding normally. What actions do I have to attempt to get this server responding again?
<BulleTh0> "Supports IEEE802.3x full duplex " as they say.
<demonspork_> in fact I just ghosted the nickname and it successfully reconnected.
<genii> BulleTh0: 802.3ad     specifically is the spec it needs to use ( the "ad" part is the pertinent part)
<BulleTh0> That's for mode=4 . Dynamic ling aggregation. If I'm not wrong it shares the speed... but it's the same connexion so I wont do me any help.
<BulleTh0> genii, so .. my switch supports that ?
<BulleTh0> I have another one, http://cgi.ebay.ph/ASUS-Giga-x-1008-8-Port-Hub-Full-Metal-Case-/170435763175 but the specs look the same.
<genii> BulleTh0: Hard to tell from the specs given if it supports link aggregation or not. You could always use one of the other modes which do not require it (roundrobin or so)
<BulleTh0> /etc/modprob.d/arch/i386 is editable ? mcedit says it's not :|
<BulleTh0> Hmmzzz
<genii> BulleTh0: You need sudo/admin
<BulleTh0> genii, I'm on root.
<BulleTh0> cat: /etc/modprob.d/arch/i386: No such file or directory
<BulleTh0> o.O
<BulleTh0> Something is missing.
<Pici>  its /etc/modprobe.d/
<Pici> not modprob
<BulleTh0> Same thing.
<BulleTh0> cat: /etc/modprobe.d/arch/i386: No such file or directory
<BulleTh0> Btw... it's a fresh install.
<BulleTh0> There is no arch directory in modeprobe.d
<BulleTh0> I used this how to. And at the end the /etc/network/interfaces looks kinda weird. The ethX configurations are commented. How the server should know how to get the adresses ?
<genii> BulleTh0: The bond0 device overrides the eth0/eth1/ethX devicenames. When you enslave the subdevices, it will bring them up itself usually
<genii> Work is very busy right now, aplogies on lag
<BulleTh0> genni, yes but I'm planing to use mutiple ip adresses :)
<BulleTh0> eth0: Reply from 86.122.121.252: bytes=32 time=1ms TTL=62        eth1: Request timed out.// and it's configured properly.
<BulleTh0> Enslaving is the opposite thing that I want. I want to use each nic that I have on the server with the ips that I have.
<smoser> kirkland, https://bugs.launchpad.net/ubuntu/+source/mountall/+bug/531494
<uvirtbot> Launchpad bug 531494 in mountall "cloud-init job not running in eucalyptus without ramdisk" [Critical,New]
<smoser> can you accept nominiation for lucid for me?
<sbeattie> smoser: I accepted it.
<smoser> thanks
<uvirtbot> New bug: #527081 in mysql-dfsg-5.1 (main) "package libmysqlclient16 5.1.37-1ubuntu5 failed to install/upgrade: subprocess dpkg-deb --control returned error exit status 2" [Undecided,Invalid] https://launchpad.net/bugs/527081
<kirkland> smoser: oh, sorry, yeah, done
<kirkland> smoser: ah, sbeattie got it
<smoser> yeah, thanks
<uvirtbot> New bug: #534550 in php5 (main) "php5 API is outdated" [Undecided,New] https://launchpad.net/bugs/534550
<ahasenack> has anybody been using the lucid desktop AMIs with NX?
<ahasenack> it doesn't work for me, and I found that the nx ppa that those AMIs have is pointing to karmic even
<ahasenack> so after fixing that and updating the ami, finally I at least got rid of the "Mar  8 18:25:52 domU-12-31-39-0A-4A-22 sshd[870]: Invalid user nx@ubuntu from ...." error, not it tries just "nx"
<uvirtbot> New bug: #534594 in ntp (main) "logcheck filter misses kernel status changed message" [Undecided,New] https://launchpad.net/bugs/534594
<jaypur> lol i just discoverd that windows server has a interface
<jaypur> lol
<jaypur> an interface*
<jaypur> so it does not have like 100% performance...
<jaypur> if i install nautilus at my ubuntu server, if i connect by ssh, and run it at my ubuntu client, it will open like the same nautilus here, and i could navigate by the files?
<guntbert> jaypur: nautilus on a server? uncommon
<jaypur> like
<jaypur> i need to
<jaypur> see the files at my laptop
<jaypur> guntbert, i want to see my server files as i see my laptop files, but remotly..
<soren> jaypur: Ask in #ubuntu how to use nautilus to connect over ssh.
<guntbert> jaypur: please lets make it clear - you want to access your server from your notebook?
<jaypur> soren, thanks
<jaypur> guntbert, i can do that...
<jaypur> guntbert, i wanna modify the files as i do at the note, like interface...
<guntbert> jaypur: I ask if that is what you want to do - if yes you type ssh  -X youruser@yourserver   -- then you can start any GUI app thats installed on the server and have it display on your notebook
<jaypur> guntbert, yeah!
<jaypur> so i could install nautilus and run it here??
<jaypur> ppl are telling me to connect nautilus by ssh
<soren> Don't install nautilus on the server. That's silly.
<soren> 20:58:57 < soren> jaypur: Ask in #ubuntu how to use nautilus to connect over ssh.
<jaypur> soren, already on it brother
<guntbert> jaypur: you would have to install it on the server - but as soren said (and was my first comment) - it is not advisable
<jaypur> connected it!!!
<jaypur> i just love you guys X)
<jaypur> and linux
<jaypur> HAHAH AWESOME!!!!
<jaypur> i'm so happy
<jaypur> it's a shame that, game servers can only be run 24 hours if i run it on the server, can run it by ssh, if i close the ssh, the server goes off...
<jaypur> =/
<jaypur> but i think i can set some commands to run at the start up of the server..... and then the server goes automatic rite?
<jaypur> brb
<uvirtbot> New bug: #534623 in openssh (main) "sshd segfault at 38" [Undecided,New] https://launchpad.net/bugs/534623
<uvirtbot> New bug: #534647 in munin (main) "default apache config causes an empty webpage on lucid" [Undecided,New] https://launchpad.net/bugs/534647
<lifeless> kirkland: btw, the ubuntu wiki docs need a refresh
<lifeless> kirkland: they say to start 'registration' but its now 'publication'
<lifeless> kirkland: also, I tink the nc br0 setup should happen before package install, not after :)
<kirkland> lifeless: totally
<kirkland> lifeless: we'll probably shift into that mode around beta2
<kirkland> lifeless: i think we'll need to branch the docs for 9.10 and 10.04
<jaypur> my ssh is not working after i changed the port =/
<jaypur> and i've already ipend the port at the router
<jaypur> sudo nice -20 ./program.... is it ok???
<kees> kirkland: I've updated https://help.ubuntu.com/community/KVM/Networking again, this time with the safer version of how to handle the fscaps and user caps.
<kirkland> kees: thanks, i'm still buried under some uec testing
<kees> kirkland: np.
<osmosis__> I dont really get what ubuntu cloud is. Can someone explain it?
<tranceNRG> It's similar to Amazon's EC2 service except it runs on your machines.  Essentially you spin up a varying number of instances (virtual machines) to meet your computational needs.
<osmosis__> tranceNRG, but what exactly is running on my servers? and how do I use it? Is it like multi machined clustered disk space?
<tranceNRG> ubuntu server edition with eucalyptus software.  Requires one dedicated controller machine and one or more node machines.  I honestly am fairly new to it as well but that is what I have gathered from reading.
<tranceNRG> https://help.ubuntu.com/community/UEC
<mrandrzejak> Hello everyone! New to the chat here, longtime Ubuntu user.
<mrandrzejak> #ubuntu-california
<mrandrzejak> Not sure how I got here though :) How do I switch to other chats?
<sherr> mrandrzejak: irc uses "/join" etc. but depends on your client. This is ubuntu-server specific.
<mrandrzejak> OK, thanks!
<mrandrzejak> Would anyone know if it is possible to do video chat with ICQ? Or if Pidgin or other chat programs like Empathy are planning to include it?
<bdmurray> hggdh: have you seen https://bugs.edge.launchpad.net/~ubuntu-server/+patches ?
<hggdh> bdmurray: no, I had not
<hggdh> thank you.
<hggdh> <sigh/> still finding things
<bdmurray> hggdh: it's really new!
<bdmurray> like the 3rd
<katsuodo> i have a strange problem
<katsuodo> rebuilt a server using 8.04.2 and ran apt-get update to update/upgrade
<katsuodo> server to 8.04.4.  I get the following:
<katsuodo> w: failed to fetch
<katsuodo> http://security.ubuntu.com/dists/hardy-security/multiverse/i18n/translation-en_us.bz2
<katsuodo> unable to connect to security.ubuntu.com ip address x.x.x.x:80
<katsuodo> i typed the following:
<katsuodo> sudo apt-get check
<katsuodo> sudo apt-get update -f
<katsuodo> sudo apt-get update && apt-get upgrade grep apt:ps ax | grep apt /usr/lib/apt/methods/http: i killall processes and there is no manager running in the background.
<katsuodo> i have a internet connection and can  ping the security.ubuntu.com server without a problem
<sherr> katsuodo: If I get apt failures (e.g. fetch) I try again a bit later (or the next day). Often fixes issues.
<katsuodo> this is one day later today
<sherr> Sometimes get glitches - time fies them :-)
<sherr> *fixes
<sherr> I have an 8.04.4 around - let me try ...
<katsuodo> okay
<katsuodo> it is 8.04.2
<sherr> I have 8.04.4 and did an "apt-get update && apt-get dist-upgrade" and it pulled down a few things (sudo, cups) and installed OK. This is a vbox install though, or 8.04.4 directly (I think).
<katsuodo> i just tried it again and the same
<katsuodo> it is trying to connect to us.archive.ubuntu.com @ some given ip address.  i ping the ip address and it responds
<katsuodo> receiving err http://us.archive.ubuntu.com now it is trying to connect to security.ubuntu.com
<sherr> katsuodo: Maybe try changing repos in your sources.list.
<sherr> Anyway - good luck.
<katsuodo> this is none gui based
<katsuodo> can you navigate to info to change the server where the download is pulling down from?
<sherr> katsuodo: you mean the apt sources list file?
<sherr> /etc/spt/sources.list
<sherr> s/spt/apt/
<jpds> katsuodo: us.archive is in London.
<katsuodo> if u look at repositories in a gui based installation there is an option to change the download from
<sherr> I pasted my sources.list here :
<jpds> katsuodo: Try using a US mirror like http://ubuntu.osuosl.org/ubuntu/ instead.
<sherr> http://pastebin.com/FV3fqArN
<sherr> /etc/apt/sources.list for Hardy 8.04.4.
<sherr> Make a BACKUP of yours if you use it
<jpds> sherr: gb.archive is also in London.
<sherr> Good night  Zzzz :-)
<jaypur1> how can i connect to my server by ssh, with nautilus on, like a root???
<katsuodo> sherr where you have gb i have us instead
<jpds> katsuodo: Exactly.
<jpds> katsuodo: Pick a US mirror from https://launchpad.net/ubuntu/+archivemirrors and copy and paste the sources.list entries the mirror page provides.
<katsuodo> will give this a try and report back in a moment
<katsuodo> jpds just these two lines only?
<jpds> katsuodo: Repeat for -updates, etc.
<katsuodo> do you mean type this statement in as substitution for the other statements in sources.list?
<jaypur1> i can see my server files here, by nautilus ssh... but if i need to change a file or folder i don't have the permission, what can i do?
<Roxyhart0> hi there...Im having problem with roaming profile (samba-ubuntu)..aparetly the profile template is corrupt. Somebody know how i can create a profile template?
#ubuntu-server 2010-03-09
<katsuodo> jpds it became stuck at 2% and the remaing err unable to connect to mirror statement appears
<Chr1z> dell poweredge 6850.. needs 220v.. so.. can a regular 18awgx3c 300v power cable be used if I chop the plug off and replace with nema 6-20p?  or is there something specific supposed to be used?
<RoAkSoAx> zul, lp:~andreserl/ubuntu/lucid/vsftpd/vsftpd-apport-531978 Please when possible take a look at it, give me some feedback to link the patch to the bug report. And we need to request FFe I presume?
<uvirtbot> New bug: #534773 in postfix (main) "postfix configuration failures should not let 'stop' fail" [Undecided,New] https://launchpad.net/bugs/534773
<histo> When I restart apache2 i get an error that apache could not reliably determine the server's fully qualified domain name using 127.0.1.1 Where can I enter the domain name I don't see it in apache2.conf anymore?
<histo> I added ServerName and ServerAlias settings in /etc/apache2/sites-available/default but its still not determining domain name???
<histo> This is annoying I know there is a simple answer for this
<histo> I'm not good with this hostname domain name stuff.
<histo> Especially since there are virtualhosts now
<jmarsden> histo: Check the contents of /etc/hosts carefully.
<jayvee> $ virsh -c qemu:///system start CentOS
<jayvee>  error: Failed to start domain CentOS
<jayvee>  error: internal error Unable to find cgroup for CentOS
<jayvee> This was working yesterday. KVM starts fine standalone, too. Any ideas?
<Roxyhart08> hi sorry i got my server working on HP 360G6 and i really slow to read data. I am wondering if i need to re-install the HP driver for ubuntu, but i dont know if i do that i lost the informations on the server?
<Roxyhart08> anybody know why the server could be slow to read data and if is sure re-install drivers for HP smart array -ubuntu. I mean i won't lost data with it?
<bogeyd6> Roxyhart08, what kind of raid card you got in it?
<bogeyd6> onboard?
<Roxyhart08> smart array
<bogeyd6> !fakeraid
<ubottu> Tips and tricks for RAID and LVM can be found on https://help.ubuntu.com/community/Installation/SoftwareRAID and http://www.tldp.org/HOWTO/LVM-HOWTO - For software RAID, see https://help.ubuntu.com/community/FakeRaidHowto
<bogeyd6> basically you need to not use the onboard raid and just let it default the drives each to raid 0 and use linux software raid
<Roxyhart08> so, you mean not use HP drivers?
<bogeyd6> im saying if you dont have a RAID card inside of the machine you shouldnt be using the onboard raid
<Roxyhart08> yes, i have raid card
<jayvee> Noob question: why would software raid be faster than hardware raid? That's a bit counter-intuitive.
<bogeyd6> its basically the same if it is onboard raid
<bogeyd6> Roxyhart08, please tell me the exact model number
<bogeyd6> ok well nevermind i guess Roxyhart08 im headed to bed
<bogeyd6> !sleep
<Roxyhart08> sorry, i was in a short meeting..give a second to find it
<Roxyhart08> hi bogeyd6 im sorry for waiting this is the card: HP Smart Array P410i/256MB
<qman__> jayvee, real hardware RAID is actually faster, but fakeRAID is slower and less featureful than software RAID
<sekyourbox> I just set up my DHCPD file, how do i check the service please.. google wont help me.. Thanks
<qman__> Roxyhart08 has a real RAID controller, but many motherboards these days have onboard fakeRAID controllers such as nvraid, AMD SB750, or silicon image controllers
<jayvee> right
<jayvee> never heard of fakeraid before
<sekyourbox> service dhcpd start>> doesn't work
<jayvee> sekyourbox, what's the error?
<sekyourbox> The program 'service' can be found in the following packages:
<qman__> sekyourbox, sudo /etc/init.d/dhcpd restart
<qman__> also, I think you have to enable it in /etc/default
<qman__> otherwise it won't run
<sekyourbox> sudo: /etc/init.d/dhcpd: command not found
<jayvee> I think it's just 'dhcp'
<qman__> on mine it's /etc/init.d/dhcp3-server
<sekyourbox> im in /etc/dhcp3 by the way
<jayvee> actually, might be sudo /etc/init.d/dhcp3-server restart
<qman__> but it might be different
<jayvee> my memory fails me
<qman__> sekyourbox, you will need to edit /etc/default/dhcp3-server also
<sekyourbox> thanks...
<qman__> I think you can also do "sudo start dhcp3-server" with the new upstart stuff
<qman__> not sure on that though, I do it the old way
<sekyourbox> I should memorize the structure, but i usually dont use ubuntu
<jayvee> only works if the service is upstart-enabled
<sekyourbox> and have no idea what that is
<qman__> well, ubuntu used to use the standard sysvinit style, with all the scripts in /etc/init.d
<jayvee> sekyourbox, don't worry. I suspect most of us get equally confused when we move onto red hat boxes. :)
<qman__> but now ubuntu uses upstart, and is in a transitional period
<qman__> where a lot of services have been changed over
<qman__> but not all of them
<jayvee> which is why it's a good idea to use 'service', because it supports both
<jayvee> if you don't have the 'service' command installed, you are using a version prior to the upstart init script transition
<Roxyhart08> qman_ i install the hp drivers when i got ubuntu 9.04, but then i udpgrade ubuntu to 9.10, so i dont know if i need to udgrade also the HP drivers, and what happen if i fo that...could i lost the data and everything on the server?
<qman__> Roxyhart08, just updating the drivers should not affect the data on the array, as long as you don't go fdisking it
<qman__> though I suggest backing up important files anyway
<sekyourbox> 8.04 i think, lol
<Roxyhart08> yes, i will do, maybe it could solve the "slow" problem?
<qman__> Roxyhart08, possibly, be sure to check out the health status of the drives
<qman__> a failing disk could cause that issue too
<Roxyhart08> ok, sorry which tool could i use to chek it?
<qman__> not sure, probably one of the HP tools
<qman__> the standard tool to check SMART data is smartctl, but I don't know if it will work with your RAID controller
<Roxyhart08> i think should be
<Roxyhart08> ill try, thanks
<sekyourbox> Thanks Fellas, have a good one
<jayvee> sekyourbox didn't actually say whether it fixed it or not
<demonspork> what can cause a server (I was the only user) to suddenly Broadcast message from root@Server /(unknown) at 0:54 .../The system is going down for power off NOW!
<demonspork> and then shut down
<demonspork> :(
<_ruben> demonspork: a nasty cronjob .. accidentally pressing power button .. tons of possibilities once you let your mind go free
<mealstrom> has anyone setuped deluged + webui on server? (deluge 1.2.1) ?
<jiboumans> good morning
<acalvo> good morning
<jayvee> howdy folks
<jayvee> whenever I try to start one of my KVM virtual machines in libvirt, I get this error: "Error starting domain: internal error Unable to find cgroup for <vm>"
<jayvee> happens for every VM, although standalone KVM works fine
<jayvee> I'm really stumped, and I really need to fire up one of these VMs right now.
<twb> jayvee: is "cgroup" mentioned in dmesg?
<twb> cgroup is a kernel feature like /proc, you probably need it compiled into your kernel AND to mount it somewhere
<jayvee> twb, yes it is
<jayvee> "Initializing group subsys {cpuset,cpu,ns,cpuacct,memory,freezer,net_cls}"
<twb> jayvee: does /proc/mounts say it's mounted somewhere?
<jayvee> no, it's not
<jayvee> I never had it before
<jayvee> so I don't get why I need it now
<twb> Maybe it's just better at reporting errors now
<jayvee> so where should I mount it?
<twb> Doesn't matter.
<jayvee> mount -t cgroup none $somewhere, I'm guessing
<twb> jayvee: maybe libvirt cares -- talk to them about it
<twb> They might tell you the error can be ignored
<jayvee> well it's blocking the VM from starting up
<soren> jayvee: Which version of Ubuntu are you using?
<jayvee> soren, ubuntu 9.10, but I debuild'ed the lucid version of libvirt
<jayvee> running the ubuntu10 version of lucid's libvirt
<soren> ...and how long were you expecting to go without saying that?
<jayvee> heh, I'd actually forgotten
<soren> Well, use libvirt from Karmic, and you'll probably be fine.
<twb> Releases are not "pick `n' mix"
<twb> They don't get feature updates for a reason
<jayvee> hmm, it's been working fine up to now
<jayvee> well the karmic version says: libvirtError: Unable to deny all devices for CentOS: No such file or directory
<jayvee> where CentOS is the name of the VM
<soren> Well, /something/ changed.
<soren> Other than the date.
<jayvee> there's a qemu.conf.dpkg-old â must have some settings left over
<ttx> soren: o/
<soren> ttx: Dude.
<ttx> soren: still planning to close my papercut bug 460398 ?
<uvirtbot> Launchpad bug 460398 in server-papercuts "/etc/timezone is not set correctly" [Medium,Confirmed] https://launchpad.net/bugs/460398
<soren> ttx: Yes, indeed.
<ttx> soren: ok, cool :)
<soren> ttx: Code's been committed upstream. Just haven't rolled a new release yet.
 * ttx gets some coffee
<uvirtbot> New bug: #527860 in puppet (main) "Init script always returns 0" [Wishlist,Confirmed] https://launchpad.net/bugs/527860
<ttx> soren: btw, I had a policy question for you: is it acceptable to do this: http://pastebin.ubuntu.com/391618/
<ttx> in postinst, changing the /etc/default/openvpn file on upgrade to match the previous default value
<ttx> the idea being, if we change the default behavior, it shouldn't affect old users relying on the old default behavior
 * soren looks
<persia> ttx: You oughtn't need to do that.  If the checksum of the conffile matches the old checksum, it will be silently overridden by the new conffile.  Otherwise you can't guarantee you aren't changing a user's deliberate default.
<jayvee> I haven't edited /etc/default/openvpn on my 8.04 system, so this patch would disable all my VPN configs
<ttx> persia: that's the point, I don't really want that. The new conffile is identical to the previous one
<ttx> jayvee: no it wouldn't
<jayvee> oh, actually, that's changed in the postinst
<jayvee> my mistake
<soren> ttx: I don't understand the motivation for the change.
<persia> ttx: Hrm?  You mean the updated conffile matches some old conffile differing from that shipped in the current version of the package?
<ttx> see bug 427701... but I've been asking myself the same question recently
<uvirtbot> Launchpad bug 427701 in server-papercuts "OpenVPN client always runs" [Medium,Confirmed] https://launchpad.net/bugs/427701
<soren> ttx: I've read the bug. Still don't understand, I'm afraid.
<soren> ttx: Why would you not want to start openvpn on boot?
<persia> soren: Imagine you don't have a network connection at boot.
<soren> ttx: If you don't want it to run your vpn connections, don't put them there.
<jayvee> if you used it as a client only, maybe?
<ttx> persia: /etc/default/openvpn doesn't set AUTOSTART. In that case, we assumed AUTOSTART=all in the init script
<jayvee> or used network-manager as a frontend
<soren> jayvee: Right. But then why would you put your config files for that in /etc/openvpn ?
<ttx> soren: I thought the rationale was that the empty system instance was "blocking" something... but it's not
<ttx> soren: so I tend to agree with you
<jayvee> ttx is implying that it ships with configs in /etc/openvpn by default
<ttx> jayvee: it's not
<jayvee> (I don't remember there being any, but that's just me)
<ttx> let me sum up :)
<ttx> the bug is about how having AUTOSTART=all by default conflicting wit hsome desktop use cases
<jayvee> do those cases occur on a fresh system, or only when you have customised /etc/openvpn?
<persia> ttx: Oh, I see.  Don't do it that way.  You want to sed -i "s/#?AUTOSTART=.*/AUTOSTART=$AUTOSTART/"
<ttx> When I first evaluated the bug as papercut candidate, I thought that in the absence of any config, we were starting up something that was binding to ports and prevented other openvpn startups
<ttx> *but*
<persia> ttx: set AUTOSTART=all before you source /etc/default/openvpn to have a default value.
<ttx> if no config is defined, we don't start anything.
<jayvee> no, openvpn doesn't do anything if there's nothing in /etc/openvpn
<jayvee> on my eee pc, at least
<ttx> so... I fail to see the rationale for the bug, especially as we would differ from Debian
<ttx> soren: so maybe we should just wontfix it
<persia> The bug may have been incorrectly triaged.  It may be that some of the openvpn client scripts for the plugins are overanxious
<persia> Or it may be that something has overly broad Recommends:
<soren> ttx: That what I'm leaning towards.
<ttx> persia: the only conflict I could come up with would be if some user script was dumping configs in /etc/openvpn and expecting them not to be run at boot.
<soren> Nevertheless, the case is interesting.
<soren> Let's pretend we wanted to do this.
 * soren ponders
<ttx> soren: yes, for learning
<ttx> persia: assuming we would want to do this, it would actually be OK to change the conffile in postinst on upgrade to explicitly set the value to the old default value ?
<soren> I'm wary of even touching a conffile.
<persia> ttx: Hrm.  No.
<ttx> persia: ok, that's what I thought
<swift> guys, what software do you recommend for displaying MRTG graphs on UBuntu-server8.04?
<soren> However, if I were to do so, I wouldn't do it unconditionally.
<soren> swift: firefox?
<persia> ttx: I'm leaning towards shipping an updated conffile with the defaults that would be desired, and not changing postinst, and letting users who adjusted the conffile sort out any mess that may result.
<soren> ttx: I would probably store the curren tAUTOSTART value from preinst..
<swift> soren, i mean... which version of MRTG?
<soren> swift: Whichever is in Ubuntu 8.04.
<ttx> persia: interesting. Just shipping an new default file with AUTOSTART=none uncommented.
<soren> swift: 2.14.7-2ubuntu3, apparantly.
<swift> soren,ubuntu comes with MRTG?
<soren> swift: Ubuntu comes with /everything/.
<soren> Almost.
<swift> soren, i dont see mrtg on ubuntu
<swift> can i do "apt-get install mrtg-contrib" to get the package.. this is the one for ubuntu 8.04LTS right?
<persia> swift: `sudo apt-get install mrtg` should sort that if you happen to not have it installed.
<swift> persia... mrtg-contrib??
<soren> swift: Why contrib?
<persia> swift: If you want the examples, -contrib works too :)
<persia> ttx: Right.  Shipping the default uncommented would update anyone who wasn't doing something special to use that, which is probably >95% of users.
<persia> ttx: And it lets dpkg sort out whether we're slamming a conffile, etc.
<persia> (and gives the user options to deal with the merge (albeit not great options))
<ttx> persia: but then, people that used to rely on the old default value (AUTOSTART="all") and didn't change their /etc/default/openvpn file would end up not having anything started up at boot
<ttx> (since the conffile would be replaced, right ?)
<persia> ttx: True.  For extra visibility, document this in NEWS as well as the changelog.
<ttx> ok
<persia> That said, what's the use case for AUTOSTART=all vs. AUTOSTART=none?
<persia> To me it feels like this issue is being solved the wrong way.
<soren> You could show a debconf notice iff there's any connections configured in /etc/openvpn
<ttx> you define system-wide VPNs in /etc/openvpn, AUTOSTART controls which, if any, are started at boot.
<persia> I think that when OpenVPN is configured host-wide, it should be started by default, and if it's configured per-user (even for user="all users"), it shouldn't.
<ttx> none, all, or specifically-named ones.
<ttx> well, defining configs in /etc is "configuring system-wide"
<persia> So nm-openvpn (or whatever it's called) and the base openvpn client have different behaviours.
<ttx> nm-openvpn provides a separate framework for VPN configs
<ttx> that supports user-based and system-based definitions
<persia> Right.  Like I said, I think the bug is in the desktopy openvpn config tools, not in openvpn itself.
<persia> So is this just a documentation bug?
<ttx> probably I'm commenting on it right now
<persia> Or a bug in the Kubuntu networking tool?
<ttx> It's, at best, unclear where the user-oriented frontends are conflicting with the openvpn "system" mechanism. Set the bug to Incomplete
<persia> Needs deeper triage.
<soren> The problem with changing the conffile is that at some point in the future (if the conffile shipped in the package changed later on), he will be prompted about changes that he allegedly (but not actually) made to said conffile.
<soren> The only sound approach (again, if we were to make this change), I can think if is this:
<soren> Check if the user has changed this setting. If he hasn't, check if he has any connections configured in /etc/openvpn. If so, show a debconf notice about this new default behaviour, perhaps along with the one-liner you would have applied to make the change so that the user can make that change himself. If there are no connections configured anyway, nothing will really have changed, so don't bother with the notice.
<soren> Perhaps just lower the priority of the notice.
<swift> guys, how can i start serial access to another machine connected to a ubuntu server?
<jayvee> swift, what sort of serial access?
<jayvee> file transfer, ppp, remote logins...
<swift> a serial cable connected to an ubuntu machine
<ttx> soren: ack
<swift> no, serial access to another machine
<jayvee> that still doesn't make sense â what do you want to *do* with your serial access?
<swift> i want to access another machine's console
<jayvee> okay, so remote login
<jayvee> you want to look at mgetty
<jayvee> mgetty on the server
<jayvee> minicom on the client
<swift> but, only serial access is available viattyS0
<jayvee> yes, mgetty talks to ttyS0
<swift> which is the server?... the machine i wanna access?
<jayvee> and on the client, minicom also talks to ttyS0
<jayvee> swift, yes
<swift> so,actually, jayvee, i accidentally closed a serial console window opened on my ubuntu box
<swift> i want to re-open it
<swift> i just dont know how to do that
<jayvee> swift, I use mgetty, but actually looks like you can use plain getty
<jayvee> swift, what were you using to get the serial console window?
<jayvee> minicom?
<swift> yes
<jayvee> well just type minicom again
<jayvee> and hit enter a few times
<jayvee> surely if you opened it once you know how to do it a second time
<jayvee> okay, soren, my libvirt magically started working again
<jayvee> restarted it, then got an apparmor error
<swift> jayvee.. som1 else had kept it for me
<swift> :D
<swift> now i know
<jayvee> different to what I was getting before
<swift> thanks!!
<jayvee> disabled the apparmor
<jayvee> then it worked
<jayvee> swift: ah, so they must already have set up the serial server for you
<swift> yep
<uvirtbot> New bug: #534913 in libcommons-fileupload-java (main) "libservlet2.{3,4}-java migration" [Wishlist,In progress] https://launchpad.net/bugs/534913
<larsemil> where is the ip configured for the virbr0 that i have on my host for virtual machines?
<jayvee> larsemil, click on the connection in virt-manager, and go Edit > Host Details
<jayvee> it's under the Networks tab
<jayvee> the Virtual Networks tab, sorry
<larsemil> jayvee: and from console? i dont have X on my server
<jayvee> do you have virt-manager on your local machine?
<jayvee> you can connect to your libvirt server with that
<jayvee> you should be able to do it from virsh though
<larsemil> will install it
<jayvee> ah, I think I've found what you're looking for
<jayvee> type "man virsh"
<jayvee> then type /net-edit
<jayvee> that has exactly the commands you'll need to do the job from the command line
<jayvee> $ virsh -c qemu:///system net-edit default
<larsemil> well now i have virt-manager. :)
<jayvee> yeah, should make it much more fun
<larsemil> allthough i cant edit anything in the edit host details. cant change anything. logged in with root
<jayvee> you may need to "stop" the network first
<larsemil> ok.
<jayvee> and if that doesn't work, there's always the virsh command ^
<jayvee> :)
<larsemil> we try virsh
<larsemil> jayvee: did not seem to change after using virsh either
<jayvee> you'll want to restart libvirt
<jayvee> service libvirt-bin restart
<larsemil> jayvee: after restart its again the "old" ip
<jayvee> stop libvirt, run "ifconfig virbr0 0.0.0.0" and start libvirt again
<larsemil> even after saving and again typing the virsh command its the same
<larsemil> jayvee: that changed the ip for the bridge but not the settings.
<jayvee> I'm guessing you have to disconnect and reconnect virt-manager
<jayvee> right-click on the host in virt-manager, and press disconnect
<larsemil> well. did that.
<larsemil> running virsh -c qemu:///system net-edit defaults, changing the values and then running the command again shows me the old config
<jayvee> not really sure
<jayvee> I'm guessing it's working anyway
<larsemil> will look into hacking the file manually
<jayvee> /etc/libvirt/qemu/networks/default.xml, I think
<larsemil> there the settings are correct...
<persia> What's a good lightweight httpd for running a mirror?
<twb> busybox httpd
<jayvee> lighttpd
<jayvee> youtube used to use lighttpd
<larsemil> no. the russian one..
<persia> twb: I'm not that paranoid for this server, and don't have VM support on this server.
<jayvee> larsemil, nginx?
<larsemil> nginx
<twb> Unfortunately, there aren't any httpds that make security their primary concern, so I gave up.
<twb> Even OpenBSD run a (heavily patched) apache.
<twb> persia: well, busybox is usually installed on all Debian and Ubuntu hosts
<twb> persia: so it's "lightweight" because the extra disk footprint, at least, is zero.
<persia> twb: busybox isn't installed on either my laptop or my server (although bits of it may exist in my initramfs, I haven't checked
<twb> I used thttpd happily for a while until I looked at its (lack of) security scrutiny.  I haven't benchmarked it against lighttpd for serving static content, but I wouldn't be surprised if it's still up there.
<twb> persia: oh, right, I think ubuntu only install a cutdown "busybox-initramfs" package by default now.
<persia> twb: Ah, yes.  I have that installed everywhere, but it doesn't help in this case :)
<persia> larsemil: so, why nginx over lighttpd?
<larsemil> jayvee: this makes no sense. seems to me i am not able to change even though the settings are correct in the /etc/libvirt/qemu/networks/default.xml
 * persia is serving to ~10 hosts, static content only
<larsemil> persia: i just heard alot about it. good things. i never used lighttpd
<jayvee> pretty sure that the settings are correct â just something needs restarting
<twb> persia: is it just raw speed / cpu/memory overhead you care about?
<persia> twb: No.  I just didn't think I needed apache to handle a mirror for buildbots.
<persia> twb: apache would serve my needs just fine.
<twb> Then any of the above will do.
<persia> Yeah :)
<twb> I liked busybox httpd and thttpd because you can run them as non-root and just supply configuration on the command-line.
 * persia chooses lighttpd because it says "easy to configure" in the description
<twb> e.g. thttpd -u $USER -d $PWD -p 8080
 * soren has used lighttpd quite happily in the past
<jayvee> lighttpd is quite popular, and yes, it is quite easy to configure
<twb> jayvee: bah!  Anything that needs a whole config *file* isn't easy.
 * twb hugs dnsmasq, for example.
<larsemil> jayvee: well i have restarted the whole machine...
<larsemil> jayvee: no luck today. will look into it another day but today, no luck changing it. i want my virtual machines on the same net as my physical ones
<twb> larsemil: that's called "bridging"
<jayvee> larsemil, you'll need to create a bridge that contains both your eth0 interface and your vms
<jayvee> you could possibly add your eth0 to your virbr0, but then you'd better be careful to not run a dhcp server on the virbr0
<jayvee> I'm not sure how to disable libvirt's dhcp server.
<jayvee> okay
<jayvee> how the crap to I stop libvirt from messing with my iptables?
<jayvee> I'd like a "just the bridge, thankyou" option
<ttx> zul: yo
<zul> ttx: yippe
<zul> ttx: how goes it/
<ttx> zul: I will be away tomorrow morning, so I guess I won't start the samba bugday early :)
<zul> ttx: thats ok theres plenty for everyone
<uvirtbot> New bug: #535029 in openssh (main) "[LUCID] OpenSSH 5.4p1" [Undecided,New] https://launchpad.net/bugs/535029
<blackxored> Hi guys, help with debmirror, see here: http://pastebin.com/xH2qi7Sz this started happening after a power failure but it seems unrelated
<inveratulo> hi everyone, i'm running ubuntu server under a rh5 xen host, and keep getting these messages in the syslog http://ubuntu.pastebin.com/TkMT3dXH   has anyone run into this before?
<chatran> hi
<chatran> guys
<chatran>  i have this: "LB_test of substitution;054 3220 2010"  and i need this: "LB_test of substitution;05432202010" on vim
<chatran> dam hard
<jayvee> inveratulo, this is related, maybe? https://bugzilla.redhat.com/show_bug.cgi?id=480317
<uvirtbot> bugzilla.redhat.com bug 480317 in xen "guest reports repeatedly ATA error" [Medium,Release_pending]
<inveratulo> jayvee: yea that's what i was thinking... the only effect it seems to have is raising the cpu load
<huntsville> Good Morning all.  Quick question re: Ubuntu Server 9.04, "apt-get upgrade" shows several packages being held back including kernel.  I'm assuming apt-get has a configuration file somewhere where its holding these files back.  Any idea where??
<soren> huntsville: No, that's not how it works.
<soren> Usually, they're being held back because they have new dependencies.
<soren> huntsville: Try this: sudo apt-get dist-upgrade
<soren> huntsville: ..and see if that changes things.
<huntsville> soren, ah..
<huntsville> soren, see I don't want to upgrade the dist
<huntsville> from 9.04 to 9.10
<soren> Nono.
<huntsville> soren, I'm trying to stay on the LTS
<soren> That's not what it does.
<soren> 9.04 is not an LTS.
<soren> ..but regardless, dist-upgrade does not upgrade you to a new Ubuntu version.
<soren> Don't worry :)
<jayvee> dist-upgrade just means "hey, I'm okay if you install some new packages"
<soren> Pretty much.
<huntsville> soren, ?  I thought all .04 were LTS :)  Been far too long in the RHEL server space
<jayvee> as opposed to "upgrade" which is an alias for "safe-upgrade", which means "please only upgrade packages, don't install any new ones"
<soren> huntsville: No. 8.04 was an LTS and 10.04 will be an LTS.
<huntsville> soren, ah.
<huntsville> jayvee, oh sweet
<jayvee> every 2 years is the trend
<soren> jayvee: apt-get has no "safe-upgrade"
<soren> aptitude does.
<jayvee> or is that aptitude I'm thinking of
<jayvee> heh
<huntsville> :-/ hmm, wondering if I should drop back to 8.04 LTS then.
<huntsville> soren, jayvee, I'm trying to create an ubuntu server build standard for my org
<soren> huntsville: Then 9.04 is not a good bet.
<huntsville> (dist-upgrade works)
<soren> huntsville: 10.04 is only a month and a half away, fwiw.
<jayvee> if you have a month or two, it may be wise to wait til lucid
<huntsville> hmm, I need to get a vTiger CRM up in 3 weeks.
<jayvee> 8.04 then, definitely
<jayvee> it's supported until 2012, I think
<jayvee> or 2013, can't remember
<jayvee> 5 years from 8.04, anyway
<persia> April 2013
<huntsville> there is probably better package support for 8.04 too ;)
<soren> jayvee: 8.04 == 2008,
<soren> April.
<jayvee> I know
<soren> Ok.
<jayvee> I just can't add 5 to 8 in my head
<soren> Math is hard.
<jayvee> can never remember whether it's 12 or 13
<huntsville> rofl
<jayvee> seriously
<jayvee> ;)
<huntsville> Well thanks guys, #ubuntu was a little too crazy to answer
<huntsville> Any idea where ubuntu lists their support dates for Ubuntu server?
<huntsville> And is 9.xx where they first made the designation from "desktop" ubuntu and "server" ubuntu?
<soren> huntsville: https://wiki.ubuntu.com/FrontPage
<soren> No, first ubuntu server release was either 5.10 or 6.06. I forget which one.
<huntsville> soren, great
<soren> (https://wiki.ubuntu.com/Releases for more history)
<merlijn-> hi what is the recommended kernel for ubuntu 9.10 as a Xen guest?
<hyperlinx> how can i see al adaptet usb devices ??
<hyperlinx> any shell command ??
<sherr> hyperlinx: lsusb?
<hyperlinx> but i need the specific name tty ?
<hyperlinx> is a GSM usb modem
<huntsville> lsusb?
<huntsville> oh wait, behind
<blackxored> Hi guys, help with debmirror, see here: http://pastebin.com/xH2qi7Sz this started happening after a power failure but it seems unrelated
<sherr> hyperlinx: for tty etc. see the log messages i.e. /var/log/syslog
<sherr> I would  "tail -f /var/log/syslog" in a shell and then plug it in. See what appears.
<Ninjix> blackxored: maybe there is an old lock file?
<soren> blackxored: That sort of stuff usually clears itself up after a little bit. I'm not sure why it happens, but I see it occasionally as well.
<blackxored> soren, I've been 2 weeks or so with same issue, I've even changed mirroring methods and cleared .temp directory several times
<soren> blackxored: Oh, "a little bit" == "a few hours at the most" if that was the issue.
<soren> Then I don't know. Where are you syncing from?
<blackxored> http://archive.ubuntu.com
<blackxored> wait
<blackxored> I'll go out for a smoke
<merlijn-> hi what is the recommended kernel for ubuntu 9.10 as a Xen guest?
<n8w_> hey
<n8w_> guys, im tryin to change permissions to drop_cache file with chmod 755 but i keep gettin an error :operation not permitted
<sherr> merlijn-: I guess few here run Xen now, or know the answer.
<sherr> merlijn-: Have you looked at https://help.ubuntu.com/community/Xen
<sherr> merlijn-: Plus there is a meta package that might help "ubuntu-xen-server". I would guess that "recommended" is whatever the defaults are on install/update.
<sherr> n8w_: you don't have perms to that file or the device it is on. Wat perms is it (ls -l) and who are you (id). A unix question really.
<n8w_> sherr:  i forgot to mention that im runin it as "su"
<n8w_> sherr:  thats the prob...i dont get it...ive got su access but it still says : chmod: changing permissions of `vm/drop_caches': Operation not permitted
<genii> There seems to be a (somewhat older) bug report with discussion on this chmodding the drop_caches - https://bugs.launchpad.net/ubuntu/+source/linux-source-2.6.19/+bug/71575
<uvirtbot> Launchpad bug 71575 in linux-source-2.6.19 "/proc/sys/vm/drop_caches should be able to be configured to allow regular user writes" [Undecided,Invalid]
<n8w_> genii:  i think ive read it...
<n8w_> i thought that somebody might know what to do
<mathiaz> kirkland: hi!
<mathiaz> kirkland: do you still have problems with the UEC test rig?
<kirkland> mathiaz: i do :-(
<kirkland> mathiaz: let me grab a coffee and let's take a look
<mathiaz> kirkland: ok
<uvirtbot> New bug: #501808 in samba (main) "actualizacion para reproducir un video de youtube en  RHYTHMBOX (dup-of: 442941)" [Undecided,New] https://launchpad.net/bugs/501808
<merlijn-> sherr: the wiki page is quite outdated, and the ubuntu-xen-server is meant for the host OS, not the guest
<uvirtbot> New bug: #535123 in openssh (main) "Lucid: Recent update to ssh mean ssh-askpass-gnome fails to recognize the correct password" [Undecided,New] https://launchpad.net/bugs/535123
<kirkland> ttx: fyi, ubuntu server iso's haven't been building for the last few days
<ttx> kirkland: yes I know, cjwatson said it's fixed, shouold be ok in the next run.
<kirkland> ttx: thanks
<kirkland> ttx: i mentioned it last night too
<mathiaz> cjwatson: hi - using the installer with a serial console, is it possible to access tty2-tty4 (ie open a shell in the installer or access syslog)?
<cjwatson> I think you have to use the shell option on the main menu, unfortunately
<larsemil> maybe i just configure virtual bridge myself instead of using the auto isntaller...
<ttx> kirkland, smoser: (still on my call) I prepared https://wiki.ubuntu.com/Boto19TestCoverage to shuffle the load of formal euca2ools test coverage among the team, let me know if you have any comments.
<ttx> Most commands don't have any optional parameter so it's pretty easy to validate. There are a few complex ones that will take more time, though.
<sherr> merlijn-: I have to say I am also interested in Xen somewhat. This is mainly because most of my "server" hardware at work is currently a bit too old for h/w vt.
<sherr> I'd like to virtualise stuff on it. Xen's the only real option.
<sherr> However, Ubuntu seems a little half-hearted with Xen and support is not so good. If I was to go down this route, I'd use stock Debian (stable).
<kirkland> ttx: good idea
<ttx> kirkland: that should give us good confidence in boto 1.9, in euca2ools *and* in eucalyptus
<hink> It's so hard to find good people. I need to hire some compentent linux sysadmins
<ttx> kirkland: ok, I'll talk about the page at the meeting tomorrow.
<kirkland> ttx: ok
<ttx> sommer: will you be present at tomorrow's team meeting ? Wanted to discuss the status of the server documentation, and any help you might require from us
<hink> is that an oxymoron when you fail to spell competent correctly?
<ttx> kirkland: I've been testing multi-network lately (CC with two NICs), filed a bug about it. I was wondering if you had the capacity to run such a test yourself (like USB NIC adapters) ?
<ttx> kirkland: makes it difficult to use the PXEmagic, unfortunately
<uvirtbot> New bug: #535152 in nut (main) "FFE for nut 2.4.3" [High,New] https://launchpad.net/bugs/535152
<ttx> kirkland: what I did is PXEboot the CLC+Walrus and the CC+SC, then sue an ISO to install the NCs
<ttx> kirkland: in that scenario the installer asks all kinds of interesting extra questions that you shouldn't quiesce, though
<ttx> kirkland: so I added an extra "manual" option in the boot-uec system to not set priority=critical and get them.
<Some_One> hi ppl
<Some_One> i need some help regarding networking between 2 pcs having ubuntu on them
<Some_One> can any one help me ?
<uvirtbot> New bug: #535156 in openssh (main) "ssh connection freezes" [Undecided,New] https://launchpad.net/bugs/535156
<Some_One> any one ?
<RoAkSoAx> zul, lp:~andreserl/ubuntu/lucid/vsftpd/vsftpd-apport-531978 If you can take a look at it, give me some feedback, and do we have to request FFe for apport hooks?
<kirkland> ttx: i should be able to hack on the multi-network here
<kirkland> ttx: ie, i have the hardware
<kirkland> ttx: it's not configured as such, right now
<zul> RoAkSoAx: ill take a look this afternoon and i dont think we need one
<kirkland> ttx: and i'm trying to do all the alpha3 testing against the lab rig right now so that i can put that behind me
<ttx> kirkland: that would be great, indeed
<RoAkSoAx> zul, ok, i'll finish the other im working on within this week since it is a busy week at school
<Some_One> ?
<ttx> kirkland: I think I nailed the only blocking issue in my own testing anyway
<ttx> kirkland: so now I'm reasonably confident about it
<ttx> bug 534412, for reference
<uvirtbot> Launchpad bug 534412 in eucalyptus "VNET_PRIVINTERFACE is not set correctly in a multi-network install" [High,New] https://launchpad.net/bugs/534412
<kirkland> ttx: right
<zul> RoAkSoAx: k thnk
<RoAkSoAx> zul, btw... would it be a good idea to create tempfiles while running the hook?Becuase I wanna filter the syslog output and then place it on a temp file and then attach it in the bug report, instead of putting it inot a variable that will place the output within the Description of the bug report
<zul> i dont think so
<RoAkSoAx> zul, because otherwise, I'll have to do something like report['SyslogSnmpd'] = recent_syslog(re.compile('snmpd\[')) but it would be better to attach it as a separate file
<zul> RoAkSoAx: really its up to you but youll have to remove the temp file after
<studio_> how can i test if ssh is working form outside of my home network to a pc in the network
<RoAkSoAx> zul, ok awesome. will do that then. Thanks :)
<cvmostert> hi all, i am trying to help a friend, how do I connect to his pc via the internet with ssh?
<sherr> cvmostert: ssh user@host (see : man ssh)
<cvmostert> user is his pc name.. and host his ip?
<cvmostert> sherr, thanks i will read the man page
<sherr> cvmostert: No - see the man page. This is not realy a #ubuntu-server question. Try #ubuntu.
<cvmostert> and hope it helps
<cvmostert> i was there and they showed me here...
<cvmostert> sorry
<sherr> Who knows sometimes? :-)
<huntsville> sherr, maybe because its an ssh "server" ;)
<davmor2> Hey guys I found a weird issue.  If I type sudo aptitude ebox- and hit tab ebox-mail is listed however it is uninstallable any clue as to why?
<pawel__> hi, where can i find md5sum for ubuntu-8.04.4-server-i386 ?
<genii> pawel__: https://help.ubuntu.com/community/UbuntuHashes
<pawel__> genii: thx
<Fly_green> ÃÃ±Ã¥Ã¬ Ã¯Ã°Ã¨Ã¢Ã¥Ã²!
<Fly_green> Ã¥Ã±Ã²Ã¼ ÃªÃ²Ã®?
<genii> !ru
<ubottu> ÐÐ¾Ð¶Ð°Ð»ÑÐ¹ÑÑÐ° Ð¿Ð¾ÑÐµÑÐ¸ÑÐµ #ubuntu-ru Ð´Ð»Ñ Ð¿Ð¾Ð»ÑÑÐµÐ½Ð¸Ñ Ð¿Ð¾Ð¼Ð¾ÑÐ¸ Ð½Ð° ÑÑÑÑÐºÐ¾Ð¼ ÑÐ·ÑÐºÐµ  / Pozhalujsta posetite #ubuntu-ru dlya polucheniya pomoshi na russkom yazyke
<pawel__> I have good checksums for iso and packages, catalouges at cd, but I have errors when installing ubuntu server, cd fails integrity test. What is the problem? Cd-rom at server machine or something else?
<qman__> pawel__, try getting the md5sum of the CD in a desktop, it could very well be the CD-ROM in the server
<qman__> the actual CD that you burned, to ensure it was a good burn
<stefanlsd> Do we have documentation on kvm and virtio for disk and network drivers?
<pawel__> qman__ i did md5sum of CD at desktop, ok so it must be CD-ROM. thx
<larsemil> anyone have any experience with dell powerconnect routers?
<larsemil> http://www.dell.com/content/products/productdetails.aspx/pwcnt_5424?c=us&l=en&s=biz&cs=555 got a good price for two of these.
<zul> mdeslaur: does this look reasonable for you? https://bugs.edge.launchpad.net/ubuntu/+source/openldap/+bug/508190
<uvirtbot> Launchpad bug 508190 in openldap "slapo-nssov not able to write socket file" [Medium,Confirmed]
<mdeslaur> zul: let me take a look
<mdeslaur> zul: yes, that looks sane
<mdeslaur> zul: you can add /var/run/nslcd/* w,
<uvirtbot> New bug: #535241 in bacula (main) "Confuguration of bacula-director-mysql fails when mysql was installed as dependency" [Undecided,New] https://launchpad.net/bugs/535241
<ruben23> hi is cloud computing better then having your own server...?
<MTecknology> ruben23: depends on what you're referring to as the cloud and what you want
<uvirtbot> New bug: #535255 in samba (main) "smbclient -N option does not password given with -U option" [Undecided,New] https://launchpad.net/bugs/535255
<s`s> is there a way to change the information that comes up on login for the server? Like the system stats that display and everything, I want to know where I can change that around
<MTecknology> s`s: I'm not sure if you can change it, but it's coming from landscape-common
<mcasadevall> coffeedude: ping?
<s`s> MTecknology: is there an area that you can disable enable this from coming up? It's been forever since I've cared about the login prompts in terminal
<MTecknology> s`s: I normally just remove that package
<s`s> oh ok
<s`s> thanks
<zul> kirkland: qemu-kvm dailies available starting tonight now
<coffeedude> mcasadevall, Hey.  on conf call right now.
<coffeedude> NCommander, I'll ping you when I'm off.
<kirkland> zul: cool man, thanks
<eyci> Good afternoon. I was wondering if anyone has any knowledge on creating a working Server- Client network.
<JollyMeck> Hello guys! I have a server with ubuntu 9.10 and i wonder if it is possible to somehow setup the syslog to send information to my desktop computer ?
<eyci> You're not the only one waiting JollyMeck :)
<eyci> Create some conversation in here, perhaps it will be noticed.
<Remowylliams> Hello everyone,  common question I'm sure but trying to perform the install of openssh-server fails apt-get can't find the package.
<coffeedude> NCommander, ping.
<NCommander> coffeedude: pong
<Remowylliams> How can I install openssh-server ?
<coffeedude> NCommander, what's up?
<NCommander> coffeedude: just touching base with you on likewise-open on ARM
<Remowylliams> I'm using Ubuntu Server 9.10 64bit
<thebwt> Remowylliams: have you done an apt-get update?
<thebwt> Remowylliams: my gut reaction is that you have no network connection, or no sources (nothing in your repo file)
<Remowylliams> thebwt: no it wasn't in the instructions
<Remowylliams> thebwt: no I'm connected.
<Remowylliams> I can ping the address just fine
<studio_> can anyone help me with ssh?
<thebwt> Remowylliams: kk, try doing 'sudo apt-get-update'
<coffeedude> NCommander, cool.  I don't know how many patches you have but You might need to rebase off the latest code.  Are you working from the original likewise-open source tarball in Lucid Alpha2?  or from the ubuntu-lucid git branch at git://git.likewiseopen.org/likewise-open.git ?
<eyci> That looks like Remowylliams' question studio
<Remowylliams> I'll try apt-get update and hope that fixes the list I update aptitude but can't find it anywhere
<maxb> studio_: Please ask a more specific question
<NCommander> coffeedude: the former, but it shouldn't be hard to move into your git, but I haven't had an opportunity to test likewis eat all on ARM, I just know it builds :-)
<eyci> I'll reask my question:"I was wondering if anyone has any knowledge on creating a working Server- Client network."
<icye> lol wut
<thebwt> eyci: depends largly on the software
<studio_> well, i'm stupid, my friend said he will setup my new ubuntu box, if i can get ssh running
<coffeedude> NCommander, That's more testing than I've been able to do :)
<icye> hey guys whats up
<thebwt> studio_: kk, 'sudo apt-get install ssh'
<eyci> Server 9.10
<thebwt> should do it
<coffeedude> NCommander, I'll send you mail once I push out the latest merge today.   Just want to verify the PPA build first.
<studio_> done
<thebwt> studio_: your friend should be able to help from there.
<Remowylliams> thebwt: that should do it. Sorry I've never used Ubuntu before. Mostly FreeBSD, SCO, DEC Unix, Irix, 40 versions of other linuxi. :)
<studio_> is there a way i can test it myself?
<eyci> Currently I have attempted to set up a server-client network on Server version 9.10, but have not been successful.
<thebwt> Remowylliams: don't sweat it ;) Basciaclly that needs to be run to initialize the sources repository. It's usually run automatically (for security updates)
<thebwt> studio_: 'ssh localhost'
<thebwt> eyci: can you be more specific? What application are working with?
<icye> hello
<thebwt> studio_: if that asks you for your login password, it is set up and configured. If your friend has trouble connecting still, it's likey a port forwarding issue.
<thebwt> icye: Hello
<icye> thebwt, I'm eyci
<icye> my terminal disconnected :(
<thebwt> I figured
<studio_> thebwt, thanx
<thebwt> ah
<thebwt> studio_: always a pleasure.
<icye> thebwt: "can you be more specific? What application are working with" what do you mean
<davmor2> meh do we not package the ebox-mail portion?
<NCommander> BTW, does anyone here care about SPARC and have some interest to debug it?
<icye> thebwt we used samba, smbclient but we are lost for the most part
<thebwt> ah nvm
<thebwt> i was confusing things around
<thebwt> samba is fun... so you have multiple desktops to 'share' folders over samba?
<icye> yes we basically are trying to set up a server/client network which allows the server to share files with the 5 clients while the clients can't send or recieve from other clients
<icye> and we need to set up an application on our server which the clients can run without installing or executing on their own computer
<thebwt> icye: are the clients running ubuntu as well?
<icye> thebwt yes they are
<thebwt> so wait, you want an application on the server, the remote machines access the servers application and run it?
<thebwt> is that accurate?
<icye>  thebwt yes, basically, and file sharing
<thebwt> ssh may be a more suitable(and simple) medium
<thebwt> what does the application need to do?
<icye>  thebwt ok do you have any guides or walkthroughs to recommend
<icye> it could be anything thebwt
<Omahn> NCommander:
<thebwt> icye: *nods* Well ssh is a versitule tool, first off the server needs openssh-server
<Omahn> We have *tons* of SPARC kit, not sure I would be interested enough to debug it though.
<thebwt> versatile*
<icye> ok is there anything else we need
<thebwt> nope
<icye> ok how do we get it?
<thebwt> you comfortable with the terminal?
<icye> not very
<icye> but if it's apt get I think we can figure it out
<thebwt> kk
<thebwt> 'sudo apt-get install ssh' on the server
<NCommander> Omahn: its a failure to boot on lucid :-/. karmic is broken due to other issues, but I'm not sure what the underlying issue is specifically :-/
<thebwt> the clients don't need it
<icye> ok and when we are finished with that, what's next?
<thebwt> on a client, open up nautilus
<icye> ok
<Omahn> NCommander: I didn't realise Lucid would have any SPARC support?
<Omahn> \window 2
<thebwt> in the location bar, enter "ssh://"username "@" ip address of the server
 * Omahn is obviously tired and failing this evening
<thebwt> so I use "ssh://thebwt@192.168.15.15" to access my server at 192.168.15.15
<NCommander> Omahn: there's been support for SPARC since dapper(?), but its community maintained, so its not guaretted to work in any given release
<icye> ok I'll give it a shot
<thebwt> you'll want to set all the 'clients' up with users on the server
<thebwt> and use the built in permissions
<icye> is it the client username or the server username
<thebwt> server
<Omahn> NCommander: Ah, ok. I didn't realise it even existed. What hardware are you testing on?
<NCommander> Omahn: Sunfire 120
<icye> ok is the the user name we log in with or the name we set when we setup the server
<NCommander> Omahn: fairly dated box, but it gets the job done
<icye> ie. the terminal name
<thebwt> icye: log in username
<Omahn> NCommander: Yeah, we have plenty of them, many still in production use.
<thebwt> icye: that other name is 'host name'
<icye> ah
<Omahn> NCommander: Does any documentation exist for the SPARC port?
<NCommander> Omahn: yeah, there's an official installation manual
<NCommander> Omahn: CDs are sometimes flakely though, I find SILO is a real crapshoot if it works on ANY hardware when not booting from HDD
<thebwt> icye: any luck?
<icye> yes!
<icye> omfg ty
<thebwt> icye: no problem
<NCommander> Omahn: if you grab one of the SPARC CDs from http://cdimage.ubuntu.com, and then burn itr and do boot cdrom, it should just start the installer
<icye> so we have the file sharing, how can we use this to run applications
<thebwt> icye: that depends strongly on teh application. Is it a gui application?
<icye> yes but ubuntu desktop is installed on the server
<NCommander> Omahn: I've only installed over serial console (no video card in my server)
<thebwt> icye: kk this requires the terminal (but you can make this a script, need to elarn the commands first)
<icye>  thebwt we have gnome GUI installed on the server
<thebwt> icye: *nods* thats great
<icye>  thebwt what commands will we need?
<thebwt> on the client, pop open a terminal
<thebwt> 'ssh' is all you need
<Omahn> NCommander: I'm not onsite again until Thursday but I'll see if I can grab one of the spare boxes to do some testing.
<thebwt> but
<thebwt> it's already on the clients
<icye> ok terminal is open
<thebwt> kk
<NCommander> Omahn: well, I'm trying a fresh install and upgrade, which may fix it, since karmic was completely foobar'ed on SPARC
<thebwt> "ssh user@server-ip -X"
<Omahn> NCommander: Remind me again, why? :-)
<icye> ok do we enter that
<NCommander> Omahn: bug in upstart causes it to segfault, causing init to crash and ...
<NCommander> Omahn: (well, bug in libnih which upstart uses)
<thebwt> icye: yes
<thebwt> let me know when you're logged in
<Omahn> NCommander: No, I mean why would you want to carry on using SPARC?
<icye> permission denied
<blackxored> how i setup a cname record in bind for a SOA pointing at google.com domain
<blackxored> ???
<NCommander> Omahn: SPARC's a cool architecture :-)
<thebwt> icye: did you use the server login username?
<icye> yes
<icye> oh another client got in
<thebwt> kk
<thebwt> and you have the -X on the end?
<icye> yep
<Omahn> NCommander: Mmmm, I think the only SPARC kit I would use today (for new systems) would be the T2
<thebwt> kk
<thebwt> type 'gedit'
<icye> ok
<NCommander> Omahn: should be new enough for Ubuntu sparc  to work
<icye> its says GTK warning cannot open display
<thebwt> the -X, makes sure the X is capitalized
<icye> ook
<uvirtbot> New bug: #352638 in m2crypto (main) "public key returned from a x509 object is not of type RSA_pub" [Undecided,Fix released] https://launchpad.net/bugs/352638
<icye> ill try that now
<thebwt> logout of the ssh session with 'exit'
<icye> oh ok
<diago> Hello, I'm having a hell of a time trying to get Windows Server 2003 installed using kvm
<diago> I'm running virt-install and trying to connect vnc only to get connection refused
<icye> we got the document open
<icye> what's nexty
<icye> next*
<thebwt> icye: that gedit application is running onthe server
<NCommander> coffeedude: if you have access to a Windows Server machine that we can maybe setup a VPN or equivelent to, we could probably do the necessary testing with conjuction with members of the server team
<thebwt> icye: though, the more I talk to you, the more I think you want a full remote login environment. Don't you
<icye> ok can we apply that to something different like a game
<diago> Who should own the dir were the image goes?
<icye> idk, do we?
<thebwt> icye: a 3d game? If it is high end 3d grpahics stuff, that may no work so well
<thebwt> diago: are you running it all with sudo?
<coffeedude> NCommander, Sure.  That sounds good.  I've got access to most OS types a far amount of hardware....
<icye> no like 2d chess or something already installed on ubuntu cause this is a school assignment nothing big
<diago> yeah, then when I try and connect with virt-viewier I get invalid argument in virDomainGetXMLDesc
<diago> thebwt: ^^
<coffeedude> NCommander, I mean fair...
<blackxored> please help me with this one:
<blackxored> blackxored> hey guys
<blackxored> <blackxored> I've done this before so don't blame me
<blackxored> <blackxored> I'm setting a gandi domain through gapps
<blackxored> <blackxored> and now stuck in the verification phase
<blackxored> <blackxored> what should I enter in the zone file to get google*****8 to point to google.com as a CNAME record
<blackxored> <blackxored> ???
<coffeedude> NCommander, I'll email you an update later today and we can work out the details,.
<NCommander> coffeedude: I know relatively little about likewise itself, I just ported it as its, although its useful to have no doubt
<blackxored> <blackxored> googledd4d6e####### 10800 IN CNAME google.com.
<blackxored> <blackxored> doesn't seem to work
<NCommander> coffeedude: thanks, I'll make sure that email also gets to other people who need to test it if thats ok
<thebwt> diago: have you seen https://help.ubuntu.com/community/KVM/CreateGuests#Example%20Windows%20install
<coffeedude> NCommander, It's useful people in certain environments and irrelevant to people in others :)  Like all software.
<thebwt> icye: in that ssh session, type /usr/games/glchess
<thebwt> icye: "/usr/games/glchess"
<thebwt> w/o the quotes
<NCommander> coffeedude: heh :-)
<icye> And this will run the chess game?
<thebwt> icye: yes
<icye> What about installing a program and running it via LAN?
<thebwt> you are running that via lan
<thebwt> the chess game is running on the server
<thebwt> and displaying on the client
<thebwt> hmm
<icye> I meant, running a game and having other clients also playing that game, connected together
<diago> thebwt: Everything there is exactly what I have done so I'm not sure what the issue is
<diago> I get this after running virt-install: Starting install... libvir: QEMU error :
<heynow> hi all - can anyone confirm that this ethernet controller is compatible with 8.04 OTB HP NC107i in a Proliant DL120 G6
<diago> then it continues and says .. install in progress blah blah
<icye> I'm guessing, to prove that we successfully installed and ran a program from the server, we would need some program not already installed on the other desktops, the clients.
<thebwt> yup
<diago> also I can't specify arch x86 for some reason
<thebwt> diago: I recommend #ubuntu-virt (the ubuntu virtualization channel)
<thebwt> diago: it sounds like qemu isn't installed or is misconfigured
<diago> ok thanks
<icye> We will find a program to run, but if the program has a LAN connection capability (Such as the Chess can access a server to play with other humans), would this allow us to run the game and access the LAN to play together all through the server?
<thebwt> icye: no
<thebwt> icye: I'm not sure how you would do that
<thebwt> icye: maybe vnc would
<icye> vnc?
<thebwt> icye: I'm just not sure if vnc allows siumotanious connections
<Pici> It can
<thebwt> Pici: do you think it would do what icye is wanting?
<icye> So ssh doesn't allow similtaenous connections?
<thebwt> icye: hmm it is different
<thebwt> icye: ssh is, but this has to do with x server (the display server) sharing. You need an abstraction over that, which vnc provides.
<icye> More importantly, is there a way to have these games open from an icon, rather then having to type it in the terminal? Would that basically be changing the filepath of an icon to the filepath on the server?
<thebwt> icye: that would be the script I mentioned earlier.
<icye> Ahh
<thebwt> icye: really though, this is all just a hack to make it work. The functionality you desire would need to be built into the application in question
<thebwt> icye: for it to work well.
<icye> I'm guessing the majority of games don't have this functionality built in. Do you know of any that do?
<thebwt> icye: games with client-server connections, yea I know a few
<thebwt> freeciv
<thebwt> open arena
<thebwt> hmm
<thebwt> not sure beyond that
<thebwt> I'm not sure I understand the full purpose I guess.
<icye> These are in the repositories that we should all ready have access to, or from a webpage?
<thebwt> repository
<icye> how would we install one of them?
<icye> just apt install openarena?
<thebwt> icye: at this point you're question is no longer really server related. You should move to #ubuntu. The way to install applications is syste->admin->Synaptic package manager. Use the search function to search for the applications.
<icye> Ok.
<icye> That is all the questions we can think of. Thank you for your time.
<thebwt> It was fun :)
<JollyMeck> Hello guys! I have a server with ubuntu 9.10 and i wonder if it is possible to somehow setup the syslog to send information to my desktop computer ?
<jcastro> JollyMeck: search for "remote syslog"
<jcastro> http://www.debuntu.org/how-to-remote-syslog-logging-debian-and-ubuntu
<jcastro> soemthing like that
<JollyMeck> jcastro: thanks
<MTecknology> jcastro: I would have loved that link ~4mo ago
<jcastro> centralized logging ftw
<MTecknology> jcastro: ya, I figured it out but a pretty guide like that would have been ncie
<MTecknology> jcastro: mostly because I mail the logs to myself nightly
<\sh> jcastro: bah...it still uses sysklogd and not rsyslog ;)
<jcastro> yeah whichever syslog daemon we ship by default.
<\sh> rsyslog that is...
<jcastro> there are likely 5 out-of-date wiki pages on wiki.ubuntu.com on the subject I'm sure
<MTecknology> jcastro: the story of rapidly changing technology
<\sh> hopefully when we are finished here with our solution we can write something up covering: centralized syslogging from network appliances, from ubuntu server, from tomcat application logs via log4j etc. including bringing the different logs to admins, developers and managers ;)
<\sh> including: "which storage solution behind that magic box"
<Kenjiro> hello there
<Kenjiro> does anyone know which package should I install to get "ldap.load" on my server? (Ubuntu Server 9.10)
<MTecknology> Kenjiro: aptitude search apache | grep ldap
<sherr> Kenjiro: Also - search package contents here http://packages.ubuntu.com
<Kenjiro> MTecknology: weird
<Kenjiro> I have all those three packages installed but I still don't get ldap.load :(
<Kenjiro> was that a file from an old version of Ubuntu, which was "discontinued"?
<MTecknology> Kenjiro: pastebin 'ls /etc/apache2/mods-available/
<Kenjiro> http://pastebin.ca/1830653
<Kenjiro> close to that I have ldap_userdir.load
<guntbert> Kenjiro: wrong directory mods-available not mods-enabled
<Kenjiro> oh man...
<Kenjiro> guntbert: do you have a gun? if so, please shoot me on the butt
<guntbert> Kenjiro: happens to the best :)
<Kenjiro> still weird.
<Kenjiro> now I have ldap.load on the right place (mods-enabled/)
<Kenjiro> then I try to start apache2 and it says "Unknown Authn provider: ldap"
<Kenjiro> :(
<MTecknology> Kenjiro: did you do a2enmod ldap?
<zAfi> Hey there. I'm running ubuntu server 9.10 on the Intel D510MO with integrated Atom D510 CPU and I just can't figure it out, how to change the default governor from performance to ondemand. (/sys/dev/system/cpu/cpu*/cpufreq does not exist btw...) Any hints/ideas? ;)
<jjohansen> zAfi: if it doesn't exist something is telling the kernel scaling is not supported
<zAfi> hm...but it should...
<glphvgacs> hi, ext4 on 9.10 and now lookin for a good pick of usage for / and /home
<glphvgacs> should I go with large4 for both?
<bogeyd6> ext4 should be default filesystem all around
<glphvgacs> bogeyd6: yes, and then I have this option during installation that I can specify usage
<glphvgacs> and there I have   largefiles largefiles4 news and standard
<bogeyd6> !ext4
<bogeyd6> !filesystem | glphvgacs
<ubottu> glphvgacs: An explanation of how files and directories are organized on Ubuntu, and how they can be manipulated, can be found at https://help.ubuntu.com/community/LinuxFilesystemTreeOverview  see also: man hier
<uvirtbot> New bug: #531706 in apache2 (main) "apache2 crashed with SIGSEGV in sapi_getenv()" [Medium,Incomplete] https://launchpad.net/bugs/531706
<jayvee> u
#ubuntu-server 2010-03-10
<jan247> hi guys, could someone lead me to some documentation for capacity planning for an ubuntu cloud?
<\sh> jan247: eventually http://www.ubuntu.com/system/files/UbuntuEnterpriseCloudWP-Architecture-20090820.pdf ?
<\sh> http://www.google.de/search?sourceid=chrome&ie=UTF-8&q=capacity+plan+for+ubuntu+enterprise+cloud <- first hit on friend google
<chocamo> how clean are complete dist upgrades? when lucid comes out will it really be as clean and simple as a regular apt-get dist-upgrade?
<thebwt> chocamo: ideally
<chocamo> is it better to just backup certain config files and do a clean install with new release?
<thebwt> how much of your servers software is fromt eh repos
<thebwt> and what version you coming from
<thebwt> to get a good idea first hand, start up a vm and give it a shot imo
<thebwt> main things to watch for is non repo software that you 'installed'
<chocamo> ya ok
<chocamo> thanks
<zoran119> hello, i got a problem with a ubuntu 8.04 lts running as a virtual machine on hyper v
<zoran119> every day or two the clock gets stuck in a 5 second loop and i have to restart the vm to get it going again
<zoran119> i have removed ntp ntpd from startup, i have also remove ntp script from cron.daily
<zoran119> the problem always occurs at 00 minutes (so at 12:00:00, or 13:00:00 and so on)
<zoran119> i just saw that there is a cron job that runs rdate -s every hour to sync the clock to an external rdate server... could this be causing trouble?
<\sh> zoran119: where did you see this rdate script, /etc/cron.hourly or /etc/cron.d ?
<twb> A cron job to run rdate is pretttty stupid.
<zoran119> \sh: the rdate script was in root's crontab.... 'crontab -e'
<zoran119> \sh: i have removed that cron job now
<twb> zoran119: sounds like whoever set up your VM was a fool.
<zoran119> twb: why is it such a bit issue?
<twb> zoran119: because cron events are triggered based on time.
<zoran119> twb: infinite loop possibility?
<twb> So if you have a time event that causes the clock to be set back, it'll loop forever
<twb> Although I guess it *ought* to work if the inetd it's talking to isn't also hokey...
<erichammond> twb: Doesn't cron have some smarts about triggering the same job multiple times?  I believe it does the right thing on daylight savings time shifts.
<twb> erichammond: maybe it does.
<twb> Certainly rdate is deprecated in favour of NTP for other reasons.
<\sh> zoran119: that's not installed by default, right? actually I don't know any package which installs something into roots crontab
<zoran119> \sh: not by default no... it was added manualy
<twb> Probably by whoever built the pre-built guest image, or by the equivalent of vmware-tools.
<\sh> using ntp on our esx vms does work and doesn't crash...it helps to maintain a sane time sync on our vms
<twb> \sh: ntp won't make large steps by default.
<\sh> twb: iburst?
<twb> \sh: hmm?
<\sh> twb: you meant with "large steps" that ntp doesn't sync your time at startup of ntp, or did I miss your meaning?
<\sh> grmpf...I hate unittest
<lifeless> ?
<kirkland> lifeless: hiya
<lifeless> kirkland: hey
<\sh> adding the keyword "iburst" on your server line in ntp.conf it syncs the time directly after startup (just like ntpdate <ntp server> ; /etc/init.d/ntp start
<ChmEarl> !paste
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://tinyurl.com/imagebin | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<ChmEarl> getting conflict in linux-virtual install http://paste.ubuntu.com/392171/
<ChmEarl> linux-image-virtual refuses to copy in its kernel
<ChmEarl> how can I cancel an install with conflicts?
<ChmEarl> its frozen at Inst/Unpacked
<uvirtbot> New bug: #535439 in samba (main) "Windows Network Computer are not shown" [Undecided,New] https://launchpad.net/bugs/535439
<invisime> so I accidentally toasted /var/lib on my server box. I have a bunch of stuff configured on it that I don't want to lose. I have enough space on my external to copy everything that's not toasted over prior to a reinstall. how should I proceed to minimize pain and effort? it would also help if I could minimize wailing of gnashing of teeth, but at this point I'm flexible.
<twb> invisime: dd the entire partition is safest
 * invisime goes to read man dd.
<arrrghhh> so i'm having issues with rtorrent.  keeps segfaulting, and it seems to be my config.  i _swear_ nothing changed with the config file, but when i run rtorrent with the -n switch, it works fine...
<arrrghhh> sorry, it's been a while since i've used irc!
<twb> arrrghhh: strace it
<arrrghhh> wow i've never used strace
<arrrghhh> seems to dump a ton of info to the termina.l
<arrrghhh> is there a particular way i should be running rtorrent with strace?  i see the segfault at the end, but there's an endless amount of pretty much garbage proceeding it.
<invisime> twb: how do I tell which /dev/ entry is mounted as root?
<arrrghhh> i think it may be the xmlrpc calls that is causing rtorrent to segfault... hrm.
<twb> invisime: /proc/mounts, perhaps?
<twb> invisime: if you don't know that much already, it's probably dangerous for you to be trying to do anything at all
<invisime> twb: well, clearly. I mean I already accidentally deleted /var/lib :P
<arrrghhh> eek
<twb> arrrghhh: put the strace output in a file, then examine the file
<arrrghhh> twb, i'm not sure what this output is... but perhaps it'll make sense in a file.
<twb> arrrghhh: I expect you to at least LOOK at the manpage
<arrrghhh> for what, strace?  ok.  the output does make more sense in a file as well, but i still don't get why it's segfaulting.
<arrrghhh> impressive, i'm surprised i haven't heard of strace before.
<twb> It's a log of the system calls made by the rtorrent process during its lifetime.
<twb> Interpreting what is actually happening is a skill you'll have to pick up over time.
<arrrghhh> i see "The SCGI socket has not been bound to any address and likely poses a security risk" - i didn't think it would cause a segfault.
<twb> OK, so now we approach the problem from the other direction.  What release are you running?  Did you enable any third-party repos?  Did you install any software by hand (instead of via apt)?
<arrrghhh> xml-rpc i did have to compile by hand...
<arrrghhh> rtorrent is from the repo's
<twb> Especially if you've done something silly like installing karmic's rtorrent into hardy, that would be a dead giveaway.
<arrrghhh> uhm i hope not
<arrrghhh> i'm running karmic
<twb> How does xml-rpc fit into this?
<arrrghhh> i'm thinking that's what is segfaulting rtorrent
<twb> What evidence do you have of this?
<arrrghhh> well, that error.  and when i access rtgui it *seems* to crash rtorrent.
<twb> This is obviously something new since I last used rtorrent, when it had an ncurses GUI.
<arrrghhh> i had to compile xml-rpc by hand because the advanced tree that fixed a bug i was having rtgui
<arrrghhh> oh it still uses ncurses.  but it can accept xml-rpc calls so other front-ends can control it.
<twb> What do you mean "because the advanced tree"?
<arrrghhh> it's been a while since i went thru it, lemme find the link.  essentially any torrent over 4gb would show the incorrect size unless i used the advanced tree of xml-rpc
<arrrghhh> well i found the directions, but not the explanation...
<arrrghhh> i guess it has a little blurb of why in the intro
<arrrghhh> http://code.google.com/p/rtgui/wiki/CompilingRtorrent
<arrrghhh> "The original problem is caused by the standard version of XMLRPC-C that is shipped with Ubuntu."
<twb> So you installed xmlrpc-c AND libtorrent AND rtorrent from source?
<arrrghhh> i believe i just did xmlrpc-c from source.  it has been a while, but as i recall libtorrent and rtorrent came from the repo's.
<twb> So your libtorrent and rtorrent are failing because the version of xmlrpc-c they expect isn't the version that's installed.
<arrrghhh> that... would make sense.
<twb> The *right* thing would be to wait for Ubuntu to fix the issue, probably in the next release, since AFAICT it's not a show-stopper.
<twb> The next least-bad thing would be to roll a .deb for your xmlrpc-c svn snapshot, then apt-get build-dep, apt-get source --build and install libtorrent, then rtorrent.
<arrrghhh> no, not a show-stopper.  but how do i get back to a functioning rtorrent?  i'm assuming i have to purge the custom install of xml-rpc and reinstall the one from the repos?
<ChmEarl> getting conflict in linux-virtual install http://paste.ubuntu.com/392171/
<twb> arrrghhh: Ideally by running "make uninstall" in the xmlrpc-c source dir and praying its uninstall code isn't completely fucked, then by running "aptitude reinstall xmprpc-c" or whatever the package name is.
<arrrghhh> hrm.
<arrrghhh> ok
<twb> ChmEarl: it looks like you simply can't have both kernels installed at once.
<chocamo> I am trying to setup wireless as a backup interface (don't ask), and I have wpa_supplicant connecting fine, but other problems: static ip doesnt work, tried dhcp but "no dhcpoffers received"
<arrrghhh> twb, aaaaaand if the make uninstall fails?
<ChmEarl> twb, I tried to uninstall the exiting server image, but the conflict is interfering. How can I cancel that install?
<ChmEarl> existing
<chocamo> i think there is a force option
<ChmEarl> -f is force, but the apt-get always comes back and says run "apt-get install -f"
<ChmEarl> and I'm trying to do a remove?
<ChmEarl> nevermind mates, I got it. I put both of the depends on the line together :)
<ChmEarl> woohoo finally
<twb> ChmEarl: dpkg -P <package name>
<ChmEarl> that does a cancel?
<twb> Oh, right.
<twb> ChmEarl: never mind, you fixed it already.
<ChmEarl> a purge?
<twb> Yes, -P is purge.
<ChmEarl> I was stuck until you got me trying a diff approach, thanks
<ChmEarl> twb- it worked.. uninstalled one, then installed the virtual type
<ChmEarl> the initrd was lowered from 7MB->4MB
<twb> If you care about saving 3MB, you shouldn't be running Ubuntu
<arrrghhh> ha, seriously
<RoAk> kirkland, i was wondering if packages that use upstart jobs commands like update-rc.d won't work as always.
<RoAkSoAx> clear
<arrrghhh> twb, sorry to bug you with this, especially since i caused the problem myself... but the make uninstall didn't work.  doesn't seem to exist... is there anything else i can do?
<ChmEarl> looking in grub.cfg, the root is (hd0,5) is the 5 0-based or 1-based
<arrrghhh> twb, so is there anything else i can do?  the make uninstall failed.
<twb> arrrghhh: either reinstall, or put up with a messy system
<twb> ChmEarl: depends which version of grub :-/
<twb> ChmEarl: in GRUB Legacy, everything counts from zero.  IIRC in GRUB 2, disks count from zero and slices (partitions) count from 1.
<arrrghhh> can i get rid of the xml-rpc stuff at least?  i have the tar i compiled it from.
<twb> arrrghhh: shrug
<arrrghhh> yea... i knew all this custom stuff would bite me in the end.
<twb> arrrghhh: it's just a phase
<twb> arrrghhh: you'll get over it
<arrrghhh> somehow i doubt ubuntu is going to 'fix' the problem with xml-rpc anytime soon.  so a clean system will put me back to where i was before, getting sizes that were negative.
<twb> IMO that is a Good Thing
<sekyourbox> Hello, I accidentally broke my network somehow in my ubuntu 804 install.  I was attempting to setup a PXE server, but when i went to setup dhcpd.conf, there was some firestarter script in there.  I deleted the config, and uninstalled firestarter just in case.  I started to setup the config file, and got sidetracked, and just deleted all the options.  I restarted the dhcpd3 and everything was working fine.  When i reboote
<uvirtbot> Launchpad bug 804 in eric "Bugged by pyQT api update (dup-of: 803)" [Medium,Fix released] https://launchpad.net/bugs/804
<sekyourbox> t I tried pinging the router, and got an error.. I checked all the regular network settings and disabled any route table, and everything looks fine.. I checked ip tables and noticed that it was set to deny all traffic.. I reset the iptables, and still no luck.. Any ideas on the next step i should take to troubleshoot? i think it has something to do with firestarter uninstall
<uvirtbot> Launchpad bug 803 in eric "Bugged by pyQT api update" [Medium,Fix released] https://launchpad.net/bugs/803
<arrrghhh> well then i'd just try to redo the stupid advanced tree of xml-rpc to fix the issue just to have it broken again by an update.
<jayvee> iptables -P INPUT -j ACCEPT, maybe?
<jayvee> can't remember the exact syntax
<jayvee> pastebin 'iptables -L -v'
<sekyourbox> jayvee, sorry I didnt know you were talking ...
<sekyourbox> I did an iptables -F ; iptables --flush; and iptables-save.. When i reboot it shows the same configuration of deny all is in there.
<sekyourbox> not sure what to check for startup scripts
<twb> sekyourbox: pastebin the output of "find /etc/init /etc/event*/ /etc/rc?.d/ -ls".
<sekyourbox> sorry no internet on that machine
<sekyourbox> lol twb
<twb> sekyourbox: I don't care how you do it.
<sekyourbox> okay was that just me?
<sekyourbox> or was that a netsplit from hell
<thebwt> sekyourbox: yup
<thebwt> sekyourbox: oh, as in just you, you were the only one that left from my PoV
<sekyourbox> lol, are you playing with me?
<thebwt> Netsplit *.net <-> *.split quits: sekyourbox
<thebwt> lol
<sekyourbox> re spawn
<ChmEarl> finally got linux-image-virtual kernel running as PV guest in Xen
<ChmEarl> guest is Karmic 9.10 server (root=1G) and host is Xen 4.0 on SuSE 11.2
<uvirtbot> New bug: #535533 in qemu-kvm (main) "gdb fails in arm chroot" [Undecided,New] https://launchpad.net/bugs/535533
<mealstrom> hi. easy question. how to disable ip_v6 on some ethernet port ? say eth0
<mealstrom> not os easy as I supposed...
<jayvee> mealstrom, sysctl net.ipv6.conf.eth0.disable_ipv6=1
<mealstrom> thanks
<jayvee> but why do you want to disable ipv6?
<mealstrom> there were some unfixed bugs with ipv6 and dhcp or something like this. just want to close external interface
<jayvee> if I were you, I'd seriously consider deploying IPv6 for real some time.
<Jeeves_> 'some unfixed bugs with ipv6'
<Jeeves_> mealstrom: Disable ipv4 as well! There are various products on IPv4 that have unfixed bugs!
<mealstrom> (:
<mealstrom> nice idea
<mealstrom> internal network is using ipv6 )
<persia> Point-to-point serial connections are the only safe path to the future :)
<persia> But more seriously, why isn't IPv6 the default for the virbr0 network in libvirt?
<Jeeves_> persia: Because ipv6 is unfortunatly not taken very seriously by some people
<persia> Jeeves_: Is there a technical reason we can't set up libvirt do to both IPv4 and IPv6 by default?
<Jeeves_> You'd need some address space
<Jeeves_> I'd think you'd need to add a /64 to the libvirt interface
<persia> We're using something in 192.168/16 now for IPv4.  Couldn't we use something in fc00::/7 for IPv6 ?
<persia> (or maybe fec0::/10 )
<jayvee> persia, because the VMs can't connect to the Internet that way
<jayvee> IPv6, unlike v4, doesn't have NAT for that sort of thing.
<jayvee> yes, you can add global addresses as well, but it's a little sticker
<jayvee> s/sticker/stickier/
<persia> Ah, so we'd need to install an IPv6->IPv4 gateway by default, and that breaks people with IPv6, etc.
<Jeeves_> persia: Uh? What?
<Jeeves_> You just need ipv6, not an ipv6->ipv4 gateway
<persia> Jeeves_: I either need IPv6 NAT or a gateway to let the VMs route to the internet unless I have real address space.
<Jeeves_> I'm trying my best to get Canonical to offer all packages on ipv6, so you won't need ipv4 at all! :)
<Jeeves_> persia: get real address space? :)
<Jeeves_> Seriously, get a tunnel somewhere
<Jeeves_> Or just native, but that's probably more complicated
<persia> Jeeves_: What packages don't work with IPv6?  Surely those can be just patched, rather than waiting for Canonical to get to it.
<persia> Jeeves_: Also, while getting address space isn't that hard, it doesn't solve the "what gets shipped by default" issue.
 * persia tries not to carry local patches or configuration changes, if possible, as this makes install/replication of new stuff easier
<Jeeves_> persia: archive.ubuntu.com and security.ubuntu.com don't have AAAA-records
<persia> Oh, so there's no IPv6 mirror.  I understand.  Is there anything missing in the packages, or is it just a mirror thing?
<jayvee> things like Postfix don't come configured for IPv6 out of the box
<jayvee> So following things like this http://www.sixxs.net/wiki/Postfix (which I wrote) becomes necessary.
<persia> jayvee: Is there a known working patch to the default config that would sort that, or do we run into address space issues again?
<jayvee> Well IMO it's something that should change upstream as well.
<jayvee> It shouldn't require hard-coding of your IPv6 address space
<persia> I'm in complete agreement with that.  Is there a patch that makes sense to make to default config?  (Doesn't really matter where it gets applied, once it exists)
<jayvee> If you don't specify mynetworks, I believe it is automatic, so if the defaults were changed to 'all' instead of 'ipv4', it should "just work".
<jayvee> Only disadvantage is that no spam DNSBLs support IPv6 yet.
<jayvee> One did, but it's now defunct.
<jayvee> Not sure if a patch exists.
 * persia tends to find that ideas get more tractions when patches exist and are promoted
<persia> But the lack of DNSBL for IPv6 makes it awkward :(
<jayvee> Well DNSBLs aren't configured by default anyway, so there's one way to justify it.
<persia> Good point.
<jayvee> Also I haven't seen a single piece of spam or abuse on IPv6 yet.
<persia> That's a sign of lack of adoption, really.
<jayvee> Yeah.
<jayvee> Also, avahi doesn't come configured with IPv6 turned on by default.
<persia> I could once say that about Usenet :)
<jayvee> One really unfortunate thing about avahi is that when you do enable IPv6 in /etc/avahi/avahi-daemon.conf, you see duplicate services.
<persia> Is there a local-link address space for IPv6?  I didn't think there was an equivalent to 169.254
<jayvee> yes
<jayvee> fe80::/12 or something
<jayvee> So, for example, in the VNC client, you see two of every server that has IPv4 + IPv6
<mealstrom> omg ... I've just said how to disable ipv6 on one nic :)
 * jayvee looks it up 
<jayvee> fe80::/10
<persia> mealstrom: Sure, but you've hit on a discussion that needs happening :)
<jayvee> persia: http://www.iana.org/assignments/ipv6-address-space/ipv6-address-space.txt
<Jeeves_> btw, Ubuntu postfix doesn't come with ipv6-enabled by default
<jayvee> 2000::/3 (i.e. 2000-3fff) is the "global" address space
<jayvee> Jeeves_, yeah, I just said
<persia> Right.  So postfix is easy: just needs a minor tweak (and some discussion on the mailing list)
<jayvee> fc00::/7 is closest to the RFC 1918 addresses (e.g. 10.0.0.0/8)
<persia> Well, and 172.16... and 192.168...
<jayvee> yaeh
<jayvee> persia: $ host www.debian.org
<persia> avahi needs some way to know when we're talking to a unique machine to avoid duplicated services.  Can we do something with arp to help with that?
<jayvee> www.debian.org has IPv6 address 2001:388:1034:2900::26
<jayvee> that's hosted in Australia. :-D
<jayvee> persia: nothing to do with what you just said, but IPv6 doesn't use ARP
<persia> heh.  I wonder who tracks that record most closely :)
<jayvee> it uses Neighbour Discovery
<jayvee> you could turn off ipv4 in avahi, but that breaks compatibility with every released ubuntu to date
<jayvee> not sure how OS X does it
<jayvee> OS X has had full IPv6 zeroconf support since 2003
<persia> Probably ignores IPv6 if names are duplicated or something.
<jayvee> there is also a major flaw in the internals of glibc that prevent mdns from working with link-local (fe80::/10) addresses
<persia> There's an open bug about that?
<jayvee> yes
<jayvee> it's been open for years and years
<persia> Anyone working on it?
<jayvee> doubtful
<jayvee> it would break too much software
<jayvee> it's more of a design flaw
<jayvee> reason being is that link-local addresses also require a "scope ID"
<jayvee> so I can ping a global address without a scope ID, like so:
<jayvee> $ ping6 2001:44b8:1::1
<jayvee> but to ping a link-local address, I need to specify the ethernet interface
<jayvee> $ ping6 fe80::21b:fcff:fe25:42e7%eth0
<jayvee> now that's obviously structured differently in memory
<jayvee> but basically glibc doesn't have the provision to return the scope in the dns functions, from what I understand
<jayvee> actually, I think that's more nss-mdns's problem than avahi
<persia> Sounds it.
<jayvee> so that doesn't work in an ad-hoc setting
<jayvee> whereas 169.254 addresses work fine with avahi right here rightn ow
<persia> OK.  Reading about NDP, it won't get us information we can reliably compare with something else to determine host identity.
<jayvee> the one thing that is the same is the hostname, though
<persia> not necessarily, but I agree it's likely safe to assume that.
<jayvee> nss-mdns also isn't enabled for ipv6 by default
<persia> But I think that belongs in the avahi UIs, rather than anywhere else.
<jayvee> in /etc/nssswitch.conf, you need to change 'mdns4' to 'mdns'
<jayvee> in ubuntu 8.04, samba doesn't support ipv6, but in 8.10 and up, it is fully supported and interoperable with Windows Vista, which also supports SMB over IPv6
<jayvee> however, LLMNR isn't supported
<jayvee> which is basically the IPv6 equivalent of nmblookup that microsoft invented
<persia> Right.
<merlijn-> hello, I'm trying to get ubuntu to boot from an older debian kernel - I have already downgraded to grub-1 but I keep getting error 13 when trying to boot the old kernel
<jayvee> LLMNR is rumoured to be supported by avahi one day
<jayvee> LLMNR is not ubuntu's problem
<jayvee> https://bugs.launchpad.net/ubuntu/+source/nss-mdns/+bug/94940
<uvirtbot`> Launchpad bug 94940 in avahi "mdns listed in nsswitch.conf causes excessive time  for dns lookups" [Undecided,Confirmed]
<persia> I think there ought to be a wiki page listing known issues and referencing open bugs, etc.
<persia> Looking around, I don't think one exists.
<persia> There's https://wiki.ubuntu.com/IPv6Integration but that's an incomplete spec.
<jayvee> http://lists.freedesktop.org/archives/avahi/2007-February/000959.html
<persia> There's also https://wiki.ubuntu.com/IPv6 but that's user documentation.
<persia> Would you mind creating https://wiki.ubuntu.com/IPv6/OutstandingIssues or similar?
<persia> Jeeves_: Maybe you also have some useful stuff to add there?
<persia> if we get it all in one place, I suspect we'll be well poised to get patches where they need to be to make it work.
<FireCrotch> isn't "outstanding issues" and the like what launchpad is for?
<Jeeves_> FireCrotch: Yes, it is
<Jeeves_> persia: the wiki isn't a bug tracker :)
<persia> FireCrotch: Launchpad does a great job of capturing individual issues, or plans to resolve classes of issues.  It does less well at organising them.
<persia> Jeeves_: I know, but it gives us structure, so we can identify which issues block other bits, etc. and build a strategy to solve things.
<persia> Jeeves_: I don't think just adding an "ipv6" tag to bugs gives us that.
<jayvee> there's already the "IPv6 Task Force" in launchpad which does bugger all
<Jeeves_> Indeed
<persia> Maybe that team needs a refresh :)
<jayvee> (excuse my Australian)
<Jeeves_> persia: Feel free to join
<persia> Jeeves_: I need to get a new router first :)  My router doesn't support IPv6.
<persia> (and I know almost nothing about the area)
<jayvee> you can learn a lot even by just running a tunnel on your PC
<jayvee> apt-get install gw6c
<jayvee> gets you on the IPv6 internet with a single IP through an anonymous tunnel provided by freenet6
<jayvee> works through NATs with no config
<persia> Installed, and I'm sure I'll learn.
<jayvee> persia: does http://ipv6.google.com/ work?
<persia> I still think it's worth trying to organise the list of issues if we want them solved.
<jayvee> I think the main issues aren't actually technical â they're political
<persia> jayvee: Now that I've installed gw6c, yes.
<jayvee> for example, I was disgusted when I was reading the Ubuntu Enterprise Cloud documentation
<persia> I'm fairly certain the main issues are political.  That's why I think it needs organisation.
<jayvee> it was all IPv4
<persia> Organisation is key to political discussion, and well-organised plans can easily overcome apathy.
<jayvee> hmm, I guess you have more faith in bureaucracy than I do :)
<persia> It's not that.  I just consider bureaucracy a tool.
<persia> Like any tool, one needs to use it the right way.
<persia> Documentating what needs doing, and in what order it needs doing builds a plan.
<persia> Having such a plan makes it easier to create the necessary patches.
<persia> Getting those patches applied is just legwork on the various mailing lists, bug trackers, etc.
<persia> Having a plan, and garnering support at the distribution level helps provide incentive and demonstration of testing to upstreams.
<persia> Having a plan and garnering upstream support helps support applying patches at the distribution level when upstream balks.
<jayvee> I'm just gonna test whether nginx supports it by default
<jayvee> actually, I already have apache
<jayvee> hmm, someone else want to install nginx on karmic or lucid and tell me what "netstat -64ln | grep 80" says?
<persia> jayvee: Do you need a real install, or will the result from a liveCD meet your needs?
<jayvee> live CD
<jayvee> hey, don't go to too much trouble
<persia> Argh!  kvm is coredumping on every launch for me right now.  Sorry.
<persia> (and worse yet, the "report a problem" bit won't complete)
<jayvee> no worries at all
<jayvee> I'm wiping the dust off one of my VMs
<persia> When kvm isn't segfaulting, I usually find it trivially easy to instantiate a new VM from a liveCD.
<persia> (and tend to recommend that procedure rather than maintaining VMs for scratch tests)
<persia> A fresh install tends to avoid any yet-unfixed upgrade bugs.
<jayvee> persia: well here we go: https://wiki.ubuntu.com/IPv6/OutstandingIssues
<persia> Wasn't there a glibc bug?
<persia> Jeeves_: Do you know of anything else outstanding?
<jayvee> Actually I think that a section should be added with regards to services like archive.ubuntu.com and www.ubuntu.com not having AAAA records.
<_ruben> i thought postfix posed you a question wether to listen on ipv4 or ipv6 or both .. perhaps only during reconfiguration or so
<persia> _ruben: It does, but only on reconfigure.
<persia> _ruben: The idea would be to change the default.
<_ruben> persia: ah ok
<Jeeves_> There's a bug where ssh x-forwarding doesn't work on a box where ipv6 isn't enabled, but ssh listen on ::
<persia> Template: postfix/protocols
<TeTeT> ttx: on bug 524147, is it true that one CC always controls exactly one Availability Zone? So you can't have an AZ with multiple CCs for redundancy within that AZ?
<uvirtbot`> Launchpad bug 524147 in eucalyptus "UEC NC failed to fetch preseed.conf from CC using lucid-server-amd64-20100218" [Medium,Confirmed] https://launchpad.net/bugs/524147
<ttx> TeTeT: yes it's true
<ttx> TeTeT: you can't have multiple CCs for the same "cluster"
<ttx> TeTeT: there is a HA module in the closed-source eucalyptus, not sure what it does though
<persia> Jeeves_: How can ssh listed on :: when IPv6 is disabled?
<Jeeves_> Let me rephrase that.
<Jeeves_> ipv6 is enabled but there aren't any ipv6 addresses available
<persia> Ah.  Right.
 * persia suspects that's a bug in the definition of "ipv6 is enabled"
<TeTeT> ttx: ok, so you should plan your CC and CLC to be redundant when going for a production environment, only the NC can be left brittle
<jayvee> persia, Jeeves_: there is also the possibility for currently working IPv6 functionality to be broken for IPv4 in the future
<jayvee> Debian recently announced that bindv6only would be enabled by default
<jayvee> currently, if you listen on ::, it includes the ::ffff:0.0.0.0 compabitility addresses for IPv4
<jayvee> so if your server app is IPv6-enabled, it is IPv4 enabled
<jayvee> so you only have to support one stack
<Jeeves_> persia: There allready is a bug about that
<ttx> TeTeT: CLC and Walrus are the one SPOF, CC+SC you could consider losing them and still have a few clusters running elsewhere
<jayvee> and lots of servers currently depend on that behaviour, and will then lose IPv4 functionality when that option is enabled
<ttx> TeTeT: depends on the SLA you want to offer with the private cloud
<jayvee> reason why the option is changing is because it's not RFC-compliant, as far as I've heard
<jayvee> unrelated, but CentOS has a bug in its installed. It says "neighbour advertisement" when it should say "router advertisement". and actually I think it should be saying "router discovery" in that particular instance, but I forget.
<jayvee> s/installed/installer/
<persia> Jeeves_: I can't find that bug.  All I find for ssh ipv6 are bugs #281882 and #407173
<uvirtbot`> Launchpad bug 281882 in openssh "ssh hangs in initial handshaking when using IPv6" [Undecided,Confirmed] https://launchpad.net/bugs/281882
<uvirtbot`> Launchpad bug 407173 in openssh "openssh: Please set traffic class on IPv6 packets" [Wishlist,Confirmed] https://launchpad.net/bugs/407173
<Jeeves_> persia: Just a sec
<jayvee> there is a bug that I don't know whether it was reported or not, but if I use an SSH SOCKS proxy, I cannot access IPv6âenabled websites
<jayvee> whether SSH is running over IPv4 or IPv6
<jayvee> all I get is "connection denied" or something â can't remember exactly
<Jeeves_> persia: 434799
<persia> buf #434799
<persia> bug #434799
<uvirtbot`> Launchpad bug 434799 in openssh "X11 forwarding via SSH does not work after upgrade to karmic" [Low,Confirmed] https://launchpad.net/bugs/434799
<persia> https://bugs.launchpad.net/ubuntu/+bugs?field.tag=ipv6 probably needs more, but I've added that.
<uvirtbot`> New bug: #535583 in nut (main) "Excessive logging by apcsmart program" [Undecided,New] https://launchpad.net/bugs/535583
<persia> jayvee: Were you talking abut bug #239701 earlier, or a different one in glibc ?
<uvirtbot`> Launchpad bug 239701 in glibc "getaddrinfo fails with numerical IPv6 values" [Undecided,New] https://launchpad.net/bugs/239701
<jayvee> persia, nope
<persia> Heh.  OK.
<jayvee> I'm referring to the fact that resolving something like "rillian.local" can't return "fe80::21b:fcff:fe25:42e7%eth0". Only things like "2001:44b8:7df3:b970::23".
<persia> I found a bunch more "please enable ipv6" bugs.  I'm not sure there is a clear solution for them yet.  Added a link to the bugtracker on the page.
<jayvee> On OS X, it works perfectly.
<jayvee> ping6 rillian.local works both on a link-local only and a global network.
<jayvee> on OS X
<Jeeves_> jayvee: On osx, you're never sure wether you will use ipv4 or ipv6
<persia> Right.  So we need to reach feature parity :)
<Jeeves_> It depends on what answer comes in first
<jayvee> I'm not sure whether it's an RFC-compliance issue. Maybe OS X is breaking RFCs to provide that. But I'm not sure.
<jayvee> But OS X has supported that since v10.3, which was released in 2003.
<jayvee> My v10.3 Panther system supports IPv6 better than Windows 7 and Ubuntu. ;)
<uvirtbot`> New bug: #325111 in ntp "ntpq output truncates IPv6 addresses" [Unknown,Confirmed] https://launchpad.net/bugs/325111
<jayvee> ejabberd doesn't have IPv6 enabled by default
<jayvee> is it worth talking about universe packages, or only main packages?
<jayvee> I spose main is more important. ejabberd is in universe.
<persia> It's worth talking about everything.
<persia> The current definition of "main" is only that stuff in main builds against stuff in main.  It doesn't currently correspond to translations support, upload restrictions, security support, etc.
<persia> A better way to think about things is "what is available by default takes priority".
<jayvee> well CUPS only listens on 127.0.0.1:631
<jayvee> so http://[::1]:631/ doesn't work â not that that's a problem affected by the IPv4 apocalypse
<jayvee> localhost should resolve to both ::1 and 127.0.0.1
<jayvee> currently it only resolves to 127.0.0.1
<jayvee> also, Second Life doesn't work if you have an IPv6 address for a nameserver in /etc/resolv.conf
<jayvee> but that's offtopic â it's not in Ubuntu
<jayvee> I do believe bind9 is IPv6-enabled by default.
<jayvee> I think maybe some sample config in comments for IPv6 wouldn't go wrong in /etc/network/interfaces
<jayvee> comments in configs are some of the best ways to learn, IMO
<persia> Some of the bugs I'm encountering reference a slowness when IPv6 is enabled, and suggest disabling it.
<persia> Could this be worked around by trying IPv4 first when available until the majority of folk are using IPv6?
<persia> bug #374674 looks like an attempt to do that, but perhaps not in the ideal way
<uvirtbot`> Launchpad bug 374674 in glibc "ipv6 link local address lookup broken" [Undecided,New] https://launchpad.net/bugs/374674
<Japje> personally i would not prefer a work around that try's IPv4 before IPv6.. mainly because v6 first is expected behavior for everything .. dont think breaking that behavior is a proper solution
<Japje> but thats just my humble opinion
<persia> Japje: So, how do you suggest things be configured so that non-IPv6 using Desktop users don't need to wait for an ipv6 lookup timeout before starting the IPv4 lookup?
<persia> I agree with the idea, but think that IPv4-before-IPv6 is better than no-IPv6
<Jeeves_> persia: a NXdomain will not cause timeouts
<Jeeves_> A nameserver that doesn't understand AAAA-requests will cause timeouts
<Jeeves_> glibc is fixed, so that it won't ask for AAAA-requests if there is no routable ipv6 available
<persia> Right, which is extremely common at the average "WiFi HotSpot"
<Jeeves_> Indeed
<Jeeves_> Because using a sane nameserver is very difficult! ;)
<persia> And this causes complaints, and current documentation that recommends disabling IPv6.
<persia> I'd like to find a (temporary) solution that helps ensure IPv6 is enabled for everyone, and then it's easier to migrate folk.
<persia> Note that this may not cause hideal behaviour for IPv6 users in mixed environments by default, but surely that's better than having IPv6 just not work.
<persia> OK.  Of the 68 tagged ipv6 bugs 9 have patches or branches.  Those probably need a bit of testing, and coordination with appropriate folk.  The rest need patches.
<hemanth> hi, is there a way to keep two mysql DB's in sync in LAN?
<hemanth> i'm on a Ubuntu 8.04 [LTS] server
<Jeeves_> hemanth: Yes, Mysql Replication
<Airells> could you tell me softs like webmin to administrate servers ? ( everything that makes job easy ) thx
<_ruben> !ebox
<ubottu> ebox is a web-based GUI interface for administering a server. It is designed to work with Ubuntu/Debian style configuration management. See https://help.ubuntu.com/community/eBox
<Airells> ubottu, thx
<hemanth> Jeeves_, any package for that? i tired mysql replication, but there  i need to specifically indicated each and every table.
<Airells> _ruben, thx
<Jeeves_> hemanth: No you don't need to do that
<Jeeves_> * is good enough
<Kenjiro> good morning everyone
<Kenjiro> guys, since yesterday I am trying to fix a problem on a apache server (ubuntu 9.10)
<Kenjiro> I try to start apache2 and I get -> Syntax error on line 43 of /etc/apache2/sites-enabled/000-default:
<Kenjiro> Unknown Authn provider: ldap
<Kenjiro> however, I do have ldap.load in /etc/apache2/mods-enabled/
<cjwatson> ttx: can you reproduce bug 535123?  if so, how?
<uvirtbot`> Launchpad bug 535123 in openssh "Lucid: Recent update to ssh mean ssh-askpass-gnome fails to recognize the correct password" [High,New] https://launchpad.net/bugs/535123
<cjwatson> ttx: you were pretty definite about which version you reckoned introduced it ...
<cjwatson> ttx: but there were no changes anywhere near that part of the code AFAICS
<Kenjiro> ok, sorry, I think I solved that by myself. I hadn't enabled the authnz_ldap module ;)
<ttx> cjwatson: haven't reproduced it (that's why I haven't marked it Confirmed), guessed version based on reporter comment
<ttx> i.e. tried to translate "Recent update" to something clearer
<cjwatson> more likely an upstream upgrade to 5.3p1 then
<ttx> cjwatson: switched to Incomplete/Medium to reflect the fact that it's not easily reproducible
<acalvo> is there any reason why two VMs in the same VM server sharing the same net behave different when accessing thru SSH? one faster and the other much slower
<acalvo> how can I do some benchmarks to know the overall performance of a server?
<pmatulis> !info iperf
<ubottu> iperf (source: iperf): Internet Protocol bandwidth measuring tool. In component universe, is optional. Version 2.0.4-4 (karmic), package size 53 kB, installed size 200 kB
<acalvo> thanks
<pmatulis> acalvo: are you comparing performance of the 2 VMs while both are being used?
<acalvo> yes, but just to get some results
<acalvo> if the connection is greater than, 100Mbits, will be fine
<pmatulis> acalvo: both using virtio network driver?
<pmatulis> (i'm assuming you're using KVM)
<acalvo> I can't explain why SSH'ing one gets semi-stuck entering commands and the other goes fine
<acalvo> pmatulis: VMWare ESXi server with VMware tools installed
<acalvo> both ubuntu 9.04
<pmatulis> oh
<uvirtbot`> New bug: #536620 in vsftpd (main) "SEGV when using pasv_address" [Undecided,New] https://launchpad.net/bugs/536620
<ogra> ttx, you i and NCommander need to talk about likewise but i'm in several calls today, will you be around in 2-3h ?
<ttx> ogra: should be yes
<ogra> great
<acalvo> connection is fine (> 900 Mbits/sec)
<acalvo> why could cause a SSH to be so slow?
<pmatulis> acalvo: well, you'll need to describe the test that makes you come to that conclusion
<acalvo> well, I've just tested connection status with iperf and its default configuration
<zul> monring
<pmatulis> morning
<uvirtbot`> New bug: #535608 in ntp (main) "package ntp 1:4.2.4p6 dfsg-1ubuntu5.1 failed to install/upgrade: il sottoprocesso vecchio script di post-installation ha restituito lo stato di errore 127" [Undecided,New] https://launchpad.net/bugs/535608
<uvirtbot`> New bug: #420470 in samba (main) "winbind segfault starting up" [Medium,Triaged] https://launchpad.net/bugs/420470
<zul> die bugs die!
<uvirtbot`> New bug: #529290 in samba (main) "logrotate script needs to be updated for Upstart conversion" [Undecided,Triaged] https://launchpad.net/bugs/529290
<uvirtbot`> New bug: #514765 in samba (main) "Shared folder creation fails due to incorrect testparm path" [Low,Incomplete] https://launchpad.net/bugs/514765
<mathiaz> jcastro: hi - https://bugs.edge.launchpad.net/~ubuntu-server/+patches
<mathiaz> jcastro: ^^ what are bugs marked Fix Released included in the report?
<diago> what replaced vol_id in 9.10 ?
<diago> I used to use vol_id --uuid
<diago> what replaced vol_id in 9.10 ?
<persia> Asking multiple times won't get an answer faster.
<persia> Asking for support in this channel when all the developers are in a meeting also is likely to cause a delay.
<diago> I believe I waited the 10 minute period allotted by IRC
<diago> ah, no I didn't I just saw people jumping in
 * _ruben never heard of such a 10minute rule
<_ruben> and the answer might be "blkid"
<diago> thanks _ruben
<diago> Anyone know how to get just the UUID?
<persia> _ruben: The "10 minute rule" is a guideline in #ubuntu, where there's so much traffic that questions often do need repeating.
<_ruben> persia: ah ok
 * Kenjiro is back
<Kenjiro> I am trying to find out what I am missing. I have a ubuntu server which should authenticate, using LDAP, on another server
<Kenjiro> however this ldap authentication is not working... and I don't know why :(
<Kenjiro> as far as I checked, the logs don't give me a good clue :(
<Kenjiro> all I get is this -> http://pastebin.ca/1831910
<Kenjiro> any tips? :(
<Kenjiro> I don't know which config files I should check now
<Kenjiro> (ubuntu 9.10)
<Kenjiro> and yes, I am FAIRLY green to ldap :(
<sherr> Kenjiro: what guide are you following?
<sherr> Kenjiro: Have you trid following :
<sherr> http://www.howtoforge.com/install-and-configure-openldap-on-ubuntu-karmic-koala
<sherr> *tried
<Kenjiro> sherr: to be true... I was "given the mission" to migrate an old server to this new one. (all the services).
<Kenjiro> out of the blue, short time to do it... (you might know how things work) :(
<sherr> OK, well try following a guide :-) Howtoforge are normally step by step.
<Kenjiro> sherr: let me check that guide of yours
<Kenjiro> sherr: my problem is setting up the client
<Kenjiro> the server is ok
<sherr> Note - not my guide. I have not used it (or configured LDAP) - but there are lots of good resources around.
<Kenjiro> (just for the record)
<acalvo> Kenjiro: but where is the problem?
<acalvo> Kenjiro: nss_ldap?
<Kenjiro> acalvo: that's the problem... I don't know where the problem is
<Kenjiro> acalvo: did you check that pastebin I pasted here?
<acalvo> nope
<Kenjiro> hold on
<Kenjiro> http://pastebin.ca/1831910
<acalvo> it just shows that a user tried to log in
<acalvo> and the system does not know that user
<acalvo> but what do you want to achieve?
<Kenjiro> that's what I get in /var/log/auth.log when I try to login using a user from the ldap server
<acalvo> relay in another server to do the auth at PAM level?
<Kenjiro> acalvo: I have to migrate the services from an old ubuntu server to this new one (9.10).
<acalvo> yes, but what services?
<Kenjiro> almost everything is ok by now, but this login/auth thing
<sherr> Kenjiro: there are command line ldap query tools - query the ldap server for the user - is the user found?
<Kenjiro> on the old server I can login using a LDAP user (the ldap server is another one)
<acalvo> Kenjiro: hold on
<Kenjiro> on the new server I can't
<Kenjiro> I started checking the config files on the old server, than changing the files on the new server
<acalvo> Kenjiro: ok, look https://help.ubuntu.com/9.04/serverguide/C/openldap-server.html for "LDAP Authentification"
<Kenjiro> acalvo: holding ;)
<acalvo> that's why I've set up most of my servers to auth against another LDAP server
<acalvo> s/why/how
<Kenjiro> let me check that then
<Kenjiro> guys, first and foremost, thanks for the attention ;)
<acalvo> np
<acalvo> I've a server crashing randomly. I've tried to set up something to log when it crashes, but I couldn't see anything wrong
<acalvo> any way to get all data before it crashes?
<acalvo> it's just a web server with bind and dhcp3-server
<acalvo> it had squid with NTLM auth, but I've removed both (squid and windbind)
<acalvo> and now it's crashing
<acalvo> I can ping it when it's "dead", but I can SSH to it nor access directly
<acalvo> hard reboot to get it working again
 * Kenjiro bbl
<diago> acalvo: no chance for booting into recovery?
<acalvo> well, I guess I can
<acalvo> what's the point in rebooting into recovery?
<diago> aren't you just trying to get you data off?
<acalvo> nope
<acalvo> I'm tryting to get it working 100%
<diago> ah, maybe you can research the logs in recovery
<AnAnt> Hello, how can I set user permissions on LDAP ?
<acalvo> diago: that what I've thought, but it days so early I can see nothing in the logs
<acalvo> AnAnt: user permissions for what?
<acalvo> AnAnt: changing something in LDAP?
<acalvo> fool question: when a computer runs out of memory (physical and virtual), it gets stucked?
<diago> if it doesn't it would be PAINFULLY slow
<diago> I can see services shutting down easily because of that though
<acalvo> yes, but it'd recover from that
<acalvo> kill all memory-eater services and keep going, right?
<acalvo> I'm seeing that now, when the machines is not in a peak time, swap is being used
<AnAnt> acalvo: no, for machines, ie. I want users X & Y to have admin rights on machines in the network
<AnAnt> X & Y are LDAP users
<acalvo> well, join them to a group that has those privileges
<acalvo> is it samba based?
<AnAnt> no OpenLDAP
<AnAnt> acalvo: so I should go on every machine and add X & Y to admin group
<AnAnt> ?
<acalvo> no
<acalvo> but you can share LDAP groups across multiple machines
<acalvo> and give rights to groups
<acalvo> so every user in those groups have privileges
<AnAnt> give rights to groups on each machine ?
<acalvo> no
<acalvo> erm
<acalvo> just creat groups in LDAP and, using any method, connect your machines to LDAP so they can read all information from it
<acalvo> groups, users, and so on
<acalvo> this way, you just have to set up once everything
<AnAnt> yes, but about permissions ?
<AnAnt> I did create the users & groups
<AnAnt> but the question is, I got machines: red , blue , green
<AnAnt> should I go to each machine, and add the group "admins" to the sudoers for example ?
<lenios> as far as i know, yes
<lenios> it's the same with AD
<acalvo> oh, with that kind of rights, yes
<acalvo> https://help.ubuntu.com/9.10/serverguide/C/openldap-server.html
<AnAnt> acalvo: yes, I used that guide
<acalvo> AnAnt: try to ask in #openldap
<uvirtbot`> New bug: #536695 in dovecot (main) "1.2.x versions before 1.2.11 are vulnerable to DoS attack" [Undecided,Confirmed] https://launchpad.net/bugs/536695
<AnAnt> ok
<sherr> I have not (yet) had the pleasure of setting up a Directory Server, but have to occasionally use AD at work. Connecting to, or replacing, AD are important topics in the business use of Linux. I'm interested in asking : has anyone experience of using any other DS other than OpenLDAP? There are very interesting opensource alternatives e.g. 389 Directory Server (ex-Fedora DS), Apache DS etc. Not only very full featured, but including decent fron
<sherr> http://directory.fedoraproject.org/
<sherr> http://directory.apache.org/apacheds/1.5/
<sherr> I'm considering LDAP for future needs - currently using NIS (+AD elsewhere) :-)
<acalvo> well, I'm using Apache Directory Studio as a front-end
<acalvo> and openLDAP
<sherr> to OpenLDAP?
<acalvo> so far so good
<sherr> Directory Studios is the client/front-end. Looks good. Maybe the back-end is good as well.
<acalvo> sure
<sherr> My personal view is that a DS is more important for business use than a cloud service/eucalyptus.
<acalvo> is where all the sensitive data relays
<acalvo> in education also
<sherr> sensitive data relays?
<acalvo> is stored, I meant
<sherr> OK. I am sceptical about the cloud strategy for Ubuntu/Canonical, but hope it works out of course.
<acalvo> it seems they're working hard on it
<acalvo> will see what it gets
<smoser> zul, ttx, kirkland, mathiaz i will be in and out the rest of the day, if you need me, please send email.
<sherr> Yes, a lot of effort on it. I hope it pays off. Again from a boring business perspective (mine), I'd rather the effort was a Debian/Ubuntu Directory server, integrating with Samba/AD/Mail. With a decent (modern) front end.
<zul> smoser: kk
<acalvo> sherr: agree, from an Education point of view
<sherr> acalvo: Yes, of course. Similar needs in this area to a business - lots of users and machines.
<acalvo> yip
<acalvo> from your experience, is it work to swith to worker vs prefork?
<sherr> acalvo: Mine? My sites never need to worry about it and I've never had to bother testing or switching (from prefork).
<acalvo> ok
<sherr> All internal, non-public and <20 users (generally).
<uvirtbot`> New bug: #536736 in samba (main) "package samba-common-bin 2:3.4.0-3ubuntu5.4 failed to install/upgrade: le sous-processus script post-installation installÃ© a retournÃ© une erreur de sortie d'Ã©tat 2" [Undecided,New] https://launchpad.net/bugs/536736
<uvirtbot`> New bug: #518804 in samba (main) "samba-common 3.0.28a-1ubuntu4.10 post-installation script crashes (dup-of: 460842)" [Low,Confirmed] https://launchpad.net/bugs/518804
<mardok_> My question isn't directly releated to the Ubuntu server, but I was wondering how I solve a problem with AppArmor not loading a profile.  I installed a xen kernel and it's says "Failure: AppArmor profiles failed to load"
<uvirtbot`> New bug: #279643 in puppet (main) "puppet needs openssl" [Undecided,Fix released] https://launchpad.net/bugs/279643
<uvirtbot`> New bug: #249783 in samba (main) "Wrong message when sharing a root-owned folder" [Wishlist,Confirmed] https://launchpad.net/bugs/249783
<Kenjiro> acalvo: hello there again.
<Kenjiro> acalvo: really thanks for that URL you showed me. That really helped solving my problem
<Kenjiro> acalvo: Domo arigato gosaimas
<cortex|sk> hi guys why is apache automatically reloading when i install apache module(mod_proxy for example)?
<GhostFreeman> I'm not seeing a ~/.gemrc file in my home dir, could this be a problem?
<_ruben> no, never seen it myself either
<GhostFreeman> I guess it wouldn't hurt if I made on
<GhostFreeman> trying to install Rails with Passenger and Apache2
<igggimin> I'm trying to configure ssh tunnel manager to create a secure tunnel to this home machine that I can use remotely. Can someone help me with this?
<igggimin> For example, how do I create the Privkey?
<igggimin> And will Remote Desktop work?
<igggimin> And how can I also set a tunnel to this machine for private internet access?
<igggimin> I'm running Ubuntu 9.10 here, and will be connecting with Kubuntu 9.10. Any advice are appreciated
<igggimin> lol - nobody?
<igggimin> in the server channel??
<Pici> igggimin: ssh tunnel manager sounds like a graphical application, and you're not likely to find support for that in the server channel.
<Pici> If its not, keep in mind that not all channels are as busy as #ubuntu is.
<_ruben> sigh .. one of these days again .. boot up my fileserver, its seeing all 4 disks as spares, instead of a raid5
<igggimin> fair enough - yes it is graphical. I'm open to command line options too, either way. In the #ubuntu channel someone recommended I ask in here
<igggimin> But I'm finding some documentation now - thanks
<_ruben> weird, doing a mdadm --stop followed by a reassemble does the trick
<_ruben> hmm .. doesnt see my lvm though ... sigh
<andol> zul: Regarding bug #462749. In a January comment you mentioned it being a good SRU candidate. Do you mind if I pick up on that, or is it an issue you'd like to finnish yourself?
<uvirtbot`> Launchpad bug 462749 in vsftpd "vsftpd-2.2.0 (currently in karmic) is affected by pasv_address regression" [Medium,Fix released] https://launchpad.net/bugs/462749
<zul> andol: be my guest
<uvirtbot`> New bug: #536837 in freeradius (main) "package freeradius 2.1.0 dfsg-0ubuntu4.1 failed to install/upgrade: subprocess post-installation script returned error exit status 3" [Undecided,New] https://launchpad.net/bugs/536837
<RoAkSoAx> zul, was my hook ok?
<zul> RoAkSoAx: yep
<RoAkSoAx> zul, ok I'll attach the diff to the bug report for you to sponsor it :)
<zul> RoAkSoAx: sounds good to me
<uvirtbot`> New bug: #536853 in freeradius (main) "can't make freeradius 2.1.8 - src/main/modules.c:1358: undefined reference to `lt__PROGRAM__LTX_preloaded_symbols'" [Undecided,New] https://launchpad.net/bugs/536853
<mathiaz> kirkland: hi - could you drop the serial consoles on nickel?
<kirkland> mathiaz: sure
<kirkland> mathiaz: done
<mathiaz> kirkland: thanks
<mathiaz> cjwatson: hi - does anna-install only knows about udeb that are in main?
<mathiaz> cjwatson: I'm trying to anna-install vlan-udeb from the console in the installer (started via mini.iso)
<mathiaz> cjwatson: it fails with "unkown udeb vlan-udeb"
<RoAkSoAx> zul, Done: https://bugs.launchpad.net/ubuntu/+source/vsftpd/+bug/531978
<uvirtbot`> Launchpad bug 531978 in vsftpd "Apport hook for vsftpd" [Low,Confirmed]
<zul> RoAkSoAx: thanks ill take a look at it
<mathiaz> apw: hi - is it possible to have a kernel-module udeb provide a virtual package?
<RoAkSoAx> zul, cool I'll just ping you whenever I have the others ready
<mathiaz> apw: for now there is vlan-modules-2.6.32-16-generic-di
<mathiaz> apw: it has the kernel version hardcoded in the package name
<mathiaz> apw: I'd like to be able to make the vlan-udeb (user space) depends on vlan-modules (kernel modules) without using any kernel version. Is that possible?
<SEJeff_work> Has anyone on the serverteam poked at http://fedoraproject.org/wiki/Features/Zarafa ?
<bogeyd6> SEJeff_work, that costs more than zimbra :*(
<SEJeff_work> bogeyd6, There is a gpl version which Fedora is using
<bogeyd6> ah yes, the community version
<bogeyd6> sans any outlook support
<SEJeff_work> bogeyd6, Seems like something we want
<SEJeff_work> Either way, there isn't anything really like it. Seems sane to work on getting it in Debian and in our repos
<bogeyd6> they got a lts package too
<bogeyd6> i think for the meantime SEJeff_work  ill still to vmwares zimbra
<uvirtbot`> New bug: #536894 in openssh (main) "Feature request:  make ssh-agent call ssh-add automatically" [Undecided,New] https://launchpad.net/bugs/536894
<aubre> hola, has anyone ever successfully converted a vmware image to xen for use with UEC , and if so what did you use?
<GhostFreeman> Anyone here good with Passenger?
<GhostFreeman> it's asking me to add some stuff to Apache conf, just not clear on if that should be added to apache2.conf
<aubre> I'll take the silence as a no :P
<sherr> GhostFreeman: No idea about Passenger, but the apache "conf" is "apache2.conf" - but actual sites are configured and enabled via /etc/apache2/sites-available, and linked in sites-enabled (to start). basically, all standard apache config.
<GhostFreeman> Ok, well i'll start in apache2.conf and work recursively into other apache dirs
<sherr> Server guide might help : https://help.ubuntu.com/8.04/serverguide/C/httpd.html
<bogeyd6> !anyone | GhostFreeman
<ubottu> GhostFreeman: A large amount of the first questions asked in this channel start with "Does anyone/anybody..."  Why not ask your next question (the real one) and find out?
<bogeyd6> ill help you with your apache conf
<GhostFreeman> Ok
<bogeyd6> but i gotta know what you are trying to do
<GhostFreeman> I just installed the passenger gem and I am going through the process of setting it up
<bogeyd6> ok
<GhostFreeman> its given me some stuff I need to add to the apache configuration. Before I go messing up all the conf files, I want to be sure the file its referring to is apache2.conf
<bogeyd6> so you are at the part where you need to add something to /etc/apache2/apache2.conf on 8.0.4 lts?
<GhostFreeman> 9.04, and yes
<bogeyd6> which version of phusion passenger?
<GhostFreeman> 2.2.11
<bogeyd6> GhostFreeman, so we are clear is wants you to put a loadmodule passengerroot passengerruby and passengerdefault user in that apache2.conf ?
<GhostFreeman> Yes
<bogeyd6> ok
<bogeyd6> GhostFreeman, nano /etc/apache2/apache2.conf
<bogeyd6> arrow all the way down to the very end of the file
<GhostFreeman> and just add them at the bottom
<bogeyd6> yup
<bogeyd6> just like that
<bogeyd6> press cntrl + x to save it
<bogeyd6> then /etc/init.d/apache2 restart
<bogeyd6> well sudo of course
<bogeyd6> !noroot
<ubottu> We do not support having a root password set. See !root and !wfm for more information.
<GhostFreeman> Much appreciated bogeyd6
<malifal> how do i redirect iptables log to some logfile other than messages?
<bogeyd6> malifal, change in /etc/syslog.conf
<bogeyd6> unless you use syslog-ng
<bogeyd6> malifal, if its not already there use "kern.warning /var/log/iptables.log"
<bogeyd6> malifal, then /etc/init.d/sysklogd restart
<malifal> i don't have /etc/syslog.conf
<malifal> i'm running ubuntu 9.04
<malifal> sorry 9.10
<malifal> :)
<malifal> ok it's rsyslog
<malifal> isn't there another way of identifying the iptables messages other than redirecting all kernel warning to another file?
<malifal> cause that's what the line is doing right?  right now everything kern.* is going to /var/log/kern.log
<bogeyd6> malifal, sorry got pulled away
<bogeyd6> malifal, in your iptables file you put --log-level 4 at the end of the rules
<malifal> watching the game ? ;)
<bogeyd6> malifal, --log-prefix 'text' is also a good thing to do for quick grepping of the log file
<malifal> and Man U score again
<cjwatson> mathiaz: yes, it only works on main; and vlan-modules-blah Provides: vlan-modules, so you can (indeed should) just depend on vlan-modules
<bogeyd6> malifal, i get the sense you are hesitant, please go here https://help.ubuntu.com/community/IptablesHowTo
<bogeyd6> also
<bogeyd6> !iptables | malifal
<ubottu> malifal: Ubuntu, like any other linux  distribution, has firewall capabilities built-in. The firewall is managed using the 'ufw' command (see https://help.ubuntu.com/community/Uncomplicated_Firewall_ufw), or 'iptables' (https://help.ubuntu.com/community/IptablesHowTo). GUI applications such as Firestarter/Gufw (Gnome) or Guarddog (KDE) also exist
<malifal> ok thanks bogeyd6 i'll check out the links
<mathiaz> cjwatson: great -thanks - so seeding vlan-udeb somewhere should be enough to pull both packages into main
<sherr> malifal: you can also try and use the syslogger that Ubuntu uses (rsyslogd) to look for some log "patterns" and put in a different log file. See the man page :
<sherr> http://manpages.ubuntu.com/manpages/hardy/man5/rsyslog.conf.5.html
<malifal> sherr: ok cheers, i'll consider both alternatives
<bogeyd6> i keep forgetting people use rsyslog
<mathiaz> cjwatson: hm - I can see that vlan-modules-*-di is already in component_mismatch
<mathiaz> cjwatson: does it make sense to add vlan-udeb (vconfig userspace utility) to the installer seed in platform.lucid?
<sherr> bogeyd6: I prefer syslog-ng but Ubuntu defaults to rsyslog, and I tend to leave it ... I haven't tried customisation yet.
<cjwatson> mathiaz: maybe server-ship - otherwise it would end up on the alternate CD too?
<mathiaz> cjwatson: ok
<savid> Is there a way using apt-get or aptitude to show what would be changed if I ran "safe-upgrade" or "full-upgrade"?  ie, something like a "dry run"?
<sherr> savid: see : man aptitude
<savid> sherr, yeah, I'm looking through it but can't find the command
<sherr> Search for  "simulate"
<savid> Ah, thanks!
<sherr> Fingers crossed! :-)
<savid> Hmm..
<uvirtbot`> New bug: #536930 in kerberos-configs (main) "Password changing fails when "krb5" pam-config is not first" [Undecided,New] https://launchpad.net/bugs/536930
<savid> Ok,  so my goal is to be able to update my ubuntu 8.10 production-level server to use python2.6,  but it is not in the package repository for 8.10 (which only goes up to python 2.5).   What is the best way for me to approach this?
<savid> I'm scared to do a distribution upgrade (ie, upgrade to 9.10) because of what might break...  I want as little downtime as possible
<savid> Every time I do an upgrade on my local ubuntu box something _always_ goes wrong,  so you can understand my fear ;-)
<bogeyd6> savid, use a vmware image for 9.10 and test it
<bogeyd6> vmware server is free
<uvirtbot`> New bug: #536937 in vm-builder (universe) "-o option now broken in version 0.12.2-0ubuntu3" [Undecided,New] https://launchpad.net/bugs/536937
<lifeless> are there UEC images for Lucid ?
<Airells> have you noticed any problems with vsftpd ( ssL ) like "initializing TLS... " in ubu 9.10  ?
<uvirtbot`> New bug: #536958 in openldap (main) "slapd package configuration aborts during Hardy -> Lucid upgrade" [Undecided,New] https://launchpad.net/bugs/536958
<apw> mathiaz, i believe that alll of the kernel udeb Provide: their prefix, as an example:
<apw> crypto-modules-2.6.33-500-omap-di_2.6.33-500.1tiomap201003101552_armel.udeb:
<apw>  Provides: crypto-modules
<apw> mathiaz, ^^
<mathiaz> apw: great - thanks
<mathiaz> apw: I've uploaded a new version of the vlan-udeb that Depends: vlan-modules
<FFForever> how do I resync my time?
<FFForever> errr how do I set it to gmt -8, the current time is in UTC and it is messing up my script
<juancri_> hi folks
<hggdh> mathiaz: could you add me to the server team (so that I can get bug mail)?
<juancri_> hope you're doin well. I have a question about SSH access on EC2...
<juancri_> I'm able to connect trough SSH using the user "ubuntu", but I'm not sure about how to allow other users to log in
<juancri_> even when I add a key to them (~/.ssh/authorized_keys)
<uvirtbot`> New bug: #536993 in samba (main) "starting billard-gl locks computer" [Undecided,New] https://launchpad.net/bugs/536993
<juancri_> Uhm... if I enable this "PasswordAuthentication yes", other users can log in
<juancri_> but only using their passwords
<juancri_> not the keypair
#ubuntu-server 2010-03-11
<ChmEarl> got pygrub trouble- trying to boot karmic 9.10 VM (pv) & get "no bootloader data" error. Can I add a psuedo grub1 setup - menu.lst - and get pygrub to work?
<ChmEarl> the dom0 is suse11.2 and my /boot is ext3. I want pygrub to use the /boot in domU
<ChmEarl> it seems silly to uninstall grub2, install grub1 when all pygrub needs is the menu.lst
<Hypnoz> if an nfs mount is 755 owned by www-data:www-data, what permission would allow any user to touch any file owned by www-data:www-data?
<arrrghhh> so i have a "special" version of xml-rpc-c installed (the advanced tree) - how can i uninstall it?  'make uninstall' did not work, and i've never really uninstalled anything i've compiled...
<ChmEarl> nam-myoho-renge-kyo
<livingroom> Hi Ubuntees, I need help resolving dependency issue, I'm trying to install testdrive but apt-get complains : testdrive: Depends: cpu-checker but it is not installable. Running Ubuntu 9.10 64bit
<KB1JWQ> livingroom: And why i it not installable?
<livingroom> KB1JWQ, exactly
<livingroom> Package cpu-checker is not available, but is referred to by another package.
<livingroom> This may mean that the package is missing, has been obsoleted, or
<livingroom> is only available from another source
<livingroom> E: Package cpu-checker has no installation candidate
<KB1JWQ> Use a pastebin.
<KB1JWQ> And what sources are you using?
<livingroom> ppa.launchpad.net/testdrive/ppa
<livingroom> for testdrive package
<livingroom> do you want me to pastebin sources.list?
<livingroom> and thank you for you interest
<KB1JWQ> The only references I see to cpu-checker are in Lucid build repos.
<KB1JWQ> So "WTF are you doing running pre-release packages on a server and expecting it to work halfway decently?" :-)
<livingroom> that is not what I am trying to do
<livingroom> as I've heard on ubuntu podcast and read on https://launchpad.net/testdrive testdrive will allow me to test development releases in virt enviroment
<livingroom> in an easy manner
<livingroom> thus allowing me to give back my 5 cents to development team and community
<lazy> may i ask same question lvs/tun here?
<livingroom> so was I mistaken my understanding?
<uvirtbot`> New bug: #537099 in postfix (main) "package postfix 2.6.5-3 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/537099
<vinq1> I have a Squid question.
<vinq1> We have some systems connecting to Amazon.com affiliate APIs via Curl in PHP. And it's hammering our server, we determined.
<vinq1> However, the data it brings back really only needs to be done like once a day.
<vinq1> Is this something we can use Squid for?
<vinq1> For instance, I could put amazon.com in /etc/hosts, pointing to the Squid server. And then I'm thinking we could do some kind of Squid configuration to cache those connections to Amazon.com by the day.
<twb> vinq1: why wouldn't you, you know, fix your PHP scripts?
<twb> Just run curl in a cron job, writing to e.g. /var/lib/local-copy.txt, and then have your PHP scripts access that.  Or similar.
<vinq1> Ah, it's spaghetti code, unfortunately
<vinq1> I'm needing a quick-hit solution where we don't need to change the code for now.
<twb> If you were to use squid to do it transparently, you'd have to care about caching heuristics and whether the amazon API claimed the data was cachable (it probably doesn't) and all that.
<vinq1> Because I'm tied up coding another project.
<vinq1> Well, it doesn't hurt to try in an off-hours timeframe so that I could see if it would work.
<twb> Of course, burning the PHP to the ground and using something like Python or Erlang would also be a Good Move.
<vinq1> Well, we can have that religious conversation another time. So, I'm trying to find a simple (as can be) tutorial on Squid for this type of config.
<twb> I'm afraid I can't really help with that.
<vinq1> What's a guide on the web for just caching one domain with Squid?
<vinq1> And do I need to set this up as a Transparent Proxy (not certain yet what that means)?
<twb> If PHP is running curl(1) instead of libcurl, you could just set the proxy in ~www-data/.curlrc, make squid bind only to the loopback interface, and then force squid to cache harder as necessary.
<vinq1> Interesting! :)
<twb> The whole technique is a bodge, IMO.
<vinq1> The PHP is using the curl() API inside PHP, not shelling out to command-line curl. Would that matter?
<vinq1> twb: we're just looking for a temp solution to bandaid this just until I can leave the current project I'm on to put this fire out -- the right way -- by rewriting the code entirely.
<ChmEarl> grub2 is no obstacle for ub 9.10 PV guest... got around it by adding menu.lst and testing with pygrub
<Kutakizukari> Is there a way to not have the lamp start when my computer is booted up? I want to start it manually sudo service apache2 start
<Kutakizukari> any docs on how to do this?
<persia> edit /etc/default/apache2 or run update-rc.d as appropriate.
<persia> Note that these are potentially temporary solutions : at some point the answer will change to "edit /etc/init/apache2", but that doesn't appear to have happened yet.
<persia> Obviously, you may or may not want to do the same thing for your database, etc.
<Kutakizukari> how much of a system load does it use if I leave it alone?
<persia> Kutakizukari: Hrm?  A system doing nothing has no load.  Some things that you install will start services, some of which may have recurring tasks.  Some of what you install may install cronjobs that may cause actions at specific times.
<Kutakizukari> persia, thank you for the help.
<Kutakizukari> Just got the LAMP installed with Netbeans IDE and a copy of O'Reilly Learning php, mysql, & javascript.
<swift> guys, is there any snmpagent i can install on my ubuntu-server which tracks all network info so that I can use it in mrtg?
<persia> swift: `apt-cache search snmp` shows a bundle of stuff (I haven't tried any of it)
<swift> persia, the issue is that one of my routers doesn't have SNMP features.. and i want to monitor it from my ubuntu-server via mrtg
<persia> so you want something to ping it every once in a while, and to get that info into mrtg?
<persia> I suspect you'll find some example that's close to what you seek in the mrtg-contrib package.
<swift> persia, it's a router cum modem.... so, details including transfers, etc
<persia> So, if it doesn't due SNMP, how do you expect to extract that data?
<swift> persia, so i won't be able to get data from that router?
<persia> swift: I didn't say that.  I only suggest that if you want data from the router, you need to be able to collect it from the router *somehow*.  Getting that into MRTG is a secondary problem.
<swift> ok, persia, any insight on how i can get the data?
<persia> Check the documentation for the device from which you want data.
<persia> Many devices can enable SNMP is coaxed.  Many that can't have some other admin interface that allows data extraction.
<persia> s/is/if/
<swift> ??
<swift> that was confusing.. please elaborate
<persia> So, read the docs on the device, and look for other sources of info on the device.
<persia> Some devices don't do SNMP by default, but can be made to do SNMP if certain actions are taken.
<persia> Other devices can collect data in some other admnistrative interface, and it's potentially possible to script extraction of this data.
<persia> I can't usefully elaborate more unless you happen to have a device with which I'm familiar (and none currently exist, as it's been that long since I played with SNMP)
<swift> thanks a lot persia!.. il look into the device docs..
<persia> swift: Good luck.
<smoser> ttx, around ?
<ttx> smoser: yo
<smoser> bad news on https://bugs.launchpad.net/ubuntu/+source/upstart/+bug/531494
<uvirtbot`> Launchpad bug 531494 in upstart "cloud-init job not running in eucalyptus without ramdisk" [Critical,Confirmed]
<smoser> it is almost definitely race, and seems like just about anything can kick it (although nothing i've found yet is reproducibly does so)
<ttx> smoser: want me to reproduce it on my own set ?
<smoser> i'd be interested to see if you can.
<ttx> ok
<smoser> i'm guessing your hardware is more like dustins
<ttx> yes, quite identical
<Omahn> What hardware are you using out of interest?
<smoser> ttx and kirkland have "cloud in a bag" hardware
<ttx> Omahn: a set of laptops
<smoser> wow. the link from eu-west-1 to ubuntu data center is quick
<smoser> 53.9M/s over 160M
<smoser> and prior to that 46M or something
<tauren> anyone know how to use iptables to filter traffic to my bridge's KVM based VMs?
<Omahn> smoser: The disk is probably the bottle neck rather than the network link looking at those numbers.
<tauren> it seems like no matter how I configure iptables, I can get to any of the VM's ports.
<_ruben> you might need to use ebtables instead for filtering on bridges
<tauren> _ruben, what I want to do is only have iptables running on the host, not on the VMs. And be able to forward port 80 of a VM to port 8080 on a VM
<tauren> I'm running Jetty as a regular user in a VM, and I want that service to be available as a regular HTTP server to the world.
<tauren> _ruben, I don't think ebtables will help with that, would it?
<_ruben> tauren: now you got me confused? do you want to restrict the allowed traffic to the vms or grant outside access to it (and thus liberating the allowed traffic to the vms)
<_ruben> ?
<tauren> _ruben, sorry.  for my VM that is running Jetty, I want to only allow ssh, http, and 8080 traffic. But I want to forward 80 to 8080.
<tauren> does that make sense?
<tauren> for my VM that is running mysql, I want to only allow ssh and 3306.
<smoser> if anyone wants to play http://paste.ubuntu.com/393120/
<smoser> that has ebs root daily builds for lucid from today
<ttx> smoser: should I use the latest uec iamge, or something else ?
<tauren> _ruben, I want to block it at the host, because these VMs will be under control of customers, and I want to limit what they can do.
<smoser> the latest will fail.
<smoser> i was just using 20100310 for consistency in an inconsistent world
<ttx> 20100311?
<smoser> sure
<ttx> why would it fail ?
<smoser> it will fail because of upstart and timing and your hardware being like kirklands
<smoser> it will run fine on data center hardware
<ttx> smoser: that's what I'm trying to confirm, right
<smoser> right
<ttx> let's go for 20100310 for consistency
<smoser> yeah
<_ruben> tauren: ah ok, so you actually want both things i mentioned ;-) ... then again, i have near-zero experience with (filtering on) bridges..
<tauren> _ruben: ok, too bad, i appreciate your input!
<smoser> ttx, i have to sleep. any thoughts you can provide or help any where on that would be great. i don't have high hopes for it for freeze today.
<ttx> smoser: it's a beta1 nominated bug anyway, so we can still work on it
<ttx> smoser: good "night"
<smoser> yeah. thanks.
<hemanth> any ubuntu documentation available for mysql db replication ?
<uvirtbot`> New bug: #537191 in apache2 (main) "package apache2 2.2.12-1ubuntu2.1 failed to install/upgrade: Î· ÏÏÎ¿Î´Î¹ÎµÏÎ³Î±ÏÎ¯Î± dpkg-deb --control ÎµÏÎ­ÏÏÏÎµÏÎµ ÎºÎ±ÏÎ¬ÏÏÎ±ÏÎ· Î»Î¬Î¸Î¿ÏÏ 2" [Undecided,Incomplete] https://launchpad.net/bugs/537191
<ttx> smoser: it's working alright here.
<ttx> and I'm in the worst case scenario / running CLC+Walrus+CC+SC on the same machine
<ttx> hm, or not.
<ttx> smoser: I can reproduce it by starting multiple instances at the same time. Some of them will fail.
<lifeless> ttx: thats not worst case.. you don't have nc there :)
<ttx> NC on a separate machine :)
<Dr_Jekyll> is the release date of ubuntu 10.04 already announced?
<ttx> Dr_Jekyll: yes, we also know the release date of 10.10
<ttx> 10.04 should be released on April 29th.
<Dr_Jekyll> alright, thanks!
<Skaag> what's the recommended kernel to load under vmware in ubuntu server 9.10?
<Skaag> as a guest os
<persia> 2.6.31
<th0mz> anyone including vmtools
<Skaag> I am already running 2.6.31-19-generic-pae
<Skaag> I don't know how to install vmtools though
<Skaag> I tried to get the host to mount the image to the guest
<Skaag> not working for some reason
<th0mz> [x] connected ?
<th0mz> ^^
<uvirtbot> th0mz: Error: "^" is not a valid command.
<Skaag> checking
<Skaag> vmtools do something with the network card right?
<th0mz> you can use vmnet3
<Skaag> I'm running server, not desktop edition
<Skaag> I just need more performance from the network
<th0mz> but it increase performance
<th0mz> (try a dd before and after)
<Skaag> great. that's what I need.
<th0mz> server shout not run without
<th0mz> and if it is in a cluster it is really needed, (ballooning etc..)
<Skaag> ouch. yesâ¦ believe me I feel it  ;-)
<Skaag> great pain.
<Skaag> I need to find a simple way to mount the image with the tools
<th0mz> right click, install vmware tool shoud do the trick.
<Skaag> when I do that, the vm gets stuck for 70+ seconds
<Skaag> [ 1113.022505] BUG: soft lockup - CPU#0 stuck for 77s! [swapper:0]
<Skaag> [ 1113.022505] Pid: 0, comm: swapper Not tainted (2.6.31-19-generic-pae #56-Ubuntu) VMware Virtual Platform
<Skaag> and a bunch of kernel-panic looking stuff
<Skaag> so that method is scary and not working :-)
<Skaag> any suggestions how to obtain the vmtools without using the standard method?
<th0mz> download, install
<th0mz> :]
<Skaag> how about open-vm-tools is that as good as?
<Skaag> I ran an apt-chache search vmware and found this
<Skaag> open-vm-tools - tools and components for VMware guest systems (CLI tools)
<Skaag> whoah, it wants to install a gazillion things
<Skaag> haha
<uvirtbot> New bug: #341979 in kvm (main) "Windows guest can't reboot when using smp." [Medium,Fix released] https://launchpad.net/bugs/341979
<jayvee> cjwatson, I noticed you've been uploading to the libvirt package a bit lately. I was just wondering if you could have a look at my bug at LP #528934 and consider applying it? I've attached a debdiff, which I believe makes it easier for you.
<uvirtbot> Launchpad bug 528934 in libvirt "IPv6 shouldnât be disabled by default in libvirt" [Wishlist,Triaged] https://launchpad.net/bugs/528934
<jayvee> or soren. Whoever is interested. :)
<cjwatson> jayvee: the only reason I've been uploading libvirt is for the libparted ABI transition - I'm not going to be a good reviewer for changes to it in general
<cjwatson> sorry
<jayvee> np
<jayvee> Launchpad nicks usually == irc nicks, but I wish Launchpad would generate nicks from the e-mails of people in the changelogs to make people easier to track down. :)
<soren> jayvee: I, on the other hand, know libvirt reasonably well, but I know next to nothing about ipv6. :(
<jayvee> heh
<jayvee> soren: but you can see that libvirt disabling IPv6 on an interface is plain inconsiderate, right?
<jayvee> sure, there are arguments for and against the behaviour red hat put in it
<soren> It sounds inconsiderate, yes.
<jayvee> but I believe that the only scenario where you would disable IPv6 is if you're scared of it â it's an irrational fear
<soren> Yup. That's what I have.
<jayvee> :)
<soren> ..so I'mm kjkknik,jjjjjjjjjjjjjjnmmmmmmmmmmmmmmmmmmmmm mm
<soren> Sorry, had to get a thing out from under my m-key :)
<soren> ..so I'm kind of hesitant to change anything that as anything to do with ipv6. I have no idea of the sideeffects.
<jayvee> the funny thing is, is that *now* it's doing something to do with IPv6. my patch actually makes it have less to do with IPv6 by leaving it more alone.
<jayvee> put it this way:
<soren> That I understand.
<jayvee> all ubuntu installs since 4.10 have had IPv6 enabled on every network interface by default
<jayvee> at least, I think so :)
<jayvee> as far back as my memory goes anyway
<jayvee> it's the linux default
<soren> My hesitance kicks in because someone made a decision to make this change. If I go and revert it, /I
<soren> am changing something to do with ipv6.
 * soren notes that typing is hard
<jayvee> hmm
<jayvee> what can I do to help, in this case?
<jayvee> soren: I suppose it would be easier to convince you to upload this patch if upstream had applied it too
<jayvee> but I've had little response from them
<soren> jayvee: Oh, yeah, sure. Then I'd do it in a heartbeat.
<lifeless> soren: upstream were nuts
<soren> jayvee: They are on IRC as well.
<lifeless> soren: if its the bug I think it was, I read the bug in detail.
<soren> https://bugzilla.redhat.com/show_bug.cgi?id=501934
<jayvee> yeah
<uvirtbot> bugzilla.redhat.com bug 501934 in libvirt "libvirt bridge should have IPv6 disabled" [High,Closed: rawhide]
<lifeless> soren: it boiled down to 'zomg something wrong turn it all off'
<jayvee> note that Peter Bieringer "100% agrees" with my comment, and he wrote the IPv6 tutorial for Linux on TLDP
<jayvee> so there's some credibility there :)
<soren> jayvee: Now, that is useful info :)
<tauren> anyone know how to display the ipnumbers used by kvm guests on the host? doing "virsh list --all" shows the hosts, but how can I find their IP numbers?
<soren> tauren: You can't.
<tauren> soren, no?
<jayvee> I do fear I used too harsh language in my comments on the RH bugtracker though.
<soren> tauren: Just like you can't tell what the IP's are of your physical machines by looking at the box.
<jayvee> as you can see, IPv6 is something I'm passionate about. :)
<tauren> hmm, so I have to log into each host and do an ifconfig to see them?
<soren> tauren: Are they using dhcp?
<tauren> nope
<soren> tauren: How did you configure their network?
<tauren> soren, bridge eth0 with static ips in the guests
<soren> tauren: Yes, but how?
<soren> tauren: Where did you enter the static ips?
<soren> Inside the virtual machine, right?
<tauren> soren, in /etc/network/interfaces on each guest
<tauren> yes
<soren> Right.
<soren> So that's where you go to find them.
<tauren> well, i used vmbuilder to create them and specified the IPs in the command line.
<tauren> I assume it put them into the interfaces file
<soren> It did.
<jayvee> tauren: may be offtopic, but from what I recall, OpenVZ makes it easy to find the guest IP addresses like what you describe
<soren> jayvee: openvz does not provide virtual machines.
<jayvee> not having used OpenVZ, take that with a grain of salt
 * soren is on the phone
<tauren> jayvee, funny you say that, i was using openvz before, which is why i wanted the same feature with kvm
<tauren> I supposed I could set up DHCP and dole out static IPs based on mac addresses or something
<tauren> then i could just look at the dhcp server to see the list of ips.
<jayvee> yeah
<jayvee> there is also ping -b, but unfortunately linux doesn't respond to broadcast pings by default
<tauren> dang, was really hoping i was just missing a virsh command that would list ips.  this is a bummer.
<lifeless> or use UEC :P
<jayvee> if I were to retrofit a system to figure out IPs on top of what you already have, I'd enable broadcast pings, and get each machine to register itself in reverse DNS
<jayvee> that way, ping -b would show all the hostnames with the IPs
<jayvee> but I think that's over the top for something small ;)
<lifeless> jayvee: dhcp3-server will do rdns rego for you
<jayvee> that's what I had in mind
<tauren> interesting. ok, those are some ideas then.
<lifeless> and forward
<jayvee> but you have to tweak the config file
<lifeless> yah
<lifeless> off by default for compat with 3
<lifeless> s/3/2
<jayvee> and it's really confusing at first
<tauren> Is UEC the eucalyptus stuff?
<lifeless> yeppers
<tauren> anyone here looked into openqrm?
<jayvee> lifeless: I tried UEC on my desktop...I couldn't get it going. I think it's way too complex for me.
<linuxgurumaniac> hello
<linuxgurumaniac> hello
<jayvee> or it's just not in my use case
<tauren> i tried doing a plain UEC install from CD a while back and it didn't work. didn't put any more effort into it.
 * jayvee just installed MySQL in CentOS, and it looks like it can install i386 and x86_64 libs on the same system cleanly
 * jayvee can't wait for debian multi arch
<jayvee> it's a shame, because UEC seems to be really cluster oriented, which I was really excited about
<jayvee> I tried to get some cluster dns script going with nsupdate, but I gave up because it was too difficult to get it working with upstart.
<jayvee> upstart is designed for daemons, not scripts.
<jayvee> in a cluster scenario, is it best to get machines to use dhcp addresses?
<tauren> jayvee, soren, lifeless: the reason I want to know the IP numbers on the host is so that I configure iptables on the host to protect the guests. ie block everything except 22, 80, and 8080. Plus port forward from 80 to 8080 on the guests.
<lifeless> jayvee: single machine is a little tricky due to bugs
<lifeless> jayvee: did you follow my docs on the same (and do you ave a separate machine doing DNS/DHCP ?
<tauren> lifeless: what is the recommended config for doing UEC? is 2 machines enough?
<tauren> i was trying to set it up on a single machine too, maybe that's why it didn't work.
<lifeless> tauren: recommended config is three machines: 1) network infrastructure. 2) cluster controller 3) 1 or more node controllers
<lifeless> I have successfully brought that down to do two , by combining 2 and 3, though I ran into some bugs
 * persia wonders if the IPv6 discussion got lost
<jayvee> indeed it did
<tauren> lifeless, can cluster controller run in a VM?
<lifeless> tauren: I'm working on bringing it down to one, but that needs some more care.
<lifeless> tauren: I think it could yes. But not a UEC one :P
<tauren> lifeless, and what exactly is network infrastructure?
<lifeless> tauren: DHCP, DNS
<tauren> ahh
<tauren> can UEC guests do PXE boots?
<lifeless> no, they boot 'machine images'
<jayvee> I'm really skeptical that UEC is at all production-ready if it's not even been tried and tested under a single server condition
<lifeless> its EC2 for home.
<lifeless> jayvee: its not a use case the devs aim at.
<lifeless> jayvee: they are aiming at 10s or hundreds of machine deployments
<persia> I've heard it works cleanly with 3 machines, and is tested at 2.  One is a special case.
<tauren> When I compared UEC with OpenQRM, it seemed OpenQRM was the better solution.
<tauren> it too recommends 3 servers:  storage server, openqrm management server, node server
<tauren> but they have a way to run it all on a single system.
<tauren> anyway, in case you want to check it out.
<jayvee> it's discussions like these that make me want to power up the DL320 in the garage
<jayvee> but we worked out the power cost us about $45 a month so it's been off since 2007
<screen-x> jayvee: yeah, I had some of those but had to give them away due excessive noise and power consumption :(
<jayvee> yeah, that's how I got all mine :)
<tauren> jayvee, how much power does it consume?
<jayvee> don't remember
<jayvee> though it'd be around a kilowatt, I'd imagine
<tauren> i just installed a supermicro twin 1U system.  It contains two servers in 1U, each has dual quad CPUs, 32GB ram.  I'm sure it sucks up the power.
<tauren> just checked my notes. supermicro says they tested that server in some configuration and it used 2783 BTU/hour. I think that works out to about 6.8A. (1W = 3.413 BTU/hr, 815W/120V =~ 6.8A). Sorry, getting OT now.
<hemanth> is there a easy power management package for Ubuntu servers to shutdown and start automatically? i have tried APCI and WOL
<gzur> Hi - I'm trying to vnc into my headless ubuntu-server hardy box
<gzur> I was following the directions from here: http://stevenharman.net/blog/archive/2008/12/13/vnc-to-a-headless-ubuntu-box.aspx
<gzur> But all I get is a brown screen
<gzur> Does anybody have any idea what might be wrong?
<gzur> I'm thinking I'm probably looking at a blank desktop and need to install some packages for a minimal gui
<gzur> but I'm loathe to install the ubuntu-desktop packages
<gzur> since that would be such overkill for what I need
<tauren> gzur: i have no ideas for your specific problem. but why don't you just ssh in to the box?
<zul> morning
<ttx> zul: hey
<ttx> Samba bugzapping: created https://code.launchpad.net/~bug-zappers/ubuntu/lucid/samba/bugzapping
<zul> ttx: sweet
<zul> ttx: still trying to wake up ;)
<jayvee> so yeah, soren, what do you think? :)
<soren> jayvee: It makes sense to me.
<jayvee> that's a good start. :)
<soren> ttx: Have you followed the ipv6/libvirt discussion at all?
<soren> ttx: A few hours ago.
<soren> or less, perhaps.
<soren> My sense of time is poor right now.
<persia> 90 minutes or so, by my logs
<jayvee> nearly 1.5 hours ago
<gzur> tauren: I mostly use SSH - but I've got a spatial database (postgis) running on there that I sometimes need to interact with visually using a desktop GIS (quantum gis)- which is hard to to in vim :)
<ttx> soren: no
<ttx> soren: looking
<soren> ttx: Ok.
<persia> ttx: Basically, jayvee has a tested patch to make libvirt work with IPv6, but the upstream bug got messy, and there's a debdiff awaiting upload.
<soren> persia: Would you say it requires an FFe?
 * persia isn't a release person
<soren> persia: I know.
<soren> persia: Regardless.
<soren> persia: I can't really tell if it's as much a new feature as a bug fix.
<persia> But I'd probably upload it without bothering the release team, because I consider not working with IPv6 a bug.
<persia> It's borderline.  Depends on whether you believe IPv6 should work by default.
<soren> persia: I'm inclined to agree. I just wanted someone else to say so as well.
<persia> If you say it should, it's a bugfix.  If you consider IPv6 a feature, it's a feature.
 * persia knows that there exist IPv6-only production deployments of Ubuntu server
<soren> Wow.
<persia> Check the ipv6 bugtag : seems lots of folks don't even have IPv4
<soren> That's crazy. That's like not having...
<soren> err...
<soren> something else that almost everyone has.
<jayvee> for my own personal use, I go without IPv4 all the time
<jayvee> it's like eating my own dogfood, I spose
<soren> jayvee: /whois reveals you're doing IRC over ipv4 at least :)
<persia> There's a limit to IPv4 address space.  In some places, addresses are expensive.
<jayvee> soren, yes, I bricked my router yesterday
<soren> jayvee: Coulnd't handle the ipv6 address space? I know the feeling.
<soren> That thing is huge!
<soren> jayvee: Do you have the bug number handy
<soren> ?
<ttx> soren: I am scared of both ipv6 and libvirt, if that helps :)
<jayvee> LP #528934
<uvirtbot> Launchpad bug 528934 in libvirt "IPv6 shouldnât be disabled by default in libvirt" [Wishlist,Triaged] https://launchpad.net/bugs/528934
<soren> ttx: No, that's surprisingly unhelpful :)
<soren> jayvee: Ta
<jayvee> heh, actually I tftp'ed a 3.3 MB image when it was only supposed to be 3 MB. had to hotwire my parallel port to the router motherboard to fix it. I'll be telling this story for the next few weeks, I'm sure.
<jayvee> and because the router now has the 2.6 kernel, the bridging quirk that I used to deliver a second pppoe session to my ipv6-enabled ubuntu server no longer works.
<jayvee> that's my guess, anyway. been more focused on getting this apache solr installation working since I got it going again.
<jayvee> which doesn't support ipv6 out-of-the-box, btw.
<henkjan> ipv6++
<soren> jayvee: I'm fixing these things before I upload, but just so you know:
<soren> The patch will not be applied if not listed in debian/patches/series.
<soren> ...so I've added it there.
<soren> I've also renumbered it to 9017 rather than 0011.
<jayvee> ooh
<soren> Debian tends to number them from 0000, and for patches that are local to Ubuntu, we tend to use 9000+.
<jayvee> I see
<jayvee> I didn't know that.
<soren> ..that way, if we merge with Debian, and they've added patches, our are still applied "on top", so to speak.
<jayvee> in my testing, the patch worked locally though. Maybe debuild and pbuilder behave differnetly?
<persia> The patch numbering bit tends to be team- or even package- specific.
 * soren verifies that the package uses quilt..
<soren> jayvee: No.
<persia> Well, yes, but not usually about patches :)
<soren> jayvee: Neither of those deal directly with the patches.
<soren> jayvee: How did you construct the patch?
<soren> (that may explain why you've seen it work)
<jayvee> well I first constructed it with a git checkout of libvirt, and tested from there
<jayvee> and then downloaded the libvirt source
<jayvee> ran cdbs-edit-patch or whatever it's called
<jayvee> made my change
<jayvee> and added the changelog entry
<jayvee> and tested the resulting .debs
<soren> Heh :)
<soren> cdbs-edit-patch would do it.
<jayvee> which definitely worked
<soren> Funny that.
<jayvee> I know it worked, because my ipv6 broke again when I installed the karmic version of libvirt again this morning
<jayvee> oh...when I rerolled the debdiff, I simply copied over the patch into debian/patches
<jayvee> and updated the changelog
<jayvee> so that was done manually
<persia> and that's why it didn't end up in series
<jayvee> aha
<jayvee> hmm, it doesn't appear in series in my original debdiff though
<jayvee> maybe I constructed that one by hand too
<jayvee> can't remember
<soren> Thing is..
<soren> If you've patched the source outside of quilt, quilt will not clean up after you either..
<soren> ..so your package would get built with the patch applied.
<jayvee> I see
<jayvee> so it lurks in .diff.gz, rather than debian/patches, or something
<persia> Right, which is less than ideal (having patches live in two different places)
<jayvee> yeah
 * soren test builds
<jayvee> soren, what you're looking for is a "fe80::" address appearing on the virbr0 interface if the patch is working
<gzur> For reference: I set up a connection to a headless ubuntu-server (hardy) using instructions from this page:
<gzur> along side this on: http://stevenharman.net/blog/archive/2008/12/13/vnc-to-a-headless-ubuntu-box.aspx
<jayvee> without the patch, there are only "inet" addresses. with the patch, there are "inet6" addresses too
<gzur> oops later one is suppsed to be http://ubuntuforums.org/showthread.php?t=1155961
<gzur> which deals with installing a minimal gnome desktop
<gzur> works like a charm
<soren> Wow. That was awesome. I got out of my chair to go and check my mailbox for an item from $NEWJOB. Half way to the door, the door bell rings. Outside is a UPS delivery man with said item. Magic.
<jayvee> nice
<zul> such efficent service
<henkjan> soren: $NEWJOB? are you quitting canonical?
<zul> ttx: the fix for # 507374 doesnt go far enough
<ttx> zul: *=\+ ?
<ttx> the rest seems cosmetic to me
<zul> ttx: it needs an extra space at the wins line
<henkjan> bah, need to rewrite lots of our cfengine setup when upgrading to lucid
<zul> i fixed it anyways
<ttx> ok
<henkjan> our cfengine setup is not upstart aware and we are using /etc/init.d/<service> restart everywhere :(
<zul> ttx: also the fix for # 435061 should really be done in dhcp
<ttx> zul: ok, update the bug then
<kaushal> hi
<kaushal> can someone here give me example to use foreach ant task to deploy same war to multiple running Tomcat Server?
<uvirtbot> New bug: #363791 in samba "libnss_wins.so.2 crashes after suspend to RAM" [Unknown,Confirmed] https://launchpad.net/bugs/363791
<soren> henkjan: I did. Weeks ago :)
<soren> jayvee: I also had to fix up the patch header a little bit. It didn't cope well with that paths being without the "libvirt-0.7.5/" prefix (it assumes -p1).
<zul> ttx: bzr branch pushed
<jayvee> soren, ah
 * soren is still test building
<soren> Well.. s/still(.*)/\1 again/
<soren> jayvee: Uploaded.
<jayvee> soren: cool bananas :)
<jayvee> thanks very much for your time.
<soren> jayvee: https://edge.launchpad.net/ubuntu/+source/libvirt/0.7.5-5ubuntu13 <---- You're famous!
<jayvee> :-D
<jayvee> ooh, that makes me tingle inside
<persia> jayvee: OK.  That's one in.  9 to go :) (based on https://edge.launchpad.net/~jeremy-visser/+related-software )
<jayvee> heh
<jayvee> yeah, come to think of it
<jayvee> still need to do tahoe-lafs
<jayvee> had two positive feedback reports from the mailing list the other day
<jayvee> need to update the bug
<pjanecze> hi, when installing ubuntu server 8.04 32bit, in software install i get error unpacking libntfs-3g23. E: Sub-process /usr/bin/dpkg received a segmentation fault
<pjanecze> do you know why it may happens?
<soren> pjanecze: What do you mean by "in software install"?
<soren> Anyways, dpkg segfaulting sounds like a memory malfunction more than anything else.
<pjanecze> i mean stage in installing ubuntu server
<pjanecze> this stage is after system install
<soren> Oh, that early? Yes, I would definitely say some kind of hardware malfunction.
<pjanecze> you think that memory could be problem, not disk?
<soren> I'd suspect memory before disk. Disk errors tend to show themselves earlier and differently.
<soren> Memory errors just make stuff go strange.
<pjanecze> good to know, thanks i will try to change memories
<soren> Just test your memory first.
<soren> pjanecze: When you boot the install CD, there's an option to test memory.
<soren> Use that.
<jayvee> well, way past bedtime for me
<jayvee> thanks again soren
<jayvee> persia, and others
<jayvee> :)
<\sh> anyone here with hands on a HP dl385G6 + P410 SmartArray?
<bogeyd6> !anyone | \sh>
<ubottu> \sh>: A large amount of the first questions asked in this channel start with "Does anyone/anybody..."  Why not ask your next question (the real one) and find out?
<ogra> ttx, tickle
<pjanecze> soren: oh, i forget about this, thx;)
<ttx> ogra: yo
<ogra> great
<ogra> ttx, so NCommander is back today, lets talk a bit about likewise
<ttx> beh
<ogra> ttx, i guess you have seen bug 517300
<uvirtbot> Launchpad bug 517300 in likewise-open "[armel] likewise-open needs porting to ARM" [High,Triaged] https://launchpad.net/bugs/517300
<ttx> ogra: for the record, this is now considered a desktop package
<ogra> ttx, we have a patch and NCommander initiated a conversation with likewise, given that the server team is the owner of the package we'd like to give that into the server teams hands
<ogra> ugh
<ttx> https://blueprints.launchpad.net/ubuntu/+spec/desktop-lucid-likewise-open-migration
<ogra> ttx, do you know who is responsible for it on the desktop side ?
<ttx> ogra: we used to take care of it, but this was moved to desktop by decision of upper management
<ogra> ah, pitti
<ogra> right, i'll talk to him then
<ttx> under the assumption that upstream would do most of the heavy lifting
<ttx> I mean, I can help personally with my experience of it, but not the server team
<ogra> well, i want to have the conversation in the right hands
<ogra> seems there are things like copyright assignment involved etc
<ogra> so it should go through a central instance on our side
<ogra> ttx, thanks for the info ...
<ttx> ogra: sorry about that :)
<ogra> well not your fault :)
<diago> I'm trying to run Window Server 2003 on KVM but the performance is very bad. Is there anything special I needed to do? I used the --os flags during the install.
<soren> diago: What was the exact command line?
<diago> soren: http://paste.ubuntu.com/393308/
<genii> I understand rewind and non-rewind devicenames for tape... but what are these st0l st0a st0m for?  man st is unenlightening
<tuxxy> hey everyone I am trying to setup apache on my friends Ubuntu machine, everything is fine however I believe it should be configured however when using his external IP we get returned his router config =/
<tuxxy> It happened to a machine I had also but forgot what I did to configure it from here, I know it was essentially configured at this point just one more step
<diago> tuxxy: it sounds like his router is answering the request on port 80. Most routers can be configured to listen on a different port like 8080
<tuxxy> yes but mine is configured on port 80 and works fine, we have smaeIP and same router
<ewook> tuxxy: does your setup listens to all requests? if it does - it's that you're trying from the inside, or the router isn't configured propperly for port forwarding.
<AnAnt> Hello, I've installed (& configured) libpam-ccreds as mentioned in https://help.ubuntu.com/community/PamCcredsHowto
<AnAnt> yet, after  an LDAP user logins on a client machine, if I run: sudo cc_dump, after that, it gives nothing
<AnAnt> btw, "sudo getent passwd" does list LDAP users even when the machine is disconnected
<Sorell> :/ Guys I'm having problem getting GRUB installed on my disk, but only when I'm running RAID. Not that I am trying to install off of the CD and I have my RAID setup as 10. Any ideas?
<zul> ttx: liblog-log4j-perl has been seeded
<ttx> zul: \o/
<bogeyd6> Sorell, using softraid or fakeraid?
<Sorell> I'm using the motherboard RAID controler
<bogeyd6> !fakeraid | Sorell
<ubottu> Sorell: Tips and tricks for RAID and LVM can be found on https://help.ubuntu.com/community/Installation/SoftwareRAID and http://www.tldp.org/HOWTO/LVM-HOWTO - For software RAID, see https://help.ubuntu.com/community/FakeRaidHowto
<bogeyd6> go to the fakeraid howto and follow directions
<bogeyd6> will solve all problems
<Sorell> thanks
<bogeyd6> however
<bogeyd6> i suggest using software raid
<Sorell> why would software raid be better?
<bogeyd6> Sorell, FakeRAID is not supported by Ubuntu. Trying to install Ubuntu on such a partition could easily result in the loss of all your data.
<Sorell> oh
<persia> Well, that, and that you can more easily work around bugs or get them fixed.  firmware bugs on mainboards are fussy.
<Sorell> well I will look into softraid then.
<persia> (note that real hardware raid is better than software raid, but expensive)
<bogeyd6> 5 years later when a harddrive fails and you cant buy a drive compatible with your motherboard raid will be a big issue
<LinuxAdmin> I am trying to install a server with SATA RAID disks
<bogeyd6> LinuxAdmin, good choice
<persia> Well, depends on implementation.
<diago> I'm trying to run Window Server 2003 on KVM but the performance is very bad. Is there anything special I needed to do? I used the --os flags during the install.
<LinuxAdmin> during installation it asks me to connect to iSCSI volumes
<Sorell> What would be a good RAID controler?
<LinuxAdmin> I can't connect, what could be the problem
<\sh> LinuxAdmin: you don't have iscsi?
<persia> Sorell: I'll strongly recommend external hardware controllers if you want good ones.  Many of the internal controllers have awkward interfaces for online administration.
<LinuxAdmin> during the installation the system tells me that iSCSI was found, so I suppose that iSCSI is supported
<bogeyd6> diago, http://ubuntuforums.org/showthread.php?t=1026006
<\sh> Sorell: depending on your server...HP delivers a good smartarray solution...3ware could also be a good choice .. many many solutions out there...depending on your money and depending on what you wanna do...private stuff => software raid is enough...
<bogeyd6> Sorell, what kind of server you got
<bogeyd6> LinuxAdmin, you dont need to connect to an iscsi volume
<Sorell> it's a custom built job
<bogeyd6> adaptec makes a good raid controller for custom built jobs
<Sorell> cool
<\sh> LinuxAdmin: if you don't have an iscsi box somewhere, you can forget about connecting an iscsi volume...
<bogeyd6> ala http://www.cdw.com/shop/products/default.aspx?EDC=1418096
<LinuxAdmin> sorry, I don't have scsi I've got SATA drives
<\sh> LinuxAdmin: so...forget about iscsi ;)
<LinuxAdmin> but the installation detect iscsi
<persia> bogeyd6: Does that allow online administration?
<Sorell> should I look for something with expandable memory?
<bogeyd6> persia, http://www.adaptec.com/en-US/products/Controllers/Hardware/sas/performance/SAS-5805/
<LinuxAdmin> the problem is that I have RAID1 configured in the controller firmware, but the ubuntu installer detects both disks
<bogeyd6> Sorell, spend as much money as you can with the best specs you can. ultimately everything comes down to storage speed
<bogeyd6> LinuxAdmin, which raid controller?
<LinuxAdmin> with scsi controllers it is transparent to the OS
<diago> bogeyd6: *nix virts perform fine, it's just this blasted wins 2K3 server I need ATM
<bogeyd6> !vmware | diago
<ubottu> diago: VMWare is not available in the Ubuntu repositories. Consider using !QEmu or !VirtualBox as alternatives. Instructions for installing VMWare manually are at https://help.ubuntu.com/community/VMware
<persia> bogeyd6: Doesn't answer my question, but maybe doesn't matter.  Depends on uptime requirements vs. disk-loss rates.
<LinuxAdmin> it's an Intel SR1630HGP server
<bogeyd6> persia, it was just an *EXAMPLE*
<diago> bogeyd6: yeah, I'm install VirtualBox now on a different PC thanks though
<persia> No worries :)
<zul> ttx: have you seen this before? http://freshmeat.net/projects/samba-vscan/
<LinuxAdmin> my supplier says that I have to install the SATA controller drivers
<bogeyd6> persia, personally i prefer hp smart array inside of hp servers :)
<bogeyd6> LinuxAdmin, probably a smart idea :)
<LinuxAdmin> I've got drivers inside server CDs but is for Red Hat or Suse
<bogeyd6> derp
<bogeyd6> LinuxAdmin, do you know the name of the raid card or is it in the motherboard?
<bogeyd6> LinuxAdmin, maybe a RS2BL040 ??
<LinuxAdmin> I think it is in the motherboard, the board is an Intel S3420GP
<bogeyd6> !fakeraid | LinuxAdmin
<ubottu> LinuxAdmin: Tips and tricks for RAID and LVM can be found on https://help.ubuntu.com/community/Installation/SoftwareRAID and http://www.tldp.org/HOWTO/LVM-HOWTO - For software RAID, see https://help.ubuntu.com/community/FakeRaidHowto
<bogeyd6> LinuxAdmin, that there is a fakeraid chip and you are going to want to use https://help.ubuntu.com/community/FakeRaidHowto  to configure your server
<ttx> zul: no
<bogeyd6> essentially delete any raid you setup and let the raid chip default each disk to its own raid0 and then follow softraid instructions
<LinuxAdmin> cai I configure everything after ubuntu installation? I mean, first I install ubuntu on the first disk and when the system is running I configure RAID
<persia> bogeyd6: I was thinking of http://h10010.www1.hp.com/wwpc/us/en/sm/WF04a/12169-304616-241493-241493-241493.html as a class from HP.  Doesn't matter anyway.
<bogeyd6> you could, but why?
<bogeyd6> persia, omg, we use the same and on our older servers we use the p400
<\sh> bogeyd6: you need some p800 for them...mostly...because of the external connector...
<\sh> or just use HP MSA2012i as iscsi solution instead
<bogeyd6> \sh, they make some octopus cables :)
<bogeyd6> ill remember the iscsi on our next server roll out
<\sh> bogeyd6: don't tell me...I have some machines with p800 and some msa60 attached...and newly we tried the msa2012i which is a nice box, if you don't do any firmware upgrades on it, especially not, when you have 2 raid controllers as redundancy
<bogeyd6> should be in 4 years or so
<bogeyd6> \sh, very nice
<\sh> i cost me 8 hours to tell the HP supporter, that the second raid controller board is borked totally and that he should send me a replacement instead of discussing several possibilities how to debug that
<\sh> s/i/it/
<bogeyd6> hp business support has gotten worse and worse hasnt it?
<bogeyd6> someone types into a kb, finds an article that matched the keyword RAID and wants to go through several of them before they escalate to level 2
<\sh> bogeyd6: since it's somewhere in an eastern country...yes...the german support is really crap...they don't understand me, I don't understand them, and trying to speak in english with them == fail
<\sh> I raised this issue many times now with our HP sales guy...but IBM or Dell is not much better
<\sh> last time I had to replace two quad core cpus...they said: ok, we send you the replacement...next morning, approaching nuremberg, and what was the delivery? one dual core cpu...I was really happy
<bogeyd6> !!!
<bogeyd6> beers and sausages all around for that celebration
<\sh> phoned them, told them: guys, I have quad cores, and I need two of them..."ah yes, we are sorry, but we can't ship you the replacement today, because we don't have any dual core amd cpus in .de we need to deliver them from amsterdam, nl..." I said: "ok, he needs to be fast then, when you want to deliver it in 4 hours"...happy times, I had to book a room in a hotel...stayed overnight, and got my
<\sh> package the next day...so far for "you got 24x7x4"
<persia> So I've got this datastore (~500GB) and I know that ~40GB is duplicated between two trees.  Is there an easy way to use fdupes to turn the duplicates into hardlinks?
<uvirtbot> New bug: #537451 in ntp (main) "ntpdate-debian not syncing time" [Undecided,New] https://launchpad.net/bugs/537451
<\sh> uh oh a nice one
<Sorell> bogeyd6: do I need  to get a battery for the 5805 ?
<malifal> hi i have created a virtual interface on eth0 called eth0:0, eth0 already assigns ips using dhcp, is it possible to have eth0:0 also assign ips of the other subnet using dhcp?
<Sorell> http://www.accusys.com.tw/ProductItem.aspx?Lan=en&CMID=8&Product=35&PID=ACS-61100&PName=PCIe-SATA2x12/16/24
<Sorell> has anyone ever used one of these?
<\sh> malifal: I would say "no" but I can be mistaken
<bogeyd6> Sorell, battery is always recommended
<shtylman> I have an ibm x3550 m2 which I am trying to install hardy 8.04.4 on. The install media is a cd and while trying to go through the install process after the keyboard screen an error message comes up saying that it cannot detect the cdrom. Because it is unable to detect the cdrom, I am unable to load the mptsas module which is needed for the disk controller
<histo> My server keeps hanging up looks like the last thing that ran was some cron.hourly thing in syslog. Is there somewhere else I should look to see whats going on?
<bogeyd6> shtylman, external (usb) cdrom?
<shtylman> bogeyd6: internal
<bogeyd6> im out of ideas
<shtylman> heh
<bogeyd6> histo, what does "hang" mean?
<shtylman> it could be related to bug: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/210200
<uvirtbot> Launchpad bug 210200 in linux "cdrom-detect fails for HP DL145 in hardy beta" [Undecided,Won't fix]
<persia> shtylman: I've encountered that sort of issue before: you may need to load some more modules into the kernel.  Open a shell and make sure you can find the CDROM.  If you can, file a bug,  If you can't make it so you can, and then continue with the installer.
<uvirtbot> New bug: #537470 in mysql-dfsg-5.1 (main) "upgrade from hardy to lucid failed" [Undecided,New] https://launchpad.net/bugs/537470
<histo> bogeyd6: It stops network access I had someone hook up a monitor and it won't power the display.
<shtylman> persia: how would I see if I can find the cdrom?
<shtylman> and if so... any pointers on what modules might be needing loading?
<bogeyd6> histo, that sounds more like a hardware issue than a software issue. Can you pastebin.ubuntu.com whats in your cron.hourly?
<shtylman> im tempted to try just netboot
<persia> shtylman: You'd get a /dev/ node for it, and no idea, sorry.
<bogeyd6> shtylman, thats what i would have done out the gate
<shtylman> and then see if I can get past the mptsas loading
<histo> bogeyd6: theres nothing there thats the weird thing.
<malifal> what does a shared network mean in the context of dhcpd configuration?
<bogeyd6> histo, what does /var/log/messages say?
<histo> bogeyd6: /etc/cron.hourly/   is empty
<histo> bogeyd6: let me check
<bogeyd6> !pastebin | histo
<ubottu> histo: For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://tinyurl.com/imagebin | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<bogeyd6> just in case :P
<histo> I know about pastebin
<histo> bogeyd6: looks like it just wwent down again and it hasn't been an hour.  I'm begning to think hardware as well
<malifal> !dhcpd
<malifal> !dhcp
<ubottu> dhcp is Dynamic Host Configuration Protocol, a protocol for automatic IP assignment from a router. Ubuntu uses dhclient as a DHCP client but other ones (and DHCP servers too) can be obtained from the !repos. More info at http://en.wikipedia.org/wiki/DHCP
<histo> bogeyd6: i'm having them restart it again then i'll get messages and syslog and see
<bogeyd6> histo, random freezes usually tied into a power source
<histo> bogeyd6: its plugged into a batter backup with other server
<malifal> that was helpful ubottu :p
<bogeyd6> histo,  lets wait for the /var/log/messages paste
<histo> bogeyd6: Mar 11 11:37:26 webserver kernel: [    9.816257] ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready
<histo> bogeyd6: thats the last line in messages before it went down last time.
<histo> bogeyd6: so its not posting anything else there after boot
<bogeyd6> ok so we got it narrowed down to power supply or the network card
<histo> bogeyd6:
<histo> bogeyd6: Mar 11 11:39:01 webserver CRON[1035]: (root) CMD (  [ -x /usr/lib/php5/maxlifetime ] && [ -d /var/lib/php5 ] && find /var/lib/php5/ -type f -cmin +$(/us$
<bogeyd6> power supply symptoms are described as Spontaneous rebooting or intermittent lockups during normal operation.
<histo> bogeyd6: thats part of the last line in syslog before it went down.
<histo> Mar 11 11:39:01 webserver CRON[1035]: (root) CMD (  [ -x /usr/lib/php5/maxlifetime ] && [ -d /var/lib/php5 ] && find /var/lib/php5/ -type f -cmin +$(/us$
<histo> r/lib/php5/maxlifetime) -print0 | xargs -n 200 -r -0 rm)
<histo> Theres the rest of the line minux the $ from nano in the first part
<bogeyd6> unfortunately i dont think that locks up servers
<histo> After that cron job it locked up yesterday it ran that and then cron.hourly command
<bogeyd6> disable the cron job
<histo> Mar 10 20:17:01 webserver CRON[876]: (root) CMD (   cd / && run-parts --report /etc/cron.hourly)
<histo> Was the last thing in syslog yesterday right above that was the one from today
<histo> That ran 6 minutes prior
<histo> So maybe it is hardware based.
<\sh> bogeyd6: which is totally useless...the last line of cron entry just says, that it tries to clean up the php session files....I would say it's something todo with hardware, disks or what
<bogeyd6> histo, http://linux.derkeiler.com/Newsgroups/alt.linux/2007-01/msg00137.html
<bogeyd6> \sh, agreed
<bogeyd6> histo seems convinced it is the cron job so i figure what is the harm in disabling it
<histo> Yeah i've got another box I think i'm going to load and see if it hangs as well. I've never had a linux box just hang like this. I'm thinking bad mem or something
<bogeyd6> this is why i love vmware :)
<bogeyd6> bad box? just turn it off
<\sh> bogeyd6: well, I bet that the cron entry isn't the cause...eventually it does something on the disk and somehow the box freezed...php or cron don't kill a machine ;)
<bogeyd6> yup
<bogeyd6> in the meantime you can take those disks and load them into a dummy machine, livecd, run iozone for about 30 minutes and see whats up with those disks if everything else seems ok. prob should image them first
<histo> Yeah it just hung again while I was ssh'd in to it watching htop
<histo> Not really a big deal reloading It just hosts a webpage and ssh so I can get in.
<malifal> guess shared network is just the default settings for a group of subnets
<histo> I really need to start playing with virtualizaton though and just have images for the server running. that way if there is ever a problem just restore the image
<histo> Plus its sandboxed then as well
<\sh> malifal: dhcp gives out ip addresses to NICs which are identified by mac-addresses...eth0 and eth0:0 will have the very same mac-address...so dhcp thinks "oh wow.it comes back and wants an ip for the second time...ok I'll give it the same ip address as before, because lease time is not timedout and it's the same mac"
<\sh> malifal: bingo..you have eventually two interfaces, one real interface and one virtual with the same nic...or you can tweak the dhcpd call to send out some dhcp options which will then be parsed by dhcp and you can give out ip addresses depending on the dhcp options
<\sh> s/nic/ip/
<bogeyd6> histo, lots of good reasons for virtualizaiton :)
<malifal> \sh: yeah but i'm setting my other subnet with just a bunch of predefined hosts, so their macs are already defined
<malifal> actually i don't *really* need dhcp for them, i was just trying it out
<\sh> malifal: so you define host foobar { hardware ethernet <mac>; ...} in dhcpd.conf and there is another subnet which ip addresses will be given out randomly to clients...
<\sh> malifal: as said, eth0 and eth0:0 will have the very same mac address
<chocamo> how can I have a user automatically be a samba user when created?
<bogeyd6> chocamo, i think it works the other way around
<chocamo> well before whenever I created a user, I could use that account to login to a samba share, I recently did a reinstall and now that isnt the case
<chocamo> I have security = user set in smb.conf
<malifal> \sh: yes u're right, i couldn't even run dhcp when i tried defining the other subnet and hosts, i created eth0:0 mainly for bridging with my virtual machines, but eth0 has real computers connected to it.
<bogeyd6> chocamo, https://help.ubuntu.com/community/Samba
<\sh> malifal: add another nic to the machine ;)
<malifal> \sh: i already have 2 lol
<\sh> malifal: add more ;)
<jiboumans> afternoon smoser :)
<smoser> jiboumans, hey.
<mathiaz> smoser: hi!
<mathiaz> smoser: are you using the UEC test rig?
<smoser> mathiaz you can have at it if you'd like.
<mathiaz> smoser: great - thansk
<sherr> \sh: Do you have some experience with HP MSA60 storage arrays? I have a query.
<sherr> Would you mind having a glance at an old HP forum post I made about it - no replies from anyone with input. Just a question about LED status, and disk status :
<sherr> http://forums13.itrc.hp.com/service/forums/bizsupport/questionanswer.do?admit=109447627+1268329225079+28353475&threadId=1361361
<sherr> Not important - it is running well (so far) - just wondering.
<\sh> sherr: fire away
<techgeek> What is the command to check if a server service is running? I need to check if slapd is running
<sherr> Thanks - Well - if you look at the post above, an LED remains off (top-left) but all seems OK. Is this normal?
<persia> techgeek: `status ${service}` works for some stuff
<techgeek> Okay, let me try that
<\sh> sherr: well..I have two msa60 in production, no led is off...all disk are green...wonder if the LSI MegaRaid is compatible with the HP SA p800
<sherr> Also, one disk (slot 12) reports slightly different from MegaCli - "Enclosure Device ID: N/A"
<sherr> The forum post describes it better.
 * \sh is gone for a couple of minutes
<sherr> This is HP MSA60, LSI MegaRAID SAS 8888ELP RAID , Dell PE1800
<techgeek> persia: would the command be sudo status slapd?
<persia> techgeek: You shouldn't have to run sudo.
<persia> techgeek: Check in /etc/init/ to see if there is a slapd.conf : if not, that won't work
<persia> You *may* be able to get data with `/etc/init.d/slapd status` (or similar), but that may not work (depending on how the script is implemented, etc.), and may even break things (look before running the command)
<LinuxAdmin> Hi guys, I need your help one more time
<techgeek> there is a slapd in INIT
<LinuxAdmin> I've configured RAID5 during ubuntu server installation and everything went ok
<LinuxAdmin> now I'm concerned with the eventuality of a disk failure
<LinuxAdmin> what if a disk is damaged? since this is software raid, is there some tools to reconstruct the raid array?
<LinuxAdmin> with scsi controllers this is done by the controller. what if a disk fails with software raid?
<LinuxAdmin> is it automatic? I mean, if I change the damaged disk, do I have to make something or it will be done automatically?
<techgeek> LinuxAdmin, are you using MDADM
<LinuxAdmin> what?
<LinuxAdmin> I'm installing the ubuntu server and the installer is very intuitive, I created raid5 very easily
<LinuxAdmin> my concerns now is if anything goes wrong with a disk, I mean, if a disk fails
<LinuxAdmin> as I said, with scsi raid controllers I don't have to worry about, but now I'm using software raid, so, I don't have the controller automation to solve a eventual failure
<LinuxAdmin> what can I do in suck a situation?
<LinuxAdmin> how can I reconstruct the array?
<LinuxAdmin> can someone help?
<techgeek> I created my RAID1 arrays in a virtual machine using the MDAMD package
<LinuxAdmin> this is not a virtual machine, it will host virtual machines
<techgeek> im not sure what the default package is for the installer to use as a software for RAID but i would think it would be MDADM
<LinuxAdmin> the installation stopped wright now and I'm getting a problem
<LinuxAdmin> the system do not boot
<LinuxAdmin> I get this error: Grub loading
<LinuxAdmin> error:no such disk
<LinuxAdmin> Grub rescue>
<LinuxAdmin> what ca I do?
<LinuxAdmin> what could get wrong?
<LinuxAdmin> why can't I start? the installations was successfull but the system don't boot
<techgeek> I think if it were me I would reinstall and wait till I got it up and then do the RAID
<uvirtbot> New bug: #537521 in bacula (main) "Missing scripts in binary package" [Undecided,New] https://launchpad.net/bugs/537521
<\sh> sherr: what raid level did you configure?
<LinuxAdmin> I'll search for grub reinstall info
<LinuxAdmin> thanks anyway
<sherr> \sh: RAID5
<\sh> sherr: could be that your disk 12 was a spare?
<sherr> Yes, that's what I think (hope) - just odd that it doesn't say "hot spare" or "spare" anywhere ...
<sherr> MegaCLI is hard to use, not much good ...
<uvirtbot> New bug: #385244 in autofs (main) "autofs auto.smb doesn't escape $" [Wishlist,Fix released] https://launchpad.net/bugs/385244
<sherr> Anyway - it's working. The reason I asked was because a company over the road had the same kit and the same odd LED behaviour.
<sherr> Thanks for the consideration.
<\sh> sherr: what you could do...create a raid 10 and check if there is again such a strange behaviour or even a raid0 striping array
 * jpds hugs hpacucli.
<sherr> \sh: Hmmm. Bit too much data on it now I think ... plus I am not physically present. The time for that was late last year ...
<\sh> sherr: well, I'm running two msa60 in raid0 mode and mirrored over drbd ;) it's very strange thing I did 2 years ago ;)
<sherr> I almost wish I hadn't mentioned it - makes me a) think about MegaCLI again and b) worry about it failing
<sherr> :-)
<\sh> sherr: switch to HP completly ;)
<sherr> we sell HP Z800's turnkey - for video/film/graphics work - but also Dell T7500's
<sherr> And use the Dell SAS storage - very fast.
<sherr> Never enough time for too much testing, configuring or playing!
<sherr> Karmic did run on the Z800 last year when I tried - NVIDIA FX4600 as well. Very fast system.
<oru_work> hi, which config and which setting is used for ssh timeouts ?
<kirkland> zul: howdy howdy!
<kirkland> zul: do you know what's up with:
<kirkland> The following packages have unmet dependencies:
<kirkland>   php5-imagick: Depends: phpapi-20060613+lfs but it is not installable
<kirkland> E: Broken packages
<zul> kirkland: it needs a rebuild
<zul> lemme go look
<uvirtbot> New bug: #279745 in puppet (main) "superfluous spacing in puppetmaster init.d script" [Undecided,New] https://launchpad.net/bugs/279745
<kirkland> zul: cool, thanks; let me know if you need a hand
<zul> k
<pmatulis> jpds: working with raid controllers today?
<jpds> pmatulis: No.
<uvirtbot> New bug: #330289 in puppet (main) "Link to LDAP docs in manpage is wrong" [Wishlist,Fix released] https://launchpad.net/bugs/330289
<mathiaz> kirkland: hi!
<mathiaz> kirkland: I see that qemu-common is in universe
<kirkland> mathiaz: howdy!
<mathiaz> kirkland: but it got installed when I ran apt-get install eucalyptus-nc
<kirkland> mathiaz: erm, is it?
<kirkland> mathiaz: it needs to be in main
 * kirkland goes find slangasek
<mathiaz> kirkland: it's in the component-mismatch list
<mathiaz> kirkland: if you can get it promoted to main, I'd suggest to have a look at the vlan-modules and vlan-udeb pacakge as well :)
<uvirtbot> New bug: #333234 in puppet (main) "file with name containing regexp reserved characters is listed incorrectly during recurse copy" [Low,Fix released] https://launchpad.net/bugs/333234
<kirkland> mathiaz: i just poked slangasek about qemu-common in #ubuntu-release
<mathiaz> kirkland: http://paste.ubuntu.com/393485/
<mathiaz> kirkland: ^^ I'm trying to register a nc with a cc
<mathiaz> kirkland: what does this error mean?
<kirkland> mathiaz: erm
<mathiaz> kirkland: this is on a multi-network installation
<kirkland> mathiaz: i've not seen that error message
<kirkland> mathiaz: http://paste.ubuntu.com/393490/
<mathiaz> kirkland: isn't cluser1 the default name now a days?
<kirkland> mathiaz: "cluster1"
<kirkland> mathiaz: you're missing a "t" in your quote right there (maybe just a typo)
<mathiaz> kirkland: right - it was a typo
<kirkland> mathiaz: yes, that's the default
<mathiaz> kirkland: IIRC there is an open bug about that
<mathiaz> kirkland: this was a package install
<mathiaz> kirkland: and I wasn't prompted for the name of the cluster to register with
<mathiaz> kirkland: which is something that is done by the installer IIRC
<kirkland> mathiaz: you should be prompted
<kirkland> mathiaz: what was your debconf priority?
<mathiaz> kirkland: the default one
<kirkland> mathiaz: and you didn't preseed cluster name, did you?
<kirkland> mathiaz: tell me about your install ...
<mathiaz> kirkland: it's a bare bone install - without any preseeding done for eucalyptus
<kirkland> mathiaz: from today's ISO?
<kirkland> mathiaz: or the archive?
<mathiaz> kirkland: archive
<mathiaz> kirkland: you can see the preseed sent to the installer on tamarind: it's the marula host
<mathiaz> kirkland: yeah - there isn't any prompt for the cluster name in eucalyptus-nc.config
<kirkland> mathiaz:
<kirkland> db_get eucalyptus/cluster-name || true
<kirkland> if [ -z "$RET" ]; then
<kirkland>         db_set eucalyptus/cluster-name "cluster1"
<kirkland> fi
<mathiaz> kirkland: right - that's doesn't prompt anything
<kirkland> mathiaz: that's in the eucalyptus-nc.config
<wack479> i have a ubuntu 9.10 amd64 server running, and have added 5 drives wanting to run RAID5, all i should need is mdadm right?
<kirkland> mathiaz: you think that should do a db_input
<hink> anyone had experience with KSplice Uptrack?
<tormz> Hello, I am looking for some help with setting up a Domain Name on a Dynamic IP
<kirkland> mathiaz: that's probably okay
<mathiaz> kirkland: yes - something like that
<kirkland> mathiaz: what bug number is this?
<mathiaz> kirkland: that being said it may have an impact on the installer
<mathiaz> kirkland: because that logic is already implemented in the installer
<mathiaz> kirkland: I'm still looking for the bug number
<wack479> i have a ubuntu 9.10 amd64 server running, and have added 5 drives wanting to run RAID5, all i should need is mdadm right?
<sherr> wack479: yes, that's right
<wack479> k, thats what i thought
<kirkland> mathiaz: i think it's okay as long as we're inside of the if [ -z "$RET" ]; then ...
<kirkland> mathiaz: because in the default installs, the node should get its cluster name from the preseed file
<wack479> sherr: but for some reason, every time i try to create the array it tells me...
<kirkland> hmm
<wack479> sherr: mdadm: Cannot open /dev/sda: Device or resource busy
<wack479> sherr: and then fails, any ideas?
<sherr> Make sure /dev/sda is not in use i.e. not mounted etc.
<wack479> sherr: it is not
<sherr> what command are you using to create the raid?
<zul> kirkland: can you open up a bug about it?
<kirkland> zul: sure thing, against php5?
<wack479> well i have tried doing it thru webmin and thru command line
<zul> php-imagick
<wack479> i dont remember the exact syntax, let me see if i can find it
<tormz> Hello, I am looking for some help with setting up a Domain Name on a Dynamic IP
<sherr> wack479: I'd throw webmin away and forget it. What command?
<guntbert> !webmin | wack479
<ubottu> wack479: webmin is no longer supported in Debian and Ubuntu. It is not compatible with the way that Ubuntu packages handle configuration files, and is likely to cause unexpected issues with your system. See !ebox instead.
<kirkland> zul: Bug #537570
<uvirtbot> Launchpad bug 537570 in php-imagick "phpapi-20060613+lfs package is missing" [High,Confirmed] https://launchpad.net/bugs/537570
<sherr> wack479: if you have 5 disks each with partition 1 i.e. /dev/sd[a-e]1 then to make /dev/md0 as RAID5 :
<sherr> wack479: mdadm --create /dev/md0 --level 5 --raid-devices=5 /dev/sda1 /dev/sdb1 /dev/sdc1 /dev/sdd1 /dev/sde1
<wack479> sherr: command is sudo mdadm --create --verbose /dev/md0 --level=5 --raid-devices=5 /dev/sda /dev/sdb /dev/sdc /dev/sdd /dev/sde
<sherr> (have each partition of type "fd" via fdisk/partitioner)
<wack479> yes i did do that, well at one time, i will double check
<zul> kirkland: thanks
<wack479> and thanks ubotu
<sherr> maybe try partitions? i.e. /dev/sda1 etc.
<uvirtbot> New bug: #537570 in php-imagick (universe) "phpapi-20060613+lfs package is missing" [High,Confirmed] https://launchpad.net/bugs/537570
<hink> anyone had experience with KSplice Uptrack?
<wack479> sherr: do the partitions need to be formatted at all or just created?
<sherr> wack479: just created - type "fd" (linux raid autodetect)
<fakhir> hello. i have 5.1.37-1ubuntu5.1 installed. problem is there is a bug in that version that has been fixed in a recent version. anyone know how often the MySQL package gets updated in the Ubuntu repository or when I could expect the next one?
<sherr> wack479: once md0 is up and running, you format that - or make LV's and format them.
<wack479> sherr: do i just go look and see if md0 is up and running?
<sherr> fakhir: Ubuntu 10.04 Lucid is out end April - wait - or try a VM?
<sherr> wack479: cat /proc/mdstat
<sherr> The mdadm command should tell you really (no errors)
<fakhir> sherr, we wont see a new version of MySQL until the next version of Ubuntu?
<sherr> fakhir: check package versions at http://packages.ubuntu.com.
<sherr> fakhir: I don't know what your bug is. Bug number?
<wack479> sherr: the cat /proc/mdstat come back with  md_do : inactive sda[0] xxxxxxxxx blocks unused devices: <none>
<fakhir> sherr, http://bugs.mysql.com/bug.php?id=46650
<uvirtbot> New bug: #537582 in net-snmp (main) "package snmpd 5.4.1~dfsg-12ubuntu7 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/537582
<mathiaz> kirkland: hm - I can't get the CC to register to the cloud
<sherr> fakhir: You will have to check yourself - check the Mysql bug comments and see if the "push to 5.4.1" versions they mention is in the latest Ubuntu Lucid Mysql server package :
<mathiaz> kirkland: 2010-03-11 14:29:08-05:00 | 2509 -> euca_conf --register-cluster returned 1
<mathiaz> kirkland: it seems there is a problem with rsync|ssh
<sherr> fakhir: http://packages.ubuntu.com/lucid/mysql-server - 5.1.41-3ubuntu7
<mathiaz> kirkland: the eucalyptus user public key is on the CC
<sherr> Check changelog?
<mathiaz> kirkland: hm - actually it's not
<sherr> wack479: I guess you need to check your partitioning? fdisk -l /dev/sda
<mathiaz> kirkland: the CLC pub key is not the CC
<mathiaz> kirkland: the CLC pub key is not *on* the CC
<fakhir> sherr, i have the latest version from the ubuntu repository and the bug is still there. my question is when will there be a new version of the package in the ubuntu repository.
<sherr> fakhir: OK - not my area, sorry. Marc Deslauriers seems to be in charge (of last changelog) - he might pick up your question.
<fakhir> ok thank you
<sherr> However - I doubt it will make Lucid r1 (freeze) - but who knows?
<mdeslaur> fakhir: the bug you mentioned is supposed to be fixed in 5.1.41, and lucid contains 5.1.41
<mdeslaur> fakhir: so, lucid should fix it for you
<fakhir> ok
<fakhir> is there any way i can grab that package for my current ubuntu install? unfortunately i am not all that experienced with package management.
<sherr> mdeslaur: thanks. I thought fakhir said it was still present in latest ...
<wack479> sherr: partitioning is /dev/sda1 -extended /dev/sda5 - Linux raid autodetect just like all the other drives
<sherr> fakhir: why not try a VM virtual machine to test?
<sherr> wack479: I'd need to see (pastebin) output of : fdisk -l , mdadm command and output, /proc/mdstat (and maybe last 20 lines of syslog after creation attempt)
<jcastro> kirkland: testdrive saves the day again!
<jcastro> kirkland: it'll be up on planet in a few minutes
<wack479> sherr: k
<eekeek> Is it possible to setup a mail server with a dynamicDNS server? I'm trying to decide if I need a static IP or not.
<\sh> eekeek: yes...you can...but normally all dial in networks are blacklisted by spamRBLs
<\sh> eekeek: which means, incoming mail can work, but don't have to...and outgoing mail will go out and declined by reciepient
<eekeek> \sh: hmm that's not good.
<sherr> eekeek: probably good for the health of the internet though :-)
<jcastro> kirkland: btw on the karmic ppa testdrive is depends on cpu-checker, which doesn't exist afaict
<eekeek> sherr: yeah I agree.
<eekeek> DynamicDNS question - right now I'm using my routers dynamicDNS settings and zoneedit, but my domain registration company, namecheap, offers dynamicDNS service, but requires software to be installed. Is one way better than the other?
<sherr> eekeek: is the s/w free and opensource? Is it trust-worthy or are they?
<eekeek> sherr: yes I believe the software is opensource - don't know much about it though. Namecheap seems trusty worthy.
<sherr> I have used dyndns and their client ddclient before - but that's it. I use everydns for dns service.
<wack479> sherr: sry doing the pastebin stuff now, had a coworker that had some pc probs
<eekeek> Namecheap gives the option of either DDClient 3.0 or IPCheck. I just don't know if is worth the effort since setting up my router with zoneedit was so easy.
<wack479> sherr: syslog = http://pastebin.com/hZKF0sjp fdisk = http://pastebin.com/4i5P62ZA mdadm command = http://pastebin.com/neaKzxrh and mdstat = http://pastebin.com/61X9PnKw
<kirkland> jcastro: oh, good call
<kirkland> jcastro: i'll add it to the ppa
<jcastro> kirkland: poke me when you do, ryan @ ars would like to do a quick writeup on testdrive
<jcastro> but he's on karmic so he needs it in the ppa
<kirkland> jcastro: saweet
<kirkland> jcastro: sorry about that oversight
<jcastro> kirkland: no worries, it's why we test!
<sherr> wack479: OK, let me take a look
<uvirtbot> New bug: #537636 in clamav (main) "FFE for Clamav 0.96" [Undecided,New] https://launchpad.net/bugs/537636
<sherr> wack479: well these errors seem relevant - on creating via mdadm :
<sherr> mdadm: Cannot open /dev/sda5: No such file or directory
<sherr> Disks a-e are sda1 extended and sda5 as the single data partition
<sherr> fdisk -l seems to list the disks/parts OK.
<wack479> but sda5 exists?
<sherr> What about - delete partitions on sda-sde and create single primary partition on each? i.e. sda1,sdb1 etc.? Try creating md0 from them?
<sherr> I know - but mdadm complains. Not sure why.
<wack479> oh ok
<wack479> yeah i can try that
<wack479> ill try anything at this point
<wack479> lol
<wack479> still need to change type to fd with the primary partition correct?
<sherr> Yes. You might also want to do a : mdadm -stop /dev/md0
<sherr> --stop
<sherr> And maybe : /dev/md_d0 (not md0 - as per mdstat)
<sherr> mdadm --stop /dev/md_d0 (never seen that syntax before)
<wack479> when i tried that it said "mdadm: -s does not set the mode, and so cannot be the first option."
<sherr> Maybe delete (or  move away) any /etc/mdadm.conf
<wack479> ok
<wack479> thanks
<sherr> or that might be /etc/mdadm/mdadm.conf
<sherr> --stop not -s
<wack479> i did stop but it came back with -s
<wack479> for stome reason
<oru_work> where is the ssh log located ?
<sherr> oru_work: /var/log/secure usually
<sherr> Sorry : /var/log/auth.log ... (RHEL hat on ...)
<sherr> Bene doing too much RHEL log tailing ....
<sherr> oru_work: Ubuntu is : /var/log/auth.log
<chocamo> so nobody knows why when I create a user it is not automatically a samba user? thats how it was before I reinstalled. The only settings I ever changed was security = user in smb.conf, but now I have to manually add a samba user and password
<garymc> Do I  need sendmail installed and configured to send emails from my contact website form?
<wack479> sherr: same thing
<wack479> do i have to mount those devices and then do the raid?
<sherr> chocamo: could be related to libpam-smbpass not being installed - but that's a guess. Use with caution.
<chocamo> sherr: it is installed :/
<sherr> wack479: no
<wack479> sherr: didnt think so
<wack479> but its still telling me "no such file or dir"
<wack479> grr
<sherr> Hmmm. it will be something stupid ...
<wack479> yeah exactly
<wack479> and i have spent half of yesterday, and 3 hours on it today
<sherr> It says : raid45: RAID device lookup failure
<wack479> lol
<wack479> what does?
<sherr> raid45?
<sherr> syslog
<wack479> thats weird
<wack479> handnt noticed that
<sherr> and "error adding target to table" ... let me have a look
<bogeyd6> This https://help.ubuntu.com/community/Installation/SoftwareRAID#Installing  is wrong and unneccesary on the partition creation steps
<sherr> raid45 is just the RAID4 and RAID5 dm kernel module ... so that's OK
<sherr> wack479: what controller are these 5 disks on? Anything unusual with the h/w?
<wack479> no, ist just ahci controller on the MB
<sherr> wack479: I'd also check you can a) mkfs and mount a normal fs on /dev/sda1 (say) and
<sherr> b) make a RAID1 mirror of /dev/sda1 and /dev/sdb1 as a test say?
<wack479> sure ill try both
<wack479> mkfs came back with :
<wack479> http://pastebin.com/7qZf7YW2
<sherr> ie. Could not stat /dev/sda1 --- No such file or directory
<sherr> No LVM involved here anywhere?
<wack479> nope
<sherr> Can you re-paste output of : fdisk -l
<wack479> http://pastebin.com/jLD33twf
<wack479> do i need to change type?
<wack479> from the fd?
<sherr> No. I don't see anything wrong. Maybe zero superblocks i.e. mdadm --zero-superblock /dev/sda (sdb,sdc,sdd,sde)
<wack479> mdadm: couldn't open /dev/sda for write - not zeroing
<wack479> *bleep bleep bleep bleep!
<wack479> lol
<sherr> Maybe worth seeing /var/log/syslog for boot up messages and disk enumeration
<sherr> What version of Ubuntu and what kernel?
<wack479> the whole thing?
<wack479> 9.10 server amd64 kernel 2.6.31-20 i believe
<wack479> syslog http://pastebin.com/A1hp5zrX
<sherr> wack479: No tsure what the problem is but something very odd is happening - see all the reports around 13:05:22
<sherr> It looks like udev/upstart is in the mix as well - maybe very relevant i.e.
<sherr> upstart-udev-bridge[29054]: Disconnected from Upstart
<sherr> init: upstart-udev-bridge main process (29054) terminated with status 1
<sherr> init: upstart-udev-bridge main process ended, respawning
<sherr> All around the time we also get RAID failures ...
<Dancdoit> Hi can anybody help me, When i access my server through sftp i can only access my home directory. What am i doing wrong?
<sherr> device-mapper: table: 252:0: raid45: RAID device lookup failure
<sherr> wack479: These "upstart-udev-bridge" reports seem related - definitely suspicious
<wack479> yeah thats weird
<sherr> Might be worth "tail -f /var/log/syslog" (hitting enter to clear space beteen tests) and testing by - fdisk /dev/sda (check log outout), write partition (any logging?), quit (logging?), make a filesystem (any errors?)
<sherr> i.e. keep an eye on log output in other shell while you poke around (disk,mkfs,mdadm) - see where things go haywire ...
<sherr> Maybe a BIOS funny? I don't know :-(
<sherr> Or kernel? New h/w?
<metalf8801> has anyone else run into a problem trying to install Ubuntu 10.04 Alpha 3 using Wubi?
<wack479> ok yeah i will try that
<wack479> i can check and see if there are any bios updates i guess, no, no new hw
<funkiwan> i'm looking for help debugging a broken raid setup. here's some details of my current config: http://pastebin.com/MUJwNvgy
<sherr> wack479: trim the syslog and keep around. It might be useful to show people. I would be interested in all the RAID and udev stuff from the SATA disks on. Particularly the stuff I mention above. Someone who knows more than me.
<funkiwan> i have a working raid1 setup going, i also have an old raid0 setup for swap space that i'd like to decommission and just run them as normal swap partitions, not raided. however, i'm confused about the output i'm seeing under mdadm. can anyone help me think throught this?
<sherr> I don't know if I can handle any more RAID!
<wack479> hahaha that would be my fault funkiwan
<funkiwan> i'm guessing my problem is pretty simple. is there a better place for me to try and get help?
<sherr> funkiwan: what's in : cat /proc/mdstat
<wack479> lol dejavu
<funkiwan> http://pastebin.com/NzuUnnvb
<sherr> funkiwan: I think that's OK - but it is re-building.
<sherr> RAID1 /dev/md0 on /dev/sda1 and /dev/sdb1
<sherr> Rebuilding - 40 mins left
<funkiwan> sherr: correct
<funkiwan> i ran the rebuild command myself
<funkiwan> i'm more concerned about the other partitions
<funkiwan> i'm currently running without swap
<sherr> funkiwan: that's OK
<funkiwan> i was running swap on a separate drive
<funkiwan> but it failed
<funkiwan> so i'm trying to set up swap on these two disks
<sherr> Should be straightforward
<funkiwan> on the unused partions, sda2 and sdb2
<funkiwan> i agree
<sherr> mkswap /dev/sda2 && mkswap /dev/sdb2
<funkiwan> but if you look at the examine output of sdb2, it doesn't make sense to me
<sherr> Doesn't matter really. You are wiping them anyway.Change them to type "swap" in fdisk and do the mkswap (and then swapon)
<funkiwan> it shows sdb2 as part of an active raid (raid0) with two devices, but it only shows one device
<funkiwan> sherr: okay, it's that simple, i'll do it.
<sherr> I think it's just old info i.e.
<funkiwan> i wasn't sure if there was some way i was supposed to remove them via mdadm first
<sherr> You could zero the superblock maybe - see the man page.
<sherr> mdadm --zero-superblock /dev/sdb2
<funkiwan> what does that buy me?
<sherr> It removes md superblocks and so clears md (old) history on the device
<sherr> See the man page and/or google. This is your data! :-P
<wack479> sherr:i almost feel cheated on with ur RAID talk with funkiwan
<wack479> lol
<jcastro> kees: dude I love that "ufw allow samba" and "ufw allow nfs" just works
<jcastro> I don't even have to remember ports anymore
<sherr> wack479: well, let's hope Murphy doesn't strike! ... RAID .. dead simple :-)
<funkiwan> sherr: am i correct in that i need to delete the partion via fdisk and then readd it?
<sherr> jcastro: any chance of a "ufw allow raid"? :-)
<sherr> funkiwan: to make it a swap part.? No. Just use fdisk to "toggle" (t) the partition number to "linux swap".
<sherr> funkiwan: I'd wait until the sync is complete.
<jcastro> sherr: if you buy hardware raid it it's like zero config!
<sherr> jcastro: I'd end up waking up I think ....
<enquora> my 9.10 installation uses GRUB2 and has suddenly started refusing to autoboot from GRUB menu. any suggestions on debugging this? Is it related to the continuing nmdb PID problem?
<funkiwan> sherr: thanks for the tip about waiting for the sync. it completed. i'm going in....
<funkiwan> crud. it appears the rebuild may have failed. state is listed as clean, degraded
<sherr> funkiwan: before looking at that, toggle the part. id's for swap.
<sherr> enquora: what's "nmdb PID" problems?
<funkiwan> sherr: you think having swap available may help the raid1 rebuild?
<sherr> funkiwan: don't think it is necessary. Just quick and easy to sort out.
<sherr> For the rebuild - what's /var/log/syslog say? (last 10 lines or so). Error?
<funkiwan> do i need to be concerned about the error message listed at the end of my fdisk session? http://pastebin.com/P43e6RbU
<sherr> funkiwan: no - but it wants a reboot really. Do both swap partitions - then reboot.
<sherr> Also - I see you do not "p" to print the partition layout - I always use "p" a lot - especially before changing partitions (and having to enter numbers). Just in case.
<funkiwan> sherr: well of course you do. that's why you're the one giving advice and i'm the dumb fool who needs it. thanks for the tip.
<funkiwan> sherr: in the interest of not double-horking my machine, do you think it makes sense to do only one partition for now? seeiing as i have a failing raid1 on these disks?
<enquora> sherr: that was an unfortunate time to install an update and reboot - sorry. There's some funky problem with the Samba upstart job that tries to boot the server before the network interfaces are up, and results in an error booting nmdb
<sherr> funkiwan: yes, reasonable. Any error in syslog about the raid rebuild failing?
<sherr> enquora: in Karmic?
<enquora> yes
<enquora> lot's of old discussion on it, no resolution
<enquora> that can't be the problem with GRUB2 not autobooting, though
<sherr> Ah ... *nmbd* OK ... lucky I'm not running Samba servers on Karmic ...
<kees> jcastro: awesome.  jdstrand rocks.  :)
<enquora> so, anyone on debugging GRUB2-level problems?
<funkiwan> this is the last think i'm seeing w/r/t mdadm in syslog: http://pastebin.com/iyqrUCyW
<funkiwan> sherr: there is continuing output of the RAID1 conf printout: lines. about every five seconds
<sherr> and /dev/mdstat
<sherr> ?
<sherr> /proc/mdstat
<funkiwan> sherr: current output of mdstat and mdadm --detail: http://pastebin.com/u7tgsN1S
<sherr> funkiwan: gone to "spare" now? Hmmm.
<sherr> Anything in /etc/mdadm/mdadm.conf ? Sometimes spares get (incorrectly) configured
<jdstrand> kees: thanks man :)
<funkiwan> sherr: this all started b/c i noticed some weird sounds coming from my disks, like they were starting and stopping. so i checked out mdadm and noticed that it was degraded. so i ran "sudo mdadm /dev/md0 -r /dev/sda1 -a /dev/sda1" and that started the rebuild going.
<sherr> funkiwan: I'm off in a minute - but sounds bad. Could be a real failing disk. Backup is the main thing right now I'd say)
<funkiwan> sherr: it's now listed as active, degraded
<sherr> I would a) back stuff up (in case) then check out "smartctl" (smartmontools) and see if it thinks any disks are failing.
<funkiwan> sherr: thanks for the advice and the help.
<sherr> You could then try a "remove" and an "add" again perhaps ...
<sherr> No problem. Good luck and good night :-)
<marsje> Hi. Can anyone tell me how I can start X windows and start an X app automatically at boot?
<marsje> I have installed xfce4 and xdm, but it doesn't seem to work out of the box...
<marsje> I get a login screen, but after login I get back at the command line login prompt
<jayvee> Hey, who was asking about "ssh -X" not working the other day?
<jaypur> hey yall do you know what are the changes for 10.4?
<uvirtbot> New bug: #537757 in apache2 (main) "PHP modules removed when upgrading apache2 to 2.2.11-2ubuntu2.6" [Undecided,New] https://launchpad.net/bugs/537757
<persia> jaypur: http://lists.ubuntu.com/mailman/listinfo/Lucid-changes has them all : I don't think the release notes willbe useful until Beta2.
<jaypur> persia, thanks
#ubuntu-server 2010-03-12
<Kutakizukari> How do I enable mod_rewrite for Apache2?
<RoAkSoAx> kirkland, are you planning to separate the code of testdrive? so that it would be easier to create a gtk front-end?
<kirkland> RoAkSoAx: i think that's part of the gtk writer's job :-)
<kirkland> RoAkSoAx: but, sure, i would like to see it modularized
<RoAkSoAx> kirkland, ok I'll see what i can do then :)
<kirkland> RoAkSoAx: :-)  \o/
<kirkland> RoAkSoAx: i'm happy to help where necessary
<RoAkSoAx> kirkland, will poke you when needed since i first have to read your new python code :)
<kirkland> RoAkSoAx: cool :-)
 * kirkland does not claim to be a good python programmer :-)
<RoAkSoAx> kirkland, neither do I :)
<RoAkSoAx> i just like it
<kirkland> RoAkSoAx: same here
<RoAkSoAx> kirkland, I actually haven't been coding much in the past two years, just small python project last semester for a class and because I wanted to learn python and there comes my liking to it :)
<histo> Alright I switched boxes now my server is still locking up definately not hardware related.
<histo> it just hangs randomly sometimes makes it 30 minutes sometimes longer.
<histo> Its a dell optiplex 170L
<histo> I did a cli install from the mini.iso. I'm wondering if its some sort of power management thing going on?
<histo> Syslog and message show nothing of help i'm wondering if anyone has any other ideas?  Someone suggested it may be a power issue. so i took the new box off of the battery backup and put it directly in the wall and it still hung.
<qman__> Kutakizukari, IIRC,  sudo a2enmod rewrite
<GhostFreeman> Is there a kernel module to improve performance of ubuntu server inside of a VM?
<Kutakizukari> qman__, thank you.
<\sh> GhostFreeman: hmmm?
<GhostFreeman> I was just wondering if there was a kernel module or a package I could install that would give me access to VirtualBox guest directories and such
<\sh> whatever guest directories are...if you mean to access your guest hd, you could export samba or nfs to the host running vbox easily...but that doesn't improve performance
<GhostFreeman> performance is moot if generic support VT-X (I think it does)
 * \sh runs ESX on dl385 with 32GB ram and 8 300GB sas drives...
<\sh> + adding vmware tools to the standard install layout via puppet == I don't think about performance ;)
<qman__> heh
<qman__> I don't think any of my servers even support VT-X
<qman__> working with old junk here
<GhostFreeman> well i'm running 9.10 from VirtualBox so I can fiddle around with Ruby, amongst other things
<\sh> ah well...boxes without VT-X (my home server doesn't have such things) I would use LXC as para virtualization
<\sh> which uses host io which is sometimes much faster then hypervisors
<qman__> hmm, I'll have to check that out
<qman__> most of my stuff is socket 939 AMD, reasonably quick, but predates all the new virtualization stuff
<GhostFreeman> I was thinking about running VMWare on a Pentium 3 i was gifted
<qman__> ehh
<qman__> single P3? how much RAM?
<GhostFreeman> yeah I felt the same way
<GhostFreeman> it was a double with 1GB
<qman__> that's not really enough RAM, but a dual P3 would be enough to toy with some server on server stuff
<qman__> I've got a dual P3 with ~2.2GB in it
<qman__> it's too noisy to use on a regular basis though
<GhostFreeman> this is the same case
<GhostFreeman> its off most of the time
<\sh>  Intel(R) Pentium(R) 4 CPU 3.00GHz <- no vt stuff...but HT and 64Bit ready ;)
<GhostFreeman> I use it as a duplicate "production-like" environment
<qman__> I installed the HP driver package
<qman__> changed the noise level from "hearing damage" to "vacuum cleaner"
<GhostFreeman> lol
<GhostFreeman> is the machine in question a Proliant?
<qman__> yes
<GhostFreeman> mine too
<GhostFreeman> although its a Compaq era
<GhostFreeman> I didn't even know there were drivers for it
<qman__> yeah, it's a compaq DL380
<qman__> the package was for 9.10, even
<GhostFreeman> is there any benefit to installing the drivers, and is it gettable from apt?
<qman__> not in apt, had to download a deb from HP
<qman__> the main benefit is fan control
<qman__> but it's supposed to add RAID control software and such too
<GhostFreeman> i'll look into this the next time I start it uo
<GhostFreeman> up*
<Emzzzz> http://imggmi.info/DSC-1268362000.jpg/ do my tits look big?
<Error404NotFound> i am trying to configure psad with shorewall. Psad does detect port scans but when i do a iptables -nvL and grep any port-scanner's IP, i don't see anything.
<twb> Error404NotFound: see also #shorewall
<Error404NotFound> twb, done :)
<twb> But if shorewall is doing The Right Thing, it will be using ipsets, not separate rules for each offender.
<Error404NotFound> twb, hmmm, and do you have any idea how do i check that?
<twb> Using the ipset command, I imagine.
<Error404NotFound> twb, no command ipset found :)
<twb> You're not root, or you haven't installed it.
<Error404NotFound> twb, i think its not installed as i am root
<uvirtbot> New bug: #537838 in samba (main) "package winbind 2:3.4.0-3ubuntu5.4 failed to install/upgrade: subprocess installed post-installation script returned error exit status 2" [Undecided,New] https://launchpad.net/bugs/537838
<funkiwan> i'm having some issues with a raid1 array. i just rebooted and the raid array attempted to rebuild itself. now that the rebuild is done, it's writing "RAID1 conf printout:" messages to /var/log/syslog every few seconds, and mdadm is reporting the array as either "clean, degraded" or "active, degraded"
<funkiwan> here's some sample output of syslog and mdadm and /proc/mdstat: http://pastebin.com/XhFWNvA2
<sbeattie> for whatever reason, md thinks that /dev/sda1 is a spare. you'll need to add it back with mdadm.
<funkiwan> sbeattie: sorry, just seeing your response
<funkiwan> any idea why the log file is getting flooded?
<sbeattie> funkiwan: no, I haven't seen that behavior before. What release is this?
<funkiwan> sbeattie: karmic, Linux kubuntu 2.6.31-20-386 #57-Ubuntu SMP Mon Feb 8 11:42:49 UTC 2010 i686 GNU/Linux
<funkiwan> sbeattie: the strange thing is that it seems to be continuosly switching between states of "clean, degraded" and "active, degraded"
<uvirtbot> New bug: #537851 in dhcp3 (main) "dhclient silently ignores unreadable config-file" [Undecided,New] https://launchpad.net/bugs/537851
<Kutakizukari> Where do I put a .bash_profile to use for alias?
<sherr> funkiwan: still looking at raid problems? Any progress?
<twb> Kutakizukari: that question makes no sense.
<funkiwan> sherr: i am
<funkiwan> sherr: seems that my machine is stuck in a loop. you can see the general output here: http://pastebin.com/XhFWNvA2
<sherr> funkiwan: always kicked as a "spare" and always sda ?
<Kutakizukari> twb, lookup Using aliases to speed up checkout on this page. http://drupal.org/node/320
<funkiwan> sherr: yep
<sherr> Check cables and connections to sda etc. - who knows.
<sherr> Have you tried running "smartctl" on it - see the SMART disk status?
<Kutakizukari> twb, says to put it in home directory I did that but did not work maybe /var is the home dir to use?
<Kutakizukari> or /var/www/
<funkiwan> sherr: i did run smartctl on it, with -t
<funkiwan> sherr: and then looked at the test log and it looked clean
<sherr> Maybe : smartctl -iHa /dev/sda
<funkiwan> sherr: just put my head down to the drive. heard what sounded like a small pop, followed by what sounded like a drive spinning down, and then spinning up
<sherr> Well - bad drive I would say. Check the smartctl command on it - but whatever, sounds like you should replace.
<funkiwan> sherr: not quite sure how to read the output: http://pastebin.com/6QeFKEYr
<sherr> Well it thinks all is well - healthy. However, from what you say, the disk is suspect/bad. So, if I was you, I would replace.
<uvirtbot> New bug: #533508 in apache2 (main) "apache2 crashed with SIGSEGV in sapi_getenv() (dup-of: 531706)" [Undecided,New] https://launchpad.net/bugs/533508
<funkiwan> i just tried /dev/sdb for shits and giggles. problems: http://pastebin.com/guprGzW1
<funkiwan> and now /dev/sda1 is listed as faulty
<sherr> Well, sda has "Reallocated_Sector_Ct" at 5 - which could be a failing indicator, otherwise passed/healthy.
<sherr> Maybe try - different cables, different disks, check connections. All assuming you have backup of all your important data. Good luck.
<funkiwan> sherr: thanks for your help.
<alveraan> My python interpreter starts but all imports fail with an ImportError. Even modules in the standard library fail. Tried purging, then reinstalling all python packages but to no avail.
<SandGorgon> hi guys.. need help on openvpn. I need to setup openvpn on a hosted machine which runs a reverse proxy, so that incoming requests to that hosted machine can be forwarded to specific clients (that connect using network-manager-openvpn). My config doesnt seem to work.. and I cant figure out routing.. help
<_ruben_> after reading the thrice i still dont understand what you're trying to achieve
<SandGorgon> _ruben_, sorry.. lemme try again
<SandGorgon> we ought to connect to open-vpn server and get private ip addresses. Someone sends a request to say <openvpn server's ipaddress>:port 8080, then a reverse proxy routes that request to a particular private ip. a different request to port 8081 is routed to different private ip...
<_ruben_> ah, that's a bit more clear
<_ruben_> what have you tried so far ?
<SandGorgon> I havent gotten to the reverse proxy part yet - for starters, I'm trying to setup openvpn, so that I can go to whatismyipaddress.com and see my vpn server's address
<SandGorgon> I have used a particular configuration and all... but I'm simply unable to connect to my server (using my Ubuntu network-manager's VPN tab)
<_ruben_> SandGorgon: for that site to work as you'd expect you'd have to route *all* your traffic over the vpn, as for just providing access to certain sites only a few static routes might be neeeded
<SandGorgon> _ruben_, true.. I'm just trying to work my way up from simple to more fine-grained
<persia> Routing all traffic over the VPN is good practice anyway, if the bandwidth is available : there are a number of ways to use separated networking to arrange a back-door into a private network.
<_ruben_> persia: that highly depends on the scenario i'd say, i'd say for this scenario, its "overkill"
<uvirtbot> New bug: #537978 in dhcp3 (main) "Lucid dhclient can't set hostname" [Undecided,New] https://launchpad.net/bugs/537978
<SandGorgon> are there any openvpn 2.0 configs that I can take a look at - and do I need to mess around with iptables before I can even begin to attempt to connect to my vpn server ?
<persia> _ruben_: It's unrelated to the scenario, but yes, it may be overkill.
<persia> (or at least paranoid networking)
<_ruben_> i really dislike vpn solutions that override your default gateway .. it tends to break more than it solves
<SandGorgon> _ruben_, a lot of people surf the internet using VPNs... in that case does it not override the default gateway ?
<persia> SandGorgon: Depends on the VPN config.  Both methods are in common use.
<SandGorgon> persia, any "10-step tutorials" that I can take a look at... I'm a bit overwhelmed by the amount of config options, tun vs tap, tcp vs udp and bridged interfaces
<persia> SandGorgon: I don't know of any.
<persia> SandGorgon: This is not meant to imply they don't exist: I also haven't every looked for any
<SandGorgon> persia, oh ok
<_ruben_> SandGorgon: vpns in general tend to have a fairly steep learning curve, but once you wrapped you head around the first few hurdles, a lot of the complexity fades away
<_ruben_> the openvpn documentation itself is fairly decent in my eyes, but i must admit i've been building vpns for several years
<_ruben_> btw, the reverse proxy setup might be overkill as well .. if its just about making a select few internal sites available to external vpn users, just push routes pointing to those server to the vpn client
<_ruben_> as tun (routed) versus tap (bridged), tun tends to be most suitable for most cases ... and using udp will give best performance, but using for instance tcp on port 443 will be more firewall friendly (in strict (enterprise) environments)
<SandGorgon> _ruben_, actually use case is a little different - we have certain secure web interfaces (that may be under development at different times by different developers) - these web interfaces have to be made available to the people outside our organization (on a temp basis). This is why, we need to forward incoming requests to the vpn server to specific vpn client machines
<maxagaz> how to egrep a number from x to in  file ?
<erichammond> maxagaz: I couldn't parse your question.  Perhaps you could provide a specific example of what you're looking to do.
<pjanecze> hi, i have ftp server and want to allow for user to read, execute but not to remove file. Someone know how to do this?
<persia> pjanecze: Don't give the user write access to the directory.
<persia> (this also prevents upload, as a side effect)
<pjanecze> but it as you say remove upload
<pjanecze> i want only to not remove files
<pjanecze> is it possible?
<persia> Not with traditional UNIX permissions.  You may be able to do something with the ftp server configuration (to make it not actually comply with the RFC), or with advanced permissions of some sort.
<persia> But that means reading lots of details about how your selected ftp server works: I don't believe there is a common solution.
<pjanecze> thanks, I see it's problem. I will do hard links to all files, think that it's some easier way
<dayo> my onboard NIC has got a shaky lan port. i want to install a NIC but have it be eth0,not eth1. how do i do this?
<sherr> dayo: there are some persistent udev rules you can use. Have a look in /etc/udev/rules.d
<sherr> "persistent-net"
<SandGorgon> _ruben, I hae managed to connect to VPN.. however my regular internet stops - I guess that's a feature. How do I keep my internet going inspite of the VPN ?
<persia> SandGorgon: Route through your concentrator :)
<SandGorgon> persia, cryptic.. I give up.. english please ;)
<persia> SandGorgon: Look at the routes on your client.  I believe by default, everything is being routed through the VPN.  Set up the other endpoint of the VPN to route those packets somewhere useful.
<persia> Alternately, set up split routing on the clients.
<zul> morning
<uvirtbot> New bug: #515274 in bacula (main) "Latest Stable is 5.0.0" [Wishlist,Triaged] https://launchpad.net/bugs/515274
<SandGorgon> hi guys.. how can i ensure that only traffic meant for the VPN's private network (10.8.0.x) goes through VPN and everything else goes through the regular internet ? I would prefer doing it using some directive in the server, so it just works on windows and linux
<pmatulis> SandGorgon: is that possible?  modifying the remote host's routing table would require superuser privileges
<SandGorgon> pmatulis, http://schinckel.net/2008/04/30/openvpn-and-default-gateway/  I do not understand it completely yet though
<pmatulis> not sure if i trust that face
<pmatulis> SandGorgon: so that file he's referring to is on the remote host
<SandGorgon> pmatulis, seems like it
<pmatulis> SandGorgon: but that's not what you're asking
<SandGorgon> pmatulis, I understand what you are saying - I'm just asking for any rule that will cause the tun interfaces on the client to reject traffic not intended for the private subnet
<_ruben> SandGorgon: show us your openvpn server/client configs, you probably either tell the client to override the def gateway, or you push a default gateway from the server
<pmatulis> SandGorgon: just configure your remote host accordingly
<SandGorgon> _ruben, here is my server config http://paste.ubuntu.com/394057/ - I dont actually use a client config, because I want to work within the GUI of network-manager-openvpn (I have only given it the certificates... it connects fine)
<_ruben> SandGorgon: odd, redirect-gateway seems disabled
<SandGorgon> how can I check what gateways do I get (as a client), once I connect to the VPN ? I'm able to ping the VPN server though
<diago> route -n
<SandGorgon> here r my routes - http://paste.ubuntu.com/394064/
<SandGorgon> ah.. seems to be an issue in network-manager-openvpn... esoteric combos of settings
<jo-erlend> i need some advise. i'm going to place a server in a colocation center this month and i'm going to install ubuntu server on it. i want to use lucid, but should i install karmic now and upgrade later or is it fairly safe to install lucid now?
<genii> jo-erlend: I don't think anyone would recommend running alpha/beta OS on a production box
<pmatulis> jo-erlend: consider a pre-production test phase
<jo-erlend> right. but is it safe to assume that an upgrade from karmic will be unproblematic?
<pmatulis> jo-erlend: no
<_ruben> nor will running lucid in production now
<_ruben> upgrades *should* go smooth, but there's no guarantees
<jo-erlend> ok, i have ip-kvm access to it, so i guess i'll go with karmic then.
<jo-erlend> i am concerned about hardware support regressioms though, but the old kermel will still be available after upgrade, right?
<_ruben> do a test install with lucid to check for hardware support, then reinstall with karmic
<jo-erlend> i think i'll do that. thanks.
<reading> hello.
<reading> Does anyone know that Intel s5000pal mainboard 's raid 1 can run in 9.10 server?
<reading> thank you .
<_ruben> reading: most onboard raidchips are merely fakeraid, and using mdadm to do full software will probably give you more control and performance
<_ruben> full software raid i meant
<reading> I think software raid need more resouces than hard raid. So I buy a new machine which with intel s5000pal. But I found installer  couldn't found hard disk when I open the raid 1 in BIOS.
<reading> thank you  _ruben.
<_ruben> reading: depends, if its fakeraid, it'll still use the cpu for most tasks, if its real hardware raid, then you're probably better of actually using that, assuming you can find drivers for it (if not included in the kernel)
<_ruben> after a quick google it seems to be fakeraid
<reading> lol..... fakeraid..  ..Profiteer
<clinton> Can I control the installation graphics mode for Ubuntu Server?
<NCommander> coffeedude: ping?
<reading> to _ruben: when I installing ,the ubuntu installer will ask me :"one or more raid ...found ...active the raid driver?"  .Does that means this is a soft raid?
<_ruben> reading: i think so, i never bothered to mess with fakeraid+linux
<reading> to _ruben:thank you very much!Tomorrow I will "fix" the Profiteer.He tell me it's a hard raid. T-T
<reading> to  clinton : graphics mode for server install? I aways install it at text mode.
<reading> good bye every one.
<jiboumans> smoser: https://bugs.launchpad.net/ubuntu/+source/upstart/+bug/531494 just got updates from foundations with requests for more information. please take a look
<uvirtbot> Launchpad bug 531494 in upstart "cloud-init job not running in eucalyptus without ramdisk" [Critical,Incomplete]
<smoser> jiboumans, i responded.
<smoser> mathiaz, i attempted to boot an instance in DC right now, but it appears the metadata service is down for an instance
<mathiaz> smoser: have you reinstalled the cloud?
<smoser> no
<smoser> it was running, i just added a image and booted
<mathiaz> smoser: ok - it's probably not working as I was working on getting the multi-network installation setup correclty
<smoser> right.
<mathiaz> smoser: I'd like to keep working on that today
<mathiaz> smoser: so I'd say the DC UEC is not working for now
<smoser> mathiaz, well i am not really here right now... have to run, but if you, or anyone could get /var/log/udev from a successful boot of https://bugs.launchpad.net/ubuntu/+source/upstart/+bug/531494
<uvirtbot> Launchpad bug 531494 in upstart "cloud-init job not running in eucalyptus without ramdisk" [Critical,Incomplete]
<smoser> then i'd be much obliged.
<smoser> it seems that on the DC we usually successfully boot, but on kirkland's system, we ususally fail
<mathiaz> smoser: ok
<smoser> mathiaz, but, in order to get that, you'll have to have a working MD service
<mathiaz> smoser: yeah - the current UEC in the DC is on a multi-network installation
<mathiaz> smoser: may the CLC isn't able to talk to the NC
<mathiaz> smoser: or the guest in the NC
<smoser> right... itst that bug we saw before.
<smoser> i think maybe it was postponed form alapha3
<smoser> we'd seen it before.
<smoser> but anyway, if you can at some point get a working instance and grab /var/log/udev that would be great.
<smoser> mathiaz, i posted comments in that bug... if you could, that would be fabulous.
<smoser> if not, i'll get to it Sunday.
<mathiaz> smoser: ok
<smoser> basically, get instance, boot, grab /var/log/udev
<smoser> most of the time "boot" works in DC, but not other places
<smoser> :-(
<smoser> see you all later.  If i'm needed, please feel free to call my cell phone (listed in ldap). i'll check that bug also from time to time. i'm traveling rest of the day.
<wack479> Sherr: are u in here today?
<wack479> sherr!!!!!!
<wack479> u there?
<sherr> wack479: Hey!
<sherr> How are things today? Any news on the raid?
<wack479> yes!
<wack479> it was a conflict between dmraid (device mapper) and mdadm
<sherr> Aah.
<wack479> something similar to this bug i found
<wack479> https://bugs.launchpad.net/ubuntu/+source/mdadm/+bug/442735
<uvirtbot> Launchpad bug 442735 in mdadm "dmraid eats mdadm-managed raid in upgrading from 9.04 to 9.10" [Undecided,Invalid]
<wack479> yep
<sherr> Is it build now?
<sherr> built
<wack479> 4.7%
<wack479> its 4TB worth of space, so its gonna take a while
<wack479> lol
<sherr> Right large disks .... :-)
<sherr> This is why we need ext4 as well .... fsck times!
<wack479> exactly!!!!
<sherr> How did you fix it?
<wack479> sudo apt-get remove dmraid
<wack479> lol
<wack479> then mdadm -create....
<sherr> I'll like to read the bug more carefully - it's open and "undecided". I am interested in why dmraid takes "charge" here and screws up mdadm ...
<wack479> yeah its weird
<wack479> but thats how i fixed it
<sherr> Maybe something in your BIOS - SATA RAID, fakeraid?
<sherr> Anyway - thanks for reporting back and good that it's sorted!
<nevans> does anyone in here know how I can diagnose an ext3 directory's metadata size (NOT "du -sh")?  `ls -lah /var/log 2>/dev/null | head -2 | tail -1 | awk '{print $5 }'` is 156M on one of my servers, with `ls -1 | wc -l` => 101
<sherr> nevans: what do you mean "metadata size"
<sherr> ?
<nevans> sherr: what "ls -l" reports as the size for the dir.
<nevans> normally it only shows 4K or maybe 8K if I've got thousands of directory entries.
<nevans> but in this case, it's showing 156M.
<nevans> And the first time I "ls" the directory, it takes over a minute to display anything (presumably because it has to read all 156M into memory before it can work)
<wack479> sherr: np!
<sherr> nevans: just having a look at the man page. ls -l displays a "total" in blocks.
<sherr> ls -ls - the total per listed file in blocks.
<sherr> You are talking about the "total=" line?
<nevans> sherr: no, not the total line, the one just after it.
<sherr> I don't have anythng after it. An "ls -l" gives me a "total N" line and a list of files/dirs one per line after.
<nevans> https://gist.github.com/694ee0892949a0903315
<nevans> use the -a option.  :)  it's the "." entry.
<sherr> OK. Right ... lots of files somewhere.
<sherr> What about a : du -k /var/log | sort -n 2>&! > /tmp/sizes (if you have space there)
<sherr> Or maybe "sort -rn | less" YMMV
<sherr> Or just a "find /var/log -type f" to a file/console?
<nevans> sherr: most of the dir is in one file that isn't being rotated properly.  /var/log/btmp is 900M, and the rest of the dir (inluding subdirs) is only 300M.
<nevans> someone in another channel suggested it might be unlinked inodes that would go away after a "fsck".  we had a seriously misconfigured logrotate at some point in the past, which made millions of /var/log/foo.log.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.1.gz etc files
<sherr> Wow ... bad. So "btmp" is a failed login attempt file. Tell you something?
<sherr> Never had a problem. The largest I have anywhere is 0 bytes :-)
<nevans> I'm just a little bit afraid to reboot this server anytime soon.  I've inherited it, and the previous admin made it a single point of failure (we're using mysql nss and can't easily log into the other servers when this server is down)
<sherr> I think it is safe to delete /var/log/btmp (will get recreated)
<nevans> I'll try that too.
<sherr> But not sure how trustworthy the system is if that file is so big. last -f /var/log/btmp
<nevans> even so, no matter how large that particular file is, it should only account for one dirent on ".", right?
<sherr> I'd dump a list of all the files/dirs and trawl through it. Sounds like things are a bit messy.
<pjanecze> do someone have experience with firefly (mt-daapd)?
<nevans> sherr: thanks for your help.  :)
<sherr> nevans: not much help - but interested. Good luck - please report in any developments :-)
<timboy> need some help with dhcp. I've got it all set up correctly but I can't access internet from machines connected to dhcp
<timboy> I'm on the server right now and dhcp server declaration is probably to fault...
<sherr> timboy: on the client, is the gateway & broadcast addr correct?
<sherr> As a sanity check - can you definitely manually config the ethernet setup and have it work i.e. internet access?
<sherr> On the client?
<timboy> sherr, sorry, everything looks good to me. I may not have the right settings going to them. I've got my phone providing dhcp to my laptop via usb and from there I'm trying to give internet to my switch...
<timboy> settings on machines are taking.
<sherr> Well, phone/usb/switch/dhcp isn't a configuration I've used ... but it's not rocket science, so should be fixable. Not sure it's a #ubuntu-server topic though.
<timboy> settings phone provides to my laptop are 192.168.0.202 ROUTE and 192.168.0.202 DNS laptop IP is 192.168.0.11
<Ichat> when running  8.04 server, i tried installing transmission-cli  and  transmission-daemon   -  now when connecting to the  webUI local  it runs (fine?)  - but no remote access -   now when i look for    /etc/transmission-daemon.settings.json  its NOT there...   but the app stil works (local) - how can i fix )
<timboy> i set my dhcp server subnet to 192.168.1.0 and dns server 192.168.0.202
<sherr> timboy: "ifconfig -a" might be useful - plus a network topology maybe. Plus "ping" diagnostics? But sorry ... food beckons for me :-)
<sherr> subnet seems odd? Others are 192.168.0.0/24 I assume. Subnet is .1.0? Anyway - back later ...
<pmatulis> is it possible to set up a single ssh forced command for rsync (no remote daemon) that will allow *mulitple* source directories to be transferred to the local host?  a catch-all that will avoid me having to update authorized_keys when i add a directory for saving
<Kutakizukari> Tried to create an alias at sudo gedit ~/.bashrc I created my code from the docs here: "http://drupal.org/node/320" under Using aliases to speed up checkout. When I try my checkoutdrupal I get command not found. What I'm I doing wrong?
<pmatulis> Kutakizukari: i didn't open the link but did you source ~/.bashrc ?
<Kutakizukari> pmatulis, I added my code to .bashrc at ~/
<pmatulis> Kutakizukari: try 'source ~/.bashrc'
<Kutakizukari> pmatulis, I type "source ~/.bashrc" nothing happened.
<pmatulis> Kutakizukari: now: 'alias checkoutdrupal'
<Kutakizukari> pmatulis, returns "alias checkoutdrupal='cvs -z6 -d:pserver:anonymous:anonymous@cvs.drupal.org:/cvs/drupal export -r DRUPAL-6-16 drupal'".
<pmatulis> Kutakizukari: good work
<Kutakizukari> remove alias
<pmatulis> Kutakizukari: what?
<Kutakizukari> that is what it returns but no download
<Kutakizukari> under dir /var/www/
<pmatulis> Kutakizukari: well then your command is faulty.  can't help there.  you alias is as you wanted it
<Kutakizukari> pmatulis, hmmm typed in just checkoutdrupal and now it downloads what did source do.
<pmatulis> Kutakizukari: right, type just the alias name
<Kutakizukari> pmatulis, I was doing that before but it was not working.
<pmatulis> Kutakizukari: source command "sourced" your .bashrc file.  your system does this whenever you log in.  you, however, did not log in so we did it manually
<uvirtbot> New bug: #538178 in mysql-dfsg-5.1 (main) "MySQL crashes after I run sudo apt-get upgrade" [Undecided,New] https://launchpad.net/bugs/538178
<Kutakizukari> pmatulis, do I need to type source it everytime restart my computer?
<pmatulis> Kutakizukari: i said that this is done automatically whenever you log in
<pmatulis> Kutakizukari: so "no"
<Kutakizukari> pmatulis, thank you for the help!
<pmatulis> Kutakizukari: keep on truckin'
<Ichat> anyone here familiar with  transmission-daemon
<hggdh> kirkland: willing to consider a change in testdrive to allow user config files to live under ~/.config/testdrive (and using optparse)?
<kirkland> hggdh: hmm, i thought i added that
 * kirkland checks code
<kirkland> for i in ("/etc/%s" % PKGRC, "%s/.%s" % (HOME, PKGRC), "%s/.config/%s/%s" % (HOME, PKG, PKGRC)):
<kirkland> hggdh: it sources the files in that order, if they exist
<kirkland> hggdh: i don't know what "optparse" is though
<hggdh> kirkland: yes, it goes through /etc/, ~, and ~/.config/testdrive, but the user config file name is fixed on 'testdriverc'
<kirkland> hggdh: is that bad?
<hggdh> I need to have slightly different config files for tests
<kirkland> hggdh: what would you like to call it?
<dasunsrule32> What is the command to change whether a file can be modified at the filesystem level? Not permissions, chmod, etc?
<hggdh> so I added in a fourth option -- either a fully-qualified file name, or one off ~/.config/testdrive
<kirkland> hggdh: so just that file, not a directory?
<hggdh> kirkland: just *any* file -- for example, I have to test with no network access, and with network access
<hggdh> kirkland: and they still all add up, overriding as it does now any changed value
<kirkland> hggdh: sure, sounds perfectly reasonable to me
<hggdh> kirkland: optparse is the python implementation for getopt
<kirkland> hggdh: please file a bug, create a branch, propose a merge
<hggdh> kirkland: will do, thank you
<kirkland> hggdh: we might have trouble getting a FFe for the getopt change
<kirkland> hggdh: i'll assume you'll run with that one :-)
<kirkland> hggdh: but it's in universe, so it shouldn't be too hard
<kirkland> hggdh: cheers ;-)
<hggdh> kirkland: heh, yes. But there is no getopt change, optparse comes in the standard python library
<kirkland> hggdh: sweet, okay, i'm game
<kirkland> hggdh: the current parsing is fragile :-)
<hggdh> bug will be created in a few (as soon as I am done with $CURRENT_TASK
<hggdh> kirkland: rather fragile, yes
<blackxored> hi guys
<uvirtbot> New bug: #537715 in checksecurity (main) "chsecurity (dup-of: 537685)" [Undecided,New] https://launchpad.net/bugs/537715
<kees> kirkland: I've assigned bug 525425 to you; will you have time to check that?
<uvirtbot> Launchpad bug 525425 in grub2 "lucid server/alternate, software raid 1 will not install correctly; unbootable after failed grub install" [High,Confirmed] https://launchpad.net/bugs/525425
<marsje> Hi. Can anyone tell me how I can start X windows and start an X app automatically at boot?
<marsje> I have installed xfce4 and xdm, but it doesn't seem to work out of the box...
<marsje> I get a login screen, but after login I get back at the command line login prompt
<erichammond> marsje: I have the exact same requirement for a work project.  However, the #ubuntu-server channel is probably not the best place to ask questions about X.  You might try #ubuntu
<marsje> erichammond: I was asking here since I'm using Ubuntu Server as my starting point
<marsje> erichammond: if I was using Ubuntu Desktop I wouldn't have this question :)
<sherr> marsje: Servers usually don't have X installed, hence the #ubuntu comment. Are you saying that you run a desktop XFCE? And it doesn't start?
<jeeves_Moss> can anyone here give me sudgestions on how to repair a server that's coming up with "wrong kernel for CPU"?  I have a server sitting @ a site location with UNTRAINED staff that I need them to repair to remotley
<sherr> jeeves_Moss: No other kernel to boot?
<jeeves_Moss> sherr, apparently, when it boots, that's ALL they get (including booting from a live CD?)
<jeeves_Moss> sherr, http://pastebin.ca/1836013
<sherr> What's a "bantu disk image"?
<marsje> sherr: the plan was to run it headless, but one required app needs X, so I want to install a very lightweight desktop
<jeeves_Moss> sherr, it was a type-o
<marsje> sherr: I installed the xfce4 package and I can start it using startx, but I would like it to start automatically at boot
<sherr> Looks like they're installing an amd64 x64 ISO - try the i686 version
<jeeves_Moss> sherr, ok, once they get the "right" disk, what should they do?
<sherr> jeeves_Moss: Don't know. What's installed on the machine?
<jeeves_Moss> ???
<sherr> Is Ubuntu installed on the machine or are you doing a fresh install?
<sherr> Are yoyu "rescuing" a broken system?
<jeeves_Moss> sherr, I'm rescuing a system
<sherr> So - try "fix a broken system" using an i686 live CD perhaps.
<sherr> The error in your pastebin says "This kernal requires an x86-64 cpu, but only detected an i686-cpu"
<jeeves_Moss> sherr, do you have the link to the CORRECT live CD they should d-load?
<sherr> What vrsion of Ubuntu do you have installed?
<jeeves_Moss> sherr, I think it's 9.01.  it's been a long time since I messed with it
<sherr> You might be best to find out .... if you want to use the right rescue CD.
<sherr> CD image mirrors : https://launchpad.net/ubuntu/+cdmirrors
<jeeves_Moss> sherr, thanks.
<sherr> e.g. http://ftp-stud.fht-esslingen.de/Mirrors/releases.ubuntu.com/karmic/
<jeeves_Moss> sherr, thanks
<sherr> That's assuming 9.10 (karmic) - Use an i386 CD.
<sherr> No prob. Good luck.
<jeeves_Moss> sherr, as long as we can get them to boot the live CD, then I can get the kernel issue fixed
<cj> anyone here know who's responsible for the @lists.ubuntu.com domain?  It really needs a SPF entry.
<cj> sorry for being OT... just don't know where to send the question.
<|eagles0513875|> hey guys
<|eagles0513875|> im having some weird keyboard issues with a usb keyboard on an ibm server
<cj> |eagles0513875|: anything interesting in the output of dmesg?
<|eagles0513875|> cj: operator error cable was not plugged in right into the router
<|eagles0513875|> funnily enough that made a difference on keyboard responsiveness strangly enough
<devmod> Hi
<devmod> Any recommendations on some sort of web based system monitoring utility on ubuntu-server repo? (mostly interested on cpu/mem usage )
<sherr> devmod: a few options : cacti, munin, mrtg (all rrdtool based I think)
<Aison> evening
<Aison> I installed ubuntu server on my p4 2.4ghz. Installation was no problem, but when I reboot I allways get the message that no boot data was found.
<Aison> altough the drive is detected by the bios
<devmod> sherr, thanks
<jayvee> I haven't seen mrtg for years.
<hggdh> kirkland: I have yet another change to testdrive... I would like to be able to have my ISO cache in one place, and the IMG on another
<hggdh> kirkland: more to the point, the IMG cache on /dev/shm (so that it will be faster to test ;-)
<hggdh> kirkland: can I submit Yet Another Branch? :-)
<kirkland> hggdh: i use symlinks
<kirkland> hggdh: my caches are in different places too, as i don't want them in my encrypted home
<hggdh> kirkland: hum. What I would like to get is the user not needing any other action but configuring testdrive/running it
<hggdh> and I would like to provide the QA tests with pre-set configs for some tests
<hggdh> and, of course, have a lot of them testers running testdrive
#ubuntu-server 2010-03-13
<MTecknology> In /etc/hosts I added this line - "127.0.0.1 connect.kalliki.com" - but dig connect.kalliki.com still shows 192.168.1.5
<jiboumans> MTecknology: afaik, dig uses your dns at all times
<MTecknology> oh..
<MTecknology> jiboumans: alrighty, thanks :)
<histo> okay figured out why my server was locking up. I had to set the acpi=off in grub to solve the issue on a dell optiplex 170l
<histo> running karmic with all upgrades installed.
<Carter> hello
<Carter> i just installed the 9.10 release(64 bit) and i am having trouble getting to the desktop environment...i logged in but i am at the command prompt..this is my first attempt with linux
<persia> You installed the 9.10 release of Ubuntu Server?
<Carter> yes
<persia> By default, there isn't a Desktop Environment.
<Carter> thats what i thought because i did startx and it wanted to install
<persia> Yeah :)
<Carter> then everywhere i wiki's said the distro comes with it
<persia> You can install Ubuntu Desktop on the machine, but it's generally recommended to run headless.
<Carter> ahh
<persia> (for a server)
<persia> So you might install Ubuntu Desktop on some workstation you use for management, and then install Ubuntu Server on several machines you're managing from there.
<persia> Just because that saves the resources (ram, disk, processor) required to run a desktop environment on a server.
<Carter> ok..thanks i might give that a try
<Carter> well its mostly going to just be a web server
<persia> Yeah, then it doesn't really need a desktop :)
<persia> I think most folk generally just use ssh+byobu to access/manage their servers, and have a richer client envronment somewhere else.
<Carter> yeah ive done a lot of window server environments so i am used to the gui's
<uvirtbot> New bug: #504737 in samba (main) "Poor performance for mounted SMB (windows) shares." [Undecided,New] https://launchpad.net/bugs/504737
<uvirtbot> New bug: #408402 in facter (main) "Main Inclusion Report for facter." [Undecided,Fix released] https://launchpad.net/bugs/408402
<da65> any help pages on how to set up my dedicated server for irc?
<sherr> da65: A search for "irc +server +ubuntu" finds a few pages.
<da65> sherr: ty, looking at inspircd, looks good
<nightrid3r> i need an smtp that will relay based on user/pass and uses ssl
<Anirban> what amount of RAM shld I have on my server to send 35,000 emails of 500kb size per day ?
<persia> How fast do you want to send them?  All at once, or one every couple seconds?
<Anirban> persia : one every couple of seconds
<persia> How often do you plan to process the mail queue?
<Anirban>  will use ubuntu server
<Anirban> everyday 35,000 email , to different clients , its email marketing
<persia> How often do you plan to process the mail queue?
<Anirban> twice or thrice per day
<persia> OK.  So if it's thrice a day:
<persia> You want to process about 12000 mails in the queue, which is going to be about 6GB.
<persia> And you want about 256-512MB for the base system.
<persia> So, for best performance, I'd recommend 7 or 8 GB.
<persia> If you process more often, you need less RAM.
<Anirban> actually I am not very clear abt processing ... whats email processing ...
<Anirban> persia: can u plz explain a bit
<persia> You may want to investigate how mail servers work a bit more before engaging in this plan.
<persia> I don't think I can explain enough in the time I'm willing to commit to make sure you have the knowledge you need to be successful.
<nightrid3r> i need an smtp that will relay based on user/pass and uses ssl
<persia> nightrid3r: Does postfix not work for you?
<nightrid3r> right, i'll look into that
<Anirban> which one do u rcmd for an email server postfix / sendmail ?
<persia> postfix is the recommended mailserver for Ubuntu.
<Anirban> persia : actually I am planning to setup a null client email server .  only one/ two person will log in to that server , draft the email and press the SEND button
<persia> Generally it's easier to compose mail somewhere else and send through a server than compose on a server, but either use postfix and some text-based client, or pick a different mailserver.  I know of none that match that description.
<Anirban> persia : We will use roundcube as email drafting software on server
<uvirtbot> New bug: #538417 in clamav (main) "clamav-daemon 0.96~rc1+dfsg-0ubuntu1 uses deprecated option" [Undecided,New] https://launchpad.net/bugs/538417
<uvirtbot> New bug: #538464 in clamav (main) "clamav-daemon 0.96~rc1+dfsg-0ubuntu1 man page incomplete" [Undecided,New] https://launchpad.net/bugs/538464
<uvirtbot> New bug: #538465 in clamav (main) "clamav-daemon 0.96~rc1+dfsg-0ubuntu1 man page has mistakes" [Undecided,New] https://launchpad.net/bugs/538465
<uvirtbot> New bug: #538470 in spamassassin (main) "wrong dependencies/recommends" [Undecided,New] https://launchpad.net/bugs/538470
<albech> will running rsync daemon on the machine copying from speed up the delta process?
<areay> hi all... none of my clients could log on yesterday, i traced the problem to an nfs error: "lockd: cannot monitor <client>" from the server, and "lockd: server <server> not responding, still trying" from the clients. literally after logging into gdm all i'm left with is a cursor and a brown background... i've tried a 'dpkg-reconfigure nfs-kernel-server', i've tried upgrading the server and clients to fix the problem... unfortunate
<areay> ly the only way i'm even able to log anyone in is unmounting the nfs home directories and remounting individual users' home directories using sshfs (not a sustainable solution)... anyone have any ideas on how i can get my nfs working again?
<areay> using jaunty on the server and karmic on the clients btw... not sure if that's affecting anything
<slick666> Hello all I've tried to install the linux-image-virtual package and it keeps failing to install for me
<slick666> I was wondering if anyone here has had problems with that package as well
<ChmEarl> slick666,  yes - recently wrestled with it
<slick666> did you get it eventually?
<ChmEarl> yes - there is a collision when the extract happens
<ChmEarl> what is the err msg pls?
<slick666> one sec, got to scroll back
<slick666> Done.
<slick666> dpkg: error processing /var/cache/apt/archives/linux-image-2.6.31-20-virtual_2.6.31-20.57_amd64.deb (--unpack):
<slick666>  trying to overwrite '/boot/vmlinuz-2.6.31-20-server', which is also in package linux-image-2.6.31-20-server 0:2.6.31-20.57
<slick666> dpkg-deb: subprocess paste killed by signal (Broken pipe)
<ChmEarl> slick666,  yes exactly my err too
<slick666> did you have to remove linux-image-server?
<ChmEarl> check dpkg -l linux-image*
<slick666> kk
<ChmEarl> see if you have any older versions of server kernel
<slick666> lol, 1 sec I got to post this
<ChmEarl> yes or no is OK
<slick666> yes
<ChmEarl> so you have 31-20 and version?
<slick666> 19, 17, 16, 15, 14
<ChmEarl> ok good. Here's my recipe
<ChmEarl> you want reboot the VM into an older server kernel
<ChmEarl> then since the image-virtual install is colliding you need to first remove it:apt-get remove linux-virtual linux-image-virtual
<ChmEarl> then remove the latest linux-image-server (specify version), then reinstall the virtual stuff
<slick666> ok, cool
<slick666> thanks
<ChmEarl> that worked for me... its great as long as you have fast internet
<ChmEarl> make sure when you uninstall linux-image server that you give exact version
<slick666> will do
<slick666> thanks again
<ChmEarl> np - feliz sabado
<katol> hello, i need to install a most recent version of apache on hardy but it says it is already the "newest version"
<katol> may i use a dpkg from another version or something like that?
<qman__> katol, you will have to install a backported version
<qman__> if you haven't already, enable the backports repository
<qman__> if the version you want isn't backported, you'll have to backport it yourself, find someone else who has backported it on the web, or compile from source
<qman__> or upgrade to a newer release
<katol> qman__: nice, I didn't knew about the backports repository. it should work for this case, thank ou very much :)
<katol> *you
<david_> Looking for name resolution help for linux to windows. I'm running samba. ping machinename -resolves to an external IP address. nmblookup machine name returns the correct internal ip address. What's up?
<david_> machinename is the correct name of a Windows XP machine on the internal network.
<alex_joni> maybe it's defined in /etc/hosts ?
<Ninjix> david_: what do you see when you tail your samba logs?
<david_> checked it's not hosts file on has 2 127 entries. It coming from my local DNS proxy server. How do I get it to do name resolution via samba before DNS?
<persia> Does the lucid linux-image-server support EFI & GPT?
<persia> (or does anyone have any pointers I could use to try to find out?)
<sherr> david_: Samba has DNS specific options in the smb.conf file.
<sherr> Samba will go various places in a specified order to resolve names.
<sherr> But it is not a DNS server.
<sherr> I have had a few runs in with name resolution with Samba/windows/dns/dhcp ... painful sometimes. I have to return to it ...
<Aison> hello, I installed ubuntu-server on my old P4. I built-in some SATA Controller and SATA drive
<Aison> installation worked without any problems
<Aison> but now the machine don't boot?!? the bios detects the drive but claims that it's not bootable
<Aison> any ideas what meight be the problem?
<sherr> Aison: Ubuntu 9.10 server?
<Aison> yes
<sherr> Can you try pressing SHIFT just before you would expect booting to start - see if you get the Grub menu (assuming grub2)
<sherr> If you can get the Grub2 menu - maybe go to the lernel line and "e" to edit, and take off the "quiet splash" options.
<sherr> *kernel line*
<david_> The name resolve order in my smb.conf is: name resolve order = wins host lmhosts bcast. It does resolve correctly through nmblookup -just not thourg the regular ping command.
<Aison> I don't get the menu, because the bios says, the device is not bootable.
<sherr> Aison: Not sure then. maybe boot from CD and try a "fix system"?
<sherr> david_: but "ping" doesn't use WINS
<sherr> david_: sorry ... this is windows "ping" I guess?
<sherr> "host" in smb.conf means use standard *nix name resolution i.e. DNS, hosts file etc.
<sherr> But my brain hurts when I try and think this stuff through sometimes! As I said, I have had trouble with this myself ...
<david_> Mine also. I gues the real problem is that my DNS server returns an IP for a local machine name instaed of failing -my backup software would then try a samba name lookup. Since it getting an external IP address from the DNS server my ping fails. Thanks for the attempt.
<david_> I can put an entry in the hosts file and all works fine. Just a pain from a maintenance standpoint.
<sherr> david_: My laptop is called "thera" and is in my laptop hosts file. I can http browse it. If I try and browse "http://thera" on another machine (with no hosts file entry) it does to DNS and returns an internet company thera.com (IIRC).
<sherr> Have a look at : dnsmasq
<sherr> It is a) a DNS server b) DHCP server.
<sherr> It can server /etc/hosts via DNS and DHCP records via DNS - maybe of use.
<david_> Thanks for the tip -now you have me thinkinhg that I can add the entry to my firewall hosts file and accomplish the same thing. Thanks!
<uvirtbot> New bug: #538561 in samba (main) "audit-messages in the syslog" [Undecided,New] https://launchpad.net/bugs/538561
#ubuntu-server 2010-03-14
<ruben23> hi guys
<ruben23> can i do Active directory and domain controller on mixed linux and windows client...?
<ruben23> any suggestion
<uvirtbot> New bug: #538587 in munin (main) "munin fails to work after reboot (/var/run/munin missing)" [Undecided,New] https://launchpad.net/bugs/538587
<ruben23> any one to suggest..?
<Callum__> ruben23: yes you can
<Callum__> I can't believe my luck hehe, found four unused 300GB drives at work for me to take <3
<Callum__> external SCSI drives that I can use in my server system...
<ruben23> Callum__: can you explain how is done just a background idea
<Callum__> ruben23: a specially configured Samba server can connect to a Windows Server AD-DS forest (but cannot create one)
<ruben23> Callum__: i dont have exisitng AD windows server, just want to start with linux server
<Callum__> ruben23: Samba can only create a NT-style domain, not an Active Directory forest
<jMCg> Callum__: Samba 4 too?
<Callum__> jMCg: I'm pretty sure Samba 4 will be able to create an AD-DS forest...
<ruben23>  Callum__:ok so samba 4 can stand alone to be a DC/AD right for my network..?
<Callum__> ruben23: not sure, plus Samba 4 is pretty unstable right now...
<ruben23> ow ok
<ruben23> whatt can you suggest on my requirements..?
<ruben23> just do simple directory management for mixed windows and linux client
<uvirtbot> New bug: #538594 in munin (main) "Please merge munin 1.4.4-1 from Debian testing" [Wishlist,New] https://launchpad.net/bugs/538594
<shizzle> do you guys use Apache MINA FTPServer to allow users to ftp to the apache www directory?
<shizzle> what should I use to setup ftp to my apache www share?
<jpds> shizzle: vsftpd?
<shizzle> ok yeah i instlaled that and can ftp to my box, but goes to users share
<shizzle> trying to figure out how to make it go to the apcahe www dir
<jpds> shizzle: https://help.ubuntu.com/8.04/serverguide/C/ftp-server.html
<Sattvic> Anyone have experience with Eucalyptus?
<Sattvic> I have a few easy questions for a server admin...
<lullabud> looking for a good network based enterprise backup solution.  anybody have suggestions?
<Sattvic> @lullabud - not jungledisk - way too slow
<lullabud> hah, good to know, Sattvic.  i'll stay away from them.
<lullabud> i can't remember the one we used at my last company... their windows config tool was ridiculous, but their linux stuff was easy.
<lullabud> i am hoping to do something with rdiff-backup to an offsite long-term archive.
<lullabud> or something to that effect...
<shizzle> How can I make all files in a directory inherit permissions from it's directory?
<ubuntuNewBe> hey is this where I can get some help for server applications?
<lullabud> ubuntuNewBe: yes
<ubuntuNewBe> ty lullabud, does anybody here have experience with ssl certs that can answer a question or two?
<lullabud> ubuntuNewBe: fire away
<ubuntuNewBe> I am trying to understand a couple of lines of ssl code on one of the ubuntu pages.
<ubuntuNewBe> what do these 2 lines mean? openssl req -new -key smtpd.key -x509 -days 3650 -out smtpd.crt # has prompts
<ubuntuNewBe> openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.pem -days 3650
<ubuntuNewBe> does the 2nd line create a self signed cert?
<ubuntuNewBe> lullabud, does this line create a root self-signed cert?  openssl req -new -x509 -extensions v3_ca -keyout cakey.pem -out cacert.pem -days 3650
<ubuntuNewBe> I got this line from the instructions to enable ssl on postfix from this page:  https://help.ubuntu.com/community/Postfix
<lullabud> ubuntuNewBe: no, a certificate will usually have .crt for its file extension
<lullabud> here is a tutorial you can check out - http://www.akadia.com/services/ssh_test_certificate.html
<lullabud> you're almost there with what you got
<lullabud> the's just the last line:  openssl x509 -req -days 365 -in server.csr -signkey server.key -out server.crt
<ubuntuNewBe> lullabud, like i said I got this from a ubuntu help page for postfix mail server.  So is this cert secure or not?
<lullabud> ubuntuNewBe: it looks like it's not a certificate, just a request and a private key
<lullabud> you still have to generate your certificate
<ubuntuNewBe> oh okay, I understand what you are saying now.  Another line on the tutorial is:  openssl req -new -key smtpd.key -x509 -days 3650 -out smtpd.crt
<lullabud> crt is a certificate.  csr is a certificate signing request, and .pem is a key store
<lullabud> yes
<ubuntuNewBe> so is that a secure crt?
<ubuntuNewBe> or does it have to signed by a root cert first?
<lullabud> you know, i'm not the best with ssl, so i can't answer these questions with certainty
<lullabud> but, it looks like that's a valid self signed cert
<ubuntuNewBe> okay, no problem
<lullabud> or, rather, it will be.
<ubuntuNewBe> thanks
<lullabud> de nada
<lullabud> good luck with that
<ubuntuNewBe> I apprecate the info, and the link
<uvirtbot> New bug: #370307 in linux (main) "toshiba_acpi cause system lockup with any vt-x usage" [Undecided,Incomplete] https://launchpad.net/bugs/370307
<mrcoodles> hello , im trying to setup zoneminder under ubuntu server 9.1 with a simple webcam. i've managed to save jpegs from the webcam using fswebcam. is there a way i can pipe the output of fswebcam to something that can do streaming for zoneminder ?
<twb> mrcoodles: what kind of stream does zoneminder expect?
<mrcoodles> a lot of stuff i suppose, source type is file , local, remote or ffmpeg
<twb> Sounds like you need to understand what those mean
<uvirtbot> New bug: #507802 in samba (main) "unable to mount location,failed to mount windows share" [Undecided,New] https://launchpad.net/bugs/507802
<uvirtbot> New bug: #421827 in samba (main) "Installing PlayOnLinux  - Starting Winbind hangs" [Undecided,New] https://launchpad.net/bugs/421827
<gop-> how do I rename a user I just created in ubuntu server
<gop-> via cli
<gop-> useradd -???
<Aison> is it possible to install ubuntu server with legacy grub?
<Aison> and not grub2?
<sherr> gop-: usermod modifies user accounts. But I don't think you can rename a user. maybe delete the user and re-create for that.
<alonswartz> hey guys, I just asked this question in #ubuntu-ec2 but maybe one of you know, is there any work being done to automount ebs volumes via udev (on ec2 instances)?
<frojnd> hey
<frojnd> I'm trying to learn some grep commands there :) I'm trying to sort out text from  ~/.recently-used file alphabetically. I tried like cat ~/.recently-used | grep '<URI>' | sort -d but this isn't enough. I'd only like to get from grep: /home/frojnd/Downloads/Proga.odt So without <URI>file:// and without </URI> at the back.. What option would I need to use in order to get sucuh output?
<frojnd> Not just for this line, for may lines that are within ~/.recently-used
<frojnd> any ideas'
<frojnd> ?
<frojnd> I got it with cut :)
<frojnd> cat ~/.recently-used | grep '<URI>' | sort -d | cut -c 13- | cut -d "<" -f1
<steph_uniko> http://apache.pastebin.ca/1839946 <-- got this when trying "apt-get install apache2" (done "apt-get update" before) - running 9.10. any good advises? thanks :)
<uvirtbot> New bug: #538817 in bridge-utils (main) "wake-on-lan doesn't work on bridged interfaces" [Undecided,New] https://launchpad.net/bugs/538817
<uvirtbot> New bug: #538840 in ntp (main) "ntpd should update time faster during boot" [Undecided,New] https://launchpad.net/bugs/538840
<eagles05138785> im sshed into my server and i have openssh-server installed and kde installed yet its complaining about the user not being added to the X group yet there is no group called X any ideas what im missign?
<eagles05138785> im sshed into my server and i have openssh-server installed and kde installed yet its complaining about the user not being added to the X group yet there is no group called X
<uvirtbot> New bug: #538848 in openldap (main) "slapd.postinst doesn't mention configuration conversion step" [Undecided,New] https://launchpad.net/bugs/538848
<uvirtbot> New bug: #538871 in authbind (main) "authbind fail on IPv6" [Undecided,New] https://launchpad.net/bugs/538871
#ubuntu-server 2011-03-07
<uvirtbot`> New bug: #730375 in squid (main) "package squid 2.7.STABLE7-1ubuntu12.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/730375
<ziesemer> Why, after doing "apt-get source linux-image-2.6.35-27-server", does the Makefile in the source directory have "EXTRAVERSION = .11" instead of .27?
<thesheff17> ziesemer
<thesheff17> ziesemer: mine says the same thing..even in 2.6.35-24 says .8 for EXTRAVERSION.
<resno> i am having the worest of luck trying to find the config file for fetchmail. ive done searches (on google and using find/grep) and nothing is turning up, any help?
<thesheff17> resno: /etc/default/fetchmail
<thesheff17> resno: though I see fetchmail is no long supported by ubuntu since 7.10  http://www.scalix.com/wiki/index.php?title=Configuring_Fetchmail_Ubuntu_Gutsy
<resno> thesheff17: ah.... whats the supported method now?
<resno> thesheff17: i was curious why all the guides online spoke of 7.10
<thesheff17> resno: I'm sure you can still use it....though if there is a problem it won't be patched.
<resno> well, the conf files arent showing up. /etc/default/fetchmail, is only for setting up dameon mode..
<thesheff17> resno: I see some saying getmail is a good alternative but personally I don't have any experience with either.
<resno> i dont want to use getmail...
<resno> ive tried it, works well. but not really the method im looking for
<dthacker> hello,  I'd like to rerun the portion of the install lets the user choose metapackages like DNS server and LAMP server.   Is that possible?
<thesheff17> dthacker: tasksel --section server
<dthacker> thesheff17: thanks
<thesheff17> resno: well I would spin up a ubuntu 7.04 and get the config files off there or try to find them on the web.....like I said I don't have experience with either.
<thesheff17> resno: though the mirrors are gone for for 7.04...not sure :(
<resno> thanks thesheff17
<thesheff17> resno: try dapper 6.06
<chrislabeard> If I'm using this webcam_`date +%Y-%m-%d`.jpeg
<chrislabeard> how can I also add the hour
<twb> "webcam_$(date --rfc-3339=seconds).jpeg"
<twb> If you insist, echo "webcam_$(date -Ihours).jpeg" instead
<chrislabeard> twb this is the full line --- streamer -f jpeg -o /var/www/vhosts/chris_ellis/wwmcd.org/backup_`date +%Y-%m-%d`.jpeg
<chrislabeard> backup is supposd to be webcam
<twb> Like I care
<pmiller> kirkland`: lifeless suggests I talk to you re kvm woes
<chrislabeard> So if I'm doing a cron job do I just input the command I want it to run ?
<nigelb> chrislabeard: generally, you write a bash script or something so you can get feedback on wwether it happened etc
<nigelb> chrislabeard: but yeah, you can input the command too
<chrislabeard> nigelb: yeah I'm not too tech I just want cron to take a picture from my webcam
<nigelb> chrislabeard: heh, yes, you can just do that :)
<chrislabeard> nigelb: I have the command so I just did that and told it to do it every hour
<nigelb> chrislabeard: will work :)
<chrislabeard> saweet
<chrislabeard> nigelb: I set up my webcam but accidentally faced it towards the wall so all I'm getting is the wall lol
<nigelb> chrislabeard: haha, no script can help you there :p
<chrislabeard> nigelb: haha yeah
<chrislabeard> I'm bored what should I do with my server
<twb> Why does the MOTD use the definite article for servers?
<SpamapS> hm?
<twb> On my router, I get "Welcome to Ubuntu!", on my servers I get "Welcome to the Ubuntu Server!"
<twb> The router runs -generic because it can't boot -server kernel variant
<twb> It crashes because of lack of PAE in the hardware or something
<SpamapS> Because there are many Ubuntu derivatives, but only one Ubuntu Server! ;)
<twb> SpamapS: I was thinking it was because of the silly assumption that <organization> only has one Ubuntu server
<SpamapS> twb: whoa.. PAE is like.. old
<twb> SpamapS: it's an embedded x86 board, what am I gonna do
<twb> it's not like the board itself can take more than 512MB RAM
<twb> (Soekris net5501)
<SpamapS> twb: the definite article is actually probably just because a non-native speaker wrote it.
<twb> SpamapS: what, in English?
<SpamapS> I'm going to guess a French Canadian.. the translation tends to encourage such additions of The.
<twb> Haha
<twb> You're not one of those .ca canonical support people, are you?
<SpamapS> not me.. but I am working with the canonical support, all the day.
<twb> Haha
<twb> I have this image of you listening to their on-hold music on speakerphone while you're ircing for REAL support
<SpamapS> twb: Seeing as I'm at the 3rd level of escalation beyond said support.. I take that personally ;)
<twb> SpamapS: what issue are you actually trying to get fixed?
<SpamapS> twb: none, when did I ever say I was trying to get an issue fixed?
<twb> SpamapS: what, you're just talking them for the fun of it?
<SpamapS> Its part of the job of being on the server team that we help them.
<SpamapS> twb: if you hadn't noticed, I'm a member of the canonical server team.
<twb> I hadn't
<twb> Oh, I see, you mean "I *am* the third-level support"
<twb> I thought you meant "I'm talking to them"
<SpamapS> Indeed.
<twb> Here, third-level support is the sales team
<SpamapS> Another Misunderstanding(tm) brought to you by the letters, I, R, and C.
<twb> Because after we struggle to fix a problem, they come past and translate from user-speak into meaningful terms
<twb> Like today, <customer> said the server didn't have video codecs on it, but the actual problem was that they were trying to play a DVD which didn't have the movie as the first track, and their player didn't support DVD menus
<SpamapS> At Canonical, level 1 is guys who can help you find docs, bugs reports, etc. Level 2 is guys who can create workarounds, and level 3 is ubuntu developers. ;)
<SpamapS> twb: its tough when customers decide they know what the issue is and won't let go of their idea.
<greppy> it's even tougher when the vendor doesn't beleive the customer :)
<twb> It didn't help that their words appeared to make sense, because we actually implement this weird thing where DVDs get ripped onto the server
<kirkland> SpamapS: made it home okay?
<twb> greppy: yeh.  I didn't believe you could get a TGT when using pam_winbind (not pam_krb5), but apparently you can o_O
<SpamapS> kirkland: yes! Just woke up from the jetlag coma.
<twb> I didn't believe that until I saw it
<SpamapS> kirkland: you mid-return or still in CPT ?
<kirkland> SpamapS: i'm in London now
<SpamapS> kirkland: Thanks for sending over that pic.. that was a really awesome day.
<kirkland> SpamapS: ack!
<pmiller> kirkland: lifeless suggested I talk to you about some kvm virtualisation problems I'm having
<lynxman> kirkland: how long are you in London for?
<quinode> Hi everybody , Im' looking for a way to launch the pgAgent service under the postgres user . I tried the --chuid option of start-stop-daemon but it won't use the .pgpass file of this user (which hiolds the password needed)
<twb> Whoops, just rebooted the VM server by accident
<twb> Fortunately LXC (and upstart) boot *really* quickly; from ctrl+alt+del to <everything is running> was like three minutes
<RoyK> I've seen Windows admins hit ctrl+alt+del to login to linux machines...
<RoyK> disabling ctrl+alt+del can be a good idea :P
<greppy> A friend of mine changed it to play a .wav file.
<Kiall> greppy, genius :)
<twb> The problem was we have a PS/2 DB-15 KVM, but this fucking bios won't accept a PS/2 keyboard for some reason
<twb> So I am typing into a USB keyboard and *thinking* I'm looking at the screen, but I was on the wrong KVM port
<RoyK> greppy: lol :)
<jamespage> jhunt: around?
<jhunt> jamespage: hi
<jamespage> hello!
<jamespage> I have an upstart question which I can't seem to find a good answer to
<jamespage> I need to start a java based process as a particular user - whats the upstart way of doing this?
<jamespage> (currently considering su - $USER or start-stop-daemon)
<jhunt> jamespage: that is currently the best way
<jamespage> which one? su - $USER
<jhunt> jamespage: su that is
<jamespage> thanks  - start-stop-daemon seemed a bit complicated for what I needed.
<SpamapS> jhunt: hallo!
<jhunt> jamespage: I'll add this question to the docs
<jhunt> SpamapS: Hi
<SpamapS> jamespage: the - shouldn't be necessary btw.. it will suck up the login environment of the user.
<SpamapS> jhunt: I'm back from the moon. ;)
<jhunt> SpamapS: good moontan?
<jamespage> SpamapS: yep - just figured that one out!
<SpamapS> jhunt: yes, just narrowly avoided moonburn.
<SpamapS> jamespage: howzit?
<jamespage> SpamapS: good ta - you must either still be abroad or suffering from jetlag?
<jhunt> SpamapS: I've started to rst my upstart notes btw.
<SpamapS> jhunt: fantastic. I think this or next week we should try to have a bit more high-bandwidth session and get all of the things we've produced/found/edditted down into 1 or 2 documents.
<SpamapS> jamespage: suffering mightily
<SpamapS> my stomach thinks its mid-day :)
<SpamapS> my head hit the pillow 'round 8:00pm last night.. I hardly remember anything after that.. woke up at 1:00am as if it were the middle of the day.
<jhunt> SpamapS: agreed.
<ClaudiuT> hello
<ClaudiuT> the output for lshw -C disk for disk1 is "UNCLAIMED" (disk1 being a SCSI disk). Any hints on how can I mount that disk?
<uvirtbot`> New bug: #730620 in openssh (main) "After disabling ipv6 port forwarding does not work anymore" [Undecided,New] https://launchpad.net/bugs/730620
<raubvogel> Easy drbd question: I just created a common {} entry in my /etc/drbd.d/r0.res but when I try to drbdadm create-md all, I am told that common is already defined in /etc/drbd.d/global_common.conf. Can't I just overrule it?
<ClaudiuT> hello
<ClaudiuT> Im trying to use VMBuilder, but I got errors from line 2: ./setup.py: line 2: import: command not found
<soren> ClaudiuT: How exactly are you running it?
<ClaudiuT> ./setup.py ?
<soren> ClaudiuT: You're asking me? :)
<ClaudiuT> no, I'm telling :)
<ClaudiuT> is it wrong how I run it? :)
<soren> Interesting use of punctuation, then :)
<ClaudiuT> sorry :)
<soren> ClaudiuT: No, it's not your fault.
<soren> CraHan: Try this instead:
<soren> Whoops
<soren> ClaudiuT: This this instead:
<soren> ClaudiuT: python setup.py
<ClaudiuT> thank you
<ClaudiuT> I need an advice: I need to install a WIndows 2003 Server on a virtual environment on Ubuntu Server. Do you recommned using VMBuilder or VirtualBox?
<ClaudiuT> obvously, I'm almost a newbie
<jpiche> ClaudiuT, do you have a GUI?
<ClaudiuT> I am now trying to setup xauth and for ssh -X
<TB> https://help.ubuntu.com/10.04/serverguide/C/virtualization.html
<jpiche> I've used xen successfully in that scenario. For non-critical applications I normally use VirtualBox though.
<ClaudiuT> I'd go with VirtualBox too, seems the easy enough
<ClaudiuT> can it be done via ssh -X without xorg and other graphical stuff installed don the server?
<jpiche> ClaudiuT, if it's on a server and you have to have guarantee that it will start back up after a reboot, VirtualBox is probably not the right solution--it really is built for desktop users
<Daviey> jamespage, Do you think bug #669739 qualifies for SRU?
<uvirtbot> Launchpad bug 669739 in tomcat6 "unable to setup ip-based virtual hosting due to "Bugzilla 48612"" [Medium,Fix released] https://launchpad.net/bugs/669739
<Daviey> (to Lucid)
<ClaudiuT> ok, thanks jpiche
<Daviey> zul, did you get my email about bug #728328?
<uvirtbot> Launchpad bug 728328 in nagios-plugins "nagios plugins depend on samba" [Low,Incomplete] https://launchpad.net/bugs/728328
<jamespage> Daviey: lemme take a look
<Daviey> jamespage, rockin'
<zul> Daviey: yep havent acted on it yet
<Daviey> zul, groovy.
<RoAkSoAx> Daviey: howdy! is the ubuntu-server packaged create now or not yet?
<Daviey> RoAkSoAx, uh?
<Daviey> RoAkSoAx, package set?
<RoAkSoAx> Daviey: yeah package set >P
<RoAkSoAx> haha
<Daviey> RoAkSoAx, yes, it's created.... Are you familiar with the process of how to apply?
<RoAkSoAx> Daviey: simply create a wikipage and apply to the DMB
<RoAkSoAx> Daviey: i'll finish recolecting all the packages I've worked on first and then ask for a "review" from you all to see if it is enough
<Daviey> RoAkSoAx, Yeah, makes sense to get your +1's in order before applying.
<Daviey> RoAkSoAx, Also note, it's essential to send your application to devel-announce a week before the DMB meeting.
<Daviey> (at least a week)
<RoAkSoAx> yeah i'm aware of that
<RoAkSoAx> i have to take care of visa stuff for UDS first though
<uvirtbot> New bug: #730674 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 5.1.37-1ubuntu5.1 failed to install/upgrade: subprocess new pre-removal script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/730674
<Daviey> RoAkSoAx, oh yeah!
<jamespage> Daviey: re bug 669739
<uvirtbot> Launchpad bug 669739 in tomcat6 "unable to setup ip-based virtual hosting due to "Bugzilla 48612"" [Medium,Fix released] https://launchpad.net/bugs/669739
<Daviey> jamespage, oh aye
<jamespage> Daviey: I still can't reproduce based on the information in the bug report; I'm gonna dig a bit further into the source as well
<jamespage> no test case == no SRU at the moment
<Daviey> jamespage, yeah, i wouldn't waste too much time on it... The reason i asked is that it was marked Medium, and Fixed upstream - wondered if it was serious enough to SRU
<uvirtbot> New bug: #730696 in vsftpd (main) "package vsftpd 2.2.2-3ubuntu6 failed to install/upgrade: podproces nainÅ¡talovanÃ½ skript post-installation vrÃ¡til chybovÃ½ kÃ³d 1" [Undecided,New] https://launchpad.net/bugs/730696
<jamespage> Daviey: well if I could re-produce the issue yes - however I'm not convinced the upstream bug is actually related to this bug
<uvirtbot> New bug: #730697 in dovecot (main) "package dovecot-common 1:1.2.9-1ubuntu6.3 failed to install/upgrade:" [Undecided,New] https://launchpad.net/bugs/730697
<raubvogel> Where is the mysql upstart script? Is that /etc/init.d/mysql?
<hggdh> smoser`, question for you, if you do not mind: why would an ec2 instance for karmic reboot to a kernel different than the last installed?
<smoser`> not possible
<hggdh> :-)
<smoser`> oh
<smoser`> wait
<smoser`> only possible
<smoser`> karmic can't upgrade or change its kernel
<smoser`> (no pv-grub)
<smoser`> it will *always* reboot into the original kernel
<hggdh> hell
<hggdh> can you gen a new ec2 image for karmic from -proposed?
<hggdh> I thought all kernels after hardy were using pv-grub already
<smoser`> no.
<smoser> and hardy does not by default. you have to launch the instance with --kernel
<smoser> hggdh, heres what i'll do
<smoser> i'll add the stubbed /boot/grub/menu.lst file to karmic images
<smoser> then, you can launch them with appropriate --kernel and then install from -proposed and reboot
<smoser> i am comfortable saying that represents valid test of -proposed kernel for karmic on ec2
<hggdh> ack
<hggdh> please tell me when ready to test
<smoser> i'll kick off a karmic build right now
<smoser> its probably 7 hours later that it makes it all the way out
<jongbergs> hi, i setup an ubuntu server however during installation i forgot to install LAMP package. this computer doesn't have network connection either. can i install LAMP from the CD?
<jongbergs> what command to accomplish this task?
<pmatulis> jongbergs: man tasksel is one way to find out
<RoAkSoAx> kirkland: /win 6
<RoAkSoAx> arrrgh
<uvirtbot> New bug: #730703 in tomcat6 (main) "tomcat6-common missing core libraries" [Undecided,New] https://launchpad.net/bugs/730703
<RoAkSoAx> kirkland: ping?
<Daviey> jamespage, I shouldn't have mentioned tomcat..... new bugs appearing :)
<jamespage> Daviey: ho-hum - better take a look....
<Daviey> jamespage, just run, run and don't look back.
<spydmobile> Hi Folks, I now have a new Raid device in my server, I need a little guidance bringing it to life. here is info : http://pastebin.com/baU0v4Zd
<spydmobile> I am very shy about this sicerver since it is live production
<spydmobile> sicserver =  server
<Daviey> jamespage, [NOT URGENT] - Whilst you've got tomcat on the brain , what do you think of the fix attached to https://bugs.launchpad.net/ubuntu/+source/tomcat6/+bug/707405 ?
<uvirtbot> Launchpad bug 707405 in tomcat6 "tomcat6-instance-create should allow -c -1" [Low,In progress]
<jamespage> Daviey: I'll take a quick look now
<Daviey> jamespage, expect beer.
<jamespage> Daviey: well I like the second part of the fix - that looks OK
<smoser> hggdh, 20110307.1 should pop out tonight on uec-images, and then you can launch with a pv-grub kernel
<jamespage> don't like the way a 'valid' port number if detected in the first part though
<hggdh> smoser, thank you
 * jamespage tries to think of a better way todo it
<Daviey> jamespage, seems like you have similar reservations to what i thought..
<Daviey> it /looks/ ok
<Daviey> but then i started scratching my head.
<jamespage> that said; do we want to refactor this significantly because that it what it really needs;
<Daviey> jamespage, I have NFI :)
<Daviey> ttx, Do you have thoughts on this?
<jamespage> TBH it works; and its something that should be supported IMHO
<SpamapS> what are we talking about btw?
<jamespage> fix for bug 707405
<uvirtbot> Launchpad bug 707405 in tomcat6 "tomcat6-instance-create should allow -c -1" [Low,In progress] https://launchpad.net/bugs/707405
<jamespage> SpamapS: it was really whether there was a nicer way to detect a number in sh
 * SpamapS reads
<SpamapS> dash has some nice abilities for basic pattern matching...
<jamespage> The checkport function really needs a bit of a refactor (not major IMHO) to accomodate the use of -1 for the control port.
<Daviey> zul, backuppc FTBFS
<SpamapS> if you're going to call it a valid TCP port number you probably also need to check that it is between 0 and 65535 too
<zul> Daviey: yes i know
<SpamapS> jamespage: -1 means what?
<jamespage> disabled
<SpamapS> ah I see thats already checked for
<SpamapS> jamespage: IMO this reads simpler and feels less hacky:   if ! echo $port | grep -q "^[0-9]+$" ; then
<SpamapS> hmm thats not quite right
<oneseventeen> I'm going to set up a dedicated mysql server.  Would it be better to use 64-bit?
<SpamapS> oneseventeen: probably yes, since the only real reasons to not use 64-bits when you have them, is to save on RAM with systems under 2GB available
<SpamapS> s/reasons/reason/
<oneseventeen> SpamapS: thanks.  I'll probably only be throwing 2 or 3GB of RAM at first to this system.
<SpamapS> oneseventeen: right, but if you can expand the RAM, definitely do 64-bit
<SpamapS> oneseventeen: otherwise mysqld itself wont' be able to grow beyond 2GB
<oneseventeen> that doesn't change teh volume of data I can store though, just the resources the daemon can use?
<SpamapS> jamespage: FYI I commented on the MP for bug #707405
<uvirtbot> Launchpad bug 707405 in tomcat6 "tomcat6-instance-create should allow -c -1" [Low,In progress] https://launchpad.net/bugs/707405
<oneseventeen> I plan on creating a partition dedicated to mysql databases... is it hard to configure MySQL to use it?
<jamespage> SpamapS: thanks
<SpamapS> oneseventeen: not at all.. you may want to just mount that partition at /var/lib/mysql
<SpamapS> oneseventeen: but if you don't want to do that.. just set datadir=/your/mount/point in /etc/mysql/my.cnf
<oneseventeen> SpamapS: thanks.  it has been a while since I've done any *real* linux work, so I forget how simple it can be to just mount the drive in the right place.
<oneseventeen> just creating the volume now on the SAN, then I'll just mount it to /var/lib/mysql during setup.
<SpamapS> oneseventeen: just make sure /etc/fstab is setup right :)
<oneseventeen> I'm hoping/assuming that if I do this during setup that it will configure fstab properly for me... :)
 * oneseventeen is naieve at times
<SpamapS> oneseventeen: no it definitely will
<oneseventeen> ooh, one more critical question... if I increase the size of the drive can I tell ubuntu to rescan the drive then use the newly allocated space?
<SpamapS> oneseventeen: make sure you setup with "LVM" and you can do that.
<SpamapS> oneseventeen: oh on a SAN you may be able to do it w/o LVM
<oneseventeen> SpamapS: well, teh point is the SAN can expand the volume, but the OS needs to then take up the rest of that volume.
<oneseventeen> basically just resizing/expanding the partition.
<SpamapS> oneseventeen: yeah so you will just have to run fdisk and grow the partition.. then resize2fs (or whatever your chosen FS uses for resizing)
<SpamapS> oneseventeen: but yes, the only thing Linux has a hard time with is resizing / .. which.. I've never understood why someone hasn't solved.
<hggdh> smoser, any change of genninga the Lucid proposed kernel for ec2?
<smoser> genninga ?
<smoser> hggdh, ^
<hggdh> generating
<hggdh> genninga was a weirdly unexpected decision from my keyboard
<smoser> for lucid i would just say use the -proposed from the archives
<smoser> and then when we push to -updates it will get there appropriately
 * oneseventeen is just going to go with a 64GB mysql partition and hope it lasts long enough for him to figure out how to grow it in the future. :)
<hggdh> smoser, perfect. I am, unfortunately, still utterly lost on which kernels need an ec2 image. I am guessing it is only hardy & karmic, correct?
<smoser> well, yes, both hardy and karmic will need akis published
<smoser> for lucid, we will continue to do that
<smoser> (publish the akis, but they're ont used by default)
<smoser> in maverick+ there is only aki
<smoser> err... only pv-grub
<Roasted_> So I ran this command in terminal on my Ubuntu machine, gvfs-mount smb://etc/etc/etc and it changed my prompt to $. Users were trying to help me suggesting it changed something in bashrc, but I logged on another Ubuntu machine on our Windows domain and sure enough, I have the $ there too, so it's clearly not machine-dependent but something happened on the domain itself. Any ideas??
<SpamapS> Should be interesting spending six months working on "oneiric" .. :)
<smoser> for hardy (and after this, for karmic) you should test the kernels by booting with a pv-grub kernel and installing kernels and rebooting.
<hggdh> smoser, so, for testing from now on all I need is boot, add in -proposed, install, reboot. Correct?
<hggdh> erbngeek_, hardy/karmic need the --kernel
<hggdh> smoser, ^
<hggdh> erbngeek_, sorry for the ping (now twice)
<zul> hmm.....samba 3.5.8 is out
<smoser> hggdh, yes. but if you want to boot into the older kernel (after install) you'll have to modify /boot/grub/menu.lst
<hggdh> smoser, thank you
<ikonia> Roasted_: please don't cross post, you posted this in #ubuntu
<Roasted_> you're right, I did. But I'm curious if the folk here could assist me since it very well may be a server related issue.
<ikonia> are you running an ubuntu server ?
<Roasted_> no, but I'm curious if the users here would have happened to have ran into it prior.
<ikonia> ok, so you're not running an ubuntu server, then this channel isn't appropriate
<Roasted_> where do you suggest I ask this question, ikon
<Roasted_> ikonia,
<ikonia> #ubuntu is the best place
<Roasted_> okay, I shall continue to ask my question in there until an answer is had.
<Roasted_> thank you
<ikonia> welcome
<Roasted_> :)(
<Roasted_> :)
<uvirtbot> New bug: #730786 in php5 (main) "package php5-cgi 5.2.4-2ubuntu5.14 failed to install/upgrade:" [Undecided,New] https://launchpad.net/bugs/730786
<panfist> is it possible to add locations to index with locate/updatedb?
<ikonia> panfist: it's a config file, then you run updatedb
<ikonia> panfist: /etc/updatedb.conf ?
<panfist> i see, thanks
<panfist> i have an instance of ubuntu server running on a physical machine on my home network, the purpose of it is primarily to serve a raid array over samba
<panfist> i used to have the raid array mounted in /media because that seems to be the default location for random stuff to mount, but what would be a better place to mount it more permanently?
<panfist> i was thinking /srv/samba/foo or something like that
<panfist> should i actually mount it there or mount it somewhere else and symlink it
<oneseventeen> have any of you mounted iSCSI targets in Ubuntu-server? is it possible?
 * oneseventeen has never used iSCSI in Ubuntu
<pmatulis> oneseventeen: yes, ubuntu can act as an iscsi client or server
<patdk-wk> oneseventeen, I do it all the time
<patdk-wk> I just never attempted root iscsi till recently :)
<uvirtbot> New bug: #730817 in krb5 (main) "Please sync krb5-1.8.3+dfsg-5 from Debian Unstable." [Undecided,New] https://launchpad.net/bugs/730817
<oneseventeen> patdk-wk: are there any guides I can read on how to mount them?
<patdk-wk> http://www.cyberciti.biz/faq/howto-setup-debian-ubuntu-linux-iscsi-initiator/
<oneseventeen> beautiful, thanks!
<oneseventeen> one final (I hope) question before I get started: does anyone use Ubuntu in a VMware VM?
<oneseventeen> I'm trying to decide between the default E1000 NIC or VMXNET 3 NIC
<patdk-wk> always use vmxnet3
<patdk-wk> and pvscsi :)
<patdk-wk> atleast if your on esx 4.1, don't use pvscsi on 4.0
<oneseventeen> that's what I do on Windows, but I normally need to isntall drivers... do I need to install Drivers on ubuntu for this NIC?
<patdk-wk> nope
<patdk-wk> I load up 10.04 with vmxnet3 and pvscsi without modifications
<oneseventeen> what is pvscsi?
<patdk-wk> same for windows, but have to load the pvscsi floppy disk :(
<patdk-wk> faster disk access
<patdk-wk> it's the equiv of vmxnet3 for disks
<oneseventeen> so is that in my SCSI controller settings?
<patdk-wk> ya, scsi adaptor, change type
<oneseventeen> is it the VMware paravirtual?
<patdk-wk> yep
<patdk-wk> paravirtual scsi
<oneseventeen> sweet, got it all set up.
<uvirtbot> New bug: #730469 in samba (main) "samba not working for printer sharing with VirtualBox" [Undecided,New] https://launchpad.net/bugs/730469
<oneseventeen> patdk-wk: any other tips before I create this VM?
<oneseventeen> (system drive will be on a VMDK, but a MySQL data volume will be iSCSI mount)
<patdk-wk> nope
<patdk-wk> I wonder what would perform better though
<patdk-wk> vm->iscsi, or vm->disk (vmdk->iscsi)
<patdk-wk> guess it depends on how well you tune esx for iscsi luns
<oneseventeen> I'm just mounting my iSCSI volume directly in the VM so I can grow it easier in the future.
<blade2112> hello
<blade2112> anyone here?
<oneseventeen> a few people are popping in and out.
<laen> Nope, we're all gone.
<oneseventeen> but you are welcome to ask a question in case we come back.
<blade2112> Just asking
<blade2112> If anyone here available to help me
<oneseventeen> feel free to ask a question and perhaps someone will respond if they know it.
<blade2112> This is ubuntu support, right? Can I ask anything related to hosting websites... etc?
<oneseventeen> (I'm picking up Ubuntu-Server for the first time in several months, so I'm not a great source)
<oneseventeen> This is the ubuntu-server chat room filled with ubuntu-server users who like to help each other out.
<blade2112> ok
<oneseventeen> but I'm sure several of us here have hosted websites using ubuntu-server.
<oneseventeen> what's your question?
<blade2112> ok
<blade2112> I have an ubuntu server, but without a control panel.
<blade2112> So only apache on it.
<blade2112> I want to add my site on it, but I don't know how.
<oneseventeen> I don't have a vanilla install handy, but I think the default website is located at /var/www/
<oneseventeen> so if you put files in there, you should be able to see them when you type the server's IP in a web browser.
<blade2112> yes
<blade2112> when i got to my ip
<patdk-wk> na, he wants something to config the server for him
<patdk-wk> like ebox I think it's called
<patdk-wk> !ebox
<ubottu> ebox is a web-based GUI interface for administering a server. It is designed to work with Ubuntu/Debian style configuration management. See https://help.ubuntu.com/community/eBox
<blade2112> i can add files, html page to my ip...that means my apache server is working...but what I want is to add my domain to it
<oneseventeen> so you want people from the outside world to type in your domain and see the site hosted on your Ubuntu box?
<blade2112> yes oneseventeen
<oneseventeen> Are you hosting this at your home or at a business?
<oneseventeen> (I ask because at home you usually don't have a static IP that is usable from the outside world... it changes every few weeks depending on your ISP)
<blade2112> Now I installed the apache on my server and when I go to my ip i see the webpage and it is working as it should...But I want to add my domain to it so anyone can see the content
<blade2112> Not hosted on home
<blade2112> It's hosted on some web hosting company
<oneseventeen> do you already have the domain?
<blade2112> yes
<oneseventeen> normally you can go into a management site for your domain (from whoever you purchased it from) to have them point it to your IP
<blade2112> Okay
 * oneseventeen hasn't messed with DNS/domain registration outside of shared hosting... hope he gave ok advice
 * patdk-wk runs his own dns servers
<oneseventeen> apparently apt-get intsall doesn't work...
<jpds> oneseventeen: "doesn't work" is rather vague.
<patdk-wk> jpds, looks good to me :)
<patdk-wk> mispelled install
<oneseventeen> yeah, I was just joking about my bad typing skills.
<oneseventeen> took a good 2 min to figure out my error
<patdk-wk> I always blame my fingers
<oneseventeen> so do I just mess with /etc/network/interfaces to set static IPs on my NICs?
<oneseventeen> beautiful, just got a listing of all iSCSI targets on the ubuntu box... thanks for the tips patdk-wk
<oneseventeen> gotta run to get some non-enterprise (aka Apple) hardware looked at.
<ttx> Daviey: looking
<Daviey> ttx, appreciated - Clint added a comment on the merge proposal
<ttx> jamespage, Daviey, SpamapS: I'd rather have another option to say "disable control port"
<ttx> Also note that since it's in sync with Debian, it's good to push it there to keep the sync
<Daviey> ttx, oh aye
<ttx> and it's a bit featureful for post-FF
<Daviey> ttx, do you have a suggestion for a cleaner fix?
<Daviey> ttx, aye, i'd like to get it moving whilst still fresh.. ready for sync from o-series at least
<ttx> ah, -1 is actually something tomcat allows, I see
<ttx> Daviey: SpamapS's snippet sounds good to me
<pmatulis> does dnsmasq have an equivalent to the (missing bind9) option 'topology'?
<Daviey> ttx, What risks do you see with that?
<ttx> Daviey: none, and could definitely be considered a bug :)
<Daviey> ttx, awesome
<Daviey> ttx, fancy commiting it to debian branch? :)
<ttx> ah!
<ttx> I guess I can.
<ttx> Once the branch is updated with Clint's suggestion
<hallyn> where do we go to look over (/proofread) the natty release docs?  help.ubuntu.com seems to only have 10.10.
<zul> good question
<zul> hallyn: i dunno
<genii-around> hallyn: Maybe https://blueprints.launchpad.net/ubuntu/natty/+specs has some useful info for you
<Daviey> ttx, you rock...
<Daviey> hallyn, what do you mean release doc's?
<Daviey> hallyn, This might be what you want?  https://wiki.ubuntu.com/NattyNarwhal/TechnicalOverview
<hallyn> Daviey: i don't think so, though maybe.  at server team mtg it was mentioned (two weeks ago) that we should be looking over the docs for accuracy
<uvirtbot> New bug: #460356 in sysstat (main) "sadc assert failure: *** glibc detected *** /usr/lib/sysstat/sadc: double free or corruption (!prev): 0x08b0f9e8 ***" [Medium,Incomplete] https://launchpad.net/bugs/460356
<Daviey> hallyn, ahhhhhh
<Daviey> hallyn, Well caught.... The docs are stored in bzr... but essentially review https://help.ubuntu.com/10.10/serverguide/C/index.html and look for inaccuracies..
<Daviey> hallyn, The plan /was/ to submit it to sommer... but things might have to be different this cycle
<hallyn> Daviey: thanks!
<Daviey> hallyn, If you generate a list of changes if you find some, we'll get it sorted this week
<uvirtbot> New bug: #726445 in samba "net.samba3 crashed with SIGSEGV in NetFileEnum_r()" [Medium,Triaged] https://launchpad.net/bugs/726445
<uvirtbot> New bug: #498383 in pptpd (main) "pptpctrl crashed with SIGSEGV in strncpy()" [Medium,Incomplete] https://launchpad.net/bugs/498383
<uvirtbot> New bug: #730940 in postfix (main) "package postfix 2.7.0-1 failed to install/upgrade: Ð¿Ð¾Ð´Ð¿ÑÐ¾ÑÐµÑÑ ÑÑÑÐ°Ð½Ð¾Ð²Ð»ÐµÐ½ ÑÑÐµÐ½Ð°ÑÐ¸Ð¹ post-installation Ð²Ð¾Ð·Ð²ÑÐ°ÑÐ¸Ð» ÐºÐ¾Ð´ Ð¾ÑÐ¸Ð±ÐºÐ¸ 1" [Undecided,New] https://launchpad.net/bugs/730940
<soren> hallyn: Where are we on SPICE support in Ubuntu?
<mray> anyone familiar with reimaging servers via PXE and preseeds? My servers are booting from the network, but not downloading the preseed config file
<mray> booting to the installer that is
<highvoltage> you're in luck, there are countless howtos for that
<mray> I know, I'm following the Installation Guide and it's not working
<laen> Wrong guide!
<highvoltage> mray: how are you specifying the preseed file?
<mray> I https://help.ubuntu.com/10.10/installation-guide/amd64/preseed-intro.html is wrong?
<fluvvell> mray: is that like ltsp, and using tftpd ?
<mray>  /var/lib/tftpboot/pxelinux.cfg/default is my syslinux.cfg
<mray> # D-I config version 2.0
<mray> include ubuntu-installer/amd64/boot-screens/menu.cfg
<mray> default ubuntu-installer/amd64/boot-screens/vesamenu.c32
<mray> prompt 0
<mray> timeout 1
<mray> preseed/url=http://192.168.11.7/default.seed
<mray> preseed/url/checksum=d785f425373c0f11a4d8c056866db76a
<mray> the timeout is being picked up, but nothing happens
<mray> hitting that URL from a browser works
<mray> apache's logs don't show any requests
<mray> (except from my browser)
<mray> fluvvell: PXE booting the installer
<RoAkSoAx> mray: you have to add the "auto url=etcetc"
<RoAkSoAx> oh no that's manually enterin it
<mray> heck, if that works I'll try
<mray> I'm reinstalling about every other day, so 1 manual step isn't terrible
<fluvvell> mray: I'm following now.
<RoAkSoAx> mray: yeah I installed couple weeks ago adding the auto url thingy as I pointed you out the other day with no issues
<mray> I'm just trying to avoid anything manual
<mray> since I've got 6 machines I'm working with
<mray> and as I scale, it gets less enjoyable
<RoAkSoAx> mray: http://testcases.qa.ubuntu.com/Install/ServerWhole#Preseeded%20Installation
<RoAkSoAx> mray: indeed! I see your point. I myself looking for everything automated but I guess I'll rely on cobbler eventually
<mray> RoAkSoAx: check for press releases from Cloud Connect tomorrow ;)
<RoAkSoAx> mray: will do ;)
<RoAkSoAx> SpamapS: ping
<oneseventeen> for some reason after a reboot I can't get online with my ubuntu server.
<oneseventeen> interfaces file looks good.
<hallyn> soren: spice support is in ppa:serge-hallyn/spice.  I'd like to package it but need some testers
<hallyn> kim0: is looking at it
<holmser> I am having a heck of a time setting up an openswan ipsec VPN on my server
<soren> hallyn: What do you mean "package it"?
<soren> hallyn: It's already in a PPA, so it must be packaged.
<hallyn> soren: right i meant push it into natty
<hallyn> kim0 is working on MIR
<soren> hallyn: An MIR sounds premature if it's not even in the archive yet. Why not just put it in the archive?
<soren> hallyn: Best way to get testers.
<holmser> I am able to connect to it just fine, but it seems that my NAT is screwed up somehow because I am unable to connect to anything through it
<SpamapS> RoAkSoAx: pong, sup?
<hallyn> soren: how do we go about that?
<oneseventeen> solution was to remove the gateway from eth1 so only eth0 has a gateway.
<RoAkSoAx> SpamapS: bug #729911
<uvirtbot> Launchpad bug 729911 in squid "package squid 2.7.STABLE7-1ubuntu12.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/729911
<RoAkSoAx> your SRU doesn't seem to have fixed the issue
<SpamapS> RoAkSoAx: yeah... I'm thinking that this has more to do w/ running squid in the foreground than an old copy of squid untracked by upstart
<SpamapS> RoAkSoAx: my guess is that when squid is run in the foreground and receives SIGTERM, it somehow doesn't free resources, so the start back up fails.
<SpamapS> Like maybe if there are active requests.
<RoAkSoAx> SpamapS: yeah it is indeed complicated issue. I just hope we don't get as many bug reports :S
<SpamapS> RoAkSoAx: I think unfortunately, we will
<SpamapS> RoAkSoAx: the maintainer scripts also call restart when they shoudn't.
<SpamapS> So thats probably the blanket fix that will stop the bug reports.. but I'm skeptical that this will be enough to stop all problems.
<RoAkSoAx> SpamapS: wouldn't it just be easier to stop before upgrading?
<SpamapS> RoAkSoAx: yes
<SpamapS> RoAkSoAx: what would be easiest, would be to use dh_installinit, which implements the appropriate logic in a uniform manner.
<RoAkSoAx> SpamapS: indeed
<RoAkSoAx> anyway, this reminds me
<RoAkSoAx> SpamapS: in PowreNap the daemon starts threads
<RoAkSoAx> and powernap tracks those threads and whatever
<RoAkSoAx> SpamapS: however, wen I issue sudo restart powernap
<RoAkSoAx> the config is not reloaded
<RoAkSoAx> so I have to stop powernap, and start it again
<RoAkSoAx> what might be wrong?
<SpamapS> restart sends SIGTERM, waits for the pid to die, then starts the job again
<SpamapS> in many ways, restart is like a forced respawn
<SpamapS> so the threads from the managed daemon should die
<soren> hallyn: Well, if it builds and installs ok and debian/copyright is in good shape, all you need is an FFe and we can upload it.
<RoAkSoAx> SpamapS: right but this doesn't happen. So when I restart everything keeps running as I didn't issue the restart command even though it tells me it has
<RoAkSoAx> SpamapS: that's why I have to stop, and then start again
<oneseventeen> does anyone know how to list all drives/volumes (even unformatted ones) on ubuntu-server?
<SpamapS> RoAkSoAx: are you sure powernap is being tracked properly?
<oneseventeen> doh, google knew the answer. sudo fdisk -l
<RoAkSoAx> SpamapS: the job:http://pastebin.ubuntu.com/577218/
<SpamapS> RoAkSoAx: so powernapd does not daemonize?
<holmser> anyone here have any experience with ipsec?
<RoAkSoAx> SpamapS: it does
<holmser> I ran ipsec verify and ip forwarding keeps failing
<RoAkSoAx> SpamapS: it is a deamon (you cannot run it in the foreground)
<SpamapS> RoAkSoAx: then you'd need 'expect fork' or 'expect daemon' somewhere in there
<RoAkSoAx> SpamapS: it is there too :)
<SpamapS> RoAkSoAx: not in the paste you gave me
<SpamapS> RoAkSoAx: chopped at pre-start (actually re-start.. ;)
<RoAkSoAx> SpamapS: http://pastebin.ubuntu.com/577220/
<RoAkSoAx> chopped all above that  xD
<SpamapS> RoAkSoAx: so, when you look at the process in 'ps auxfw' .. is it  init->powernapd  only, or are there actual pids under powernapd?
<holmser> when I run "sysctl -A | grep ip_forward"  I get net.ipv4.ip_forward = 0
<holmser> how do I change that setting?
<soren> holmser: sysctl -w net.ipv4.ip_forward=1
<holmser> thank you soren
<SpamapS> holmser: note that you will need to make that persistent somehow.. the best way is to put it in /etc/sysctl.d/60-something.conf
<RoAkSoAx>  SpamapS only powernap root      7418  0.1  0.0  54044  5204 ?        Sl   17:52   0:00 /usr/bin/python /usr/sbin/powernapd
<holmser> hmm... even with that changed, VPN is still not working
<RoAkSoAx> SpamapS: so I was thinking it may be becuase powernapd starts threads and stuff that are in other files. so powernapd only instances a set of X classes, that can have threading or not
<soren> RoAkSoAx: "initctl list powernap" shows the correct pid?
<SpamapS> RoAkSoAx: It really shouldn't matter. Threads will die with the process. fork'ed children will either die, or become children of pid 1.
<RoAkSoAx> soren: yes it does
<RoAkSoAx> SpamapS: right but either way i don't relaly see it restarting
<soren> RoAkSoAx: After "restart powernap", you still have the same pid?
<SpamapS> RoAkSoAx: whats your evidence? The pid changes right?
<SpamapS> RoAkSoAx: oh wait.. pre-stop .. thats a known bug
<oneseventeen> I'm formating a partition to store mysql databases on, is there a preferred filesystem for ubuntu-server?
<oneseventeen> ext3?
<SpamapS> RoAkSoAx: add yourself to bug #703800 .. I'll mark it Confirmed
<uvirtbot> Launchpad bug 703800 in upstart "restart command fails to restart main process when pre-stop stanza exists" [Undecided,New] https://launchpad.net/bugs/703800
<RoAkSoAx> soren: yes it does
<RoAkSoAx> SpamapS: the pid doesn't change
<SpamapS> yeah, restart is b0rked when there is a pre-stop
<SpamapS> RoAkSoAx: this is part of the reason /sbin/upstart-job doesn't use restart... its just a weird command
<SpamapS> err
<RoAkSoAx> SpamapS: yeah indeed it is upstart
<SpamapS> err, /lib/init/upstart-job
<RoAkSoAx> SpamapS: will post-stop work
<RoAkSoAx> ??
<RoAkSoAx> or does that even exists?
<RoAkSoAx> :)
<oneseventeen> does anyone know where mysql saves database files? I forget
<SpamapS> RoAkSoAx: yes and yes
<thesheff17> oneseventeen: I have used ext4...but if you want to be able to freeze the file system you have to use a different type.
<RoAkSoAx> SpamapS: i guess I'll to change things then, thanks :)
<oneseventeen> ha, /var/lib/mysql
<SpamapS> RoAkSoAx: does it make sense to powerwake-now *after* powernapd is stopped tho?
<oneseventeen> thesheff17: thanks
<oneseventeen> eek, didn't realize the time, later everyone and thanks for all the help earlier!
<RoAkSoAx> SpamapS: not really but i'll change the logic
<RoAkSoAx> i mean, what powerwake-now does in that case is only good when in PowerSave nmode wich will run other scripts to ensure that the system is restored as original
<SpamapS> RoAkSoAx: I'd rather see the logic right, and not use restart, than use complicated logic to enable a command that I never recommend people use.
<RoAkSoAx> so post-stop I'm just planning to grepping the config and if it is configured to poewrsave then run the command necessary to restore everything bug to original
<RoAkSoAx> s/bug/back
<SpamapS> RoAkSoAx: but if somebody stops powernapd .. there won't be a state to query will there?
<RoAkSoAx> SpamapS: for exmaple, in the config ACTION_METHOD=0, will run pm-powersave true|false when entering into a powersave start or leaving it respectively
<RoAkSoAx> SpamapS: the pre-stop part in upstart only ensures that pm-powersave false is run to rollback the changes, if any, to original
<RoAkSoAx> SpamapS: these changes are , for example, turn off the 3 CPU cores of the 4 that pm-powersave true turned off
<uvirtbot> New bug: #730995 in squid (main) "package squid 2.7.STABLE7-1ubuntu12.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/730995
#ubuntu-server 2011-03-08
<SpamapS> zul: is the sru tracker working?
<nertil> what is phy0 on ubuntu server?
<pickett> wireless card
<nertil> ah ok
<tazmania> good morning folks.  I have previously installed ubuntu server 10.04 on a flash drive.  However, the drive failed on me yesterday with mainly mount errors on /root and other directories.  I have tried to use fdisk, fsck, e2fsck, and mke2fs to fix the superblocks with no luck.  What else can I do?  I am able to see the files on the flash drive when I plug it into another ubuntu desktop.
<zul> SpamapS: i think its in the processing of being moved ill look at it in a bit
<mil132> I have a strange problem... ESXi reports that the server is useing more than its provisoned storage, but when I go into ubuntu, it reports useing less than 10%
<zul> SpamapS: give it half an hour its resyncing the database
<zul> SpamapS: ok its updated
<rnigam> Just created a new kvm guest. Tried to do a virsh shutdown 'vm1' but no response. Infact the guest doesn't seem to react to any command. Any ideas anyone?
<rnigam> host is a ubuntu server 10.10 and guest 10.04
<pmatulis> rnigam: start or destroy don't do anything?
<rnigam> pmatulis: Start and destroy work. Just checked. Wonder why shutdown doesn't
<thesheff17> rnigam: I believe I have the same problem...I usually just do shutdown -h now inside the virtual machine.
<rnigam> thesheff17: someone at virt tells me it might be because acpid is not supported/cconfigured for the guest. No power control support enabled at the start up ! Wonder if we could do it in the xml config file !
<rnigam> Also I now have a different prob... I tried to login to the console after following the thread: http://ubuntuforums.org/showthread.php?t=1159220 and the guest froze on the "connected to domain vm1" screen now
<rnigam> nothing works!
<pmatulis> rnigam: https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/220938
<uvirtbot> Launchpad bug 220938 in libvirt "unable to shutdown a guest domain " [Undecided,Invalid]
<thesheff17> rnigam: yea I just confirmed it
<thesheff17> rnigam: with 10.04 on 10.04
<thesheff17> there is also a bug where I have to change raw to qcow2 everytime...I'm sure there is another bug for that :-/
<thesheff17> ah let me try this acpid package...and see if it works.
<thesheff17> rnigam: ah never mind I was just impatient..it works fine on 10.04 w/ 10.04 I'm using vmbuilder  to build the instance and it does have that stuff in the xml file and acpid installed by default.
<thesheff17> I pass it packages 'wget cron vim ntp ntpdate ssh xvfb build-essential linux-headers-virtual locate vpnc acpid clamav chkrootkit rkhunter puppet' during install...it has been a long time since I looked at my custom script.
<patdk-lap> how can I tell if a fs is ext2/3/4?
<thesheff17> patdk-lap: /etc/fstab if it is mounted
<patdk-lap> heh?
<patdk-lap> fstab has nothing to do with if it's mounted
<patdk-lap> fstab only contains what you tell it
<thesheff17> patdk-lap: well right :)
<patdk-lap> so completely useless
<patdk-lap> looks like ext3
<twister004> hi guys... i have an ubuntu 6.10 server.... I have some crons running on it(data backups)... how can i determine if these cron jobs completed successfully
<twister004> logs in /var/log/syslog doesn't say if the cron completed
<rnigam> thesheff17: Did you try  changing the setting in the guest xml config for getting the acpid running? is it working smoothly now?
<thesheff17> rnigam: yea make sure you have acpid installed and that part of the xml file about <features> <acpi/> </features>
<twister004> guys.. i need cron logs inorder to send out emails once backup cron jobs have completed
<thesheff17> patdk-lap: file -s /dev/sdc1 should tell you :)
<twister004> what is the easiest way to send cmd line emails using ubuntu?
<twister004> i have sendmail installed
<patdk-lap> LUKS encrypted file, ver 1 [aes, xts-plain:sha512, sha1] :)
<rnigam> thesheff17: That particular entry has been there all the while. How do I install it using virsh.?
<rnigam> is it possible?
<thesheff17> rnigam: you have to get inside the vm...then apt-get install acpid or do it when you build the vm.
<rnigam> thesheff17:I am not getting the console also to the guest ? any suggestions on what all I can try out?
<thesheff17> rnigam: I actually have never used the console..I have either used ssh or virt-manager. I'm looking to see if I can get in my mv through the console command.
<thesheff17> rnigam: I have used virsh...just not the console command.
<rnigam> thesheff17: I am running a server edition of ubuntu that doesnt have GUI display
<rnigam> virt-manager or virt-viewer would not work I believe !
<thesheff17> rnigam: true..I have a ton of ubuntu desktops laying around.
<rnigam> thesheff17: Anyway we can specify the ipaddress for the guest while creating it?
<thesheff17> rnigam: yea of course
<rnigam> i used vmbuilder !
<rnigam> while creating it
<thesheff17> rnigam: http://paste.ubuntu.com/577294/ here is my very long command I use a script to build all the params.
<rnigam> thesheff17: vmbuilder kvm ubuntu --suite maverick --flavour virtual --arch i386 -o --libvirt qemu:///system --ip x.y.z.a --hostname 'ubuntu-vm1' --cpus 2 --mem '2048' --rootsize '8192' --swapsize '1024' --mask x.y.z.a --bcast x.y.z.a --gw x.y.z.a --dns x.y.z.a
<thesheff17> rnigam: I use --firstboot to inject my SSH keys into the virtual machine...then I can ssh right into it.
<rnigam> ahh i see !
<thesheff17> rnigam: http://paste.ubuntu.com/577295/ my boot.sh with my key removed.
<thesheff17> rnigam: I'm still looking at the console stuff...I would like to get that to work...one day I may not have a GUI :)
<rnigam> thesheff17: that's one ugly way of creating vm's. We need to quickly work on writing config scripts that can do it !
<rnigam> to work around the paramters easily !
<thesheff17> rnigam: I build my virtual machines through a python script.
<thesheff17> that generate that huge long command
<rnigam> ya i was writing a shell script now
<thesheff17> rnigam: I'm also starting to look into http://www.eucalyptus.com/ I have done a ton of work with boto on the EC2 cloud...and the boto EC2 library is great.  I have used virsh and vmbuilder for years now though with great success.
<rnigam> thesheff17: interesting. I would love to experiment some stuff over the ec2 cloud.
<rnigam> for now I have to go. Thanks for all your help. See you around.
<cn1209> hello. I'm currently trying to reduce the size of my ubuntu-server. It's a VM and unfortunately the size has been allocated so I can't reduce it. Is there a way to backup an entire image of the server using something like dd backup that would create a backup image smaller than the actual server HD size? (only used space)
<thesheff17> rnigam: see ya
<thesheff17> cn1209: are you using virsh?
<cn1209> thesheff17: No. I'm using VMWare ESXi
<thesheff17> cn1209: haven't used vmware ESXi...though there should be a tool to do it build into vmware.  I used to use vmware 1.x free version and there was a command to shrink the virtual machine when it was off....not to many people here actually use vmware anymore.
<thesheff17> twister004: I use this perl script to call sendmail from the command line: http://paste.ubuntu.com/577300/
<cn1209> thesheff17: Unfortunately the image has been set to a certain size. So I believe the only way would be to shrink it within ubuntu. With that said, I wonder if I make a backup image within ubuntu; is the backup image going to be only the size of the used space and not the entire physical drive size?
<twister004> thesheff17: sendmail is not running on the machine.... I have an exchange server in the same subnet(windows)... can I use some mail client to relay messages through this server?>
<thesheff17> twister004: yea sendmail support a relayhost param...can you not run sendmail?
<twister004> thesheff17: whenever I use cmd line to send mail.. I get the following message when I execute 'mailq'
<twister004> il paste the error
<thesheff17> cn1209: I would just backup the valuable data and re-create the vm with the drive size you want...that would be the safest option.
<twister004> thesheff17: http://pastebin.com/QPH4caNV
<cn1209> thesheff17: That'll work. Was just trying to skip that process :). But that will get the job done. thanks
<twister004> thesheff17: any idea what's going on??
<thesheff17> cn1209: look at the vmware ESXi shrink command
<thesheff17> cn1209: what I would do inside the vm is wipe the rest of the drive with 1's using dd then try to use shrink.
<smoser> hggdh, i'm sorry.. i was wrong about karmic.  karmic don't have a kernel inside the images so the quick trick I tried (just putting a /boot/grub/menu.lst in the image) is not sufficient
<thesheff17> twister004: I would watch the /var/log/mail.log I bet the relayhost isn't working correctly
<twister004> thesheff17: its the same error on the logs
<thesheff17> twister004: have you configured sendmail?  I would also try postfix if you are not familiar with sendmail.
<twister004> thesheff17: how can i use postfix to send mail via cmd line?
<twister004> :D
<twister004> i dont know much about postfix
<thesheff17> twister004: postfix I believe still uses sendmail..to send yea...I don't know a ton about this...just enough to send emails using that perl script.
<thesheff17> twister004: so try apt-get install postfix and add relayhost = xxx.xx.xx.xx /etc/postfix/main.cf restart postfix and try that perl script and see what the logs say.
<kunal_> hi guys, playing with ubuntu on ec2 for the first time... wondering if there was a trick to the IP setup. i've given it an elastic IP, but getting this error on "service apache start"
<kunal_> (13)Permission denied: make_sock: could not bind to address 0.0.0.0:80
<thesheff17> kunal_: are you running as root or sudo?
<nijaba> Congratulations Daviey!
<jdepi> Hi all, a small question: I noticed that ubuntu 10.04.2 LTS has quite old libvirt versions (libvir 0.7.5) which lacks many functions, like managedsave or snapshotting.  What's the recommended way to get the latest versions there?
<jdepi> ((ubuntu 10.10 has libir 0.8.3 which incorporates snapshotting etc))
<nijaba> jdepi: first look into backports to see if the version you want is there
<jdepi> I'm a little concerned to run critical VMs on a non-LTS version...  What is your opinion about this?
<nijaba> jdepi: if it is not, then you have 3 choices: 1-upgrade to 10.10, 2-wait until next LTS(12.04), 3-Mess around with packages
<nijaba> jdepi: I would have the same concerns as you
<jdepi> thanks :-) but not very comforting
<nijaba> jdepi: but only if I know I won't be upgrading that machine in the next 12month
<jdepi> nijaba: i don't quite understand what you want to say?
<nijaba> jdepi: non LTS versions are as stable as LTS ones, they just have a shorter life cycle
<jdepi> aha
<jdepi> ok, sorry, of course
<jdepi> nijaba: it's 'just' a VM host, which will run our business's mail server (W2003-DOMINO) as a KVM
<nijaba> jdepi: I see...  try to discuss whith hallyn when he is around, as he has been doing most of the KVM/qemu maintenance since 10.04
<ClaudiuT> grr, I'm not seeing 250-AUTH LOGIN PLAIN after running ehlo mail.mydomain.com on telenet
<ClaudiuT> all settings are done according to https://help.ubuntu.com/10.10/serverguide/C/postfix.html
<ClaudiuT> I get only this: http://pastebin.com/XUAwnaPA
<jdepi> nijaba: thanks, i'll try
<nandemonai> Tried checking the logs ClaudiuT?
<jdepi> nijaba: backports doesn't offer me an upgrade for libvirt :-( so i'll upgrade to 10.10
<RoyK> http://karlsbakk.net/nfs-debug/ <-- anyone here that knows what may be the problem with the andy-urd-debug.pcap? server 'andy', running linux, is losing contact with the nfs server, which is running OI 148. I can't figure out who to blame - client or server. A correct mount is shown in door-urd-debug.pcap
<memoryleak> hi there
<memoryleak> hwo can i force aptitude to remove mysql-server including config and databases?
<memoryleak> i want to restore the state wher it was out of the box before i touched mysql package
<joschi> memoryleak: `aptitude purge` should do the trick
<memoryleak> but it doesn't
<memoryleak> still have /var/lib/mysql/* and /etc/mysql/*
<memoryleak> and after reinstall it doesn't ask for a new root password
<memoryleak> if i remove theme manually, mysql doesn't start after reinstall because of missing configuration (it doesn't create a new config)
<memoryleak> so is there a way to fix this?
<joschi> sounds like a bug to me
<joschi> have you checked the launchpad bugtracker for the mysql-server package?
<joschi> if there's no bugreport for this, you might want to create one
<memoryleak> it seems that other ppl have this issue too
<brontosaurusrex> hi, how would i go about dns and international chars in domain names? for example where do i park a domain : Äubuntu.si for example?
<Daviey> brontosaurusrex, can you clarify what you want to do?
<Daviey> brontosaurusrex, You want to do something with a nameserver, or a parking provider?
<brontosaurusrex> Daviey: well, it appears i have to park it to some dns provider, and it appears that i have to use punycode encoding , would that sound right?
<SpamapS> Daviey: this squid problem seems to be mostly due to restart being a really, really awful command in upstart. :-/
<Daviey> brontosaurusrex, yes... and example of this http://â.daviey.com which is really xn--n3h.daviey.com
<Daviey> SpamapS, urg
<Daviey> SpamapS, We haven't had as many hits as 12.1... Does this mean that it doesn't hit everyone?
<SpamapS> Daviey: the problem is that the 'restart' command that is used doesn't actually reload the new squid.conf
<SpamapS> Daviey: so its a problem, I think, thats been ticking away like a time bomb waiting for an SRU..
<SpamapS> Daviey: once people have installed 12.1 *and* stopped/started the service, all is well.
<Daviey> SpamapS, so does this need an upstart SRU to do that, or do we need to work around it?
<SpamapS> There's no fix for upstart.
<brontosaurusrex> Daviey: right, any weirdness i can expect with apache and virtual hosts?
<Daviey> brontosaurusrex, no
<SpamapS> Daviey: no we need to fix the squid maintainer scripts to call stop/start instead of restart
<brontosaurusrex> Daviey: cool, thanks
<Daviey> brontosaurusrex, the browser sends the normal domain, not wacky chars :)
<Daviey> SpamapS, ah
<brontosaurusrex> Daviey: i should define the host as whacky or as 'normal' in apache?
<SpamapS> Daviey: bug 726348 was opened a bit ago to address that... but it hasn't been triaged yet.
<uvirtbot`> Launchpad bug 726348 in squid "squid's maintainer scripts call start/stop directly instead of using invoke-rc.d" [Undecided,New] https://launchpad.net/bugs/726348
<Daviey> brontosaurusrex, 'normal' :)
<brontosaurusrex> ok, ty :)
<SpamapS> Daviey: I think I'll go ahead and submit a fix for that.
<Daviey> brontosaurusrex, not that i have tried putting punycode there... it /might/ work..
<Daviey> SpamapS, Rockstar!
<SpamapS> Daviey: unfortunately I think we've cocked up a few peoples' servers quite nicely with this circus. :-/
<Daviey> SpamapS, Yeah, kinda embarrassing.. :)... but to be fair, i found it quite hard to reproduce the behaviour myself
<Daviey> and 12.2 worked fine for me :/
<Daviey> and... seems to have worked for lots of others, otherwise they would have reported it again
<Daviey> AIUI the bug reports are for those going from 12->12.2 ...
<SpamapS> Right, I've even tried loading up a squid proxy with 5 big downloads.. the restart seems to work. The only confusing thing is that it doesn't run squid w/ -N .. so the bug is still present even after upgrade
<Daviey> SpamapS, Those that upgraded from 12.1 would have already restarted squid, hence got the new upstart conf :)
<SpamapS> Daviey: well, not restarted... they'd have had to do a stop/start
<LyonJT> Hey all!
<SpamapS> Daviey: keybuk explained that restart is used to do basically a forced respawn.
<LyonJT> Could someone please help me with setting up postfix & dovecot?
<SpamapS> Daviey: its not supposed to start a new job file (which is really, really weird and totally different from sysvinit scripts)
<Daviey> SpamapS, oh yeah
<Daviey> SpamapS, ho hum
<Daviey> SpamapS, you should surely be asleep?  TZ fun?
<SpamapS> Daviey: still chasing the jetlag dragon
<Daviey> SpamapS, living the dream, clearly.
 * SpamapS hums Mighty Wingman
<SpamapS> Hrm.. so I'm basically reverting squid v 2.7.STABLE7-1ubuntu12 at this point.. I wonder if that will reintroduce bug 552360
<uvirtbot`> Launchpad bug 552360 in squid "package squid 2.7.STABLE7-1ubuntu11 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [High,Fix released] https://launchpad.net/bugs/552360
<SpamapS> argh.. which has zero explanation of the analysis
<Daviey> SpamapS, Awesome.
<SpamapS> Daviey: I actually think bug 552360 might be the same bug
<uvirtbot`> Launchpad bug 552360 in squid "package squid 2.7.STABLE7-1ubuntu11 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [High,Fix released] https://launchpad.net/bugs/552360
<SpamapS> Daviey: given that there's no mention of how to reproduce 552360 in the report.. its possible the fix was just a guess.
 * Daviey looks
<Daviey> http://launchpadlibrarian.net/44432994/squid_2.7.STABLE7-1ubuntu11_2.7.STABLE7-1ubuntu12.diff.gz
<dougiebear> I am setting up a system using 6 servers (4 Ubuntu, 2 Windows). There will be 3 people accessing the machines. What is the best way to manage user accounts / passwords to keep in sync between all six machines?
<speakman> hi folks! Not sure this is really the right channel, but I guess there's a few RAID gurus in here. I'm having two OCZ Vertex 2 120GB SSD disks in RAID0 (striping!) as my only system disk. But sometimes (randomly afaict) it can't assemble them corrently at boot. Ubuntu asks me if I'd like to start the system degraded, how that's possible on striping.. :)
<speakman> According to dmesg, both sda1 and sdb1 (which becomes my md0) is found, but still it doesn't assemble them on boot.
<speakman> Running mdadm --assemble /dev/md0 manually from busybox have no trouble assembling them.
<speakman> Any ideas?
<SpamapS> speakman: are they both partition type FD?
<speakman> SpamapS: yepp, linux raid autodetect
<speakman> It does work too, but it's fails randomly. About two out of three times I have to reboot and try again.
<speakman> Sometimes I think it might need a tiny delay somewhere in the boot process. But I'm not really sure where to put it. And how.
<SpamapS> weird
<speakman> yes, very
<SpamapS> the kernel should be handling that IIRC.. i wonder if we do something silly w/ mdadm to foil that
<speakman> Running "mdadm --assemble /dev/md0" from the busybox prompt which shows up if boot fail, it has no problem assembling my raid setup.
<speakman> dmesg also tells me both disks (and partitions) are present
<SpamapS> yeah so i wonder if we are doing something odd like storing a stale config in the initrd
<speakman> it's a fresh install of ubuntu maverick. Every setup has been made during installation.
<speakman> not sure what you refer to as stale config?
<speakman> hm.. isn't configfs built into ubuntu kernel?
<SpamapS> speakman: yes, but you could have a conflicting mdadm.conf
<SpamapS> speakman: you may want to report this as a bug
 * SpamapS notes that mdadm has a *lot* of bug noise and needs some serious triage love.. :-P
<speakman> :(
<speakman> SpamapS: but how could mdadm.conf be conflicting? I can find only one entry in there.
<speakman> wanna see it?
<hggdh> smoser, it was worth a try
<speakman> ?
<speakman> me?
<smoser> hggdh, yeah, sorry i didn't realize that.
<SpamapS> speakman: no I'm just speculating
<smoser> i think we should just live with karmic as is for 3 months
<smoser> i will build a -proposed for karmic for you hggdh (should have done that yesterday)
<hggdh> smoser, thank you, and no worries
<smoser> it took just over 6 hours yesterday and i just started "right now"
<zul> smoser: can you run the meeting today?
<smoser> yes.
<zul> smoser:merci
<Jeff_C_Linux> Help.... :) no I am updating openfire. I down the deb package. went to install install & I receive :  update-rc.d: warning: openfire stop runlevel arguments (0 1 6) do not match LSB Default-Stop values (1)
<SpamapS> Jeff_C_Linux: what is openfire?
<Jeff_C_Linux> I have read the a bug but it does not say have to work around execpt that it fix in natty
<Jeff_C_Linux> xmmp server
<Jeff_C_Linux> jabber*
<Jeff_C_Linux> http://www.igniterealtime.org/projects/openfire/
<hallyn> zul: i was about to ask smoser the same thing :)
<Jeff_C_Linux> i try to dpkg -i --force- but it still kills with that error
<SpamapS> Jeff_C_Linux: ok, well the message is just a warning. Its just telling you that it will be stopped at a different runlevel than the original author intended.
<Jeff_C_Linux> now the old one will not run I can not install the new one
<uvirtbot> New bug: #731310 in samba (main) "package samba-common 2:3.4.0-3ubuntu5.8 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/731310
<Daviey> smoser, Can you run the meeting today? :)
<SpamapS> smoser: can you run the EU parliament today?
<RoAkSoAx> morning all
<uvirtbot> New bug: #731324 in exim4 (main) "apt-get purge exim4 doesn't delete Debian-exim4 account" [Undecided,New] https://launchpad.net/bugs/731324
<bogeyd6> How can I set my server to automatically reboot every 2 hours? (Don't ask why, its weird, I know)
<patdk-wk> crontab -e, 0 */2 * * * reboot
<_ruben> a cronjob oughta do that task .. tho it wouldn't look at the uptime
<bogeyd6> i think i need to use /sbin/shutdown and not just shutdown
 * patdk-wk wonders what is so horribly wrong with it, that it needs a 2 hour reboot
<patdk-wk> it's like worse than windows :(
<bogeyd6> nothing is wrong
<bogeyd6> its by design :)
<bogeyd6> this is what i had in crontab * */2 * * * shutdown -r now
<bogeyd6> but,  09:22:00 up 17:57,  2 users,  load average: 0.41, 0.42, 0.39
<CharlieSu> Is it possible to use avahi-daemon to have two local hostnames?   box.local and other.local on the same server?
<uvirtbot> New bug: #724694 in drbd8 (main) "package drbd8-source 2:8.3.7-1ubuntu2.1 failed to install/upgrade: drbd8 kernel module failed to build" [Undecided,New] https://launchpad.net/bugs/724694
<uvirtbot> New bug: #725220 in nagios3 (main) "insecure img src in main.html" [Undecided,New] https://launchpad.net/bugs/725220
<uvirtbot> New bug: #726652 in nagios3 (main) "package nagios3-common 3.2.0-4ubuntu2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/726652
<uvirtbot> New bug: #728228 in samba (main) "package samba 2:3.4.0-3ubuntu5.8 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/728228
<uvirtbot> New bug: #730713 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 (not installed) failed to install/upgrade: le sous-processus script post-installation installÃ© a retournÃ© une erreur de sortie d'Ã©tat 1" [Undecided,New] https://launchpad.net/bugs/730713
<uvirtbot> New bug: #730716 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 (not installed) failed to install/upgrade: le sous-processus script post-installation installÃ© a retournÃ© une erreur de sortie d'Ã©tat 1" [Undecided,New] https://launchpad.net/bugs/730716
<Jeff_C_Linux> is there a way to fix this error:  openfire stop runlevel arguments (0 1 6) do not match LSB Default-Stop values (1) : It keep bonking my install of openfire
<progre55> hi guys. I was upgrading some packages on a remote server, and after a reboot, I get "connection refused" when trying to connecto to ssh.
<ivoks> almost got a heart attack
<ivoks> The following packages will be REMOVED
<ivoks>   vim
<ivoks> progre55: maybe it's still booting
<progre55> there was a package called "login" on the list.. so I'm thinking it has something to do with that?
<progre55> ivoks: it has been more than half an hour now..
<progre55> I can ping it, but cannot ssh
<ivoks> progre55: then something went wrong with booting
<ivoks> progre55: no open ports?
<SpamapS> ivoks: The following NEW packages will be installed because they are better than vim:
<SpamapS> emacs
 * SpamapS would like to let the record show that he is a vim  user ;)
<progre55> ivoks: nope =(
<ivoks> progre55: then something went wrong with booting
 * progre55 is a vim user, too
<progre55> ivoks: sux =( I'll never try upgrading production servers again.. ever1
<progre55> !
<ivoks> prodcution servers have ipmi
<progre55> ipmi?
<patdk-wk> ipmi is good
<ivoks> yes, serial over lan
<ivoks> or some other lights out management
<ivoks> lets you easily fix anything
<patdk-wk> ipmi/ilo/drac/....
<progre55> hmm.. I'll try asking our service provider if they have ipmi
<ivoks> but if you haven't heard of that, then it probably isn't configured :)
<progre55> oh, no it's not )
<ivoks> maybe your service provider knows better
<ivoks> if it's in datacenter, you might just get lucky :)
<patdk-wk> even if it's not enabled, your should be able to tell in lshw if it's installed
<progre55> yeah it is in a datacenter.. and one of the datacenter admins promised to physically drive there and try restarting it..
<ivoks> restarting probably won't help
<ivoks> you need someone that understands 'white text on blank screen'
<ivoks> black
<progre55> patdk-wk: I dont see anything related to the keywords "ipmi" running lshw =)
<progre55> ivoks: yeah the guy does.. and hope he's kind enough to try fixing it =)
<ivoks> progre55: what server is that? dell, sun, hp?
<patdk-wk> me neither, let me check what it's called
<ivoks> home made?
<progre55> honestly, dont know.. I just have remote access to it
<progre55> ivoks: not home-made though, it's a hosting by cybercom
<progre55> hosted by*
<patdk-wk> hmm, lshw doesn't show it, how strange
<patdk-wk> ipmi-locate :)
<progre55> let me try that..
<progre55> or.. are you just kidding? =)
<patdk-wk> no
<patdk-wk> IPMI Version: 1.5
<patdk-wk> IPMI locate driver: DEFAULT
<patdk-wk> IPMI interface: KCS
<patdk-wk> seems I have 4 interfaces to ipmi in this system
<progre55> oh.. well, I dont even have that command, so I'm guessing, no ipmi for me then =)
<patdk-wk> well, you have to install the ipmi package
<patdk-wk> it's in freeipmi-tools
<ivoks> openipmi-tools
<patdk-wk> I had issues with openipmi on this system
<ivoks> ups
<ivoks> i don't use it at all
<patdk-wk> I mainly use it to monitor fan/temp/volts
<patdk-wk> ah, here is a way without installing anything: dmidecode --type 38
<progre55> so, if it says "FAILED" on all the points, does it mean ipmi is not installed? )
<patdk-wk> most likely
<ivoks> ipmi is a device; you can't really install it
<ivoks> you need to buy it :)
<progre55> well I mean, attached
<progre55> or, set up
<patdk-wk> ivoks, depends
<patdk-wk> motherboard must have support
<patdk-wk> some motherboards the ipmi stuff comes as an extra addon, but most times it's built in if it's supported
<ivoks> on supermicro, it can be installed later
<ivoks> EOD :)
<progre55> well, thanks guys, appreciate
<progre55> I'll go convince the management to buy ipmi =)
<azertyy> hello there
<patdk-wk> ilo2 if you want to be really lazy :)
<azertyy> i can't ssh to my server
<azertyy> this is the error what i got : ssh_exchange_identification: Connection closed by remote host
<azertyy> during the authentification session
<oneseventeen> I have a new volume mapped to a certain location... how do I get all the specific details to add it to fstab?
<compdoc> just emulate whats aleady in fstab
<compdoc> you know the /dev/x and the filesystem, etc?
<oneseventeen> compdoc: I know it is /dev/sdb1 and is ext3
<compdoc> a lot of ppl use the UUID instead, because the /dev/x can change when you add drives, etc
<oneseventeen> I guess I'm also curious about what options to flag in fstab for this new volume.
<patdk-wk> hell, mine change each reboot (damned usb flash card reader)
<oneseventeen> patdk-wk: this is for that iSCSI volume I connected to yesterday.
<patdk-wk> blkid
<patdk-wk> copy uuid into fstab
<patdk-wk> everything else you should probably know
<oneseventeen> actually I don't know what the options should be.
<patdk-wk> options?
<patdk-wk> well, what options did you use when you manually mounted it?
<patdk-wk> mount -o xxxxxx
<oneseventeen> I didn't use any options
<patdk-wk> then just say, defaults
<compdoc> do you need fstab for iscsi volumes? been a while since I used iscsi
<patdk-wk> compdoc, have to mount them somehow
<patdk-wk> and all filesystems should be in fstab, as far as I care
<compdoc> last time was when I accidently connected to an iscsi that was already connected to another server - screwed up the volume
<patdk-wk> compdoc, fix your iscsi target permissions then :)
<Magnus> Hi
<patdk-wk> or use a filesystem that is made for that :)
<compdoc> naw, I dont really need iscsi, as it turns out
<compdoc> too dangerous
<Magnus> I am not even sure if this is the best IRC-channel for my questions. Where should I post questions on Ubuntu and ISPconfig 3?
<greppy> Magnus: I'd probably aim for the ISPconfig forums or mailing list.
<patdk-wk> I can't find ispconfig in ubuntu
<Magnus> It's something I found in How-to forge. http://www.howtoforge.com
<patdk-wk> hmm, ispconfigs idea of a perfect server and mine conflict
<Magnus> I guessed that much: that ISPconfig isn't the good system for everyone
<Magnus> I was aiming for a simple webmin system, but since it have been abandoned, I have to find a new.
<uvirtbot> New bug: #731437 in dhcp3 (universe) "DHCP Client does not read search domain list" [Undecided,New] https://launchpad.net/bugs/731437
<Magnus> I have found that ISPconfig doesn't update well.
<Magnus> Does anyone of You know of SysCP?
<greppy> Magnus: if you are looking for a hosting control panel, you might want to take a look at http://froxlor.org
<oneseventeen> patdk-wk: any tips on auto-connecting the iSCSI mount?
<oneseventeen> apparently adding to fstab doesn't help if the drive doesn't mount... oops!
<Magnus> Thanks! Any advice is helpful. The only thing I really need is a good manual of all operations. I hate making a manual myself for anyone else working on the system.
<kirkland> zul: ping
<patdk-wk> oneseventeen, hmm, in my cases, it always auto-connected on boot
<compdoc> I thought the iscsi software automatically conencted to volumes at boot
<oneseventeen> patdk-wk: I'm connecting via iscsiadm -m node --targetname {targetname} --portal {portal IP} -l
<oneseventeen> do I need to do anything other than that?
<oneseventeen> noob question: how do I mount based on fstab?
<Magnus> bye
<oneseventeen> mount -a
<oneseventeen> it was on my screen, just had to read it..
<oneseventeen> ouch!!!!
<oneseventeen> I set iscsiadm to autoconnect and it attempting autoconnecting to ALL volumes!
<hallyn> kirkland: people.canonical.com/~serge/qemu-kvm-0.14.0+noroms-package.tgz is what i'm thinking of uploading
<kirkland> hallyn: congrads on the shiny new upload privs :-)
<hallyn> kirkland: last i checked they were not yet in effect :(
<hallyn> but thanks :)
<kirkland> hallyn: i can't look at it this moment, but i will, if you like, before uploading
<hallyn> kirkland: thanks.  I assume I need to file an FFE in any case?
<kiffa> hi
<kiffa> is ubuntu also free for black ppl ?
 * RoAkSoAx off to lunch
 * hallyn out for lunch
<mray> RoAkSoAx: http://robhirschfeld.com/2011/03/08/unboxing-openstack-clouds/ is what I was talking about previously
<mray> no reason it has to do OpenStack, it's a framework for bare-metal to bios to provisioned operating system
<mray> uses PXE
<RoAkSoAx> mray: let's see...
<RoAkSoAx> mray: interesting indeed
<mray> I believe next month is when it finally goes open source (apache2) at the OpenStack Design Summit
<RoAkSoAx> cool zul will be there
<_ruben> holy crap .. find -exec rm {} \; sure doesn't seem to be a very fast solution .. 7.5 hrs and still going .. all it needs to do is delete 3 milion files totalling 17G
<uvirtbot> New bug: #731528 in squid (main) "package squid 2.7.STABLE7-1ubuntu12.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/731528
<hallyn> _ruben: sometimes mkfs is faster :)
<_ruben> hallyn: haha, i'll be sure to try that next time ;)
<SpamapS> s/sometimes/most of the time/
<_ruben> SpamapS: it kinda depends on "certain overheads" to achieve a given goal i guess
<SpamapS> _ruben: right, I'd say its at a few hundred files/directories, or a few hundred MB of data where mkfs becomes faster.
<_ruben> bugger .. the recovery option on the server cd only offers a busybox shell .. no apt/ssh/whatever
<SpamapS> _ruben: you can mount your filesystems and get most of that.
<_ruben> SpamapS: not when it's vm with empty disks .. the contents of the disks i'll be transfering off another box
<_ruben> (migrating old legacy system from phys to virt)
<lifeless> SpamapS: hey
<_ruben> i really oughta setup a pxe/nfs environment for stuff like this
<lifeless> SpamapS: remember how haproxy didn't need changing to backport ...
<lifeless> SpamapS: would you like the bad news?
<SpamapS> lifeless: No I'd like you to lie to me, please.
<SpamapS> _ruben: all you need is netcat and tar. ;)
<lifeless> SpamapS: ok, I'll lie. The CAT repository accepts source format 3, so its all copacetic.
<SpamapS> :)
<_ruben> ah. netcat (well, nc) *is* there
 * _ruben rubs eyes
<SpamapS> _ruben: rsync would even be better
<SpamapS> lifeless: remind me what CAT is?
<lifeless> SpamapS: so yeah, we need a format 1 version for tom to upload to cat - the canonical sysadmin archive
<SpamapS> ahhh
<lifeless> SpamapS: there are two, and only two, sources for packages in the datacentre - a mirror of lucid, and the cat archive
<SpamapS> ahh
<lifeless> deploy a package from a ppa in the dc means 'somewhere lamont can copy-source-cross-archive-to-cat'
<_ruben> SpamapS: yeah, but that's not avail in the recovery shell
<SpamapS> lifeless: while the source format is 3.0 (quilt) .. there are no patches.. so simply changing debian/source/format to '1.0' whould be sufficient.
<SpamapS> _ruben: perhaps a better way to do this is simply a live cd.
<lifeless> SpamapS: thanks
<_ruben> SpamapS: downloading one as well, in case the current netcat/tar would fail ;)
<_ruben> 2 very simple but mighty versatile swiss army knives
<hggdh> Daviey, there still?
<SpamapS> _ruben: about 10 years ago I migrated a box with     # tar --exclude=dev --exclude=proc --exclude=sys -cf - | nc otherbox 9999  .. and the reverse command on the other side.
<SpamapS> err.. there's a '/' there too
<SpamapS> Though after I finished, i rsynced too, and found 1 file had a bit level error in it.
<_ruben> SpamapS: the nc/tar will be the initial conversion, once i get the clone booting, etc, i'll do a last rsync with the various file-changing-services stopped :)
<oneseventeen> Does anyone know how to make open-iscsi reconnect to one (and only one) specific iSCSI target on boot?
<phoenixsampras> what is a good router software?
<highvoltage> phoenixsampras: vyatta
<phoenixsampras> easy to config?
<highvoltage> depends what you need and what you mean by easy.
<phoenixsampras> lets say a webconsole, and just to make a vpn and router for home
<highvoltage> hmm, not sure, but hang around, there's bound to be someone in this channel with a good suggestion for that :)
<phoenixsampras> yeh, something very for dummies plz
<Daviey> hggdh, yes
<hggdh> Daviey, I am taking over (actually, already have) sapodilla and soncoya
<oneseventeen> is there a way to *really* uninstall/remove all settings for a package?
<oneseventeen> I just uninstalled open-iscsi, and upon reinstall it is trying to set up iSCSI targets
<oneseventeen> my whole point of uninstalling was to flush any memory of targets as it is tryign to connect to targets that are in use on other production servers
<hggdh> oneseventeen, apt-get purge <package>
<oneseventeen> hggdh: awesome, that worked perfectly!
<hggdh> oneseventeen, glad to be able to help
<Daviey> hggdh, free free to have all of them :)
<uvirtbot> New bug: #731572 in php5 (main) "php5-fpm chokes on missing /var/www" [Undecided,New] https://launchpad.net/bugs/731572
<hggdh> Daviey, right now, no need, two of them is enough to play with the newly-available command-line options to euca
<Daviey> hggdh, heh
<oneseventeen> do any of you use open-iscsi? just trying to sort out how to auto-login to a single target vs. all discoverable targets
<Patrickdk> oneseventeen, that I never solved, it mounts all luns, and I never found a way to limit it
<Patrickdk> but then, it never bothered me either
<oneseventeen> thanks...
<oneseventeen> I may just not use iSCSI in linux if that winds up being the case.
<oneseventeen> we have about 10 targets on our SAN that each belong to a different server.
<oneseventeen> definitely messes things up when my linux server suddenly connects to all targets
<pmatulis> oneseventeen: yes, of course you can
<oneseventeen> pmatulis: might you know how?
<oneseventeen> I'm in the process of uninstalling and starting over from scratch without using an iSCSI volume
<oneseventeen> (and just hoping I don't need that extra space)
<pmatulis> oneseventeen: simply update the record id for the targets you want
<oneseventeen> pmatulis: SWEET!
<oneseventeen> I searched the man page for record ID and found how to make a specific target startup automatically.
<oneseventeen> just rebooted and it started up just fine.
<pmatulis> oneseventeen: keep on truckin'
<oneseventeen> seriously... mentioning that I needed to update the record ID helped me find something that I've been looking for all day yesterday and today
<oneseventeen> (although, I've only had an hour or so at my desk today, but still)
<uvirtbot> New bug: #731616 in cobbler (universe) "koan crashed with ImportError in __main__: No module named koan.app" [Undecided,Confirmed] https://launchpad.net/bugs/731616
<uvirtbot> New bug: #731620 in cobbler (universe) "koan crashed with ImportError in /usr/lib/python2.7/dist-packages/koan/configurator.py: No module named yum" [Undecided,New] https://launchpad.net/bugs/731620
<lamont> lifeless: the -cat repository accepts format 3 packages in that I repackage them to format 1.0 when I upload them...
<lifeless> lamont: right, see the haproxy rt I filed.
<lamont> joy
<lifeless> lamont: mthaddon was asking for haproxy1.4 to be format 1-ised for upload to CAT
<lifeless> lamont: but as SpamapS says this should be trivial... perhaps you have a few minutes to do that ?
<lamont> 1) dpkg-source -x haproxy_${mumble}.dsc; echo 1 > haproxy-$mumbleish/debian/source/format; repackage
<BDaughtry> can anyone tell me what the Glib C is for the latest version. We are thinking of using it for an erp software we are buying. they erp software company needs this info so they can tell us if it will work
<lamont> 3.0 formats all unpack to patched source
<lamont> ii  libc6                    2.13-0ubuntu4            Embedded GNU C Library: Shared libraries
<lamont> BDaughtry: that's what it says on the natty box I'm looking at
<BDaughtry> oh ok thanks alot!
<lifeless> lamont: right but I can't upload to CAT, can I ?
<lamont> lifeless: I seriously doubt it.
<lamont> as in, no/
 * lamont is working on some other tickets, but any of the losas has the technology for dealing with the backport, too
<lifeless> lamont: right, though spm is off :)
<lifeless> lamont: if I can nab a few minutes from e.g. chex, could you step him through it?
<lamont> yeah, I remember hearing that
<lamont> bah.  what's the ticket number?
<lifeless> lamont: 44376
<navanjr> can i move my EC2 Instance to UEC?
<hggdh> RoAkSoAx, there still?
<RoAkSoAx> hggdh: yes
<RoAkSoAx> hggdh: what's up?
<hggdh> RoAkSoAx, yet another bug on eucalyptus-common (related to the import admin you just fixed, I guess)
<RoAkSoAx> hggdh: bug #?
<hggdh> opening now
<RoAkSoAx> hggdh: oki doki ;)
<hggdh> RoAkSoAx, bug 731672
<uvirtbot> Launchpad bug 731672 in eucalyptus "missing depends -- python-psutil" [Undecided,New] https://launchpad.net/bugs/731672
<RoAkSoAx> hggdh: that's an easy one
<RoAkSoAx> >P
<hggdh> RoAkSoAx, and yet another import error from admin, at the end
<hggdh> RoAkSoAx, I know :-)
<hggdh> Even I could fix this one :-)
<RoAkSoAx> hggdh: alrighty I prepare a patch and good timning btw cause I was planning to do another thing to the packaging but wasn't worth it the upload if it was just that tone
<RoAkSoAx> hggdh: btw.. try more commands to see if there's any other python module missing
<hggdh> RoAkSoAx, that's what I am doing ;-)
<RoAkSoAx> :)
<hggdh> RoAkSoAx, you notice the additional error at the end?
<RoAkSoAx> hggdh: ImportError: cannot import name local
<hggdh> yes
<RoAkSoAx> hggdh: yeha will deal with it too... I wonder for how many releases was this not available :)
<RoAkSoAx> hggdh: i need to file a bug in upstream for them to use the correct python dirs for the modules, they install them in /usr/sbin when they shouldn/t
<hggdh> RoAkSoAx, *this* one, IDK. For euca-admin... some ;-)
<hggdh> RoAkSoAx, as far as I can remember, upstream for Euca is here -- just "also affects project" on euca
<RoAkSoAx> hggdh: this ones are obviosly because we were lacking euca-admin and that;'s what I meant... ("It's been so long that we are just realizing of the missing python modules and stuff")
<RoAkSoAx> hggdh: their Makefiles are the ones that should be corrected
<hggdh> oh, OK
<RoAkSoAx> Daviey: ping
<RoAkSoAx> hggdh: euca-admin is only used in the CLC?
<hggdh> RoAkSoAx, I would expect so (or remotely)
#ubuntu-server 2011-03-09
<RoAkSoAx> hggdh: maybe is gonna be best to take that out from eucalyptus-common into a new package
<Daviey> RoAkSoAx, o/
<RoAkSoAx> Daviey: ok so I was thinking, what's the purpose of euca-* commands?
<RoAkSoAx> Daviey: are those to be run only
<RoAkSoAx> on the CLC
<RoAkSoAx> or on any machine that install eucalyptus-common?
<hggdh> RoAkSoAx, euca-* could be run remotely
<hggdh> from a machine external to the cloud
<hggdh> the hell is that there are euca-* in euca2ools and in eucalyptus*
<RoAkSoAx> hggdh: uhmmm
<hggdh> RoAkSoAx, nothing prohibits you from installing euca2ools on your laptop and using it there to control an Eucalyptus cloud elsewhere (or EC2)
<RoAkSoAx> hggdh: ok so as far as I can see the
<RoAkSoAx> python module euca_admin is only shipped with the eucalyptus source
<hggdh> yes. It seems to be used by some *other* euca-* -- like add-user, delete-user, and perhaps others --
<RoAkSoAx> while euca2ools ships a whole set of euca-* commands that do not use the euca_admin module
<hggdh> yes
<hggdh> these seem to be restricted to running under the cloud
<RoAkSoAx> Daviey: hggdh so what we could do is separate those euca-* commands and moduel into a separate packages and maybe from euca2ools also install them/it as a Dependency
<RoAkSoAx> hggdh: right euca_admin module seems to be run under the could
<hggdh> RoAkSoAx, I would like to know *why* eucalyptus split the euca-*, first of all
<RoAkSoAx> hggdh: because those binaries that use euca_admin seem to be only for the CLC: the source is organized as: /clc/tools/src/euca_admin/
<hggdh> before we go and split them. the euca-* admin functions would -- most probably -- be restricted to the CLC, I do not know why
<hggdh> since -common is installed in the CLC, there is no missing dependency
<RoAkSoAx> hggdh: whose the contact in eucalytpus for this?
<hggdh> RoAkSoAx, Dmitrii, or Daniel, IIRC
<RoAkSoAx> hggdh: right but -common is also installed in the NC,CC,walrus, sc
<RoAkSoAx> hggdh: nicknames?
<hggdh> hum
<hggdh> on the #eucalyptus channel...
<hggdh> cerealkllr is, I think, Daniel
<hggdh> deckie is from Eucalyptus, but I do not remember his name... Chris?
<hggdh> I do not see any that I would associate with Dmitrii, but I do not remember even chatting with him
<hggdh> RoAkSoAx, another bit of data: I can create an user with euca-add-user, but the user is created disabled, and I cannot see how to enable it :-(
<RoAkSoAx> hggdh: ok so I guess the best is to separate the euca-* binaries shipped in eucalyptus-common into its own separate package
<RoAkSoAx> Daviey: ^^
<hggdh> RoAkSoAx, I agree. But, for consistency, euca-get-credentials should be in this new package, should it not?
<RoAkSoAx> hggdh: I believe it should
<hggdh> and we should add a depends on eucalyptus so that it would be autoinstalled on the CLC
<RoAkSoAx> eucalyptus-admin-tools probably
<RoAkSoAx> hggdh: yeah
<hggdh> probably on eucalyptus-cloud (I guess)
<RoAkSoAx> hggdh: i guess we should add the depend in eucalyptus-cloud
<benlake> situation: 6.06 md raid1 + lvm + lilo, worked great for 2 years sans kernel updates... finally decided to update kernel, reboot, hosed. Cannot boot, not even the backup kernel which is awesome. Two things that concerned me when doing updates was for lvm2 and udev. I probably should of known better with lvm2 since its metadata is not backwards compatible and apparently lilo freaked. udev, well, that also caused lilo to freak do to dev
<benlake> mapping changing on it, it threw warnings, but internet said it was ok to ignore. Long story short, I have a perfectly valid md array and lvm(2?) setup that I can reliably access in rescue mode, but I cannot, for the last 10 hours, get lilo to run so I can install an new/old/different kernel image.
<hggdh> yeah
<benlake> if anyone would be so kind, I would gladly buy something off their wishlist as this is killing me.
<RoAkSoAx> hggdh: lest see what daviey says about this
<hggdh> RoAkSoAx, yup. I am not sure this is the right moment...
<hggdh> RoAkSoAx, meanwhile... bug 731702
<uvirtbot> Launchpad bug 731702 in eucalyptus "euca-add-user adds a new disabled user, and there is no visible way to enable it " [Undecided,New] https://launchpad.net/bugs/731702
<hggdh> :-)
<RoAkSoAx> hggdh: hehe alrighty will take a look at it tomorrow
<hggdh> and this is it for today. Gonna watch some Family Guy now :-)
<RoAkSoAx> hggdh: same here :P
 * benlake sobs a bit
<rnigam> any comments on setting up bridge network for kvm guests anyone?
<rnigam> ubuntu-server is the host and the guest
<pmatulis> rnigam: did you try the ubuntu kvm docs?
<rnigam> pmatuils: Going through them but I must confess don't have an indepth networking knowledge.
<rnigam> So my network admin has given me a set of ips that I can use for vm's i am creating
<rnigam> Do I still need a bridge?
<rnigam> according to the ubuntu kvm docs
<rnigam> eth0 must be set manual and br0 must have static address with bridge_ports=eth0 set! so does this mean all my vms traffic will pass through the br0 interface?
<w1k3d> I would like to use the EBS version of Ubuntu 10.10 for Amazon EC2. Does that VM have the entire OS stored on EBS (i.e., will stuff I install be persistent)?
<pmatulis> rnigam: you want a bridge if you need to be able to contact the guests from an external host (ex: ssh into the guest)
<pmatulis> w1k3d: no, the OS will not reside on the EBS volume.  to do that, you need to do some special trickery
<w1k3d> pmatulis: How can I put everything on EBS?
<w1k3d> or, be able to save the modified image
<erichammond> w1k3d: Yes, The OS will reside on the root EBS volume if you are running an EBS boot instance.  Your entire file system will persist except for (by default) things under /mnt which is the ephemeral storage.
<w1k3d> oh, i see
<erichammond> "will persist" = through stop/start cycles, but not (by default) if you "terminate" the instance.
<w1k3d> i wasn't sure if "EBS" instance meant that there was just an EBS volume mounted or if it meant everyting was on EBS.
<w1k3d> what's the difference?
<ddbt86> good day, is there someone willing to help me setup a VPS for Ruby on Rails?
<ddbt86> or at least answer some questions about the process..
<erichammond> w1k3d: I don't understand the question.  When you run an EBS boot instance the root file system is on an EBS volume.
<pmatulis> w1k3d: sorry, i thought you were using UEC
<w1k3d> ok, that's what i wanted
<w1k3d> but why will terminating cause me to lose my data?
<erichammond> w1k3d: If you "terminate" the instance, then EC2 deletes your EBS volume (by default).  If you "stop" the instance, the volume is still there and you can "start" the instance again.
<w1k3d> ah, i see. That's quite tricky naming.
<w1k3d> thanks
<erichammond> w1k3d: It is possible to keep your EBS volume around if you modify some instance attributes before terminating, but it's rare you want that.
<erichammond> w1k3d: I wrote some related info here: http://alestic.com/2010/01/ec2-instance-locking
<Patrickdk> isn't the normal way to back it up to s3 if you wanted to keep it?
<KurtKraut> pmatulis, w1k3d, a t1.micro is fully hosted and bootable in a EBS image.
<erichammond> Patrickdk: It is possible to create EBS snapshots of any EBS volume (including the root EBS volume on an EBS boot instance).  EBS snapshots are stored in S3 (eleven 9's of reliability).
<patdk-lap> I totally dont get google
<patdk-lap> something keeps accessing my webserver, from a google owned ip block
<patdk-lap> but it's not googlebot or something
<patdk-lap> it has no ptr for the ip, and that is odd for google
<patdk-lap> but it does several hundred http connections per second
<patdk-lap> today from ip's 72.14.194.17 and 72.14.194.18
<KurtKraut> patdk-lap, nmap on those IPs outputs something useful?
<benlake> so while booting, lvm dies complaining about a pv it can't find and the system drops into busybox
<benlake> 6.06, the only lvm command I have is vgchange, which I do a vgchange -ay --partial and get root/boot/swap active, but I have no other lvm programs to remove the disk (that isn't really in use) and I'm not sure how to continue booting. Any ideas?
<patdk-lap> All filtered.
<lifeless> benlake: hmm, I'm not sure
<lifeless> benlake: the lvm master command should be present
<benlake> lifeless: sadly, it is not
<EvilPhoenix> anyone know why postfix can't send email, and generates this error when trying to send via CLI?  postdrop: warning: unable to look up public/pickup: No such file or directory
<patdk-lap> you really messed with the config file pretty good
<patdk-lap> and messed up master.cf
 * EvilPhoenix grumbles
<EvilPhoenix> the original sendmail package that was packaged with ubuntu didnt work either
<ScottK> The postfix package as shipped has no such problems, so the configuration or something else has been changed.
<EvilPhoenix> i've run dpkg-reconfigure on it 8 times
<EvilPhoenix> still seems to be f'd
<EvilPhoenix> the issue occurred with the out-of-the-box sendmail package which postfix replaced
<EvilPhoenix> any idea how i can fix this?
<ScottK> Purge it (sudo apt-get purge postfix), make sure any residual files in /etc/postfix are removed, then reinstall postfix.
<ScottK> You can't install postfix and sendmail packages at the same time.
<EvilPhoenix> i know that
<EvilPhoenix> this issue was already existent prior to apt-get purge sendmail; apt-get install postfix
<roasted_> I changed my DHCP range on my Ubuntu server, but when I PXE boot systems to it, it grabs the old range. What do I have to change for PXE to use the new range?
<twb> EvilPhoenix: that sounds like one of postfix's spool directories is buggered (e.g. doesn't exist, or bad ownership/permissions)
<twb> EvilPhoenix: #postfix would probably have a better idea
<EvilPhoenix> twb:  strange thing is it happens on a Debian Squeeze box too, which makes me thing its a more global issue, like f'd disk images or something
<EvilPhoenix> twb:  i'll take a look there later, thanks
<roasted_> nobody familiar with pxe boot?
<twb> roasted_: the ubuntu server is the DHCP and TFTP server?
<roasted_> twb, yes
<roasted_> Im using LTSP. The clients PXE boot to it and pulls down the Ubuntu image accordingly.
<roasted_> I'm setting up a test environment here at home, but I use 1.X here at home so I wanted to change the third octet of 0's to 1's so I could get through the gateway etc.
<roasted_> But now that I did that, when I PXE boot, it's still looking for 0.X
<roasted_> So I got to wonder if I needed to edit a PXE file to for 1.X usage since I changed the range.
<twb> I don't know what you mean by "0.x" and "1.x"
<roasted_> 192.168.0.X vs 192.168.1.X
<twb> You shouldn't use either of those, because EVERYONE uses them
<roasted_> that's the point
<roasted_> Im setting up a test environment here. at home.
<roasted_> I use 192.168.1.X, so I WANT to use that to mesh up with the network.
<roasted_> But with 0.X I'm unable to get through the gateway. I cant install updates, etc.
<roasted_> So I swapped my DHCP range and IP on the server to be 192.168.1.X but the PXE boot still pulls 192.168.0.X addresses
<twb> Er, DHCP and PXE do not work across gateways
<roasted_> well when I have a static IP of 192.168.0.254 (it assigned this by default with LTSP) I cant get external access
<roasted_> and I want external access...
<twb> But if you're getting a DHCPACK in 192.168.0/24 from the DHCP server, it's because you haven't reconfigured it properly
<twb> roasted_: you cannot simply statically assign an address at random and have return packets routed back to you
<roasted_> I think Im missing a file
<roasted_> because I need a gateway, right
<twb> No
<twb> You need to reconfigure the router to handle 192.168.0/24 as well as 192.168.1/24
<twb> If you add a gateway, you packets will get out, but the response packets will never get to you because your router won't know you exist
<roasted_> I'd rather just switch to 1.X since I may have to do it at work anyway when I most the setup there
<roasted_> so I'd like to learn how to swap the entire range
<twb> I'm not stopping you
<roasted_> how would I do it in ubuntu alone, taking pxe out of it
<roasted_> change the DHCP range that is
<twb> That depends what DHCP server you're using
<roasted_> Im using ubuntu for the dhcp server.
<twb> Ubuntu ships several.
<roasted_> dhcp3
<twb> Dunno
<roasted_> how do I find out what Im using
<twb> netstat -nlp, look at what is LISTEN on the UDP bootps port
<twb> Which is port 67
<kieppie> hi guys. I'm looking for details on kernel versions: server, generic, virtual, preempt. where an I find details & differences re each?
<roasted_> so does anybody know how to change the dhcp scope in ubuntu?
<Datz> kieppie: there's stuff out there. I really haven't found too much. but there's this dated piece: http://www.serverwatch.com/tutorials/article.php/3716396/Ubuntu-Server-Kernel-Comparisons-and-Implementation-Issues.htm
<kieppie> thanks Datz
<Datz> np
<Datz> oh I guess that isn't from the start of the article
<Datz> kieppie1: I guess you could follow the method they do in the article to figure out the difference. If you do, you might write an article for the rest of us. :P
<kieppie1> thnx
<kieppie1> Datz: I just find it hard to believe such a basic, fundamental & critical function is totally undocumented
<Datz> kieppie1: yea, maybe I just haven't found more on it. It's been awhile since I looked
<uvirtbot> New bug: #731763 in openldap2 (main) "libldap-2.4-2 does not install" [Undecided,New] https://launchpad.net/bugs/731763
<twb> kieppie1: simply install them and diff the /boot/config-* files
<Datz> yea, that's what they did in the article.. I may have to do this..
<twb> kieppie1: compared to generic, server has PAE enabled, and virtual has a number of drivers and things disabled (because they don't exist on virtual systems)
<kieppie1> orly? reinventing the wheel much rather than rtfm? i.e. does the virtual refer to the kernel suited for virt hosts or clients (diff totally undocumented)? I know server is for server & generic suitable for desktops.
<kieppie1> I'd like to rtfm, if only fm's on subject were available
<twb> kieppie1: why would a diff need to be documented?
<twb> kieppie1: it's an automated process
<Datz> doesn't need to be, but it would be nice :)
<kieppie1> because it's an option available @ install, & I've encountered similar choices in the past. I've usually gone with server or generic, but I'd like to have a better idea of the choices I'm making
<kieppie1> this goes some way towards addressing the question: http://www.phoronix.com/scan.php?page=article&item=ubuntu_lucid_kernels&num=1
<kieppie1> not the simple answer for the simple question posed, but will have to do...
<phoenixsampras> how to upgrade from 10.04 to 10.10 ?
<twb> !upgrade
<ubottu> For upgrading, see the instructions at https://help.ubuntu.com/community/UpgradeNotes - see also http://www.ubuntu.com/desktop/get-ubuntu/upgrade
<uvirtbot> New bug: #731849 in cloud-init (main) "CloudConfig.setup_user_keys should not hardcode the authorized_keys location" [Undecided,New] https://launchpad.net/bugs/731849
<airtonix> phoenixsampras: i like to sacrifice virgin chickens and fry amputated frog legs then hope for the best after clicking upgrade
<uvirtbot> New bug: #731859 in squid (main) "package squid 2.7.STABLE7-1ubuntu12.2 failed to install/upgrade: el subproceso instalado el script post-installation devolviÃ³ el cÃ³digo de salida de error 1" [Undecided,New] https://launchpad.net/bugs/731859
<memoryleak> I get Error # 500 instead of 404 when i try to access a non-exisiting file - what could cause the problem? it's the default installation of 10.04 LTS withouth modification in config
<memoryleak> forget to write that i'm using apache2
<joschi> memoryleak: could be some rewrite rule or an invalid/non-functioning ErrorDocument
<joschi> memoryleak: check your error log
<memoryleak> i switched to LogLevel Debug and i get "redirected from r->uri = /index.php"
<memoryleak> but there is no .htaccess file
<joschi> memoryleak: the apache httpd configuration doesn't only consist of .htaccess files
<memoryleak> there is no redirect in <VirtualHost> either
<joschi> memoryleak: ErrorDocument, RewriteRule etc.
<memoryleak> did grep -ir index.php /etc/apache2/ and got something in dir.conf
<memoryleak>  /etc/apache2/mods-available/dir.conf:          DirectoryIndex index.html index.cgi index.pl index.php index.xhtml index.htm - and that's it
<memoryleak> i have this issue on all sites
<memoryleak> ok solved the problem  - there was an .htaccess in the parent folder of the document_root, thanks for your help joschi
<uvirtbot> New bug: #731878 in amavisd-new (main) "amavis force-reload crashes amavis" [Undecided,New] https://launchpad.net/bugs/731878
<uvirtbot> New bug: #731879 in libpam-ldap (main) "libpam-ldap depends on ldap-auth-client" [Undecided,New] https://launchpad.net/bugs/731879
<kim0> hallyn: is it a lot of work to rebuild your ppa pkgs after syncing with spice-0.8 and the updated kvm
<joeskil> hello. Anyone here who has any help to offer or any tips for retrieving data from a hacked server?
<TheInfinity> joeskil: ask your provider to backup everything. then reinstall the complete server.
<joeskil> hehe. I am the provider. it is my testing-server. but on it, I had a little phpBB forum, and I don't know how to get to my SQL data
<TheInfinity> joeskil: give yourself admin rights to mysql and dump the complete db?
<joeskil> TheInfinity: yes, off course... But there will be no harm done if I hook up the server again? I mean. can I prevent the hack attacks from happening while working on  the server?
<joeskil> TheInfinity: And thanks. I really didn't think of the DB dumping....
<TheInfinity> joeskil: you really should rethink about your server security, yes. and i would have a look at the dump if theres strange data in it.
<joeskil> TheInfinity: Thanks. It should be quite easy to get the data, as there are only 3 users on the phpBB
<joeskil> TheInfinity: I have, after the attack, installed a Smoothwall firewall on my network. and, also tightened the security in accordance to how-to's on the net
<TheInfinity> joeskil: yea, things like always updated software (also phpbb software) + no ssh password login + fail2ban + ... are essential.
<joeskil> TheInfinity: Thanks. I am learning... so sad I lost the setup just now before I made any backup. Well. lesson learned
<kirkland> hallyn: no FFe needed, as you had the release candidate in the archive before FF;  here we're just bumping from an RC to the GA, which is generally desirable, no new features added
<kirkland> hallyn: i just built/tested, i'm uploading now
<kim0> kirkland: are you talking about spice ?
<kirkland> kim0: um, no, i don't think so
<kim0> ok
<kirkland> kim0: just hallyn's qemu-kvm-0.14 upload
<kim0> well that's the one that was built with spice suport
<uvirtbot> New bug: #669940 in keyutils (main) "Keyutils is not installed automatically when upgrading 10.04 > 10.10" [Medium,Invalid] https://launchpad.net/bugs/669940
 * Daviey ^5's kirkland for 0.14.0+noroms-0ubuntu2.
 * kirkland ^5s Daviey because he is awersome
 * kirkland adds an "r" to awesome so that he speaks in Queen's English
<Daviey> heh
 * jpds wonders if the Queen has said 'awesome' in the past.
<joeskil> TheInfinity: Have you got another minute? I booted up my old server, and hooked it to the network behind smoothwall so that it can only send and receive on LAN, no data beyond the firewall.
<joeskil> TheInfinity: But the hackers have somehow prevented MySQL from starting, and I don't have privelieges to start my own SQL daemon
<TheInfinity> have to go now. sorry. :)
<joeskil> TheInfinity: Oh ok. Thanks anyway. Thanks a bunch!
<remix_tj> joeskil: what's the problem with mysql start?
<joeskil> remix_tj: will cut/paste in a few secs
<remix_tj> k
<joeskil> sudo /etc/init.d/mysql restart  * Stopping MySQL database server mysqld                                 [ OK ]   * Starting MySQL database server mysqld                                 [fail]
<remix_tj> joeskil: try this
<Daviey> jpds, Didn't you listen to last years Queen's speech?  "This has been an awesome year" ... she said it.
<Daviey> joeskil, You have admin access on the server?
<remix_tj> joeskil:  sudo mysqld --verbose
<joeskil> yes. as far as I know. it is my server
<joeskil> :D
<Daviey> joeskil, I was responding to, "I don't have privelieges to start my own SQL daemon"
<remix_tj> joeskil:
<joeskil> Daviey: yes. that was badly put. I have root access, but with root, I can't start my MySQL. in /var/log/messages it suggests that I am denied:
<joeskil> Daviey: Mar  9 13:00:10 punkbuster kernel: [ 1596.372384] type=1503 audit(1299672010.149:115): operation="inode_permission" requested_mask="r::" denied_mask="r::" fsuid=0 name="/sys/devices/system/cpu/" pid=5755 profile="/usr/sbin/mysqld"
<joeskil> remix_tj: joe@punkbuster:~$ sudo mysqld --verbouse 110309 13:05:35  InnoDB: Started; log sequence number 0 9656380 110309 13:05:35 [ERROR] mysqld: unknown option '--verbouse' 110309 13:05:35 [ERROR] Aborting  110309 13:05:35  InnoDB: Starting shutdown... 110309 13:05:36  InnoDB: Shutdown completed; log sequence number 0 9656380 110309 13:05:36 [Warning] Forcing shutdown of 1 plugins 110309 13:05:36 [Note] mysqld: Shutdown comp
<remix_tj> joeskil:
<remix_tj> sudo mysqld_safe --verbose
<joeskil> remix_tj: joe@punkbuster:~$ sudo mysqld_safe --verbose 110309 13:06:47 mysqld_safe Logging to '/var/lib/mysql/punkbuster.err'. 110309 13:06:47 mysqld_safe Starting mysqld daemon with databases from /var/lib/mysql 110309 13:06:49 mysqld_safe mysqld from pid file /var/run/mysqld/mysqld.pid ended joe@punkbuster:~$
<remix_tj> joeskil: tail /var/log/punkbuster.err
<remix_tj> sorry
<remix_tj> joeskil: tail /var/log/mysql/punkbuster.err
<joeskil> remix_tj: no such file
<remix_tj> but wait
<remix_tj> joeskil: /etc/apparmor.d/usr.sbin.mysqld
<remix_tj> joeskil: copy the content of that file to http://paste.ubuntu.com/
<joeskil> remix_tj: http://paste.ubuntu.com/577807/
<remix_tj> joeskil: is not a command, is a file...
<remix_tj> copy the content of that file
<joeskil> remix_tj: http://paste.ubuntu.com/577809/
<remix_tj> joeskil: add this row before the last }
<remix_tj> /sys/devices/system/cpu/ r,
<remix_tj> then launch sudo /etc/init.d/apparmor restart
<joeskil> remix_tj: done
<joeskil> remix_tj: any other tips?
<joeskil> remix_tj: http://paste.ubuntu.com/577813/
<remix_tj> joeskil: did you add?
<remix_tj> oh yes
<joeskil> remix_tj: yes
<remix_tj> joeskil: now restart apparmor sudo /etc/init.d/apparmor restart then start mysql
<remix_tj> now is starting my lunchtime
<remix_tj> i'll be back in 2 hours
<joeskil> remix_tj: http://paste.ubuntu.com/577814/
<joeskil> oh shoot...
<hallyn> kim0: no, what kirkland uploaded was not with spice support
 * kim0 nods
<hallyn> kirkland: awesome,thanks :)
<kirkland> hallyn: np
<kim0> hallyn: not sure if you've read the messages I left yesterday. Basically win7 works fine with spice with/without qxl driver (Great!). What doesn't work is sound and the embedded virt-viewer widget in virt-manager
<hallyn> now to try uploading my vmbuilder bugfix as my daily test whether I have upload rights :)
<kim0> hehe
<hallyn> kim0: virt-viewer widget I don't know what to do about offhand.  We can look at libvirt and vmtools and virt-viewer and see if we need spice-enabled versions
<hallyn> kim0: so do you think we should stick with the versions in ppa for now?
<hallyn> all the better of so, one thing less on my todo list
<kim0> hallyn: in a ppa is fine for me
<hallyn> you mean what is now in ppa is fine?
<kim0> but we can sync to latest stable 0.8 release ?
<hallyn> that's what i was asking
<hallyn> ok, i'll do that
<kim0> awesome
<kim0> hallyn: ping me once ppa rebuilds .. I'll retest
<hallyn> ok
<uvirtbot> New bug: #514544 in backuppc (main) "BackupPC_archiveStart script broken" [Medium,Triaged] https://launchpad.net/bugs/514544
<awanti> hi today when i am trying to login, its taking more time (4 o 5 min).
<awanti>  so how do i solve that.. plz. help
<bencer> does anybody know where and the deadline to submit talks for the next uds?
<hallyn> bencer: there aren't real 'talks' at uds, but I don't think calls for blueprints for sessions have gone out yet
<bencer> yes, blueprints... :) don't get used to that name
<ogra_> there are the plenary talks
<bencer> hallyn: do you know when approximately will be open? probably keeping an eye on planet ubuntu will be enough, isn't it?
<hallyn> bencer: I should think so.  no i don't know when, but UDS being in May I would expect another month before the call goes out
<hallyn> ogra_: true.  those can generally get scheduled pretty much on the spot though right? :)
<HackeMate> hi
<HackeMate> i have configured a webdav server that accept SSL connections, now it works with windows client but i can't execute anything
<ogra_> hallyn, i think if there are open spots, yeah
<HackeMate> i gave 777 permissions but in windows cant be executed directly
<HackeMate> i can download them though
<HackeMate> any advice is welcomed
<bencer> ok thanks hallyn ogra_
<uvirtbot> New bug: #731976 in samba (main) "Can't access Windows 7 computer via SAMBA" [Undecided,New] https://launchpad.net/bugs/731976
<HackeMate> i guess that's a coincidence
<hallyn> HackeMate: (sorry, no ignoring you, I just don't know much about webdav - SpamapS may be able to help you in a bit)
<HackeMate> thanks --  Im patient
<RoAkSoAx> morning all
<hggdh> smoser, good morning, do we have a proposed ec2 kernel for karmic?
<remix_tj> joeskil: are you there?
<remix_tj> *here
<joeskil> remix_tj: now I am here! :) Are you?
<remix_tj> yes
<remix_tj> joeskil: what about /var/log/syslog ?
<remix_tj> joeskil: try starting mysql and then if fails do tail -n 200 /var/log/mail.log
<remix_tj> azz
<remix_tj> tail -n 200 /var/log/syslog
<remix_tj> (wrong file)
<remix_tj> an paste
<joeskil> remix_tj: wait. i have to switch locations and computer.
<remix_tj> ok
<remix_tj> i'll wait
<joeskil> remix_tj: back
<joeskil> remix_tj: http://paste.ubuntu.com/577859/
<remix_tj> joeskil: tail -n 200 /var/log/messages ?
<jdstrand> hallyn: hi! you have upload rights for libvirt now, correct? (ie, I don't need to sponsor your people.canonical.com/~serge/libvirt_0.8.8-1ubuntu2.debdiff anymore)
<joeskil1> remix_tj: I lost connection for a while. I posted the output.
<rnigam> How can I completely remove a KVM guest image from a ubuntu server. I did virsh destroy vm1 but the image is still present with 'shutoff' flag (virsh list --all)
<compdoc> the image is a file, most of the time
<compdoc> sometimes its a /dev/x
<lool> Oy
<lool> When booting latest maverick EBS image, I miss the nls_cp437.ko and friends
<lool> find /lib/modules/|grep nls > not much
<lool> But the ubuntu-maverick.git kernel config seems to have them
<lool> are these getting stripped out somehow?
<uvirtbot> New bug: #732028 in squid (main) "package squid 2.7.STABLE7-1ubuntu12.2 failed to install/upgrade: Ð¿Ð¾Ð´Ð¿ÑÐ¾ÑÐµÑÑ ÑÑÑÐ°Ð½Ð¾Ð²Ð»ÐµÐ½ ÑÑÐµÐ½Ð°ÑÐ¸Ð¹ post-installation Ð²Ð¾Ð·Ð²ÑÐ°ÑÐ¸Ð» ÐºÐ¾Ð´ Ð¾ÑÐ¸Ð±ÐºÐ¸ 1" [Undecided,New] https://launchpad.net/bugs/732028
<lool> this is on i386 BTW
<joeskil1> remix_tj: did you hit escape? :)
<hallyn> jdstrand: no, my rights are not yet in effect
<Daviey> lool, Hmm... I think you need to talk to the kernel team, but keep smoser in the loop.
<Daviey> lool, I don't think smoser modifies the kernel from what they build for him.
<blackxored> hello guys
<thafreak> Morning server peeps
<lool> Daviey: I moved to #ubuntu-kernel already, thanks for confirming though, appreciated
<thafreak> quick survey...anyone using anything for automation/config management? i.e. something like puppet?
<Daviey> lool, i should have looked :)
<blackxored> I've had an asterisk setup in the past, didn't lasted because of management, now the buzz about web conference has found its place again, and I want to setup something for web conference. What do you recommend? Fast is the dominating point here.
<thesheff17> thafreak: allot of people are using puppet now.
<blackxored> any web meeting software or "go for asterisk anyways" will do it
<thafreak> thanks thesheff17
<blackxored> thesheff17: there's also chef, which it's a personal preference because it's configuration is a ruby DSL ;)
<thafreak> yeah, I shy away from ruby syntax :) my brain just doesn't grok it yet...
<blackxored> thafreak: ok, then puppet yourself ;)
<thesheff17> yea I'm also a python guy so I haven't used chef or puppet
<thesheff17> puppet has its own syntax but is also ruby
<thafreak> I remember seeing something about ubuntu server and cobbler...wasn't sure if something other than puppet was more "official" for ubuntu
<thafreak> anyone know if there's articles on the official server wiki's for this area?
<thafreak> like there is for postfix and ldap
<RoAkSoAx> kirkland: bug #731922 fixed :) Should build now though
<uvirtbot> Launchpad bug 731922 in testdrive "testdrive's local uec-image testing broken" [Medium,Fix committed] https://launchpad.net/bugs/731922
<RoAkSoAx> thafreak: http://zulcss.wordpress.com/2011/01/19/using-cobbler-on-ubuntu/
<thafreak> is cobbler comparable to puppet, or does it try to solve a different set of problems
<thafreak> i.e. is it apples to apples, or apples to oranges
<RoAkSoAx> thafreak: puppet afaik is used for remote configuration management, while cobbler is a provision service (remote installation)
<thafreak> ok...I thought they were slightly different...cobbler works with kickstart right?
<RoAkSoAx> thafreak: yes
<thafreak> so you'd probably use both cobler and puppet together then....cobler to get the initial install, then puppet to configure the server for specific tasks?
<thafreak> Also, I found on the main wiki, it really only talks about puppet
<RoAkSoAx> thafreak: correct cobbler + puppet
<thafreak> so, I'm guessing that's got the most support...or atleast the most motivated wiki authors
<RoAkSoAx> thafreak: wikipage link?
<thafreak> https://help.ubuntu.com/10.10/serverguide/C/remote-administration.html
<RoAkSoAx> thafreak: yes that's correct. cobbler has been included in the current development release of Ubuntu (Natty) that is due in a month
<thafreak> Cool...
<thafreak> speaking of natty, anything amazingly new on the virtualization front?
<lool> Daviey: Is there another kernel I can swap in?
<lool> Daviey: maybe -server, or -generic?
<lool> Daviey: Will this "just work" with latest EBS images?
<RoAkSoAx> thafreak: hallyn  is your guy for those sorts of questions
<thafreak> I'm setting up a new vm host...debating on going bleeding edge or staying back with lucid
<blackxored> so anyone?
 * lool tries linux-image-server
<blackxored> thafreak: lucid for vm hosts, even debian or centos ;)
<thafreak> cool...thanks RoAkSoAx
<blackxored> anyways
<blackxored> noone has a clue about my web conference question?
<RoAkSoAx> Daviey: howdy!! What do you think about separating the euca_admin tools into a different package?
<thafreak> yeah...I'm using lucid at work for our vmhosts and I like it, but at home...I'm feeling a little dangerous
<blackxored> thafreak: then go for xen in natty ;) I bet you wouldn't want to be dangerous in the rest of your life ;0
<thafreak> blackxored: what do you mean by web conference excatly...like phone conference room via a web browser?
<thafreak> I already use xen on lenny/squeeze at other places...I really like that as well...I was looking for more like the new SPICE stuff...something new
<blackxored> thafreak: for a little background, I told before I had an asterisk setup and softphones, and management broke the thing up, now they want something on a conference nature setup fast, so I was wondering which path to follow
<thafreak> like conference calls via voip phones/conference room phones?
<blackxored> thafreak: I'm building a lucid image for xen4 using xen-tools, but no clue on what to put on it yet
<thafreak> I think asterisk is still technically king...and there are packages for ubuntu in the repos, but I've been meaning to try out freeswitch for a long time
<blackxored> thafreak: assume so, the priorities are only "fast setup, multi-user conference support"
<phoenixsampras> Help !! how to install ubuntu server on XEN CITRIX?
<lool> Hmm the vm doesn't come up anymore   :-(
<blackxored> thafreak: had a bad time with asterisk from the repos, can't recall if it was ubuntu or debian, but defintely had nightmares about it
<thafreak> well, I remember that freeswitch is technically superior...it was designed by former asterisk devs
<thafreak> and it comes with conference room by default in the sample config...and it can do HD audio conference calls
<blackxored> remember the priorities? what do you think? fast setup, multi-user conference
<thafreak> Well, fast setup will depend on you really...for me, I'd probably end up going with asterisk, cause I know the syntax of the configs much better
<thafreak> freeswitch may take me some time to figure out
<blackxored> it's also my case
<thafreak> I don't think I ever setup a conference room on asterisk though....I'm pretty sure it's there and possible, but I don't remember...been a while
<thafreak> That and asterisk changes their config syntax every version or so...and I think they're up to 1.8 now
<compdoc> asterisk wouldnt be the best way
<compdoc> it makes a great phone system
<thafreak> compdoc: you seem to be a former asterisk admin too :) what do you use these days?
<compdoc> I use asterisk in a virtual machine for my own office/home
<compdoc> I would think there would be something better for conferences - some sort of online social media kind of thing
<thafreak> ah, I too have asterisk in a vm for the home office...
<thafreak> i've had "figure out freeswitch" on my todo list for a few years now...I've just never had the time
<thafreak> and things with xml configurations usually put me off (part of the reason I hate tomcat)
<remix_tj> joeskil1:
<remix_tj> what about the paste?
<Daviey> lool, sorry, was AFK..  I don't think the tradional kernels are as xen friendly
<Daviey> lool, you really need to talk to smoser or smb i think
<rnigam> Hello everyone, I just did virsh undefine vm1 for a kvm guest vm1. How do I remove any images that might have been left behind? or does undefine command takes care of the image as well? Using Ubuntu MAverick - Server edition
<Daviey> RoAkSoAx, well.... that was what i intiially suggested... but now thinking about it, is there any benefit?
<lool> Daviey: Am I supposed to hang in -virt for this?
<lool> Daviey: Or is this the right channel?
<Daviey> lool, I think it's a lucky dip between -server or -cloud... we don't even know when to switch :)
<Daviey> lool, smoser is away today.. smb might be the best person... i'll follow in -kernel :)
<lool> thanks!
<blackxored> BTW is asterisk from the repos working???
<DigitalFlux> Hi Guys
<Disconnect> anyone know the debconf magic to cause it to write a new partition table to a blank disk during installation? I've already got http://pastebin.com/LuZ5J09c set but it still prompts. (it doesn't prompt to overwrite the existing, so a rebuild works, but on the initial blank disk I get the "write changes to disks?" prompt)
<DigitalFlux> A quick question about ubuntu-vm-builder
<ivoks> hm... vlan package should be installed by default
<DigitalFlux> as far as i understand, when i use it to create a new kvm guest, it just downloads the distro image .. like say a lucid JeOS iso
<DigitalFlux> does it do that everytime i create a new guest ? or this iso is stored somewhere ?
<Disconnect> DigitalFlux: you don't understand very far :) it installs the individual packages from the repo each time. you probably want a local repo, or at least a caching proxy.
<DigitalFlux> Disconnect: It creates the whole filesystem from packages ?
 * Disconnect is migrating from the increasingly-broken ubuntu-vm-builder to foreman w/ netboot installs. (Try uvb on an lvm some time, it'll create all -sorts- of fun.)
<DigitalFlux> Disconnect: no "images" included ?
<patdk-wk> that is what the *installer* does :)
<patdk-wk> the cd is nothing more than a collection of packages
<Disconnect> yah, what he said. thats the 'builder' part of "ubuntu-vm-builder"
 * DigitalFlux should look carefully at the name of software releases from now on .. :)
<Disconnect> lol
<DigitalFlux> Disconnect: foreman/puppet is super cool i know, i'm just experimenting with some of the kvm features ..
<Disconnect> this isn't windows, you don't have to do a full hardware-specific install and then try to scrape the serial numbers off to make it 'generic' :)
<DigitalFlux> Disconnect: so i wanted just a quick kvm installation ..
 * patdk-wk does netboot installs also, they are the best :)
<DigitalFlux> OK OK guys, don't push me more to start a foreman installation :)
<patdk-wk> I don't use foreman
<Disconnect> yah it is pretty nice, it talks to libvirt to set up storage, talks to isc dhcpd/bind (UGH) to do netbooting and dns, then off it goes. fighting some issues but right now my problem is the automated part doesn't automate very well. (it won't write a new blank partition table w/o prompting)
<patdk-wk> just pxe boot to the installer, and apt-cacher-ng :)
<DigitalFlux> Did the foreman supported Ubuntu in the first place ?
<DigitalFlux> or this is a new addition ?
<RoAkSoAx> Daviey: yes... the euca_admin tools can be run from any hosts with the keys configured and I don;t think admins would like to install eucalyptus-common for just the tools
<Disconnect> always has afaik. its just another os, foreman is all ruby and doesn't particularly care. (iirc they have support for ms dhcp/dns servers in the smart-proxy as well)
<DigitalFlux> Disconnect: Oh, and where does cobbler fit in this scenario ? :)
<DigitalFlux> Disconnect: for the partitioning/automated installation, it uses kickstart or preseed ?
<Disconnect> no idea, last time i experimented with cobbler it was (ugh) centos about 5 years ago. it was .. damaged. (but then again, pretty much everything was at the time. it just had a sort of violent-tendencies damage that we eventually gave up on)
<DigitalFlux> Disconnect: I think i faced this problem with kickstart before
<Daviey> RoAkSoAx, Well that is true
<DigitalFlux> Disconnect: cobbler seems to have made it to natty
<Daviey> RoAkSoAx, I have no preference either way, if you want to do it - crack on.
<Disconnect> good for them?
<DigitalFlux> Disconnect: that kickstart problem is an unresolved bug till now AFAIK
<Disconnect> i'm preseeding.
<Daviey> RoAkSoAx, Might want to raise a bug, that it's bloating your system, just for wanting to use the python module etc
<Disconnect> http://pastebin.com/LuZ5J09c
<DigitalFlux> Disconnect: hmm, let me get you my totally no-human-intervention preseed config
<Disconnect> does it work on zero'd disks? this one will work fine if i do a rebuild (existing partition table gets overwritten)
<RoAkSoAx> Daviey: Given that the euca-* tools and the euca_admin module are now shipped in eucalyptus-common, we should just probably create a package called eucalyptus-admin-tools that include nboth the binaries and the pyton module, to not introduce 2 new pacakges, and just keep them in one
<Daviey> RoAkSoAx, I agree with that.
<RoAkSoAx> Daviey: ok then I'm happy to do it :)
<Daviey> RoAkSoAx, super!
<ahayes> Hello. Anyone have some time/knowledge to help with a multipath (MPIO) boot issue?
<pmatulis> !ask | ahayes
<ubottu> ahayes: Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-)
<ivoks> ahayes: what's the problem?
<ahayes> I've been able to get Ubuntu server installed on a single default LVM partition schemed disk, and then install the multipath-tools and multi-path-tools-boot packages. But booting is now intermittent. I get dropped into the initramfs shell.
<ivoks> it tells you why it dropped into busybox
<ahayes> My initial goal was to have the server booting off a multipathed RAID-1 setup with a pair of drives, but I haven't figued that part out yet.
<ivoks> did you read the message it printed?
<ivoks> when it failed to boot
<ahayes> Yesâ¦ It tells me it can't find the boot device. It suggests that the roo= is wrong, or the rootdelay= should be specified (longer I assume)
<ahayes> er.. root=
<ivoks> and for root= you have what?
<phoenixsampras> how to setup a ubuntu cloud? lets say 3 servers?
<ahayes> root is /dev/mapper/ellie-root where ellie is the hostname
<ivoks> ahayes: so, did you check if it exists when you get dropped into busybox?
<hallyn> yay - open-vm-dkms is now working
<ahayes> Sorryâ¦ It was the first time I've ever *seen* busybox. I believe it was there, and pointed to /dev/dm-21
<Disconnect> (repeat) anyone know the debconf magic to cause it to write a new partition table to a blank disk during installation? I've already got http://pastebin.com/LuZ5J09c set but it still prompts. (it doesn't prompt to overwrite the existing, so a rebuild works, but on the initial blank disk I get the "write changes to disks?" prompt)
<ahayes> when I eventually 'exit'ed busybox because I didn't know what to do, it then booted.
<ahayes> So then I thought that maybe the rootdelay was worth exploring.
<ahayes> Maybe it didn't have the device ready on its initial attempt.
<ahayes> So I tried modifying /etc/default/grub to have GRUB_CMDLINE_LINUX="rootdelay=90"
<ahayes> But when I run update-grub, I get a "grub-probe: error: no such disk."
<ahayes> So that's where I'm at now.
<ahayes> Credit to Ubuntu team, I've never had a boot issue before, so I find myself with a steep curve. Multipath isn't helping.
<ivoks> sorry, i have a situation here... bbl
<ahayes> No worries.
<lynxman> ping SpamapS
<uvirtbot> New bug: #732082 in eucalyptus (main) "Eucalyptus admin tools should not be shipped in eucalyptus-common package" [Medium,Confirmed] https://launchpad.net/bugs/732082
<rnigam> Guys was anyone able to install apt-proxy on ubuntu maverick server? apt-get install is unable to locate the package.
<ivoks> ahayes: where were we?
<ivoks> ahayes: GRUB_CMDLINE_LINUX_DEFAULT="rootdelay=60 quiet splash"
<ivoks> ahayes: update-grub
<patdk-wk> is there a way to get a random number from dash?
<patdk-wk> or must I use bash
<ivoks> patdk-wk: http://www.shelldorado.com/scripts/cmds/rand.txt
<ivoks> :D
<patdk-wk> heh
<ahayes> ivoks: Backâ¦ OK. I'll try again
<patdk-wk> ivoks, before yo udid that I did, apt-get install rand
<patdk-wk> but it's keeps outputting the same number, multible times
<ivoks> :)
<ivoks> prove it's not random
<ahayes> ivoks: Still getting a grub-probe error: no such disk.
<ivoks> ahayes: in /boot/grub/grub.cfg, there's a line 'set root='
<patdk-wk> http://pastebin.com/65ttgfCe
<ivoks> ahayes: is it /dev/sda?
<patdk-wk> hehe :)
<patdk-wk> it feel like a seed(time()) to me
<patdk-wk> so unlikely to work where I want it, in a cron script
<ahayes> ivoks: It's '(ellie-root)'
<patdk-wk> ah, yep: the seed for the random numbers generator (default time(NULL))
<ahayes>  ivoks: Well.. there are a few, others (for recovery?) are '(hd1,msdos1)'
<ivoks> what is the multipath device name?
<ahayes> Wellâ¦ installing the multipath-tools-boot modified /etc/fstab to point to /dev/mapper/ellie-root
<ahayes> ivoks: That is a link to /dev/dm-21
<Skaag> what virtualization solutions are working well with ubuntu server?
<ivoks> ahayes: try grub-install /dev/dm-21
<Skaag> I mean as a host
<ahayes> ivoks: /boot and / are separate on this system. Does that make a difference?
<patdk-wk> hmm, when you boot, are you in grub 1.9 or grub 0.9?
<patdk-wk> if your in 1.9, then that isn't the issue
<ahayes> patdk-wk: grub-install -v reports 1.98+20100804-5ubuntu3
<patdk-wk> ahayes, that means nothing
<patdk-wk> cause it's installed on your system, doesn't mean that is what is installed in the boot sector
<ahayes> patdk-wk: This install is on a totally fresh system. Ubuntu 10.10 server cd is only one to touch it.
<patdk-wk> I'm pretty sure it is, but :)
<Skaag> can I check the ulimit of a process externally?
<patdk-wk> ok, so grub-install won't fix the issue
<patdk-wk> where is /boot located?
<ahayes> more /fstab
<ahayes> Oopsâ¦ sec..
<ahayes> patdk-wk: /etc/fstab says UUID=big_long_string /boot
<patdk-wk> and what does the uuid map to?
<patdk-wk> blkid can help
<ahayes> patdk-wk: There is a comment there that it was on /dev/sdd1 during installation
<patdk-wk> and now?
<mray> RoAkSoAx: https://github.com/mattray/cookbooks/tree/master/pxe_dust
<ahayes> pstdk-wk: blkid reports: /dev/mapper/35000c500335c7407-part1: UUID="47f7610f-f274-40bb-95cc-f8cf0504ddf2" TYPE="ext2"
<mray> automated Ubuntu server installations, all the guesswork fixed
<ahayes> patdk-wk and the other relevant bits are: /dev/mapper/35000c500335c7407-part5: UUID="PmA0Hb-jAWI-bnL5-L6wp-JDzB-dHcy-n2NM07" TYPE="LVM2_member"
<ahayes> /dev/mapper/ellie-root: UUID="b48c8ec7-8011-401a-b196-1d891687f64b" TYPE="ext4"
<ahayes> /dev/mapper/ellie-swap_1: UUID="cf3c86ac-3e1d-4b62-95d1-ab57daab2441" TYPE="swap"
<RoAkSoAx> mray: cool!! Do you have a howto by any chance?
<mray> RoAkSoAx: I'm writing it up on my blog
<mray> but the code is fairly straightforward
<patdk-wk> ahayes, I'm thinking this: https://bugs.launchpad.net/ubuntu/lucid/+source/grub2/+bug/687501
<uvirtbot> Launchpad bug 687501 in grub2 "when installer is multipath aware, grub fails to install" [High,In progress]
<ahayes> patdk-wk: I had that issue the first time around, when I ran the installer with disk-detect/multipath/enable=true and tried to install to /dev/mapper/mpath0
<RoAkSoAx> mray: yeah. (but I've never used chef) so the howto will help me figure out things faster :). point me out to your blog post when finished please! :)
<patdk-wk> more down
<ivoks> ppetraki: ^ you reported it? :)
<patdk-wk> looks like an updated grub
 * patdk-wk should figure out a way to test multipath sometime
<mray> RoAkSoAx: https://github.com/mattray/cookbooks/blob/master/pxe_dust/recipes/server.rb does the work
<patdk-wk> multipath iscsi root anyone? :)
<mray> it installs tftpd-hpa and apache
<mray> and modifies the installer prompt to pass in the url of the preseed and automatically kicks off
<mray> the preseed.cfg in that repo is fairly specific, but it automatically adds an apt-cacher repo if you have one
<ahayes> patdk-wk: You're welcome to connect into this box. :)
<ppetraki> ivoks, I did?
<ivoks> ppetraki: https://bugs.launchpad.net/ubuntu/lucid/+source/grub2/+bug/687501
<uvirtbot> Launchpad bug 687501 in grub2 "when installer is multipath aware, grub fails to install" [High,In progress]
<ivoks> ahayes: just install the grub from ppa
<ppetraki> oh yeah
<RoAkSoAx> mray: ok cool. Will test this later today :)
<ivoks> ahayes: https://launchpad.net/~cjwatson/+archive/grub
<ahayes> ivoks: I'm just trying to figure out how to do that. :)
<patdk-wk> add-apt-repository ppa:cjwatson/grub
<ivoks> easy
<patdk-wk> I believe
<ivoks> right
<RoAkSoAx> hggdh: btw... I started looking into the get-credentials "local" error and it seems that upstream is messing a file/function cause it's simply just not there
<ahayes> Just need to find add-apt-repository
<ivoks> python-software-properties
<patdk-wk> apt-get install python-software-properties
<ahayes> Thank you. You guys are fast!
<cjwatson> oh, yeah, I should push that grub upload to -proposed now that 10.04.2 is out
<hggdh> RoAkSoAx, that's my take also
<hggdh> RoAkSoAx, so we mark it triaged, and open an upstream task
<RoAkSoAx> hggdh: indeed! Will do right after the latest eucalyptus is uploaded so we can file a new bug with that error solely
<ahayes> Hmmâ¦ That PPA is for Lucid I think.
<patdk-wk> the package is for lucid
<patdk-wk> ppa's can do all at once
<cjwatson> yeah, but it needs a different backport to maverick
<ahayes> Failed to fetch http://ppa.launchpad.net/cjwatson/grub/ubuntu/dists/maverick/main/source/Sources.gz  404  Not Found
<patdk-wk> ya, no maverick package has been uploaded to that ppa yet
<ivoks> ah...
<cjwatson> I vaguely recall not being worried about keeping access to the machine for that because the maverick backport would be strictly simpler than the lucid one
<cjwatson> I'll see what I can do ...
 * ivoks thinks that ahayes is playing with us :)
<ahayes> cjwatson: When you talk about pre-seeds in that bug report, would that mean I could have it grab that version during install?
<cjwatson> ahayes: yes, that's what they're for
<cjwatson> the point of that is so that we can actually test the package before it's promoted to -updates :)
<patdk-wk> you could force it on your version
<cjwatson> patdk-wk: not a good plan
<patdk-wk> if you download the deb
<patdk-wk> probably not :)
<ahayes> ivoks: I'm just amazed that all the relavant people for this issue are here and talking with me. :)
<cjwatson> I really wouldn't recommend winding grub-pc's version backwards over that particular span of time
<ivoks> you get that with microsoft support too :)
 * RoAkSoAx off to lunch
<cjwatson> ahayes: I have another task I really ought to be concentrating on, but after that ...
<ivoks> that was sarcasm
<ahayes> Since you are here, here's what I was *trying* do do originally: Install onto a RAID-1 pair of disks on the other end of multipath.
<patdk-wk> ivoks, I got that kind of support before, for exchange :)
<ahayes> ivoks: I was thinkingâ¦ microsoft has support?!? ;)
<patdk-wk> not via ms though, a coworker worked with a former exchange developer :)
<ahayes> cjwatson: No worries. Do you have a maverick multipath box to test/build on? You are welcome to connect into the one here. :)
<cjwatson> ahayes: no, but IIRC as I say I decided I didn't need one; I'll get back to you if that turns out not to be the case
<cjwatson> the bulk of the work for lucid was very very carefully backporting bits of device handling from maverick
<cjwatson> and then applying a fairly small multipath fix on top of that
<ahayes> Should I just run lucid?
<cjwatson> nah, I'll get it fixed for maverick too
<ahayes> Do you have any comments on installing on RAID-1 over multipath?
<cjwatson> ahayes: not really, sorry, it's not my field
<ahayes> If I install lucid with the preseed file, and boot the installer with disk-detect/multipath/enable=true, then create a couple RAID-1 devices out of /dev/mapper/mpath0 and 1?
<ahayes> cjwatson: OK. No worries.
<cjwatson> in theory that should work ...
<cjwatson> if it doesn't, give me a shout I guess :-/
<ahayes> cjwatson: Your preseed file would let me get through the gub install as part of the lucid install.
<cjwatson> right
<ahayes> cjwatson: And would I still install multipath-tools and multipath-tools-boot afterwards?
<cjwatson> I guess so
<ahayes> cjwatson: OK. :) I will try and let you know how I fare.
<cjwatson> actually, if you set that up as part of the installer, they should be installed for you
<ahayes> cjwatson: What do you mean set up as part of installer?
<ahayes> cjwatson: The boot options?
<ivoks> ahayes: no
<cjwatson> no, if you're partitioning multipath devices in the installer, it should know to install multipath-tools/-boot
<ivoks> you ca preseed the installation
<ivoks> and if you put that ppa into the preseed, then it will pull it in and install during the installation
<ahayes> ivoks: You mean the ppa:cjwatson/grub will pull it in?
<ivoks> ahayes: do you know what preseeding is?
<ivoks> ahayes: you can automate whole or just part of installation process
<ahayes> ivoks: No. Not really. I'm readin up on it now.
<ivoks> https://bugs.launchpad.net/ubuntu/lucid/+source/grub2/+bug/687501/comments/13 is recipe for this ppa
<ahayes> ivoks: I assumed it was a way to over-ride the default packages.
<uvirtbot> Launchpad bug 687501 in grub2 "when installer is multipath aware, grub fails to install" [High,In progress]
<ivoks> http://wiki.debian.org/DebianInstaller/Preseed
<ivoks> it's much more than that
<ahayes> ivoks: OK. I'm grabbing the 10.04.2 amd64 server iso right now.
<ahayes> ivoks: I think I've seen the preseed bit in the installer before (expert install?)
<ivoks> ahayes: from experience... preseeding will take some time before you master it :)
<ahayes> ivoks: Ugh. :)
<ivoks> once you create preseeding file
<ivoks> you just add an option during the installation which will tell the installer where the file is (CD/floppy/HTTP...)
<ivoks> by creating a file that has only stuff that cjwatson wrote in #13, you'll get what you want for this problem
<ivoks> put it somewhere on the web server and append the preseed 'command' to the installer
<ivoks> it's just a location where the file is located
<ivoks> preseed/url=http://10.0.0.1/pressed.cfg
<ivoks> next step is to remaster the installation CD so that it includes that file and 'command' by default :)
<ahayes> ivoks: Something like http://gcrc.carleton.ca/~ahayes/grub-preeseed.cfg
<ivoks> yep
<ivoks> preseed/url=http://gcrc.carleton.ca/~ahayes/grub-preeseed.cfg
<ahayes> ivoks: Hmmâ¦ remaster CDâ¦
<ivoks> afk
<kirkland> hallyn: http://launchpadlibrarian.net/65973725/buildlog_ubuntu-natty-i386.qemu-kvm_0.14.0%2Bnoroms-0ubuntu2_FAILEDTOBUILD.txt.gz
<kirkland> hallyn: https://launchpad.net/ubuntu/+source/qemu-kvm/0.14.0+noroms-0ubuntu2/+buildjob/2310157
<kirkland> hallyn: qemu-kvm i386 failed to build, which is making qemu-kvm uninstallable, as it depends on qemu-common
<uvirtbot> New bug: #732160 in squid (main) "package squid 2.7.STABLE9-2.1ubuntu4 failed to install/upgrade: ErrorMessage: subprocess installed post-installation script returned error exit status 100" [Undecided,New] https://launchpad.net/bugs/732160
<hallyn> kirkland: seems like debian/control has issues
<hallyn> but that's separate
<hallyn> bag toolchain failure
<hallyn> kirkland: i suspect the re-enablement og parallel bujild
<hallyn> builds even
<ahayes> cjwatson: Hmmâ¦ Am installing 10.04.2 with tweaked ubuntu-server.seed to include your lines, and booting with disk-detect/multipath/enable=true
<ahayes> Am now at screen that says [!] Partition disks - Unable to determine geometry of file/device /dev/mapper/ellie-root. You should not use Parted unless you REALLY know what you're doing! Warning! Ignore/Cancel
<ivoks> :)
<ivoks> that's on the same server?
<ahayes> I obviously don't know what I'm doingâ¦ but does it really have to point that out? ;)
<ahayes> ivoks: Yep.
<ivoks> you care about data on the disks?
<ahayes> ivoks: Nope.
<ivoks> then hit alt+f2
<ivoks> enter the shell
<ivoks> adn wipe the disks :)
<ahayes> ivoks: How would you wipe them?
<ivoks> dd if=/dev/zero of=/dev/sdX count=10 bs=1M
<ivoks> that will be enough for partition table and some additional data :)
<ivoks> replace X with the correct char
<RoyK> ahayes: that'll overwrite the initial 10MBs with zeros
<RoyK> so fdisk shouldn't really complain anymore :P
<ahayes> Super. I still see a few devices like sda1, sda2, etc.
<RoyK> those are partitions
<RoyK> sda is the drive
<RoyK> just wipe the start of the drive
<ahayes> Ahâ¦ sda must be the boot cd
<ivoks> no, it's the disk
<RoyK> ahayes: cat /proc/partitions
<ivoks> don't worry about partitions
<ivoks> return to alt+f1
<ahayes> Because it is giving me dd: can't open '/dev/sda': No medium found
<RoyK> ivoks: a reboot might be handy
<ivoks> and go back one step in the installer
<ivoks> parted will rescan the disk
<RoyK> ivoks: if it says that, cat /proc/partitions to see what partitions exists
<RoyK> extract the device name from that
<RoyK> it might be sdb or something
<RoyK> depending on hardware config
<ahayes> OK. Will try a reboot. Went back to 'Detect Disks' in installer but still getting the wwarning
<ahayes> 	
<RoyK> ahayes: did you cat /proc/partitions ?
<ahayes> I did, but I wiped all the other sd* drives. Not sure why sda was giving me grief.
<ivoks> maybe it was the CD :)
<ahayes> It will be back up in a sec.
<zul> ahayes: are you part of engsoc?
<RoyK> &whois ahayes
<ahayes> zul: I haven't heard that term in a *long* time. :)
<zul> ahayes: oh i havent been around carleton in a  loooong time
<ahayes> I was part of Engsoc when it was on Novel 3.x
<RoyK> ahayes: Novell?
<ahayes> RoyK: Yep. As inâ¦ the old stuff. Can't even remember the name nowâ¦ all the NetBIOS stuff.
<ivoks> netware
<ahayes> That's it. :)
 * RoyK was Master CNE on NetWare 4.11 and 5
<ahayes> I was just a 1st year who liked computers. adevries dragged me into helping with the engsoc server.
<RoyK> remember all those german nights (Abend)
<ahayes> OK! I'm at the partition disks choices without any observations about my competence. :) That worked.
<RoyK> :)
<orudie> oh hi ivoks
<RoyK> last I touched a netware 3.12 server, it had an uptime of 4.5 years, only because they had had a power outage at the time it went down :P
<ahayes> Am creating partitions on mpath0 and mpath1
<ahayes> RoyK: Yeahâ¦ they did run well in my experience too.
<RoyK> ahayes: btw, it wasn't NetBIOS, that was Microsoft, NetWare used NCP
<RoyK> IPX FTW!
 * RoyK ducks for cover
<ahayes> RoyK: Stop. My brain can't handle the flashbacks. ;)
<RoyK> lol
 * RoyK can remember those SAP/RIP broadcasts bitching our precious hub-based 10Mbps network quite badly
<patdk-wk> heh
<patdk-wk> I dunno how they can deal with that on cable modem networks
<RoyK> cable modem networks have a wee issue there - ARP broadcasts on large domains can toast a bad router...
<ahayes> Should /boot be ext2?
<patdk-wk> doesn't need to be
<RoyK> ahayes: ext2 is very safe for /boot
<RoyK> but it doesn't matter, really
<RoyK> you won't get the fancy ext[34] stuff you won't need :P
<ahayes> I saw that it's what the auto-partiion did last time. Just wondered.
<patdk-wk> grub2 works with ext4
<patdk-wk> but grub1 I think ext4 can sometimes confuse it (extents)
<RoyK> patdk-wk: no need for journalling or extents on /boot, really
<patdk-wk> royk, generally no, but is kind of nice for when your system is running
<patdk-wk> if it does crash
<patdk-wk> but a fsck of /boot is normally fast enough
<RoyK> patdk-wk: /boot is hardly touched anyway
<patdk-wk> hopefully :)
<patdk-wk> mine seems to only crash when I'm touching /boot
<RoyK> if so, I'd use ext3, less options that might fail, and better tested
<ahayes> Here we go. Moment of truth.
<RoyK> just use reiser4 for it all and live an interesting life.....
 * RoyK prefers boredom to interesting times when it comes to having stable servers
<ahayes> Dum dee dumâ¦ just waiting for mkfs.
<RoyK> ext4?
<ahayes> Yes.
<ahayes> For /boot and /
<RoyK> ahayes: how many drives?
<ahayes> 2
<RoyK> k
<RoyK> any mirroring?
<ahayes> Yes. 2 drives in Raid-1
<RoyK> sw or hw?
<ahayes> sw
 * RoyK likes this setup http://pastebin.com/GipEC95B
<ahayes> It's /boot / and swap on md0,md1, and md2, on top of mpath0 and mpath1
<RoyK> sorry, what's mpath? multipathing?
<ahayes> Yes.
<RoyK> erm - I don't get it - you're multipathing to two drives that are mirrored?
<ahayes> It's all on a supermicro SC417 chassis with three LSI 9211-8i cards.
<RoyK> how many physical drives?
<ahayes> It's because the pair of drives are on the SAS backplane like all the others. So they are multipathed.
<rnigam> Hi i just installed a kvm guest using vmbuilder. When I tried to do virsh start vm1 I get this error: Failed to start domain mav-vm1
<rnigam> error: operation failed: failed to retrieve chardev info in qemu with 'info c dev'
<ahayes> I've got 12 in there now, but it will take 72 2.5" drives.
<RoyK> ahayes: why aren't you using zfs for this?
<RoyK> ahayes: it's _very_ much better than anything linux has
<RoyK> that is, linux has fuse-based zfs, but it somewhat sucks in regards to write speed
<ahayes> That was my first thought but OpenSolaris/Nexenta is in a bit of flux right now.
<RoyK> we're on OpenIndiana with some 350TB on four boxes
<ahayes> I wasn't confident that it would all work out in the long run. And meanwhile, btrfs is coming.
<RoyK> btrfs has been coming for two years+ and they still don't have anything better than mirroring
<RoyK> they're 5+ years behind ZFS
<ahayes> And I like Ubuntu. Especially the lovely #ubuntu-server support. ;)
<RoyK> ahayes: it's your choice, but without ZFS, you won't be able to detect 'silent errors', which are becoming a bigger problem every year
<ivoks> RoyK: go to #we_depend_on_oracle's_technology :)
<RoyK> ahayes: my advice is: Try OpenIndiana, please, I know it works. We're using it in production and have been for quite some time
<RoyK> ivoks: openindiana is open - it's not controlled by oracle
<ahayes> This smells like a battleâ¦ pleaseâ¦ I'm just a lowly guy trying to run multipath. :)
<ahayes> I'm still waiting to see if grub installs itself....
<RoyK> ahayes: sure, but I'm quite sure a Linux-based storage setup won't work remotely as well as a zfs-based one. If you're just in the test phase, please test something that can do ZFS natively
<ivoks> zfs freeks :)
<ahayes> Ughâ¦. Failed.
<andol> ivoks: Well, once you get a taste of it...
<ivoks> :)
<ahayes> [!!] Configuring grub-pc - Unable to install GRUB in /dev/md0 - Executing 'grub-install /dev/md0' failed. This is a fatal error.
<RoyK> ivoks: would you want to have 350TB on something that doesn't detect data errors, but rather just hope that the drives' CRC is sufficient?
<ivoks> RoyK: relax
<ivoks> i was just joking
 * RoyK is quite calm :)
<ahayes> Hmmâ¦ I'm looking at logs.
<ahayes> It says: Is device-mapper missing from kernel?
<ahayes> And: /pro/devices: fopen failed: No such file or directory
<RoyK> ahayes: /pro?
<ahayes> sorryâ¦ /proc
<RoyK> htf do you type â¦?
<ahayes> I have to type it in. Can't cut&paste from IPMI console.
<ahayes> Soooâ¦ should I continue without the bootloader? Or is there someting I can do at the prompt?
<RoAkSoAx> Daviey: you still around?
<hallyn> kirkland: are you still around
<hallyn> kirkland: can you re-fire that qemu-kvm i386 build?  I can't reproduce it on porter-i386.  If it fails again I'll make it not use parallel build and that might help, but I'm hoping it was a transient gcc error.
<Daviey> RoAkSoAx, ack
<Daviey> hallyn, build re-queued
<zul> Daviey: were you able to fix that ipmi problem?
<Daviey> zul, think so
<RoAkSoAx> Daviey: could take a look at bug #629234 and re-upload the lucid sru please?
<uvirtbot> Launchpad bug 629234 in vsftpd "package vsftpd 2.2.2-3ubuntu6 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Medium,Confirmed] https://launchpad.net/bugs/629234
<Daviey> RoAkSoAx, is there a merged debdiff or bzr branch?
<RoAkSoAx> Daviey: yes both. The upload got rejected because someone else requested an upload fixing one of the bugs I',m addressing without taking in consideration other bug reports openned.
<Daviey> RoAkSoAx, you want me to reupload https://code.launchpad.net/~andreserl/ubuntu/lucid/vsftpd/sru1 ?
<RoAkSoAx> Daviey: correct
<hallyn> Daviey: thanks
<a_girl> I need help getting my first server up, any takers have time?
<lacaferreira> Hello Guys, My name is Andrew Ferreira, Brazil I'm from the Ubuntu community. I'm having a problem with Squid Proxy could someone help me?
<zee313> hi !
<zee313> I hv downloaded googleearth from http://www.google.com/earth/download/thanks.html#os=linux#linux_dl=deb_32
<zee313> But unfortunately it is not opening the program
<a_girl> can you get in the downloaded file?
<zee313> plz solve my problem
<zee313> yes
<enquora> can anyone tell me why map_static is reported as an invalid keyword in my nfs exports file?
<ScottK> !ask | a_girl
<ubottu> a_girl: Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-)
<Patrickdk> strange flood of people
<ScottK> zee313: Since that pacakge isn't part of Ubuntu, you're probably better off asking the providers of the package for help.
<a_girl> ScottK: it's more than one question and I'd like to know someone has an hour+ to help me through this
<ScottK> a_girl: Probably no one has that kind of time to dedicate to you, but if you start asking your questions, the odds are reasonable that someone will have time for most of them if you are patient.
<lacaferreira> My Squid performs block msn according to the user account, authorized users accessed normally from both a time for another authorized users started receiving the error when trying to login 800488eb. anyone have any idea?
<a_girl> I've just installed 10.10 with webserver enabled and openssh enabled, but had no connection where it was in the house, so I didn't set up DHCP or internet.  I moved it to there there is internet but there's no room for plugs/periferials so I need to access it remotely
<a_girl> from there, I think I have it
<a_girl> ScottK: how's that?
<Patrickdk> doesn't explain much at all, but
<Patrickdk> did you give it an ip address?
<a_girl> I did not set it to an ipaddress
<Patrickdk> if it's not set for dhcp, and doesn't have a static ip, there will be no way to access it
<ScottK> a_girl: I think the default is to dhcp, so if you've installed ssh server you should be able to boot it with a network connection and just ssh in.
<a_girl> I tried to ssh into it, but the connection times out.
<hallyn> kim0: I'm not ignoring you btw, just got spice 0.8.0 package built locally, doing qemu next, then ill push to ppa if it all works
<a_girl> also; I'm using at&t uverse, so all the computers use 1 ipaddress
<a_girl> :(
<RoAkSoAx> hggdh: ping
<a_girl> still in college, so I have nil power over internet
<a_girl> how do I set up DHCP from cli?
<Patrickdk> man interfaces
<Patrickdk> just two lines needed
<Patrickdk> strange, no dhcp example
<Patrickdk> auto eth0
<a_girl> ssh should be: ssh negativeone@99.67.140.208
<hggdh> RoAkSoAx, give me one minute
<a_girl> right?
<Patrickdk> iface eth0 inet dhcp
<RoAkSoAx> hggdh: sure thingy ;)
<hggdh> RoAkSoAx, ready :-) thank you
<RoAkSoAx> hggdh: by any chnage you have a maverick box to verify a SRU? :)
 * RoyK wants IPv6
<hggdh> RoAkSoAx, not now, but we can create one
<hggdh> RoAkSoAx, what do you need there?
<RoAkSoAx> hggdh: bug #677764
<uvirtbot> Launchpad bug 677764 in vsftpd "vsftpd postinstall checks for user/group starting with ftp" [Medium,Confirmed] https://launchpad.net/bugs/677764
<jkg_> RoyK: bah, a couple of hours ago you were all about IPX. what happened to you? ;)
<RoyK> jkg: that was just talking of Old Times
<RoyK> IPX is quite dead :Ã¾
<jkg> (thankfully ;) )
<RoyK> indeed
<hggdh> RoAkSoAx, I will iso-install one now
<Patrickdk> what?
<RoAkSoAx> hggdh: awesome. thanks!
<Patrickdk> it's alive and kicking (need it to play doom and descent)
<a_girl> iface command not found
<a_girl> need help configuring ip address from cli
<genii-around> a_girl: That line beginning with "iface" is what you put into the /etc/network/interfaces file
<genii-around> Alternately, if you just want a one-off: sudo dhclient eth0                   might work
<kim0> hallyn: thank you man! you're my hero :)
<a_girl> worked!  Thanks!
<a_girl> anyone know about distributing the server load across multiple machines?
<a_girl> need to know how to do that
<Patrickdk> !google loadbalancer
<ubottu> I have no google command, use http://www.google.com/
<ScottK> It depends a lot on what kind of load you are trying to distribute.
<andygraybeal> when do yuo guys think btrfs will be ready for production?  a few  years or a few months?
<laen> andygraybeal: in a year, wild guess.
<andygraybeal> yea, thank you for the wild guess.
<andygraybeal>  :)
<Daviey> hallyn, I you seeking sponsorship for open-vms-* ?
<hallyn> Daviey: are you asking me if i am?
<Daviey> err yeah, sorry.
<hallyn> Daviey: i'd have done a merge request by now, but i'm convinced someone will come back with all sorts of nit-picks :)
<Daviey> hallyn, funny guy :)
<hallyn> Daviey: shoudl i do a bzr merge request and ask you?
<RoAkSoAx> Daviey: almost done with the eucalyptus changes, just waiting to build in PPA to test
<Daviey> RoAkSoAx, awesome :)
<Daviey> hallyn, Just looking at the dupe count, would be good to get it fixed soon :)
<Daviey> hallyn, so yeah, if it's not too scary delta (not looked yet), happy to do that now
<hallyn> Daviey: yeah.  i was just waiting for a confirmation, but someone did say it worked for them
<hallyn> Daviey: the delta *is* scary.  no helping that
<hallyn> ill point you to it :)
<hallyn> Daviey: done.  merge request assigned to you for lp:~serge-hallyn/ubuntu/natty/open-vm-tools/merge-2011.02.23-368700
<Daviey> hallyn, Thanks... when it states "The diff has been truncated for viewing."   ... i know i want to cry.
<hallyn> Daviey: you could just as well get the open-vm-tools git tree and 'git diff 2010.06.16..2011.02.23'
<Daviey> hallyn, I don't suppose you have a decent upstream changelog do you?
<hallyn> in fact, let me just...
<hallyn> Daviey: http://paste.ubuntu.com/578064/
<Daviey> good stuff!
<hallyn> that's diffstat, not changelog
<hallyn> summary: 749 files changed, 120530 insertions(+), 88117 deletions(-)
<Daviey> *sobs*
<hallyn> do we know ebroder?  he used to package it...  i wonder if we should seek his blessing
<hallyn> (and save you the pain)
<Daviey> hallyn, Yes - that is a good idea!
<Daviey> hallyn, cherry picking a specific fix is not viable?
<hallyn> hm, i guess he only did it once.  i thought i'd seen his name more than that
<hallyn> Daviey: no, that's what iw as trying yesterday
<Daviey> hallyn, Yeah, if you spent a good amount of time on it, then perhaps this is the best approach.
<hallyn> Daviey: after replacing the ioctl stuff, i only proceeded to further kernel module build breakages.  I could try again...
<Daviey> hallyn, I don't suppose you know what debian's plans are do you?
<hallyn> Daviey: i don't.  I emailed the list (mentioned in control) + daniel, no response
<hallyn> I figured I would email them again with a debdiff or, more likely, link to the bzr tree
<hallyn> Daviey: emailed them and cc:d you
<rnigam> Hello everyone , if any one has solution or suggestion ot this thread :http://ubuntuforums.org/showthread.php?p=10542465#post10542465 please reply in the thread. Thanks,
<Daviey> hallyn, So, Debian has bumped the epoch... so i'm less concerned about us getting ahead of debian... on this.
<Daviey> hallyn, good, thanks for the mail - lets see if they respond tomorrow.
<hallyn> Daviey: 'bumped the epoch' ?
<Daviey> hallyn, you are proposing 2011.02.23-368700-0ubuntu1 right?
<hallyn> yes
<Daviey> hallyn, well Debian has 1:8.4.2-261024-1 .... the 1: is the epoch, and that trumps yours which is an implied 0:
<Daviey> so even if yours gets uploaded as is, it's technically a lower version than Debian's current
<Daviey> even tho yours is a newer upstream version :)
<Daviey> So come next cycle, we know we can still sync/merge no matter what.
<hallyn> that's a good thing?
<uvirtbot> New bug: #732306 in php5 (main) "php escapeshellarg removes Â£ incorrectly" [Undecided,New] https://launchpad.net/bugs/732306
<RoAkSoAx> Daviey: done: https://code.launchpad.net/~andreserl/ubuntu/natty/eucalyptus/lp732082/+merge/52780
<Daviey> hallyn, Yes... I'm saying that there is no fear of us getting too far ahead of Debian, meaning we either need to fudge the verison or maintain our own stuff till the end of dawn
<Daviey> hallyn, We can sync next cycle if/when they caught up.
<Daviey> hallyn, I think you need to reference that it is a newer version than the one in Debian, incase some does a drive by merge / sync next cycle.
<Daviey> hallyn, But I think it is /reasonable/ to raise a FFe, with some ambiguity about what the features of new version snapshot - stating you have spent significant time trying to bisect a fix, and the current one is totally unusable.
<uvirtbot> New bug: #732314 in squid (main) "package squid 2.7.STABLE9-2.1ubuntu4 failed to install/upgrade: subprocess installed post-installation script returned error exit status 100" [Undecided,New] https://launchpad.net/bugs/732314
<Daviey> RoAkSoAx, Hmm... lp:ubuntu/$release/eucalyptus is only used post release.:(
<Daviey> RoAkSoAx, see the merge conflicts :/
<RoAkSoAx> Daviey: what's your branch again?
<RoAkSoAx> :)
<Daviey> RoAkSoAx, bzr diff -c-1 > ../patch ; bzr branch lp:~ubuntu-virt/ubuntu/natty/eucalyptus/natty ; cd natty ; patch -p0 < ../patch
<Daviey> flat patches ++ :)
<RoAkSoAx> k give me a sec then
<Daviey> hmm.... you might need to bzr diff -c-1 debian/ ; actually.... the .pc has made it a pain in the bum
<Daviey> it's just debian/ changes, right?
<RoAkSoAx> Daviey: yah you can just download the diff and the bzr patch ../xyz.diff
<RoAkSoAx> gotta run for a bit
<RoAkSoAx> brbr
<Daviey> RoAkSoAx, Okay, i'll probably attack this my tomorrow now
<Daviey> RoAkSoAx, nice one.
#ubuntu-server 2011-03-10
<rnigam> Hello Everyone please look at this thread and help me out: http://ubuntuforums.org/showthread.php?p=10542465#post10542465
<hallyn> kim0: packages built in ppa
 * hallyn out
<thesheff17_> rnigam: I just ran your vmbuilder command on my machine...it worked with no problems....it looks like it is isolated to maverick.
<thesheff17_> I would suggest putting the debug level really high for libvirt or using lucid.
<thesheff17_> I can't find anything on the web that has that same error.
<rnigam> tthanks thesheff17
<rnigam> thesheff17: could you do a virsh --version on your machine and tell me which version of virsh and libvirtd is running
<thesheff17_> rnigam: I built maverick w/ lucid as the underlying os....so strange that doesn't work for you on 10.10  my version is: 0.7.5
<rnigam> thsheff17: I see. how can i change the debug level? and how will that help?
<thesheff17_> rnigam: first check out /var/log/libvirt/qemu/vmName.log and see if there is anything else in there that will give you more info about virsh start not working
<thesheff17_> rnigam: /etc/libvirt/libvirtd.conf contains the log level stuff.
<thesheff17_> rnigam: I'm just shocked that no one else has that error...usually google gives me the answer pretty quickly...maybe the debug level will give you/us more insight into what is wrong.
<rnigam> thesheff17: qemu: could not open disk image /root/vmimages/mav-vm2/ubuntu-kvm/tmpBYvUD4.qcow2: Permission denied
<rnigam> this is from the logs
<thesheff17_> rnigam: can you paste your xml
<thesheff17_> pastebin the xml from /etc/libvirt/qemu/vmName.xml
<thesheff17_> rnigam: are you using an SELinux kernel?...just looking on google for some fixes.. what does ls -la   /root/vmimages/mav-vm2/ubuntu-kvm/tmpBYvUD4.qcow2 say...is that file even there?
<rnigam> thesheff17: heres the xml :  http://paste.ubuntu.com/578124/
<thesheff17_> rnigam: looks good.... you are using virsh start as root correct?
<rnigam> yup
<rnigam> and yes thatmfile is present there.
<rnigam> actually that file gets created when i run the vmbuilder command
<rnigam> the qcow2 disk file
<thesheff17_> rnigam: right I just wanted to make sure it is getting created correctly...my permissions on my files is -rw-r--r-- 1 root root 1238958080 2011-03-05 13:30 /mnt/vm/vm021/ubuntu-kvm/tmpqyXQXh.qcow2
<thesheff17_> does yours match that?
<rnigam> -rw-r--r-- 1 root root 627376128 2011-03-09 14:20 tmpBYvUD4.qcow2
<thesheff17_> /etc/libvirt/qemu.conf contains username to run the service as...can you check that this is root.
<rnigam> you mean the userid variable?
<thesheff17_> I have user = "root" and group = "root"
<rnigam> everything in that file is commented out and hence default values are being used. I am not sure what defaults are. LEt me make those changes in mine and try again ! it might take some time to get back.
<rnigam> are there any other flags in that file turned on for you?
<thesheff17_> rnigam: yea yours might be a little...since mine in lucid.
<thesheff17_> different
<rnigam> other than user and group?
<thesheff17_> rnigam: that is the only thing that isn't commented out in that file...you aren't running SELinux kernel are you?
<rnigam> nope
<rnigam> no se linux
<thesheff17_> rnigam: ok...not sure what it could be...permission denied should not happen if you running it as root.
<thesheff17_> rnigam: to just test try just doing chown 777 filename and see if it will start.
<rnigam> ya i am recreating a vm again to check if anything changes after changing those options !
<rnigam> thesheff17: In case i forget, thanks so much for all the help.
<thesheff17_> rnigam: np....I know how hard it is to find help for virsh/kvm sometimes.
<thesheff17_> rnigam: not that I have helped much :)
<rnigam> thesheff17- Great news.. you helped me enough
<rnigam> it works
<rnigam> turns out those two variables needed to be set in /etc/libvirt/qemu.conf
<thesheff17_> rnigam: excellent
<thesheff17_> rnigam: I'm on vacation next week but if that is the default problem you/I should file a bug for it.
<rnigam> man... I thought this was the easiest part. Yes we must file a bug
<rnigam> theres another bug that we need to file... or rather a request for a patch
<rnigam> when we undefine an image... it doesnt remove the qcow2 files and doesnt free other resources.
<rnigam> it would be great if we can achieve that with undefine rather than doing manually !
<rnigam> thesheff17: what do you think about the request? please comment !
<thesheff17_> rnigam: I would love that as well
<thesheff17_> rnigam: my python script does it for me...basically just have a huge wrapper around vmbuilder & virsh.
<rnigam> ya
<zul> smoser hallyn: the lxcguest scripts work perfectly on the uec images
<tc2k11> could anybody help me a with postfix issue?
<tc2k11> i'm having issues send email to a particular domain where it always times outs when there is an attachment
<Roxyhart0> somebody know how to upgrade samba in ubuntu? i tried with apt-get upgrade samba but is doesn work
<EvilPhoenix> Roxyhart0:  define "upgrade" because the repositories are not always cutting-edge up to date
<Roxyhart0> i have samba 3.4.5 and I want to upgrade to 3.5.x
<Roxyhart0> as I am having problems with windows 7 clients and aparently samba 3.5.x solve it
<EvilPhoenix> which version of ubuntu server?
<EvilPhoenix> 10.04? 10.10?
<EvilPhoenix> OLDER?
<Roxyhart0> not 9.10
<EvilPhoenix> didnt say 9.10
<EvilPhoenix> i said 10.10
<Roxyhart0> but i read the version 10.04 still come with samba 3.4.5
<EvilPhoenix> 10.04 has samba 3.4.7 on it from what I can tell
<EvilPhoenix> lemme check my 10.10 system
<EvilPhoenix> 10.10 has samba 3.5.4 on it
<EvilPhoenix> is upgrading your distribution an option?
<Roxyhart0> maybe, but is could be risky as I am running file server here...
<Roxyhart0> also I am not sure if 10.10 has so much bugs?
<EvilPhoenix> I cant vouch for it as i stick with LTS releases (and never use samba)
<EvilPhoenix> although FYI, you should always keep backups even when you arent upgrading your system
<patdk-lap> I guess samba isn't in backports?
<EvilPhoenix> patdk-lap:  didnt see it in there
<EvilPhoenix> and out of curiosity... patdk-lap, do you support the use of backports updates in a production system?
<EvilPhoenix> s/system/environment/
<patdk-lap> roxyart0, you do know you have like only a month left before 9.10 is dead?
<EvilPhoenix> oh that too
<patdk-lap> EvilPhoenix, depends
<patdk-lap> some things yes, most things no
<patdk-lap> but for something like that, I would just download samba from backports and install
<EvilPhoenix> Roxyhart0:  you should probably consider upgrading anyways, what're you using right now, 9.10?  you should definitely upgrade the distro (MAKE BACKUPS FIRST) because its going to die very soon (end of life)
<Roxyhart0> yes i need to do...but what is the version supported, is not 10.04?
<patdk-lap> 10.04 will be supported for 4more years
<EvilPhoenix> the version that has 3.5.x samba is 10.10
<patdk-lap> 10.10 will be for another year
<EvilPhoenix> its also supported (and recent, as well as stable from what I can tell)
<patdk-lap> most of my samba servers are 10.04
<Roxyhart0> well I will try to update at least to 10.04
<patdk-lap> one is still 8.04
<EvilPhoenix> Roxyhart0:  FYI, 3.4.7 is whats in the 10.04 repositories
<Roxyhart0> but i know there are someway to install samba 3.5.x in 10.04 ...but i dont know the procedure
<EvilPhoenix> Roxyhart0:  to get 3.5.x, you'll need 10.10, as I dont see 3.5.x in the repos (including backports)
<patdk-lap> what about 3.4 doesn't support win7?
<EvilPhoenix> Roxyhart0:  possibly compiling from SOURCE
<EvilPhoenix> which is a pita
<patdk-lap> I haven't had any issues with windows 7 and my samba's
<Roxyhart0> i didn time ago samba 3.4.5 for ubuntu 9.04
<EvilPhoenix> Roxyhart0:  but i'll betcha patdk-lap knows more about samba than i do, you should talk to him
<Roxyhart0> but i dont remeber how
<Roxyhart0> patdk, what version of samba and ubuntu do you have?
<patdk-lap> Roxyhart0, ask something I didn't just answer
<Roxyhart0> you said about your ubuntu verison, but what is the match with your samba versions and are all of them working with windows clients for printing? as my problems is sharing printers
<patdk-lap> my samba version is whatever is in ubuntu 10.04
<patdk-lap> and I haven't had an issue printing
<patdk-lap> the wife and me both used a printer via samba in win7
<patdk-lap> at work, I use a win2003 machine for a print server
<Roxyhart0> somebody know how to install a patch file?
<_Neytiri_> i am having a issue settign up a iscsi target on my ubuntu server, i dont know where i went wrong but i cant get my esx host to find the server
<_Neytiri_> http://www.howtoforge.com/using-iscsi-on-ubuntu-9.04-initiator-and-target i used that tutorial to setup the target
<uvirtbot> New bug: #732458 in squid (main) "package squid 2.7.STABLE9-2.1ubuntu4 failed to install/upgrade: subprocess installed post-installation script returned error exit status 100 (dup-of: 732314)" [Undecided,New] https://launchpad.net/bugs/732458
<jibel> jamespage, hi
<jamespage> jibel: good morning
<jibel> jamespage, i'll push an update of usit for desktop testing. I set the version number to ppa15 in the changelog ?
<jibel> actually, 1.0-1~ppa15
<jamespage> jibel: thats good
<jibel> I'm asking this because last time you updated it but I don't know why
<jamespage> I updated because for some reason that I can't remember your merge proposal version conflicted with the latest release in the PPA
<jamespage> ~ppa15 is OK
<jamespage> (~ppa14 is currently published)
<lnx-usr> Any kvm virtualisation guru's in here?
<Jeeves_> Guru is a big word :)
<lnx-usr> only 4 letters.....
<lnx-usr> Anyway, I've been wanting to give spice a try
<lnx-usr> Is there an easy way of doing this on ubuntu
<twb> I'm not sure simulation of electrical circuitry is what people normally mean by "virtualization"
<lnx-usr> @twb SPICE is a "new" high end remote protocol designed to work with kvm virtual geust systems
<lnx-usr> 2d acceleration and stuff like that
<lnx-usr> It's really good, i've tested it about 2 years ago and it was working great then.
<lnx-usr> so I'm not talking about spice-ng
<lnx-usr> ;-)
<twb> "2d acceleration"?  As in, a GUI?
<lnx-usr> http://spice-space.org/
<lnx-usr> Hardware assisted 2d playback
<twb> Lame
<twb> VMs shouldn't have a GUI any more than the dom0 should
<lnx-usr> twb are you really going to asume you know every use case?
<twb> Only the important ones
<lnx-usr> SPICE is mostly designed to host virtual desktops
<twb> desktops are lame, too
<lnx-usr> High performance 2d graphics using a remote protocol
<soren> *chuckle*
<twb> Dunno what's wrong with NX-compressed X11
<lnx-usr> A lot
<lnx-usr> It's an "in guest" protocol
<lnx-usr> that means it's a service running inside the guest
<twb> So what you're saying is that your VMs are not only GUIs, but they're not unix GUIs
<pnunn> lnx-usr: sounds intersting.. we use KVM here for servers, but are looking at pushing into desktops..
<lnx-usr> No thats not what I'm saying, allthough it's true... ;-)
<twb> Is bind9 still best practice for hosting ones domains?
<twb> I'm going through the debtags list and stuff like maradns sounds interesting
<lnx-usr> Anyway, I'm implementing Desktop virtualisation systems based on vmware view a lot
<lnx-usr> I'd like to be able to give my customers the choice of using ubuntu, kvm with spice
<twb> vmware can FOAD.  I wasted the best part of a week trying to make SCO4 work with it.
<lnx-usr> I can't right now
<lnx-usr> What vmware system?
<pnunn> lnx-usr: be interested to hear how you go with this. Doesn't seem to be much in the way of software on the link you gave.
<twb> Unforunately, it was vmware-server.  We weren't confindent esxi could be tricked into working with our existing backup infrastructure.
<twb> s/backup/DR/
<lnx-usr> Why would you use SCO  anyway
<twb> lnx-usr: because the shitty ERP system was written for it twenty years ago
<lnx-usr> VMware server is not the way to go
<twb> It's like saying "why are banks still using AIX"
<lnx-usr> Kind of like saying "why use desktops..."
<twb> Yeah
<lnx-usr> lol
<twb> Customers should FOAD, too
<lnx-usr> Anyway, what does your backup system look like
<lnx-usr> end users should FOAD.....
<twb> It's basically cron, ssh, lvcreate --snapshot and rsync
<lnx-usr> Ah
<lnx-usr> That wont work on vmware esxi
<twb> Not without buggerizing around with undocumented vmware calls
<lnx-usr> Where are the vmdk's stored?
<lnx-usr> iscsi?
<twb> in the dom0
<twb> esxi is just a broken linux dom0
<lnx-usr> Nope, esxi is not linux
<lnx-usr> esxi has it's own kernel
<twb> "Up through the current ESX version 4.1, a Linux kernel is started first,^[5] and is used to load a variety of specialized virtualization components, including VMware's 'vmkernel' component."
<joschi> twb: esx != esxi
<lnx-usr> Almost no linux userspace anymore
<lnx-usr> As I understand you are not using central storage
<twb> They only have ten users
<twb> The server is the centralized storage
<joschi> twb: esx is (was) a rhel based hypervisor. esxi doesn't run the linux kernel anymore
<lnx-usr> It's like saying Netware is DOS because dos is booted first
<twb> joschi: hum, I thought the only difference was esxi's dom0 didn't have a shitty GUI
<lnx-usr> Only the console system was based on Linux
<lnx-usr> This made it easier for vmware to implement userspace stuff
<joschi> twb: no, they actually strapped the linux parts away
<lnx-usr> Now most things moved to vmkernel space
<lnx-usr> My advice would be this: Use vmware esxi, use SAN storage (even if it is something like Nexenta, ubuntu with iscsi target or freenas), mount the vmware vmfs filesystem via iscsi on your backup server and backup from there
<twb> That sounds way too "enterprisey" to me
<lnx-usr> ok
<lnx-usr> then use esxi with the vma
<twb> Where "enterprisey" means "expensive and crap"
<lnx-usr> Or move to KVM, headless Virtualbox or Xen. But please don't use vmware server
<twb> vmware-server doesn't work on 10.04 anyway
<twb> I can't remember why, I think it was a problem with the NIC going spastic
<lnx-usr> VMware server is the crappiest product vmware ever made
<twb> I'd have used kvm but it makes sco koops
<lnx-usr> I use ESXi, vsphere and workstation on a daily basis. And I mostly like them.
<twb> Yeha but you also like GUIs
<lnx-usr> Yeah, I also use KVM quite  a bit, never liked xen tough
<twb> I like kvm and lxc best
<twb> By 12.04 LXC will be kickass
<lnx-usr> lol
<twb> Maybe LCR will even be ready
<lnx-usr> LCR?
<lnx-usr> new to me
<twb> Maybe it's CXR
<lnx-usr> sorry, they must not have a gui yet
<twb> Linux Checkpoint/Restart
<twb> Allows you to suspend and resume arbitrary processes/process groups, maybe move them between hosts
<lnx-usr> Must be a stupid project, I don't see screenshots..... ;-)
<lnx-usr> Kind of like "live migration for applications"
<twb> yeah
<lnx-usr> Sounds awesomely cloudy googly like
<twb> Wikipedia actually directed me to http://en.wikipedia.org/wiki/Application_checkpointing
<twb> But for LXC, it would mean the ability to migrate domUs between hosts (and suspend them prior to restarting the dom0) without needing to emulate a full computer (a la kvm)
<lnx-usr> less overhead is always better.
<twb> LXC is about as efficient as a chroot
<twb> But it's a lot leakier than kvm at the moment
<twb> Needs more work in the kernel
<lnx-usr> btw TWB, if I where you I'd look into using ESXi with the "Vmware vSphere 4.1 command line interface"
<lnx-usr> It's a commandline interface you can install on a linux system and use it to script esxi
<twb> Meh
<twb> I'm not really interested in vmware until they start using copyleft licenses
<lnx-usr> Ok
<lnx-usr> Well I guest I'm going to have to build SPICE myself
<twb> ckpt.wiki.kernel.org is what I was thinking of
<lnx-usr> Yeah I found that to
<lnx-usr> I'm going to eat now
<lnx-usr> Nice talking to you
<twb> LXC and Linux-CR are lightweight enough that I expect e.g. a smartphone to put each "app" in its own container, and to suspend/resume them individually.
<sabgenton> llutz: do you think I need an equivalent to wireless-mode    managed
<sabgenton> the guide doesn't mention it
<sabgenton> opps wrong channel
<kim0> hallyn: just tested the new ppa code. Here are the findings
<kim0> - win7 seems to work well with vnc
<kim0> - once installed qxl drivers, windows seemed to have become a bit unstable (crashed a couple of times)!
<kim0> - I cannot connect using spicec at all "Warning: Invalid mode"
<kim0> - I just found out about http://www.spice-space.org/download/gtk/ .. a gtk client, unsure how it compares to spicec!
<kim0> hallyn: that's all, if that client is the official or better one, perhaps if you can build it, I'll try connecting with it as well
<\sh> hmm...how do we attack the problem that authbind (which is used by tomcat6) still doesn't support ipv6? eventually this patch could help us here: http://toroid.org/ams/etc/authbind-ipv6-support
<kim0> hallyn: someone on #kvm mentioned to check this patch http://www.mail-archive.com/kvm@vger.kernel.org/msg50244.html
<hXm> hello
<zul> hallyn: new lxc uploaded
<hXm> isn't possible to execute files in a webdav server?
<hallyn> zul: cool, thx.  have you tested it?  (IIUC it will break current configs)
<zul> no i havent had a chance to
<hallyn> kim0: we already have that patch.  without that, kvm locks up when using qxl
<kim0> hallyn: ok good .. what about that new client thing
<hallyn> dunno
<hallyn> is that what people said to use?
<kim0> well people are not too responsive
<hallyn> ok.  i *was* going to build spice-qemu as a separate package today.  Do you think testing the new client is more urgent?
<kim0> hallyn: I think so yeah, since currently spicec is not connecting at all
<hallyn> ok
<kim0> at least in my case
<hallyn> got some unrelated testing to do, but I'll go retest my current packages right now, and then try out that new client.  bbl
<kim0> hallyn: spice people confirm spice-gtk is the thing to use, spicec is legacy they say
<eagles0513875> hey guys i wanna create a new user cuz the place that is hosting my vps seems to have enabled root :(
<eagles0513875> how exactly should i add the user too the sudoers
<eagles0513875> do i add it like roots setup User ALL=(ALL)  ALL ?
<RoAkSoAx> morning all
<zul> arrgh stop snowing
<soren> zul: I'm not.
<RoAkSoAx> Daviey: howdy! hey I resubmitted the eucalyptus-branch against the one in ubunut-virt
<zul> soren: yes you are
<eagles0513875> zinser: qhey guys question
<eagles0513875> whoops
<eagles0513875> guys how do i add a user to the sudoers file
<Daviey> RoAkSoAx, rockin'
<eagles0513875> do i add it like roots setup User ALL=(ALL)  ALL ?
<eagles0513875> or just add the user to the admin group
<Daviey> RoAkSoAx, We'll get that uploaded today.
<RoAkSoAx> Daviey: awesome. thanks
<smoser> RoAkSoAx, thank you for fixing that.
<RoAkSoAx> smoser: glad to help ;)
<hallyn> kim0: ok.  sorry, i got a bit side-tracked by email backlog.  off to create teh package soon.  (hopefully before i'm pulled away by calls)
<kim0> hallyn: I tried building it locally ( but gave up) I just had to sed 's/celt051/celt/' in the configure script, if that's helpful to you
<hallyn> kim0: that's actually troublesome.
<hallyn> probably means there will be more changes to do, mirroring the ones made in spicec to handle higher version of celt
<progre55> hi guys. is it possible to specify a system-wide alias for a hostname? just like you'd map an IP address in /etc/hosts, but I need to map a long domain name to a shorter alias, and afaik, I cannot do that in /etc/hosts
<jkg> you probably want a 'search' line in /etc/resolv.conf
<progre55> jkg: oh, let me try that, thanks
<RoAkSoAx> zul: howdy!! when you have the time, tell me what you think about bug #731616
<uvirtbot> Launchpad bug 731616 in cobbler "koan crashed with ImportError in __main__: No module named koan.app" [Low,Fix committed] https://launchpad.net/bugs/731616
<zul> RoAkSoAx: yeah i saw that last night ill merge it
<RoAkSoAx> zul: ok awesome. I'm also looking at the yum thingy and we also need python-ethtool (though apparently someone's already working to get it in debian: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=549323)
<uvirtbot> Debian bug 549323 in wnpp "RFP: python-ethtool -- Python bindings for the ethtool kernel interface" [Wishlist,Open]
<evilsushi> anyone seen this error before ? http://pastie.org/private/igmpcadl4txerf2kpequa
<RoAkSoAx> evilsushi: try sudo service apache2 restart
<zul> RoAkSoAx: if you want to take care of it ill upload it for you
<evilsushi> err i was in a deleted directory from a cron job
<RoAkSoAx> zul: yeah I'm gonna look at it today
<zul> RoAkSoAx: k thanks
<smoser> hallyn, ping
<smoser> your comment in bug 723361 doesn't make sense
<uvirtbot> Launchpad bug 723361 in libvirt "Apparmor security unavailable" [Undecided,New] https://launchpad.net/bugs/723361
<smoser> you said "Information was provided as new bug 723361 (which I've marked as a dup of this)."
<smoser> ah. never mind. the duplicate info is correct though. the comment is just wrong
<uvirtbot> New bug: #732645 in clamav (main) "package clamav-freshclam 0.96.5 dfsg-1ubuntu1.10.04.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/732645
<jibel> SpamapS, good morning, is bug 732314 on your radar  ?
<uvirtbot> Launchpad bug 732314 in squid "package squid 2.7.STABLE9-2.1ubuntu4 failed to install/upgrade: subprocess installed post-installation script returned error exit status 100" [High,Triaged] https://launchpad.net/bugs/732314
<SpamapS> jibel: I saw it last night before passing out.. reading now
<SpamapS> oh darn it
<SpamapS> thats because squid doesn't use dh_installinit
<SpamapS> jibel: fix forthcoming.. thanks for pointing it out
<zul> squid is evil
<SpamapS> lifeless: cover your ears! ;)
<zul> well that packaging is evil
<zul> kees: ping who do i nag about the lxc MIR?
<uvirtbot> New bug: #732665 in samba (main) "[FFE] Update Samba to 3.5.8." [Undecided,New] https://launchpad.net/bugs/732665
<jibel> SpamapS, thanks for fixing it
<SpamapS> zul: yeah, it seems to try to maintain compatibility a little too hard.
<jdstrand> hallyn: fyi, I marked 723361 as a dupe of 545795. It seems that the reporter doesn't understand how the driver works, but that the main problem is that the USB device doesn't work. 545795 is fixed in maverick but the reporter is using lucid. 545795 has a workaround for the usb issue
<hallyn> jdstrand: cool, thanks for the info
<hallyn> jdstrand: smoser: honestly I don't know what happened with that bug, or why I ended up marking it a dup of itself.  I swear there was nother bug# involved where the info actually sat :)
<smoser> hallyn, there is.
<smoser> and it is marked as a duplicate
<smoser> (look at the duplicates)
<hallyn> smoser: waht i mean is i don't know why i did that wrong the first time
<smoser> ah
<smoser> k
<kees> zul: what's the bug # for the lxc MIR?
<zul> kees: one sec
<zul> kees: 727200
 * kees checks
<kees> zul: can you target it to natty? then it should show up in the MIR queue for mterry to assign.
<zul> kees: sure
<RFleming> Greetings and salutations.
<RFleming> With processes (in ps auwx) showing as (SERVER), is there any way to find out what the command-line switches were?
<RoAkSoAx> ScottK: howdy!! I have a python packaging question. I'm packaging a python-ethtool. During the build it shows that it is creating <BUILDROOT>/python-ethtool/usr/local/lib and during install W: dh_python2:95: Python 2.7 should install files in /usr/lib/python2.7/dist-packages/. Did you forget "--install-layout=deb"? http://pastebin.ubuntu.com/578435/ . Howver, the resulting binary obviosly has the correct paths. http://pastebin.ubuntu.com/578436/
<Slyboots> Right..
<Slyboots> Is there a easy way to see what services my server is actually running
<Dans326> can anyone here tell me how to switch php from an apache module to cgi mode
<patdk-wk> Dans326, you do know cgi will be dog slow?
<patdk-wk> better go with fastcgi
<smoser> jamespage, do you know how i can see the java console in firefox ?
<smoser> or anyone else
<Dans326> yea I know its slow but trying to make a dev server match a live server I have no control over
<patdk-wk> apt-get install php5-cgi
<patdk-wk> a2dismod php5
<Ryan_Lane> I'm trying to make an apparmor policy for memcached, and memcached fails to start because setrlimit is restricted. I can't seem to find a way to allow the process to use setrlimit unrestricted. is this possible?
<Ryan_Lane> it looks like I can enforce a stricter rlimit only
<Ryan_Lane> specifically, apparmor is denying setrlimit(RLIMIT_NOFILE, {rlim_cur=20000, rlim_max=20000})
<jdstrand> jjohansen: ^
<jjohansen> Ryan_Lane: if the profile has a rule setting the rlimit, then it becomes controlled, and the task can only change the rlimit to a value <= what is specified in the profile
<zul> SpamapS: need a little help?
<jjohansen> Ryan_Lane: if you want to allow the task to change its rlimit, you can raise the value in the profile, and or remove the "set rlimit" rule, and reload the profile
<Ryan_Lane> the profile doesn't have it set
<Ryan_Lane> maybe base or nameservice does...
<SpamapS> zul: w/ what?
<SpamapS> https://code.launchpad.net/~clint-fewbar/ubuntu/natty/squid/fix-init.d-symlink/+merge/52898
<SpamapS> needs some testing and an upload
<zul> SpamapS: yep
 * SpamapS is headed to the dentist.. bbiab
<RoAkSoAx> SpamapS: good louck
<RoAkSoAx> luck*
<jjohansen> Ryan_Lane: hrmm, you shouldn't be getting a reject message from apparmor unless the profile has it set some where.  It doesn't mediate rlimits unless they are specifically set (or there is a bug)
<Ryan_Lane> memcached fails to set the ulimit when its profile is enabled, and doesn't fail when it is disabled
<jjohansen> Ryan_Lane: can you see if apparmor_parser -p </path/to/profile> dumps output?
<jjohansen> Ryan_Lane: -p is used to dump the profile after include processing etc, so you get a flattened profile
<Ryan_Lane> jjohansen: apparmor_parser: invalid option -- 'p'
<jjohansen> :(
<jjohansen> Ryan_Lane: well I can give you an older or newer parser with it enabled, unfortunately it got disabled for a release or two
<RoAkSoAx> zul: ok so I just package python-ethtool bug I don't yet know the status of debian bug #549323
<uvirtbot> Debian bug 549323 in wnpp "RFP: python-ethtool -- Python bindings for the ethtool kernel interface" [Wishlist,Open] http://bugs.debian.org/549323
<RoAkSoAx> zul: what do you think we should do?
<zul> RoAkSoAx: upload it and then we can sync it from debian if it gets done
<Ryan_Lane> I'm just going to ignore apparmor for memcached right now
<RoAkSoAx> zul: alrgiht. gonna ask FFe then first
<jjohansen> Ryan_Lane: which OS release?
<Ryan_Lane> lucid
<Ryan_Lane> it was working properly in hardy
<zul> RoAkSoAx: k
<jjohansen> Ryan_Lane: okay, if you want you can send me the profile and I'll see if I can replicate
<Ryan_Lane> jjohansen: ok. sec
<Ryan_Lane> jjohansen: http://pastebin.com/2c3YH2L5
<jjohansen> okay thanks
<RoAkSoAx> zul: could you review it first though?
<zul> RoAkSoAx: sure
<RoAkSoAx> zul: do you want me to upload it to chinstrap or revu?
<zul> chinstrap please
<_Neytiri_> is anyone here familiar with using Ubuntu as a iSCSI target. i cant seem to get my initiators to connect
<patdk-wk> sure
<_Neytiri_> http://www.howtoforge.com/using-iscsi-on-ubuntu-10.04-initiator-and-target i used that tutorial to set up my target and iam useign vmware esxi as my initatior
<_Neytiri_> i have 2 2tb drives /dev/dsb and /dev/sdd
<RoAkSoAx> zul: done! Please, also note this warning "W: dh_python2:95: Python 2.7 should install files in /usr/lib/python2.7/dist-packages/. Did you forget "--install-layout=deb"?", which I can't figure out why, but if you do let me know. More info here:http://pastebin.ubuntu.com/578435/
<zul> SpamapS: done
<_Neytiri_> Target iqn.2011-03.net..pandpra.eywa:iscsi.1 OutgoingUser       Lun 0 Path=/dev/sdb,Type=fileio       Lun 1 Path=/dev/sdd,Type=fileio
<_Neytiri_> that is my ietd.conf file
<patdk-wk> comment out outgoing user
<patdk-wk> and you shouldn't use fileio for a block device
<_Neytiri_> ok so it should be a blockio ?
<patdk-wk> if using a block device yep, should perform better, but doubt it's the cause of any *issues*
<_Neytiri_> ok thats done
<_Neytiri_> ok
<_Neytiri_> i am still got getting the drives to show up on my initiator
<_Neytiri_> patdk-wk, any idea what could be causin git?
<patdk-wk> causing what?
<patdk-wk> you never even said you had a problem
<_Neytiri_> my initiators to not be able to connect
<patdk-wk> let along what the problem is
<patdk-wk> error message?
<_Neytiri_> no messages what so ever
<patdk-wk> I distinctly remember vmware throwing up messages if it can't connect
<_Neytiri_> it might be connecting but the drives are not showing up
<patdk-wk> did you format them?
<_Neytiri_> no
<patdk-wk> maybe you need to go back and read the esx manual
<patdk-wk> it won't *auto* showup
<patdk-wk> not in esx
<hggdh> smoser, do we have an EC2 image for the karmic proposed?
<smoser> yes
<_Neytiri_> it doesent even show up under he storage adaptar
<patdk-wk> under storage adaptors, select the iscsi adaptor you configured
<patdk-wk> it should show each iscsi target
<_Neytiri_> there not showing up there
<_Neytiri_> targets 0
<patdk-wk> click properties
<patdk-wk> configure, enable
<patdk-wk> then on the dynamic discovery page type in the ip of your iscsi device (or dns name)
<smoser> hggdh, use http://uec-images.ubuntu.com/server/karmic/20110308/
<patdk-wk> it's all in the esx manual, really simple
<smoser> the 20110310 has the non-proposed
<_Neytiri_> i did
<smoser> you can ssee such things by looking at the 'kernel-info' files there
<patdk-wk> if it can't find anything, then iscsi isn't runnin on your host
<_Neytiri_> rescan shows nothing
<patdk-wk> did you restart the iscsi daemon after you edited that config file?
<_Neytiri_> yes
<patdk-wk> mine is very simple config
<_Neytiri_> it seemed simple whats why i dont know what i did wrong
<patdk-wk> Target ign:1998-02.com.example:esx
<patdk-wk>   Lun 0 Path=/dev/vg/iscsi,type=blockio
<patdk-wk> and is all
<patdk-wk> and yes, I just added a new target to my esx install to test it
<_Neytiri_> well tiem for lunck this has to weait
<hggdh> smoser, thank you
<RoAkSoAx> zul: is kickstarting working in cobbler? http://me.roaksoax.com/Screenshot.png
<RoAkSoAx> i get that error
<cavefish> hey
<cavefish> i've got a question: I want to virtualize an Windows XP client on a Ubuntu Server 10.10 ... is there a way to do this without installing the X environment.
<cavefish> ?
<elb0w`> So funny thing, apt-get install vsftpd. Then a /etc/init.d/vsftp start yields  * MySQL is not running
<ivoks> hm
<ivoks> cavefish: yes
<ivoks> cavefish: kvm and libvirt are your friends
<cavefish> Oke thank you mate!
<ScottK> RoAkSoAx: There is (IIRC) a fixup that moves it out of /usr/local, but it's better you add install-layout=deb so it doesn't have to save you.
<RoAkSoAx> ScottK: I have --install-layout=deb and it still shows the warning
<ScottK> RoAkSoAx: Can you pastebin your debian/rules?
<RoAkSoAx> ScottK: http://paste.ubuntu.com/578505/
<ScottK> RoAkSoAx: What happens if you make line 14 dh_install?
 * RoAkSoAx checking
<RoAkSoAx> ScottK: ah!! now there's no warning. Thanks for that...w ouldn't have guessed it xD
 * RoAkSoAx wonders why he didn't think about that
<ScottK> RoAkSoAx: dh_auto_install was trying to build that package again.
<RoAkSoAx> ScottK: I see. So, when overriding dh_auto_install should we always use dh_install rather than dh_auto_install againa, or this is just a particular case?
<ScottK> RoAkSoAx: Dunno about always, but usually.
<ScottK> I can't think of a case you wouldn't though.
<RoAkSoAx> Alright. I'll keep that in mind for the future. Thanks :)
<RoAkSoAx> hallyn: howdy! Do you know by any change if there's any reason whye PXE Booting a KVM/virt-manager instance would result in not being able to find a root filesystem if the disk is using virtIO instead of IDE?
<hallyn> RoAkSoAx: that sounds familiar.  It might be a known bug
<hallyn> which i think soren filed
 * RoAkSoAx looks
<hallyn> for some reason it's not in my bugs.otl file
<RoAkSoAx> yeha can't find any
<RoAkSoAx> either
<hallyn> RoAkSoAx: oh, pxe.  His was different I think.  you say it works when you use ide?
<hallyn> RoAkSoAx: what is your full cmdline?
<RoAkSoAx> hallyn: /usr/bin/kvm -S -M pc-0.14 -enable-kvm -m 512 -smp 2,sockets=2,cores=1,threads=1 -name natty-pxe -uuid 0e9133db-924d-4b6c-efda-e07910ea2369 -nodefconfig -nodefaults -chardev socket,id=charmonitor,path=/var/lib/libvirt/qemu/natty-pxe.monitor,server,nowait -mon chardev=charmonitor,id=monitor,mode=readline -rtc base=utc -no-reboot -boot nc -drive file=/media/vm1/natty5.img,if=none,id=drive-ide0-0-0,format=raw -device ide-drive,bus=ide.0,uni
<hallyn> RoAkSoAx: what if you add 'boot=on' (and maybe 'index=0') to the file=/media/vm1/natty5.img spec?
<RoAkSoAx> hallyn: with the command above it's installing normally. let me get you the command with virtIO
<RoAkSoAx> hallyn: ok, this this it fails: /usr/bin/kvm -S -M pc-0.14 -enable-kvm -m 512 -smp 2,sockets=2,cores=1,threads=1 -name natty-pxe2 -uuid 36bc2185-3dad-246c-2506-7ab226bdab47 -nodefconfig -nodefaults -chardev socket,id=charmonitor,path=/var/lib/libvirt/qemu/natty-pxe2.monitor,server,nowait -mon chardev=charmonitor,id=monitor,mode=readline -rtc base=utc -no-reboot -boot nc -drive file=/media/vm1/natty6.img,if=none,id=drive-virtio-disk0,boot=on,form
<oneseventeen> I'm trying to set up a MySQL server to be connected to remotely, I've set it to bind-to the correct IP but still am not allowed to connect remotely.
<oneseventeen> I'm assuming this is a user permissions thing, but wanted to double check if there was something else that was common
<thesheff17_> oneseventeen: you want to make sure your comment out #bind-address           = 127.0.0.1
<thesheff17_> oneseventeen: then you have to create a remote user GRANT ALL PRIVILEGES ON *.* TO 'monty'@'%' IDENTIFIED BY 'some_pass' WITH GRANT OPTION; % means the user can connect from anywhere.
<hallyn> RoAkSoAx: mind you it is possible that the bios simply works with ide as backup and not with virtio.  But your cmdline still seems weird - can you try with if=virtio,index=0 in the last bit?
<oneseventeen> thesheff17_: thanks!
<oneseventeen> that worked perfectly, I can now connect remotely.
<Guest98139> good evening
<GeekyAdam> hi all. getting a padlock_sha error on boot of my server and it halts. gonna paste to pastebin.
<GeekyAdam> http://paste.ubuntu.com/578523
<Guest98139> i have a question about x-forwarding via ssh and using screen the same time
<Guest98139> is it possible to x-forward a program which is running on a server and detach an later reattach it?
<GeekyAdam> Guest98139: this might help: http://www.vanemery.com/Linux/XoverSSH/X-over-SSH2.html
<Guest98139> thanks geekyadam, i will try i right away
<guntbert> Guest98139: and you want to look into gnome screen  (for detaching,...)
<Guest98139> gnome screen? i do not have a windowmanager on my server
<guntbert> Guest98139: its text only :-), and it GNU screen (silly me)
<Guest98139> isn't it possible to run the application without that bloat?
<Guest98139> i mean, of course i can run the application with ssh user@server -X
<Guest98139> but i would like to de- an reattach later
<Guest98139> and this does not work with plain screen and ssh -X
<Patrickdk> if you want that, you will need like xvnc
<guntbert> Guest98139: I was really talking about a text only solution for detaching/reattaching
<Guest98139> thanks guntbert, i know that a lot of people use irsi like that
<guntbert> Guest98139: :)
<dravekx> i have a phpbb forum. When an admin adds a module from inside phpbb, the ownership is set to user:user instead of user:www-data. how do i fix that?
<ivoks> that sounds like a correct behavior
<ivoks> and you can't make user to change permissions to a group he's not part of
<Guest98139> or is there a command line client for 'direct connect' aka dc++?
<ivoks> and you really don't want www-data to own any .php file on your server
<dravekx> ivoks, /var/www is user:www-data. When I copy files and folders via SFTP it also defaults them to user:user. Is that normal?
<ivoks> dravekx: of course
<ivoks> www-data shouldn't be owner of any page
<ivoks> if you give rw permissions to www-data user on, let's say, joomla, you can be sure that your page will get defaced
<ivoks> www-data runs apache service
<ivoks> that user should only have read permissions on files in your web page
<ivoks> except for the files that people upload
<ivoks> smart CMS systems don't upload files over HTTP; they usually provide FTP/SFTP option for uploading
<ivoks> great example is wordpress or joomla
<ivoks> even drupal supports upload over FTP
<dravekx> ivoks, ahhh. :) thx.
<ivoks> directorires that www-data usually has rw permissions are something like cache and temporary
<ivoks> don't ever give www-data rw permissions on your page
<ivoks> i can't stress that enough :)
<ivoks> and if you have multiple clients on your server, always chroot them
<dravekx> ivoks, so secure-wise, it should be root:root or user:user almost always.
<ivoks> yes
<ivoks> with read permission for other users
<ivoks> that way a security hole in your web application won't allow attacker to overwrite php files
<ivoks> downside is that your configuration file, that containes database connection configuration, will be readable by anyone
<ivoks> that's why you should chroot your users :)
<ivoks> no, making that file owned by www-data is not good idea; i've seen joomla websites defaced cause the attacker was able to write into that file :)
<ivoks> best approach would be fcgid
<ivoks> ok, that's it... good night ;)
<GeekyAdam> hi all. getting a padlock_sha error on boot of my server and it halts. http://paste.ubuntu.com/578523
<Jinxed-> Has anyone found advantages of using Net-SNMP vs OpenNMS ?
<jmedina> I never used opennms, what is for?
<Jinxed-> SNMP
<Jinxed-> Monitoring
<Jinxed-> it is supose to be "enterprise grade network management"
<Jinxed-> 100% open source
<jmedina> ohhh, well I know nagios for that which supports snmp
<jmedina> zennos,
<RoAkSoAx> zul: is cobbler-web disabled but default or something?
<RoAkSoAx> i mean, not working out-of-the box
<hallyn> kim0: will that was more painfal than it should have been, but spice-gtk finally compiled locally, now I'm pushing it to ppa.  (it'll likely be awhile before it gets built there)
 * kim0 feels guilty :)
<kim0> why does it have to be that hard
 * kim0 hugs hallyn 
<kim0> hallyn: can u throw the deb somewhere I can easily grab
<hallyn> yeah i'll put it on people.canonical, one sec
<hallyn> kim0: http://people.canonical.com/~serge/spice-gtk-debs.tgz
<kim0> thnx grabbing
<hallyn> note i said it compiled.  i didn't run it :)
<hallyn> i based on devzero's pkg so will send the debdiff to him
<hallyn> it's be nice if we can sync all with him
<hallyn> but i he was happy to apckage a separate older celt-0.5.1, i wasn't, which is why my pkgs diverge
<hallyn> anyway, off to clear my head and think about how to package spice-qemu
<kim0> hallyn: I can't spot any binary in there
<hallyn> zul: lxc update seems to be working for me.  old containers don't work, as expected.  i should probably see if i can come up with a fix for that
<kim0> only /usr/lib/stuff
<hallyn> kim0: yeah, hm
<hallyn> oh.  haha
<kim0> hallyn: docs mention "spicy"
<kim0> a cli tool
<hallyn> i had to rename the client package (bc it conflicts the one from spicec)
<hallyn> but i didn't rename the debian/spice-client.install
<hallyn> 'oops'
<hallyn> biab
<kim0> okie
<hallyn> kim0: gimme 5 more mins
<kim0> sure thingie
<hallyn> kim0: http://people.canonical.com/~serge/spice-gtk_0.5-1ubuntu2-debs.tgz
<hallyn> this time there are 'spicy' and 'snappy' binaries
<hallyn> whatever those are
<hallyn> ok, out for a walk, back in awhile
<oneseventeen> is there a best practice for setting up a website in Ubuntu-Server?
<oneseventeen> do I just put my default website at /var/www/ or should I create a new site and disable the default?
<kim0> hallyn: initial testing looks good :)
<_Neytiri_> patdk-wk,  you still here, i managed to get the drives to shw up now in vm-ware but i get the error: unable to read partition information from this disk
<nertil> anyone knows about mysql on ubuntu?
<air^> nertil: what about it?
<air^> https://help.ubuntu.com/10.10/serverguide/C/mysql.html
<nertil> i dont know my mysql username and password
<nertil> how can i reconfigure mysql ?
<oneseventeen> I'm setting up a webserver and can't remember how to set permissions so all members of a specific group have read/write access to certain folders.
<oneseventeen> I know it has to do with chmod, but there was a flag I remember seeing at one point to say "apply this to new folders as well"
<jmedina> man chmod
<sabgenton> Hi, how do I enable the power off button do do a shutdown
<air^> nertil: http://ubuntu.flowconsult.at/en/mysql-set-change-reset-root-password/
<air^> first hit at google.
<sabgenton> only use that method if you have nothing open to the public internet
<sabgenton> it opens your system for  a second
<sabgenton> well untill you flush privs
<Slyboots> How.. "safe" would it be to run some web-services behind Apache with Basic Digest auth over SSL
<guampa> is there a problem with seahorse not importing a ssh private key? it says "invalid file format". the key is a valid one though
<guampa> it only isn't named "Id_rsa", i use more than one key
<hallyn> kim0: excellent
<guampa> nm found it. had to install seahorse-plugins
<kim0> hallyn: yeah, it's working great so far :) with pv qxl drivers, all good. Still cant get sound out, but that's another story, I'll dig into it later. You're awesome ;)
 * hallyn dances a little jig
<hallyn> kim0: what's the sound issue again?  Is it windows + 64-bit qemu-compatible sound drivers?
<kim0> hallyn: I'm running 32bit win7, with ac97 card, windows update could find and install drivers for it
<kim0> but I'm just still not hearing anything
<hallyn> with libvirt?
<kim0> started via virt-manager yes
<hallyn> i don't even know how /dev/audio perms get handled nowadays
<kim0> hallyn: it's pulseaudio!
<kim0> hallyn: another annoying thing, while guest cpu is idle (0%), host has kvm process eating 25% with fans spinning
<kim0> I wonder if that's acpi/apic...etc related
<hallyn> (just to make sure) you don't get that without spice?
<kim0> hmm
<kim0> let me try
<kim0> hallyn: which vga should I test with ? cyrrus ?
#ubuntu-server 2011-03-11
<kim0> hallyn: used cirrus, and vnc, still getting host cpu 20~30% with guest being idle
<hallyn> kim0: for audio, you could try doing 'export QEMU_AUDIO_DRV=spice'
<uvirtbot> New bug: #732953 in facter (main) "can_connect function inside ec2.rb always return false" [Undecided,New] https://launchpad.net/bugs/732953
<kim0> hallyn: that's already being passed to the kvm process
<kim0> I can see it in the logs
<hallyn> (so, kim0 ok cool
<rnigam> People trying to install openmp on Maverick. Can't remember the package name. Any suggestions? Already tried 'apt-get install libgomp'
<rnigam> ok its libgomp1 now
<thesheff17_> rnigam: you can search the repo for stuff using apt-cache search packageName
<NicholasRoge> Excuse me, if I want to change the root directory a user first goes to when they log in, how do I do that?  (using vsftpd)
<twb> NicholasRoge: for normal accounts, the obvious way would be to change their home directory
<NicholasRoge> *facepalm*
<NicholasRoge> Ignore me.  I'm an idiot.
<twb> I guessed that because you're using FTP instead of SFTP
<NicholasRoge> Hey, it's me again.  Is there any other way other than changing the home directory to change the default ftp directory?
<twb> For anonymous FTP?
<twb> That would be in vsftpd's config file, or perhaps the vsftpd user's home
 * RoyK needs to sleep soon - a techie getting here at nine in the morning to setup this 25Mbps symmetric link
<hallyn> kirkland: is there any reason not to remove debian/qemu-kvm-static* from qemu-kvm package?
<twb> hallyn: it's already absent from the debian version, FWIW
<twb> There's definite use for qemu-user-static -- together with binfmt, it allows you to have cross-architecture chroots.
<zul> hallyn: cool!
<hallyn> twb: right, the package isn't going away, it's just being provided by qemu-linaro
<Dravekx|AWAY> hello
<twb> WTF is linaro
<dravekx> can someone tell me an easy way to automate this or type it easier? http://pastebin.com/zmwYFKgK
<twb> dravekx: that looks pretty automated already
<hallyn> twb: well it's the arm linux project.  Their tree is based on qemu.git, not qemu-kvm.git, which generally is better at emulating non-x86,
<dravekx> twb, yeah but I have to type them one by one for each user :(
<twb> dravekx: just put it in /usr/local/sbin/adduser-sftponly or something, changing username to "$1" (with the quotes)
<twb> Or even just a loop
<twb> http://paste.debian.net/110315/
<dravekx> twb, then what would I type to add a username? say.. joe?
<twb> adduser-sftponly joe
<dravekx> ahhh. nice! thanks
<twb> This is, you know, scripting 101
<twb> You should know this already if you're a sysadmin
<dravekx> hmm
<dravekx> twb, i put the file in /usr/local/sbin/ but it wont work ( I guess) unless I call it from that directory?
<twb> Did you make it executable?
<dravekx> ah no. forgot to chmod
<dravekx> twp, line 4: syntax error near unexpected token http://pastebin.com/VVW0YqyT
<dravekx> looks like I have some reading and learning to do lol
<twb> Oops, there should be a "do" line after the "for" line
<twb> THe loop is just there so you can e.g. say "adduser-sftponly alice bob claire" in one go
<dravekx> :)
<twb> I have some LXC containers that run "iptables-restore /etc/iptab" at boot, to load a (per-container) firewall.
<twb> I just found that, due to a cock-up on my part, the firewalls weren't loaded.  Nobody noticed because their services were working.
<twb> I would like the containers to panic if the iptables-restore upstart task fails... perhaps switching to single-user mode.  How can I do this?
<twb> Maybe I should ask #upstart instead...
<sabgenton> how do I make my powerbutton do a shutdown
<twb> install acpid
<sabgenton> server doesn't by default
<twb> It pisses me off NO END that this isn't installed by default
<twb> The excuse I was given here was that "well, you might bump the power button"
<sabgenton> that does a lot more than just the power button no?
<twb> Because yeah, I often bump into my rack, and none of the hosts have locked front panel faceplates \end{sarcasm}
<twb> sabgenton: no
<twb> sabgenton: only if you install acpi-support, which is a separate package
<sabgenton> ok
<sabgenton> I saw a config that had diable and enable someware
<twb> acpid itself is just the daemon and the event handler for PWRBTN or whatever it is
<sabgenton> but didn't exist
<sabgenton> mabey will exist when I install acpid
<twb> sabgenton: dunno what you mean by enable/disable config
<sabgenton> on google I found /etc/acpi/events/powerbtn
<sabgenton> but doesn't exist for me
<sabgenton> when acpi is installed mabye it will appear
<sabgenton> twb: I agree with your anoyance they should at lest promt you in the installer lazy bums
<twb> sabgenton: it's /etc/acpi/events/powerbtn-acpi-support on mine
<sabgenton> just installed acpi
<sabgenton>  /etc/acpi/events/powerbtn  exists now
<twb> Whatever
<twb> I've stopped caring about this conversation
<sabgenton> twb: what distro version are u?
<sabgenton> fair enough
<twb> lucid
<sabgenton> hm same
<sabgenton> strange
<sabgenton> meah
<sabgenton> cheers anyways
<airtonix> if my isp provides me with a static ip address on the WAN side of my internet connection, and also creats a subdomain under their TLD for me and mentions they created an MX record, does this mean that handling DNS queries is up to me via my own dns server if i can't resolve the provided subdomain name from other internet connections (university, netcafes, friends places, etc) ?
<nandemonai> No.
<airtonix> did they just stuff up?
<nandemonai> If they've made an mx to your IP it should resolve ;)
<nandemonai> Give em a call buddy. Assuming you're using their DNS it should work instantly, another DNS then maybe let it propagate.
<airtonix> yeah from uni this week, i've been trying to resolve it with dig but it fails
<nandemonai> Shouldn't take more than 48 hours to propagate across the root servers
<nandemonai> Since I know you're very close anyway it's probably a typo or something on their behalf.
<airtonix> do you think they would let me have a wildcard subdomain ? *.myassignedname.them.net ?
<twb> WTF is a DNS RP record?
<twb> Ah, the Responsible Person
<nandemonai> Yeah kinda new twb
<twb> nandemonai: RFC 1183 doesn't sound very new :P
<nandemonai> Let's you assign a email address to a host.
<nandemonai> lol
<nandemonai> New to me!
<nandemonai> :P
<nandemonai> Relatively.
<nandemonai> I don't think they're used much. *shrugs*
<twb> I'm setting up an nsd3 instance.  It's fun
<\sh> ttx: ping authbind...did you see the ipv6 patch for authbind?
<ttx> \sh: hm, no
<\sh> ttx: http://toroid.org/ams/etc/authbind-ipv6-support
<ttx> \sh: think we should include the fix before debian does ?
<\sh> ttx: regarding the ipv4/ipv6 situation we should come up with a solution, eventually before the o-release
<ttx> \sh: sure... but I'd like to get a chance for the patch to hit debian first
 * ttx looks up bug report
<alex88> hi guys.. someone has ever tried a distributed file system? i have to setup one...
<ttx> \sh: hm, it's been lingering for some time already
<soren> ScottK: Are you still the designated server person for the release team? (re: bug 732461)
<uvirtbot> Launchpad bug 732461 in ubuntu "[FFe] Please add python-novaclient to universe" [Wishlist,Confirmed] https://launchpad.net/bugs/732461
<\sh> ttx: right...and I wonder if debian has pressure to fix it asap ;)
<\sh> ttx: as we are preparing a ipv6 testlab with all our applications running on ipv6 only, this authbind problem is a serious one, for everyone running tomcat and ipv6 in enterprise envs
<ttx> \sh: you have my blessing if you want to seek FFe for that... though it's a bit of an untested patch, I fear.
<\sh> ttx: I'm thinking early adopting a patch which could help here is better then to let it rot..we can still remove it when it's really not working
<jamespage> Daviey: whats the current status of euca in natty? Need to test jenkins-ec2-plugin and though I might take it for a spin....
<SpamapS> alex88: re distributed FS's .. there are quite a few out there. Are you looking to experiment or for something that is ready today?
 * SpamapS should not be awake. :-P
<alex88> SpamapS: i've to process a file in parallel way, so i was thinking to place the file in the dfs and read from the multiple machines..
 * SpamapS sits and wonders how likely a tsunami is
 * alex88 never tried a tsunami
<jamespage> SpamapS: how close to the coast are you?
<SpamapS> jamespage: about 10 miles inland, 420 ft. elevation
<alex88> SpamapS: what was that re distributed fs?
<alex88> red hat gfs?
<SpamapS> alex88: GFS is a shared storage filesystem
<alex88> a distributed fs isn't it?
<SpamapS> alex88: you have to have a shared medium for it... so it *could* be distributed via iSCSI.
<SpamapS> alex88: I think AFS, gluster, or CEPH are more akin to distributed filesystems
<alex88> naa i'm thinking to have just multiple servers with a shared fs to access like a folder..
<SpamapS> 8.8 magnitude.. wow.. thats a big one. :-P
<SpamapS> alex88: gluster is probably simpler than GFS
<whalesalad> hey guys, i'm interested in getting one of the more recent versions of nginx running on my server because it has uwsgi support built in... any ideas on how to do this? what is the most recent package avail?
<alex88> SpamapS: ok i'll try that thank you :)
<whalesalad> I am running karmic, so it appears 7.62-4ubuntu is the most recent, I am looking to get nginx-0.8.40 running. is there a fairly straightforward way to do this?
<SpamapS> whalesalad: natty has 0.8.53 .. you might just try backporting it.
<whalesalad> SpamapS: how does one go about that?
<whalesalad> I ask because I've got a production server running that can't go down... so I need to basically be able to quickly install the latest nginx and see if it works, and then fall back to the old if something goes wrong
<whalesalad> I know that isn't the best way to go about things, but it is my only option unfortunately
<SpamapS> whalesalad: simplest way is to just install ubuntu-dev-tools and then run 'pull-debian-source nginx'
<whalesalad> holy mother of god haha thats a lot of packages that will be installed
<SpamapS> whalesalad: haha yeah
<SpamapS> whalesalad: you can just do devscripts .. then you'll need to go find the package and use 'dget'
<whalesalad> okay thanks a lot
<whalesalad> I will be doing that this weekend
<whalesalad> gotta run unfortunately, l8r
<SpamapS> jamespage: re bug #727091 .. if its ready for a developer to work on it, and has been forwarded properly upstream.. thats Triaged, not Confirmed
<uvirtbot> Launchpad bug 727091 in mysql-dfsg-5.1 "Select on table with two colums cause empty result." [Low,Triaged] https://launchpad.net/bugs/727091
<SpamapS> jamespage: ahh.. you marked it triaged, but said confirmed. Never mind.
<jamespage> SpamapS: well I did confirm it first; I then marked as triaged - does that make sense?
<jamespage> SpamapS: ah - see what you mean now - damn that copy-paste!
<SpamapS> jamespage: no worries. I'm glad you were able to reproduce.. I think I must have missed a step. :-P
<jamespage> np
<jamespage> I can copy and paste with the best of them :-)
<SpamapS> jamespage: once I can stop using this blasted touchpad and get back to my beloved mouse.. I too will have the gift of copy/paste
 * SpamapS will finally be rebuilding / setting up his desk today.. having been working from the couch the last week
<soren> ttx: pitti approved the novatools FFe.
<ttx> soren: saw that. Will push to NEW.
<soren> \o/
<jamespage> SpamapS: while you are up and about; have we seen many issues with the new version of squid (2.7.STABLE7-1ubuntu12.2) in Lucid
<jamespage> see bug 732028
<uvirtbot> Launchpad bug 732028 in squid "package squid 2.7.STABLE7-1ubuntu12.2 failed to install/upgrade: Ð¿Ð¾Ð´Ð¿ÑÐ¾ÑÐµÑÑ ÑÑÑÐ°Ð½Ð¾Ð²Ð»ÐµÐ½ ÑÑÐµÐ½Ð°ÑÐ¸Ð¹ post-installation Ð²Ð¾Ð·Ð²ÑÐ°ÑÐ¸Ð» ÐºÐ¾Ð´ Ð¾ÑÐ¸Ð±ÐºÐ¸ 1" [Undecided,New] https://launchpad.net/bugs/732028
<ScottK> soren: I don't think we've formally designated people this time around, but I figured I'd look in on that one.
<ScottK> Ah.  Nevermind.  pitti got to it first.
<soren> ScottK: Sorry, yes, forgot to mention.
<soren> ScottK: Thanks for looking, though.
<ScottK> No problem.
<tuxinator> can anybody tell me how the hell to enable network interface statistics monitoring in snmpd in ubuntu? could really not find any information on that
<zul> mornig
<zul> Daviey: yeah so poutine....ewww
<Daviey> heh
<RoAkSoAx> morning all
<zul> hallyn: linuxcon is in vancouver this year
<hallyn> zul: if it's expensive as dhaval says, I worry bc there are several lxc developers probably funding themselves
<zul> hallyn: i dunno maybe get canonical to sponsor them then
<Daviey> RoAkSoAx, Around?
<RoAkSoAx> Daviey: yes
<RoAkSoAx> Daviey: what's up
<mianosm> Something seems very wrong with upgrading from 8.04 to 10.04 in terms of mysql going to upstart.
<mianosm> I think I'm going to test it out some on a couple of VMs.
<Daviey> RoAkSoAx, sorry, unity mid way through crashing...
<RoAkSoAx> Daviey: hehe i've been there
<RoAkSoAx> Daviey: crashed again ?
<zul> RoAkSoAx: hey so python-ethtool is fixed?
<RoAkSoAx> zul: yeah already subscribed to ubuntu-release
<zul> RoAkSoAx: ok bug number?
<RoAkSoAx> zul: bug #732759
<uvirtbot> Launchpad bug 732759 in ubuntu "[FFe] [needs-packaging] python-ethtool" [Wishlist,New] https://launchpad.net/bugs/732759
<RoAkSoAx> zul: and for bug #731620 we would either have to separate the python modules into its own binary package for the "yum" source package, or not use it at all. That module seems to be only used when reinstalling a machine with koan, and pretty much just sets the repo for such purpose
<uvirtbot> Launchpad bug 731620 in cobbler "koan crashed with ImportError in /usr/lib/python2.7/dist-packages/koan/configurator.py: No module named yum" [Undecided,New] https://launchpad.net/bugs/731620
<RoAkSoAx> so we might not even need it
<zul> RoAkSoAx: cool ill have a closer look
<RoAkSoAx> zul: yeah I was just thinking that the best is to add the checks to see if it is redhat or debian based distro, if not, do not import that module nor do the "configuration" for the yum repos and that should be enouigh. Though we may need to add configuration for APT repo's
<zul> RoAkSoAx: yeah we havent really focused on koan to get it workin on ubuntu/debian so if you want go ahead :)
<RoAkSoAx> will do what I can :)
<RoAkSoAx> zul: btw.. the cobbler-web package is not leaving the web interface working out of the box right?
<zul> RoAkSoAx: right
<Daviey> "leaving the web interface" ?
<RoAkSoAx> bah
<Slyboots> Okay, So I have a multitude of web-services that I woudl like to be able to remote into, with a bit of jigerypokery I hvae them all mapped behind Apache using Reverse proxy and whatnot
<Slyboots> The question is, What would be the best.. as in "Safe" way to host Apache to the outside world in a way thats not going to get me uh.. raped
<hallyn> kim0: qemu-kvm-spice package just uploaded to my ppa.  It is a separate binary package which we should be able to put into universe to let people use 'kvm-spice' alongside the kvm in main
<hallyn> kim0: pls let me know if that works for you, if it does i'll remove the 'qemu' package from my ppa
<kim0> hallyn: okie, will there be a way to start the vm from virt-manager using "qemu-kvm-spice"
<hallyn> kim0: yes, you can specify the emulator to use in the .xml
<hallyn> kim0: '<emulator>/usr/bin/kvm-spice</emulator>' should work
<kim0> yeah
<philsf> hello, /j #ubuntu-one
<Umreen> philsf: no
<philsf> Umreen, it was a typo
<zul> Daviey: still around?
<zul> Daviey: whats the difference betwee server-nrs and server-nro?
<Daviey> zul,
<Daviey> zul, s = server, work we need to do / o is other, stuff we can't do.
<zul> Daviey: ok i missed that
<compdoc> Natty Release Server, Natty Release Other
<Daviey> zul, using it sparingly..
<RoAkSoAx> zul: by any chance do you know what is what's referred as install_tree in cobbler, and why Ubuntu images don't have it (redhat/fedora do) and what replaces that install_tree key: http://pastebin.ubuntu.com/578936/
<RoAkSoAx> zul: ok after further lookup the import yum error is used for configuration management feature in koan that updates the system configuration (as defined by cobbler). And since it's all yum based, we can obviate it for now to get rid of that error
<Daviey> RoAkSoAx, Is it too traumatic to if flavour xyz: it?
<RoAkSoAx> Daviey: can you reword your question :)?
<Daviey> RoAkSoAx, would be nice if it's something we can push upstream, rather than carry a hunk of just patching out code
<RoAkSoAx> Daviey: you mean (if it is ubuntu, do not import yum?)
<kim0> hallyn: it seems audio is not working for fedora to begin with http://fedoraproject.org/wiki/How_to_debug_Virtualization_problems#Audio_output (see the bugs)
<Daviey> RoAkSoAx, thassim!
<RoAkSoAx> Daviey: ah yeah! that;s what I was planning to do actually
<Daviey> RoAkSoAx, super!
<RoAkSoAx> Daviey: yeah :)! What I actually meant is that for now it sounds to just obviate that part of the code (or disable it) so we don't have  abroken koan until things get fixed
<RoAkSoAx> Daviey: right now, koan launches successfully a Fedora image in KVM (but I think during installation error occurs), and I'm trying to look into doing so with an Ubuntu image, but there's an error with that install_tree thing I was asking zul earlier
<RoAkSoAx> anyways, just mentioning that to get that out of the way for now
<RoAkSoAx> but yeah i';m gonna bve working on get that fixed
<Daviey> RoAkSoAx, That is good...
<SpamapS> jamespage: oh and I missed your question about squid. I haven't seen the same problems no. I think the real problem was the use of restart rather than stop/start.
<Cryp71c> Afternoon, everyone!
<Cryp71c> Does anyone have experience sending email from a Windows SQL Server instance using Courier IMAP server on a linux/Ubuntu box?
<patdk-wk> didn't know windows sql could send email, thought windows smtp did that
<patdk-wk> and imap doesn't send email or receive email
<RoyK> imap accesses a mailbox
<RoyK> so you can say it receives email
<RoyK> smtp is used for sending
<patdk-wk> heh, I would say, it allows the fetching of email
<Cryp71c> ah, ofc :P
<Cryp71c> patdk-lap, and yeah Windows SQL server can access SMTP servers to send.
<patdk-wk> so setup an smtp server :)
<patdk-wk> postfix, exim, sendmail, .........
<BCS-Satori> Hey all.  I created a mdadm raid 5 "/dev/md0" in my virtual machine that is 3.2TB in size.    Since the disk is larger then 2TB I need to use parted rather then fdisk, which I am not familiar with.    How do I make a partition that encompasses the entire disk?
<hallyn> kim0: those libvirt sound issues should not be involved here.  the spice client is running as you, and should be getting audio stream from qemu-kvm
<hallyn> kim0: i'm going to play with that on monday
<hallyn> pls let me know if/when kvm-spice works for you and i'll delete the qemu package
<hallyn> i also need to send some patches to the spice community...
<hallyn> (monday also - i'm technically out this afternoon)
<Cryp71c> patdk-lap, we do have an SMTP server, we are able to send email, but some mail providers (yahoo, comcast) the emails are marked as delivered successfully on our side, but don't even make it into the spam/inbox of targets. They're being dropped by the mail provider.
<SpamapS> http://www.hancockparkschool.com/site/
<SpamapS> Fail...
<SpamapS> X-Powered-By: PHP/5.2.16
<SpamapS> double fail
<ivoks> SpamapS: :)
<ivoks> BCS-Satori: parted /dev/md0
<ivoks> BCS-Satori: and then mkpart primary ext3 0 -1
<BCS-Satori> ivoks:  Thanks.  Would you know how to go about carving partitions inside extended part-types?
<ivoks> ha?
<BCS-Satori> ivoks: nm think I figured it out
 * RoyK wants native zfs on linux...
<tuxinator> can anybody tell me how the hell to enable network interface statistics monitoring in snmpd in ubuntu? could really not find any information on that
<RoyK> tuxinator: normally snmpd listens to localhost only - check /etc/default/snmpd
<tuxinator> i mean configuring snmpd so that i get interface statistic information using snmpwalk which i could then use in cacti for example
<RoyK> tuxinator: see the line above
<RoAkSoAx> zul: ping
<zul> RoAkSoAx: yep?
<tuxinator> RoyK: so it's the same setting? :D i knew it's something weird as i already had that working some years agoo
<tuxinator> :D
<uvirtbot> New bug: #733465 in bacula (main) "package bacula-director-mysql 5.0.1-1ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/733465
<RoAkSoAx> zul: just downloaded the latest source of cobbler in the archives and it does not contain the python-koan binary package (not in debian/control, no debian/python-koan.install)
<zul> RoAkSoAx: damn ok ill have a look
<RoAkSoAx> zul ok :) maybe bzr rejected those changes in the merge or something
<zul> RoAkSoAx: it could be
<RoAkSoAx> zul: yeah those changes are missing here: http://bazaar.launchpad.net/~ubuntu-virt/cobbler/ubuntu/revision/2004
<zul> RoAkSoAx: ill fix it dont worry
<RoAkSoAx> zul: i'm not :)
<ivoks> look, a bacula bug :)
<zul> ivoks: yes you should fix it
<ivoks> zul: maybe :)
<uvirtbot> New bug: #716859 in clamav "cannot install .deb packages" [Undecided,New] https://launchpad.net/bugs/716859
<erichammond> I have a file with one zillion commands that I would like to run 25 at a time in parallel with a new one started every time another one completes, until they are all done.  Is there a handy command line tool that would manage this for me?
<RoyK> while true; do /some/command; done
<RoAkSoAx> zul: hold for a bit the cobbler upload cause I wanna send you a patch first
<RoyK> for those parallel jobs, just do something like 'for ((0=1;i<25;i++)); do echo $i ; done'
<RoyK> add a & to the job run
<RoyK> for those parallel jobs, just do something like 'for ((i=0;i<25;i++)); do echo $i ; done'
<RoyK> even
<zul> RoAkSoAx: k
<erichammond> RoyK: The zillion commands listed in the file are all different.
<erichammond> I could split the file and run each segment in the background, but some segments would get done before others.  I want it to keep starting new individual commands every time one of the 25 slots opens up with a previous command ending.
<erichammond> I could do this in any language with signal handling including bash, but thought somebody may have already invented it.
<uvirtbot> New bug: #731628 in squid (main) "package squid 2.7.STABLE7-1ubuntu12.2 failed to install/upgrade: il sottoprocesso vecchio script di post-installation ha restituito lo stato di errore 1" [Undecided,New] https://launchpad.net/bugs/731628
<RoAkSoAx> zul: ok just uploaded https://code.launchpad.net/~andreserl/ubuntu/natty/cobbler/lp731620/+merge/53092 which fixes bug #731620
<uvirtbot> Launchpad bug 731620 in cobbler "koan crashed with ImportError in /usr/lib/python2.7/dist-packages/koan/configurator.py: No module named yum" [Medium,In progress] https://launchpad.net/bugs/731620
<zul> RoAkSoAx: k thanks
<RoAkSoAx> zul: and is also a patch that can be forwarded upstream i guess. you'll see :)
<zul> RoAkSoAx: you should be using lp:~ubuntu-virt/ubuntu/cobbler
<erichammond> [SOLVED]: Well, rancid_par seems to be doing what I want, though the syntax is awkward and I had to install rancid to get it.
<RoAkSoAx> zul: im using that branch but when uploading IDK how to stack it over that branch, so I just propose the merge over that branch
<zul> RoAkSoAx: k...ill have a look at it later tonight
<RoAkSoAx> ok cool thanks
<dravekx> Does someone have a link on how to mount a second hard drive?
<RoyK> any idea why physmem= doesn't work?
<RoyK> ops - wrong channel
<kim0> hallyn: awesome, so far things looks stable, huge improvement over spicec
<raubvogel> How do I disable mysql's upstart script thingie?
<kim0> hallyn: would be great if you'd look at improving "idle" cpu usage of kvm. For me, an idle win7 kvm process consumes 25% cpu (fans get loud n stuff)
<uvirtbot> New bug: #733561 in squid (main) "package squid 2.7.STABLE7-1ubuntu12.2 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/733561
<donvit0> how is possible my hardisk run out of space
<donvit0> i did not installed nothing
<donvit0> => / is using 94.9% of 147.88GB
<donvit0> wtf can be used 147 gb for
<donvit0> nertil@Maverick:/$ ls
<donvit0> bin    dev   initrd.img      lost+found  opt   sbin     sys  var
<donvit0> boot   etc   initrd.img.old  media       proc  selinux  tmp  vmlinuz
<donvit0> cdrom  home  lib             mnt         root  srv      usr  vmlinuz.old
<donvit0> anyone please?
<ahs3> donvit0: i would start running du -s on /tmp and /var to see what's eating the space
<ahs3> (and then the other directories as needed...)
<donvit0> let me check
<donvit0> but i didnt install nothing
<donvit0> sudo du -s /tmp
<donvit0> 32      /tmp
<donvit0> nertil@Maverick:/$ sudo du -s /var
<donvit0> 145616460       /var
<donvit0> ahs3 looks like /var eats the space
<ahs3> okay.  then you'll have to dig into where in /var.  cd /var; du -s *
<donvit0> i get to muych permision denied
<donvit0> can i pastebin to you please?
<ahs3> you'll have to use sudo
<donvit0> http://pastebin.com/1uD85wYR
<donvit0> i did
<ahs3> ah, i see.  it'll be easier to cd /var, then sudo du -s *
<donvit0> 145023928       log
<donvit0> logs eats the space
<donvit0> how to clear all logs to normal
<donvit0> http://pastebin.com/BE9MWudD
<ahs3> i'd go into /var/log and look for the largest log first, then see what it says.  you could have something misconfigured or broken and there's just tons of messages being generated
<donvit0> -rw-r----- 1 syslog    adm  3137658 2011-03-12 00:14 kern.log
<donvit0> -rw-r--r-- 1 root      root  580069 2011-02-28 04:26 dpkg.log.1
<donvit0> -rw-r----- 1 syslog    adm   766074 2011-03-12 00:14 messages
<donvit0> -rw-r----- 1 syslog    adm   735070 2011-03-06 06:26 messages.1
<donvit0> looks like this are with the most space
<ahs3>  /var/logs has subdirectories, too.  i suspect one of those is taking more space than the files listed
<donvit0> nertil@Maverick:/var$ cd logs
<donvit0> -bash: cd: logs: No such file or directory
<ahs3> cd /var/logs
<donvit0> -bash: cd: /var/logs: No such file or directory
<donvit0> its /var/log
<ahs3> whups.  right
<donvit0> how to clear all machine logs?
<donvit0> also looks like apache logs
<donvit0> eats space
<ahs3> i'd look into those logs first.  there's some sort of error that's causing messages to be generated and filling the logs
<donvit0> -rw-r----- 1 root adm  148489936432 2011-03-12 00:05 error.log
<donvit0> wooowww
<donvit0> in apache2 folder
<donvit0> to much logs
<ahs3> then, you can always use packages like logrotate to keep the space usage down, or worst case just remove them
<donvit0> let me install logrotate
<ahs3> okay, so tail that file
<ahs3> it should *not* be that big :)
<donvit0> how to configure
<donvit0> logrorate please
<ahs3> apt-get install logrotate
<ahs3> the default configuration should be fine
<donvit0> what if i clean now all logs folder
<donvit0> with rm -rf *]
<donvit0> with rm -rf *
<Patrickdk> I do :)
<ahs3> i would just get rid of the big one first
<hallyn> kim0: can you reproduce that with a linux guest?
<kim0> didn't try that
<hallyn> or win 2003?
<kim0> hallyn: which one should I try :)
<hallyn> well a lucid guest woudl be best
<hallyn> else i'll just have to try and find my m$ reg
<Aison> is there an easy way to install kernel 2.6.37 in ubuntu server?
<EvilPhoenix> Aison:  which version of ubuntu server you running?
<EvilPhoenix> 10.04?  10.10?
<Aison> 10.10
<Aison> I think I found a solution by just taking it from lucid kernel ppd?
<Aison> ppa
<Aison> ok, 2.6.37-12 is running
<Aison> now I need linux-tools-2.6.37 :P
<EvilPhoenix> um...
<EvilPhoenix> okay...
<EvilPhoenix> not sure how to help you though :/
<EvilPhoenix> others would be better to help you out ;)
#ubuntu-server 2011-03-12
<atari2600a> does ubuntu server cut network access when it's apt-getting?
 * Datz doubts it
<Datz> probably your bandwidth is scarce
<atari2600a> weird
<atari2600a> my VM's taking up all CPU time & network activity spiked when I turned it on
<atari2600a> & I can't get into it
<atari2600a> that's impossible
<atari2600a> this DSL modem can't even do 400KB/s down
<atari2600a> well it's doing SOMETHING
<atari2600a> it's writing to disk here & there
<atari2600a> damnit I knew I shouldn't have limited it to 256MB/RAM
<Datz> guess you'll have to wait it out :P
<atari2600a> I pkilled the VM
<atari2600a> booted it up & ran sudo dpkg -C, immediately gave me a thumbs up
<atari2600a> so then if it wasn't updating...then what the fsck...
<KB1JWQ> I'm playing around with debootstrap and looking at the various files for different distros. Where can I find a decent description of the various lucid variants (in this case buildd fakechroot minbase)?
<KB1JWQ> Ah, disregard me; the answer's in the debootstrap man page; it seems that's not distro specific.
<tohuw> I want my DNS server to tell clients on its local network that its FQDN (say, dns.example.com) resolves to the local IP instead of the public one. Obviously, I want it to keep informing non-local clients that its FQDN resolves to its public IP. How do I accomplish this?
<ScottK> tohuw: My advice is google split zone dns server.
<tohuw> ScottK: thanks!
<tohuw> bind9 won't start, but I'm getting no reason why out of /var/log/messages. Is there somewhere else to look?
<tohuw> So here's an odd problem: I'm trying to ssh into my local DNS server. If I ping it by FQDN (e.g. myserver.site), I get the correct IP address, and the ping times are fine, but there's a very long gap between pings. If I ssh to the FQDN, I get ssh'd into the localhost of whatever machine I'm on! nslookup of the FQDN seems fine... ideas?
<airtonix> tohuw: did you check the obvious things like : /etc/hosts ~/.ssh/config
<airtonix> tohuw: also the zones config for your local dns if you have one
<airtonix> tohuw: also i suspect you did not successfully configure your dns server correctly
<kim0> hallyn: I've tested the idle cpu thing, with 10.04.2 idle connected to vnc it's 7% (ok), when not connected to vnc console it's (3%) (awesome!). I tried booting my win7 vm with kvm-spice, however I kept running into (https://bugzilla.redhat.com/show_bug.cgi?id=681220) over and over (can't boot)
<uvirtbot> bugzilla.redhat.com bug 681220 in qemu "Starting of a virtual machine ends with qemu-kvm: /builddir/build/BUILD/qemu-kvm-0.14.0/qemu-kvm.c:1724: kvm_mutex_unlock: Assertion `!cpu_single_env' failed." [High,New]
<Tohuw> If anyone gets a moment to take a look at http://ubuntuforums.org/showthread.php?p=10551470#post10551470, it would be much appreciated. The details are too long to post here. Thanks!
<hallyn> kim0: uh, we have that patch
<hallyn> now, maybe my new packaging ended up not applying it...
 * hallyn checks build log
<hallyn> kim0: zounds!
<hallyn> (there was no source/format file)
<kim0> hallyn: um so we had it or not ?!
<Cherish> Anybody here?
<kim0> Cherish: surely :)
<Cherish> I enable SSL on Apache, and generate the key by -des3. So when I reboot my system, it required password.
<Cherish> But after I enter the password , it dead.
<Cherish> I can't see the login message, it is starting apache all the time.
<Cherish> And the error is "Init: Private key not found" , but my PATH is right.
<Cherish> When I generate the key doesn't support password , everything is OK.
<Cherish> This is why?
<Cherish> ls
<hallyn> kim0: it was not being aplied
<hallyn> kim0: update in about 2 hours, should be there
<kim0> Cherish: I suppose because starting apache from the init system is conflicting with your requirement of inputing the encryption password "interactively" ! My initial guess is that it won't be easy
<kim0> hallyn: why are ppas so lazy :) can we have it build in like 10 mins .. spawn a cloud builder or something :D
<Cherish> kim0: Yeah, that's what I mean.
<Cherish> Do you know the reason?
<hallyn> Cherish: fraid i don't.  I'd suggest opening a bug about it.
<hallyn> Cherish: is there anything in syslog showing what apaache was up to?
<Cherish> The error log is "Init: Private key not found"
<Cherish> I'm sure the Path is right, because when I use the key generated by no -des3, everything is OK.
<cavefish> Hey, I've got a question. I'm running a Ubuntu 10.10 server and want to change the welcome message. I've already changed the /etc/motd file, unfortunately that did't work. After a reset of the server the file resets with the default information. Can anyone explain how to fix this?
<hallyn> cavefish: look under /etc/update-motd.d
<hallyn> cavefish: mounted-varrun.conf appears to regenerated it on boot
<hallyn> Cherish: any chance you are using the wron gpassphrase?  If not, open a bug.
<hallyn> Cherish: http://www.giantrobot.co.nz/blog/apache-ssl-init-private-key-not-found
<Cherish> hallyn: My English is not good, I can't express it well.....
<hallyn> Cherish: I suspect if you cat the two .pems that'll fix it
<Cherish> I did it , have no effect
<ttist25> Hey there - I'm trying to recover a 3 drive RAID5 array.  It's on desktop but I can't seem to get help in #ubuntu - can anyone help here?
<kim0> ttist25: soft raid ?
<ttist25> ps - it's a dry run - there's no critical data.  just trying to figure it out before i need to
<ttist25> yes
<kim0> so what's the problem
<ttist25> I've got 3 500GB SATA drives setup in RAID5.  The OS is installed on the array
<ttist25> everything works well and I can boot etc
<cerberos> hi, is there any way to make a screen session page up the same way a non screen session does?
<ttist25> but i'm trying to test by removing power to one of the drives (sdb) and booting
<ttist25> but I get dumped to an initramfs prompt because it can't start the array (i've got bootdegraded=trueP
<ttist25> I think i'm missing something fundamentally
<kim0> ttist25: is your /boot on a separate disk ?!
<ttist25> no
<ttist25> the os is in the array
<kim0> duh, I didn't know one can boot from raid5
<ttist25> is that my fundamental error? :)
<kim0> ttist25: do all disks have partitions with id "fd" for raid
<kim0> ttist25: is there some tutorial you followed setting up /boot on raid5 (I'd wanna know about it)
<ttist25> on each disk i have a 26gb swap partition and the remainder /
<ttist25> the / partitions are set with boot flag on
<kim0> type fd ?
<ttist25> hold on i'll shoot you the link
<kim0> fdisk -l
<kim0> would be good
<ttist25> here's the link https://help.ubuntu.com/10.04/serverguide/C/advanced-installation.html
<ttist25> that's for raid 1
<ttist25> but i followed it exactly other than i used 3 disks and selected raid 5
<ttist25> it boots fine with all the disks there but i'm trying to figure out how i would recover it
<ttist25> ps - if you can't tell i'm skating on the edge of noobidity
<hallyn> Cherish: and the .pem file is readable by user www-data or whoever apache runs as?
<Cherish> hallyn: have any matters?
<hallyn> ?
<Cherish> I chmod it 777ï¼ have no effects
<hallyn> feh
<Cherish> â¦â¦
<hallyn> Cherish: if you don't want to type up a description, maybe 'ubuntu-bug apache2' will do a good enough job, then just put 'I get Init: Private key not found' in the body
<hallyn> kim0: still building :(
<kim0> yeah
 * hallyn out
<kim0> np
<ttist25> is it even possible to boot raid5 with a degraded disk when the os is installed in the array?  Most of the raid5 setups i've seen when googling are 3 disks for the array and then a separate disk for the os (sometimes mirrored in raid1)
<kaushal> hi
<kaushal> is there a way to enable logging for fcron periodical command scheduler ?
<Cherish> kim0: Thanks for you description, I fix it. Thank you very much.
<kaushal> is there a way to set alert if a particular user sucks Internet Bandwdith among 100 Users in a LAN Environment ?
<kaushal> I mean if he uses any p2p application like torrents
<kaushal> I am using shorewall firewall
<cerberos> I'm having trouble getting apache2, nginx, postgresql and mysql (and probably more) to start at boot here's my rc2.d output http://paste.pound-python.org/show/4085/
<LyonJT> Hey all
<LyonJT> Quick question can you have more than one NameVirtualHost on a apache webserver
<kim0> LyonJT: you can have many virtual hosts under one apache
<uvirtbot> New bug: #733914 in autofs5 (main) "autofs races network interfaces, ends up not working" [Medium,New] https://launchpad.net/bugs/733914
<donvito2> hello i get weird log file with this message
<donvito2> http://pastebin.com/FKwPr2LM
<donvito2> the file log goes huge to 145 GB
<donvito2> [Sat Mar 12 19:03:18 2011] [error] [client 85.190.0.3] Attempt to serve directory: /var/www/
<pmatulis> donvito2: what version of php5 do you have?
<donvito2> PHP 5.3.2-1ubuntu4.7 with Suhosin-Patch (cli) (built: Jan 12 2011 18:36:08)
<pmatulis> donvito2: 3 options, 1. upgrade to 10.10, 2. use ";" instead of "#" for comments in the referenced files, or 3. what for an update to php5 in 10.04
<ScottK> Number three will be a long wait.
<awanti> i have some in depth question can ask ...
<awanti> I have 1 LDAP server and 20 clients and os is Ubuntu 10.04. Here every one having romaing profile. Now what i want is I want to restrict 3 pcs being login by other users and that 3 pc users can't login to other 17 pc...
<awanti> So plz. help me to solve this
<Ryan_Lane> awanti: which ldap server are you using?
<awanti> sorry.... which ldap means?
<Ryan_Lane> server, which server
<Ryan_Lane> openldap?
<Ryan_Lane> active directory?
<awanti> YES active directory
<Ryan_Lane> ah
<Ryan_Lane> are the desktops kerberized?
<awanti> yes... all 20 client pc's are Ubuntu Desktop Edition only
<Ryan_Lane> well, I'll skip that question, and tell you the pam_security way of doing it
<awanti> and we have to integrate to Active Directory
<awanti> yes plz.
<Ryan_Lane> awanti: look at /etc/security/access.conf
<awanti> yes
<Ryan_Lane> look at the man page for access.conf (man access.conf)
<Ryan_Lane> look at the man page for pam_access (man pam_access)
<Ryan_Lane> so, you'll need to enable pam_access in your pam configuration
<Ryan_Lane> then, in access.conf, you'll need to restrict access to root, and whoever you want to restrict access to
<awanti> ok ok i got it
<Ryan_Lane> of course, if you are using kerberos, there are likely better ways to do this, like doing so on the AD side, but it's more difficult
<Ryan_Lane> to initially configure anyway
<Ryan_Lane> the kerberos route is likely best if you can do it though
<Ryan_Lane> pam_access will solve your problem though
<awanti> yes...
<awanti> And i have another question...
<Ryan_Lane> ok
<awanti> I want to restrict users to changes in their pc (like wallpaper changes , moving icons, deleting short cuts from desktop etc)
<Ryan_Lane> in gnome?
<awanti> yes
<Ryan_Lane> or also kde?
<awanti> GNOME
<Ryan_Lane> sorry. was in another window
<Ryan_Lane> I think there is a way to do so
<Ryan_Lane> it's been a while since I've looked at this
<ScottK> awanti: That's not really on topic for Ubuntu Server.
<Ryan_Lane> that's true
<Ryan_Lane> should likely ask that in #ubuntu
<Ryan_Lane> awanti: take a look at Sabayon, maybe, though
<awanti> sabayon is OS right
<Ryan_Lane> awanti: no, a tool to restrict settings in gnome
<Ryan_Lane> google it
<awanti> ok
<LyonJT> anyone know how to give a user permissions to a folder ?
<awanti> Ryan_Lane: Can I able to install Ubuntu through LAN upto 400 pc one at a time
<awanti> if yes plz. can u give some links .. I will refer that plz.
<Ryan_Lane> if the server can handle the load, yes
<Ryan_Lane> awanti: you use preseeing for it
<Ryan_Lane> wow ubuntu's docs on this are insanely old
<Ryan_Lane> https://help.ubuntu.com/7.04/installation-guide/hppa/preseed-using.html
<Ryan_Lane> awanti: http://www.debuntu.org/how-to-unattended-ubuntu-network-install
<uvirtbot> New bug: #609625 in linux (main) "kexec-tools 0_kdump" [Undecided,New] https://launchpad.net/bugs/609625
<peturie> Hello all
<peturie> anyone here?
<peturie> stupid irc client
<peturie> ASDF
<peturi> Hello
<peturi> Centralized database for users, is NIS the way to go?
<pmatulis> no
<peturi> Elaborate
<peturi> LDAP better?
<pmatulis> peturi: nis is insecure and limited in features.  ldap is secure and versatile
<pmatulis> peturi: generally people use nis only when forced to (usually b/c of old/legacy connected systems)
<peturi> This is a beowulf cluster, the nodes are not connected to the internet and there is a very limited number of users.
<peturi> Is LDAP harder to setup and maintain compared to NIS, what are the benefits?
<pmatulis> peturi: yes, harder to set up.  and i already told you the basic benefits.  google for details
<peturi> pmatulis, funny, googles first result for "ubuntu support" is a page mentioning this channel.
<peturi> useless
<ttist25> Hello - is it possible to boot a degraded software RAID5 with the OS installed in the array?  Does the OS HAVE to be installed on a different partition?
<crunchbang_> i have little issue with ubuntu one a bit: i kinda asked how they put their server togetter and for financial reasons they didn't answer....
<bigbang> any one know what registrar allows glue records ?
<RoyK> glue?
<EvilPhoenix> i had the same question
<bigbang> Glue records are required when you wish to set the name servers of a domain name to a hostname under the domain name itself..
<bigbang> godaddy don't add glue records and i was wondering if anybody knew what other company might allow it
<rnigam> Hello Everyone, I was trying to use Phoronix test suite for the first time on ubuntu-server. I get the following error about xdg-mime: http://pastebin.com/rk70N7Nk . Can someone please suggest what that error means?
<RoyK> rnigam: that's related to the software you're trying to install, not ubuntu
<rnigam> RoyK: Do you happen to know anything about ubuntu-kvm? and if there are any tools in the repository that can be used to measure its performance against say xen.?
<RoyK> xen works well for pravirt if the guest supports that, but paravirt on xen can be a headache at the best of times
<RoyK> kvm work very well for linux guests, though
<binBASH> has anyone tried kvm + cgroups yet?
<RoyK> I haven't tried other OSes
<RoyK> what are cgroups?
<binBASH> http://broadcast.oreilly.com/2009/06/manage-your-performance-with-cgroups-and-projects.html
<binBASH> +
<binBASH> http://berrange.com/posts/2009/12/03/using-cgroups-with-libvirt-and-lxckvm-guests-in-fedora-12/
<rnigam> binBASH KVM with cgroups sounds interesting !
<rnigam> Thanks for letting it out
<binBASH> rnigam: yeah I'm currently setting up a cloud iaas company here in Germany and try to use it
<phoenixsampras> how to turn ubuntu into a email server?
<qman__> installing an email server is easy
<qman__> configuring it so you can actually get messages sent securely and without getting on any spam lists, however, is not
<qman__> the subject is covered to a reasonable degree in the server guide
<phoenixsampras> oh i see
<phoenixsampras> qman__: how to setup ubuntu-server on citrix?
<guntbert> !serverguide | phoenixsampras re mailserver  --  just as a starting point (and be *very* cautious)
<ubottu> phoenixsampras re mailserver  --  just as a starting point (and be *very* cautious): The Ubuntu server guide may be found at http://help.ubuntu.com/10.04/serverguide/C/
<guntbert> phoenixsampras: how is that different from any other server install?
<phoenixsampras> guntbert: well since its ubuntu, i have the impression things will autoconfigure magically ....
<guntbert> phoenixsampras: I was asking: what difference does it make if you are using some virtualization?
<phoenixsampras> guntbert: oh, well, for some reason, ubuntuserver 10.10 doesnt boot on citrix , it seems it needs some hack... that i cant find
<guntbert> phoenixsampras: and server is not so much automated - beware of tasksel though (it is ok for installing services but NEVER for removing them again)
<guntbert> phoenixsampras: what does not boot? the install CD or the installed system?
<phoenixsampras> guntbert: i dont like tasksel, so i plan to do it manually
<phoenixsampras> guntbert: the installed system
<guntbert> phoenixsampras: wise decision, I got myself burned with tasksel
<phoenixsampras> looks like there is some grub2 problems
<guntbert> phoenixsampras: how does the system "not boot"?
<phoenixsampras> http://forums.citrix.com/message.jspa?messageID=1519974
<phoenixsampras> grub2 and ext4.. and some other things
<phoenixsampras> ubuntu appears to be more sophisticated than citrix lawl
<guntbert> phoenixsampras: it uses uuids for devices -- look into that last post from ^^
<phoenixsampras> yeah, I saw like 20 workarounds, but not sure which one works or not , specially for production
<phoenixsampras> since i plan to move from centos to ubuntu-server to host the email server
#ubuntu-server 2011-03-13
<uvirtbot> New bug: #734083 in mailman (main) "package mailman 1:2.1.13-1ubuntu0.2 failed to install/upgrade: subprocess new pre-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/734083
<cerberos> Nothing in /etc/rc2.d/S2* is starting at boot, everything starts ok when I do it manually. Any ideas (10.04)?
<uvirtbot> New bug: #734113 in mysql-dfsg-5.1 (main) "package mysql-server-5.1 (not installed) failed to install/upgrade: subprocess new pre-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/734113
<uvirtbot> New bug: #734155 in openssh (main) "sshd has 2 startscripts" [Undecided,New] https://launchpad.net/bugs/734155
<tohuw> is anyone successfully running multiple instances of redmine? dpkg-reconfigure redmine went fine, but now I'm stuck on what to do next.
<ejat> hi ..
<ejat> i want to restart my apache suddenly this appear : TERM environment not set
<ejat> just wondering y this could occurs?
<Cherish> What ' s the difference between added INIT=/sbin/init at kernel boot command line or not?
<uvirtbot> New bug: #734190 in samba (main) "package samba 2:3.5.8~dfsg-1ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/734190
<shauno> Cherish: not a whole lot.  /sbin/init is one of the defaults the kernel will try if you don't choose an init= at all.  The option's mostly there for the rare times you don't want the defaults
<Cherish> shauno: If I don't added init=/sbin/init , I can't boot my system smooth
<shauno> what warnings do you get if you boot without it?  (I believe that should only happen with a broken initrd)
<Cherish> shauno: You can see this bug: https://bugs.launchpad.net/ubuntu/+source/apache2/+bug/582963 I find a way to fix it that is addedINIT=/sbin/init at kernel boot command line.
<uvirtbot> Launchpad bug 582963 in server-papercuts "SSL pass phrase dialog can't read input" [Medium,Confirmed]
<Cherish> I don't know why, the default parameter for init is whatï¼
<Cherish> Anyone know how to disable plymouth?
<uvirtbot> New bug: #734258 in tomcat6 (main) "package tomcat6 6.0.24-2ubuntu1.6 failed to install/upgrade: Unterprozess installiertes post-installation-Skript gab den Fehlerwert 1 zurÃ¼ck" [Undecided,New] https://launchpad.net/bugs/734258
<Cherish> plymouth main process killed by ABRT signal
<caution> how do I tell what version an installed piece of software is at?
<iulian> There are loads of ways to find that.  One of them is 'apt-cache policy <pkg>'.
<caution> thanks
<Cherish> Anybody know the difference between added INIT=/sbin/init at kernel boot command line or not ?
<Cherish> If I don't add it the system will go to fsck from util-linux-ng after "Begin: Runing /scripts/init-bottom",If I added it, it will go to boot plymouth.
<compdoc> do you ever let it run fsck?
<Cherish> no
<ulasist>  blackberiy pin numaram kizlar ekleyin Pin 235E223D
<ulasist>  blackberiy pin numaram kizlar ekleyin Pin 235E223D
<ulasist>  blackberiy pin numaram kizlar ekleyin Pin 235E223D
<Cherish> >	If I don't add it the system will go to fsck from util-linux-ng after "Begin: Runing /scripts/init-bottom",If I added it, it will go to boot plymouth.
<Cherish> I want to say the difference.
<cloakable> o.o
<Cherish> è¯¶ï¼é¾ååã
<Cherish> ei...
<Cherish> So sad...
<SpamapS> Cherish: its running fsck for a reason. You should let fsck run.
<meltingwax> i was reading a blog post about 10.10; is it true that glusterfs does not do replication?
<RoyK> meltingwax: glusterfs can be used for realtime replication, last I checked
<meltingwax> RoyK: thanks
<RoyK> meltingwax: a guy I know uses it with  40Gbps infiniband for replicating some 40TB ZFS systems across different physical locations
 * patdk-lap wonders how *far* 40gbps infiniband can go
<patdk-lap> thought it was limited to like 30' or so
<RoyK> patdk-lap: a few kilometers over fiber
<RoyK> 30+ iirc
<azizLIGHTS> how do i update the motd (i see nothing upon ssh login, except last login from, and prompt)
<qman__> that depends on which version you're running
<qman__> pre-9.04(?) you just edit /etc/motd.tail
<qman__> newer ones have a more complex updater
<azizLIGHTS> 10.04
<qman__> there are a series of scripts in /etc/update-motd.d/
<qman__> and there's a daemon that runs
<azizLIGHTS> yes i saw them
<azizLIGHTS> do i run the mall
<qman__> or is it a cron script, don't remember
<azizLIGHTS> how do i run them
<qman__>  /usr/sbin/update-motd
<azizLIGHTS> doesnt look like that exists
<azizLIGHTS> so i just do ./etc/update-motd.d/00-header
<azizLIGHTS> etc?
<qman__> oh, my mistake
<qman__> no such file exists
<qman__> it's part of pam
<qman__> so you just add/edit scripts in /etc/update-motd.d/
<qman__> in that format, they are run in order
<azizLIGHTS> how do i run it myself manually?
<qman__> I don't know how/if you can
<qman__> it's run as part of pam
<qman__> have you changed any pam settings recently?
<qman__> module pam_motd.so in libpam-modules
<azizLIGHTS> i restarted and logged in and saw no motd. s o i went into sshd_config and added updatemod yes, but it didnt do anything.
<azizLIGHTS> 9AND RESTARTED SSHD) USING SUDO /ETC/INIT/.D/SSH RESTART)
<azizLIGHTS> whoops sorry caps
<qman__> what's the output of ls -l /etc/motd
<qman__> more specifically, is the link broken or not
<qman__> and does cat /etc/motd show it
<azizLIGHTS> cat: /etc/motd: No such file or directory
<azizLIGHTS> lrwxrwxrwx 1 root root 13 Feb  1 16:40 /etc/motd -> /var/run/motd
<azizLIGHTS> its showing red
<qman__> ok
<qman__> well that's not an issue with ssh
<qman__> my desktop here is doing the same thing for some reason
<azizLIGHTS> hm well eventually it will run i hope?
<qman__> I'm not really getting anywhere with it
<qman__> not sure why it's broken
<qman__> I recently upgraded mine from karmic
<qman__> did you also recently upgrade, or is it a fresh install?
<azizLIGHTS> im on a fresh install on ec2
<azizLIGHTS> well, an image
<qman__> ok
<BrixSat> hello
<BrixSat>  I have a user1 and user2. User2 belongs to user1 group, altought user1 files is 775 user2 can't create nothing.
<qman__> BrixSat, the directory in which you are attempting to create the files must also be 775
<BrixSat> it is
<qman__> and owned user1:user1
<BrixSat> yes correct
<BrixSat> drwxrwxr-x 11 virtualn virtualn 4096 2011-03-02 17:24 public_html
<BrixSat> the result of ls -l
<BrixSat> cesar@cesar-Aspire-9410:/home/virtualn/public_html$ mkdir ola
<BrixSat> mkdir: cannot create directory `ola': Permission denied
<qman__> and for changes to take effect, user2 must log out and log back in, after being added to the group
<BrixSat> hoioo I missed that :p
<BrixSat> sorry
<BrixSat> brb
<kim0> hallyn: Hi, just tested kvm-spice again, crashed with "kvm-spice: /build/buildd/qemu-kvm-spice-0.14.0+noroms/qemu-kvm.c:1724: kvm_mutex_unlock: Assertion `!cpu_single_env' failed.  shutting down"
<eagles0513875> hey guys i have a vps and for some reason tab completion was disabled
<eagles0513875> how can i reenable tab completion
<binBASH> kim0: what's kvm-spice? can you do things like they do at onlive with it?
<kim0> eagles0513875: apt-get install bash-completion
<eagles0513875> thanks kim0
<kim0> binBASH: nah, spice is an advanced vnc replacement, but I don't think it's good enough for 3d gaming yet
<binBASH> ok ;)
<binBASH> I thought spice is specially designed for fast interaction with client
<kim0> binBASH: well it is, but gaming is a different story
<azizLIGHTS> what should i use to have a dir on windows and ubuntu  syncing bi-directionally? (windows pc is firewalled, but i have done ssh -R to ubuntu from it)
<kim0> dropbox ? :)
<azizLIGHTS> i looked at that, but cli version of dropbox i dont see in documentation about anything about selective sync  (i have a lot of stuff on dropbox i dont want upped to ubuntu)
<azizLIGHTS> any more ideas?
<sean``> hi, would like to setup ldap/samba/nfs with ubuntu server
<sean``> this is supposedly for a company with 2 sites connected via vpn (sonicwall)
<sean``> any tips or sites that I can go to? to learn ldap and nfs setup
<sean``> it would be my first time and the company am working for only have 1u servers which i think needs more space for HDDs
<sean``> i'll be using samba for pdc and fileserver also
<ikonia> sean``: there are lots of guides on the net, you need to think about things such as performance of the VPN as a key issue for auth and file transfers
<sean``> yeah am also considering latency and network vpn performance.....can ldap be used to say recognize that certain users authenticate with a specific server?
<sean``> then i can setup 1 authenticating servers for each site?
<ikonia> sean``: sure, you can even do multi-master with certain ldap versions
<sean``> am thinking of openldap
<ikonia> local slaves and a central master is not uncommon
<ikonia> the redhat directory/fedora 369 ldap server is multi-master capable
<sean``> and i can integrate this with samba?
<ikonia> sure, samba does good ldap interfration for auth and roles
<ikonia> the Windows AD model in LDAP works well with Samba
<sean``> nice
<sean``> any recommendation on reads before I try setting up and managing ldap?
<sean``> am looking at some notes since last week and configs is like very very technical...maybe i need to equip myself before i can fully understand ldap?
<ikonia> just use main stream site guides, no dodgy www.masterubunu.com/howtos/2004/ldap/using-ubuntu-as-a-domaincontroller.html
<ikonia> sean``: sites such as redhat.com/fedora.com for general ldap info, sites such as help.ubuntu.com, wiki.ubuntu.com for actual ubuntu implementations
<sean``> you mean go to main openldap.org and samba.org sites etc
<sean``> ahh thanks :)
<ikonia> yup
<ikonia> there are tons of fools putting up websites with duff information, eg www.ubuntugeek.com/guides/how-i-setup-ldap.html
<uvirtbot> New bug: #734539 in squid (main) "package squid 2.7.STABLE7-1ubuntu12.2 failed to install/upgrade: sub-processo script post-installation instalado retornou estado de saÃ­da de erro 1" [Undecided,New] https://launchpad.net/bugs/734539
<sean``> yeah been trying those out and each makes their own configs.
<sean``> that's y am testing it out using virtualbox
<ikonia> the main site guides are good
<sean``> its going to be my first time to manage a network for a large company and am a bit nervous going the wrong route
<sean``> the company gave me 2 servers to work with an hp 1u server
<ikonia> the physical size of a server doesn't matter
<sean``> i installed 2x1tb and raid
<air^> sata drivers?
<sean``> so am now working with 1 tb for ldap samba and fileserver
<sean``> yup sata drives
<air^> why not sas if it's a server?
<sean``> too expensive
<air^> hw is cheaper than loosing data :)
<sean``> its not planned to be something that has to be up 24/7
<air^> so, you're running some hp hw-raid-1 then?
<sean``> the company is very new with IT and SAS 1tb is about 500usd and they asked for sata which is just 64usd hehe
<sean``> yup running raid 1 hw
<sean``> am sure 1tb wont be enough
<sean``> and i have only 2 slots left on the server
<sean``> am seeing that i would need a separate server to store all the data
<Patrickdk> our of our san, 25sas drives and 24sata, we have lost 16 sas in the last year, and 2 sata
<air^> that's a lot of dead sas drives.
<sean``> what would i need in the 2nd server to make it a scalable file server?
<Patrickdk> air, not nearly as much as loosing whole shelfs before
<sean``> sata is just slower than sas right?
<sean``> what would i need in the 2nd server to make it a scalable file server?
<Patrickdk> in many ways :)
<air^> well, sata is normally for the consumer market as well.
<Patrickdk> but reliablility is the same basically
<Patrickdk> sas is twice as fast as sata for the same level, and sas is bidirectional
<Patrickdk> but if you throw sata 1.5 out, then they are the same speeds
<Patrickdk> sas also run with dual interfaces, for failover
<Patrickdk> sata only has one interface
<ikonia> sean``: you need to go away and do capacity planning
<sean``> we're actually doing that now by establishing a baseline
<sean``> am asking all departments to put a copy of their files in a main pc so i can determine how much files each dept need
<sean``> but I don't want to setup a server with the OS and stuff and find out later that I have to do it all over again because i made a wrong decision somewhere
<sean``> expecially with that much data in place already
<Patrickdk> that isn't a big deal
<Patrickdk> you can copy 1tb of data around pretty quickly
<Patrickdk> unless it's maildir
<ikonia> sean``: the OS should be very small foot print, so just allocated small sizing to the OS, then waste the rest on data
<sean``> so a 4u rack with a decent processor and NFS mapped with samba?
<ikonia> as I've said, the physical size of the server is nothing
<ikonia> you need to stop referencing the physical size
<Patrickdk> larger servers only mean more dirves can fit inside the case
<Patrickdk> personally I like going with 2u servers and external drive shelfs
 * air^ goes with blades these days.
<ikonia> not even that extent, I have a 1 U DL 380 that can fit 6 drives in it (actually it's 2u)
<air^> but then I actually just send a mail to our hw provider and they do their hw stuff :D
<Patrickdk> air, ya, if the customer plan on going with >4 servers, but no storage with those, still all external :)
<sean``> ahh
<sean``> but first time hearing about external shelves
<Patrickdk> you can get 8 2.5" in a 1u :)
<ikonia> sean``: you need to sit down and do capcity planning, then worry about purhasing and laying out the servers
<jeeves_moss> how can I expand my current drive onto a larger drive with DD?  I would like to move from a 160Gb to a 500Gb in my laptop and keep the partition %s the same on the new drive
<uvirtbot> New bug: #734542 in samba (main) "samba-common-bin failed to upgrade: post-install script returned error exit status 2" [Undecided,New] https://launchpad.net/bugs/734542
<air^> yep. our hw provider simply give us what we need from some of their san's.
<ikonia> sean``: before you have the data for your base line and growth and usage rate, it's a pointless exercise
<sean``> what do u mean?
<sean``> sorry, really new at this
<air^> (I actually have no idea what they put in their SAN's, but I would suppose it's all SAS)
<ikonia> sean``: you need to work out your starting data sizings, your expeted growth over months/years, and then usage, how many people accessing, how much data moving around etc etc.
<ikonia> sean``: then you buy hardware that can meet those needs now and the medium term with long term upgrade plans
<sean``> would remember that ikonia
<sean``> how does external shelves work?
<sean``> they just connect via network?
<jeeves_moss> how can I expand my current drive onto a larger drive with DD?  I would like to move from a 160Gb to a 500Gb in my laptop and keep the partition %s the same on the new drive
<ikonia> jeeves_moss: you don't use dd for that
<air^> just clone the drive, then resize the partitions using parted (or similar)?
<jeeves_moss> ikonia, any sudgestions?  I'm getting a little "penned in" with this small drive
<ikonia> jeeves_moss: are you using ubuntu server or ubuntu desktop
<jeeves_moss> ikonia, desktop
<ikonia> jeeves_moss: ok, so #ubuntu is the right place to discuss this
<ikonia> please don't ask for desktop support in here
<jeeves_moss> ikonia, thanks.
<donvitoo> can anyone tell me why i got website like this, instead of original one?
<donvitoo> http://nertilbox.homeip.net:9090/forum/
<donvitoo> what can be the problem
<sean``> bye for now
<sean``> thanks for the help :)
#ubuntu-server 2012-03-05
<uvirtbot`> New bug: #946737 in libcgroup (universe) "Broken logic in /etc/init/libvirt-cgred-wait.conf" [Undecided,New] https://launchpad.net/bugs/946737
<hallyn> stgraber: (on blog post) cool.  I've had smoser asking about thigns like that before (and handed him a custom script iirc).  so i wonder if we want to support that in the pkg
<hallyn> i.e. have a single command that takes an image of any kind and starts it as a container
<hallyn> (probably ephemeral)
<hallyn> (out)
<Zanzacar> I was looking over this certified hardware http://www.ubuntu.com/certification/ and was wondering if ubuntu server could be run on the desktops? Any thoughts?
<qman___> Zanzacar, ubuntu and ubuntu server are largely the same and can, for the most part, run on any x86 compatible hardware
<qman___> certified hardware is simply hardware that's been tested, verified, and basically guaranteed to work
<qman___> there are always edge cases and certain hardware that has partial or no support, but it's reached a ~99% point
<Zanzacar> gotcha well that cool. I guess I can just build my own machine to meet my own specs.
<qman___> the hardware to look out for is mostly brand new stuff and rare or unusual stuff
<Zanzacar> ok that good to know.
<qman___> the latest and greatest sometimes takes a while to get support
<qman___> but it's usually easy to find out whether the hardware you want will work
<Zanzacar> Ya I dont think I am going to be building anything that powerful. I was just thinking about running a small samba server for a friend company.
<Zanzacar> I dont even know if I would need anything over a dual core with 4gigs of ram. Main thing I think would be large enough HDD.
<Zanzacar> anyways thanks for the input. I guess I wont worry about it to much thne.
<qman___> just do a quick search on the chipsets before you buy
<qman___> e.g. "sandy bridge linux support", which took a little while to get implemented
<qman___> it's well covered now, though
<qman___> if you want to be safe, pick something that's been out a year or so
<qman___> and popular
<Zanzacar> seems reasonable.
<Zanzacar> I know I had a usb wireless adapter that I had to really work to get working. I was just not looking forward to something like that.
<Zanzacar> Since if it was his company on the server the last thing I want is some driver/support issue.
<qman___> with wireless, always search
<Zanzacar> ya I learned my lesson haha.
<qman___> same with other cheap, consumable hardware
<qman___> but the base systems and main components are generally well supported
<qman___> wireless chips are literally flavor of the month
<qman___> TV tuners are another hard area
<Zanzacar> ya I dont think I am going to have the server running anythign wirelessly
<Zanzacar> I think I am just going to have the main components. Nothing fancy.
<qman___> hardware RAID controllers usually have linux support, and fakeraid controllers shouldn't be used anyway
<qman___> I've had to upgrade a system to accomodate a newer network card, but it did have support
<twb> qman___: um, consumable?  That means printer ink and stuff
<twb> qman___: ITYM fungible
<twb> ...which is an awesome word you should use at every opportunity
<stgraber> hallyn: I think it'd be interesting to have a script to deal with VM images bootted in LXC indeed. Supporting using the VM image in read-only mode with an overlay (so ephemeral mode) as well as what I described in the blog post using the .img file as read/write partition.
<twb> stgraber: VM as in kvm?
<stgraber> hallyn: ideally extending a bit to read /etc/fstab from the disk image and figure out the partition scheme, generating a matching fstab file for LXC (in the case where /usr or /home are on a different partition)
<stgraber> twb: yes
<stgraber> twb: http://www.stgraber.org/2012/03/04/booting-an-ubuntu-12-04-virtual-machine-in-an-lxc-container/
<stgraber> twb: basically explains how to take an Ubuntu 12.04 VM disk image and boot it in a LXC container
<twb> ephemeral writes generally require a union tool like mount --union, aufs or unionfs -- and they're usually on a per-file not per-block basis, so a KVM qcow2 would become a whole new image immediately...
 * twb reads
<twb> Why do you bother partitioning a VM's disk?
<hallyn> stgraber: of course that's p+1 territory :)
<stgraber> hallyn: definitely :)
<hallyn> twb: for kvm :)
<stgraber> twb: I don't but I'm sure some people do ;) or use some automated partitioning doing that for them
<twb> Yes, silly people do :-(
<stgraber> twb: as for the ephemeral stuff, we'd use aufs or overlayfs on top of the mounted filesystem from the VM, not on top of the block device
<twb> stgraber: ah, OK
<stgraber> so we'd essentially do "kpartx -a" + mount + mount overlayfs + boot lxc from the overlayfs mount point
<twb> OK, but at that point you're using lxc with an ex-KVM image, rather than using lxc *and* KVM?
<stgraber> well, the idea here is that you can use a single .img and either boot it in a VM or in LXC depending on what you want to do
<twb> Nod.
<twb> That approach means your LXC is a lot weaker, though. e.g. you can't drop the mount cap
<twb> You could, but only if you rewrote bits of the VM's disk (e.g. /lib/init/fstab or /bin/mount) in a way that'd break its ability to boot under KVM
<twb> Is overlayfs the one from openwrt?
<stgraber> as long as LXC is doing the mounting before calling init, we can still drop mount capability, the system will simply detect they are already mounted at boot time and will work just fine
<stgraber> though in 12.04 with the new apparmor changes, having mount capabilities in the container isn't as much as a problem as it used to
<hallyn> (i'm out - gnight)
<twb> stgraber: IME that is not the case
<twb> stgraber: in lucid, if you drop mount caps, upstart will shit itself because even though it doesn't NEED to mount, it will fall down and die because it tries to and fails
<twb> That is why all my containers have /bin/mount -> true
<twb> That stuff drove me nuts, because there was no easy way to say "no mountall, you DON'T need to mount /var/run again" or whatever it was
<koolhead17> hi all
<hana>  i cant format my external hard disck in ubuntu?
<twb> hana: sure you can.
<twb> hana: mkfs.ext4 /dev/sdz
<hana> twb:mkfs.ext4/dev/sdz mean by the way the hard disck was i was try to format before in FAT32 and during the format it shows me the error Error formatting volume  Error creating file system: helper exited with exit code 1: helper failed with: mkfs.vfat: failed whilst writing FAT  mkfs.vfat 3.0.9 (31 Jan 2010) and now i cant mount it it
<twb> pastebin the full transcript
<hana> twb:http://pastebin.ubuntu.com/869421/
<twb> It is not obvious what is causing that failure.
<hana> twb:i don't now exactly but at the currnet time is also when i insert the cable it doesn't mount proporly. the hard disck have abackup
<twb> Is this on a server?
<twb> Have you installed a GUI?
<hana> twb:  currently i am using in my pc whcich is not serevr
<hana> it have GUI
<twb> I cannot support that, sorry.
<twb> hana: try #ubuntu.
<linocisco> how to install vbox guestaddition on ubuntuserver?
<linocisco> hi
<linocisco> how to use nano like to see line no. as column?
<linocisco> hi all
<linocisco> I want to find firewall like on fedora
<linocisco> in Fedora, there is a file called firewall under /etc/kerber/firewall. How about on ubuntu?
<koolhead17> !firewall
<ubottu> Ubuntu, like any other Linux distribution, has firewall capabilities built-in. The firewall is managed using the 'ufw' command - see https://help.ubuntu.com/community/UFW | An alternative to ufw is the 'iptables' command - See https://help.ubuntu.com/community/IptablesHowTo | GUI frontends such as Gufw (GNOME) and Guarddog (KDE from Lucid onwards) also exist.
<linocisco> !firewall = ?
<ubottu> linocisco: I am only a bot, please don't think I'm intelligent :)
<linocisco> koolhead17, so can I edit in ufw ?
<koolhead17> !shorewall
<ubottu> Ubuntu, like any other Linux distribution, has firewall capabilities built-in. The firewall is managed using the 'ufw' command - see https://help.ubuntu.com/community/UFW | An alternative to ufw is the 'iptables' command - See https://help.ubuntu.com/community/IptablesHowTo | GUI frontends such as Gufw (GNOME) and Guarddog (KDE from Lucid onwards) also exist.
<koolhead17> linocisco: shorewall is what your looking for i suppose
<linocisco> koolhead17, umm. do I have to download shorewall?
<koolhead17> linocisco: you need to check/click the documentation link to start with :P
<lynxman> morning o/
<linocisco> koolhead17, I want to enter this "$ipt -t nat -A PREROUTING -i eth1 -p tcp --dport 80 -j REDIRECT --to-port 3128"
<linocisco> koolhead17, i am refering video on Fedora. but I dont know where to put this command on which file of ubuntu
<koolhead17> linocisco: for same reason i gave you the ubuntu documentation link. kindly look/readup
<linocisco> koolhead17, I entered one command using nano. but I want to put description or remark beside. how to "syntax"?
<jamespage> morning all
<koolhead17> hello jamespage
 * jamespage waves at koolhead17
<koolhead17> wondering why keystone commands started using native --name --service options :P
<koolhead17> hello lynxman
<lynxman> koolhead17: ello
<uksysadmin> morning koolhead17 (and the rest)
<koolhead17> :P
<koolhead17> uksysadmin: how was it man?
<uksysadmin> was a great weekend. good to get back to my own bed though. urs?
<koolhead17> great, not at all bad
<uksysadmin> :)
<linocisco> i want to setup proxy server for windows clients. do I need to do iptables or NAT apart from squid configuration?
<eutheria> bbcmicrocomputer B/B+ or master?
<linocisco> i want to setup proxy server for windows clients. do I need to do iptables or NAT apart from squid configuration?
<eutheria> linocisco, http://bit.ly/z0OI6v
<Daviey> linocisco: If you are setting the config on the windows client, then no - just stting up squid to allow connection from the LAN is enough
<linocisco> Daviey, I am now configuring squid as per "http://www.ubuntugeek.com/how-to-setup-transparent-squid-proxy-server-in-ubuntu.html". is it enough?
<smb> Daviey, upgraded my orchestra server from O to P over the weekend and it is not a happy bunny. Squid->squid3 apparently did not migrate options. And I still have to find out where the cobbler_web went to... :(
<bigon> hi, do you think it could be possible to backport last version of puppet to lucid?
<micahg> bigon: the oneiric version isn't enough?
<eutheria> bigon, what version of puppet do you want?
<bigon> with 2.7.1-1ubuntu3~lucid1 I've, in some case, issue with require not being honnored
<bigon> works perfectly with 2.7.11
<micahg> bigon: is it a no change rebuild on lucid?
<micahg> bigon: until maverick is EOL, we'd have to backport lucid all the way through oneiric
<bigon> https://launchpad.net/~bigon/+archive/ppa/+build/3254164
<micahg> right :)
<bigon> well not the right version of debhelper
<micahg> bigon: 2.7.10-2 will also cause issues
<bigon> well I didn't investigate much
<micahg> yeah, backporting from precise will not be fun
<bigon> :/
<micahg> bigon: I'd suggest waiting for maverick to be EOL next month, and if you then want to create a patch will revert all the newest debhelper/dpkg stuff, I would certainly consider approving backport
<micahg> *patch that will revert
<micahg> oh, and the ruby package name changes as well
<bigon> *sigh*
<linocisco> do I also need to setup DNS before we need to setup proxy server?
<linocisco> do I also need to setup DNSserver  before we need to setup proxy server?
<bigon> micahg: I'll have a look at creating the backport, I need it for a customer anyway
<micahg> bigon: if you're willing to make patches for the intermediate releases, I'd consider it as well, but that seems like a lot of work
<micahg> bigon: it also requires install/run tests of all the reverse dependencies
<RoyK> hrmf. trying to migrate a vm from one host to another fails after upgrading to precise beta http://paste.ubuntu.com/869629/
<bigon> :(
<eutheria> bigon, can i ask what you use puppet for?
<eutheria> i know what is it supposed to do for me, i just never got why i would want to install another app to manage my server
<bigon> automatic deployement :p
<eutheria> to manage apt?
<bigon> well it's a 'company policy' to use puppet to make repeatable deployement
<bigon> and here it's for a deployement in the amazon cloud
<eutheria> or your own software?
<bigon> we try to package everything
<eutheria> ah ok
<eutheria> i always try and keep my software sandboxed
<koolhead17> the essex4 keystone pkg is broken with new error
<linocisco> do I also need to setup DNS before we need to setup proxy server?
<linocisco> <linocisco> do I also need to setup DNSserver  before we need to setup proxy server?
<Daviey> zul / adam_g: Can you comment how http://bazaar.launchpad.net/~ubuntu-server-dev/glance/essex/revision/120 relates to https://launchpad.net/ubuntu/+source/glance/2012.1~e4~20120224.1290-0ubuntu1 please?
<Daviey> zul: Did you do a local build of https://launchpad.net/ubuntu/+source/python-eventlet/0.9.16-1ubuntu3 before uploading?
<eutheria> this duplicity backup system is very unreliable
<RoyK> duplicity?
<eutheria> yes
<eutheria> the backend of dejadup
<eutheria> i constantly get missing gpg errors
 * RoyK uses Bacula
<RoyK> and Bacula is *not* unreliable ;)
<eutheria> i am not sure if it is entirely duplicity's fault
<RoyK> looks more like a hack than a backup system to me...
<eutheria> someone here suggested it
<RoyK> eutheria: there are a lot of different species in here ;)
<eutheria> i figured as it was the backend to the desktop app it would be ok
<eutheria> i am backup up to an external thirdparty, so duplicity seems to fit the bill
<eutheria> seems i need to make a backup of the cached sigs as they don't get copied up
<eutheria> sometimes
<Tm_T> anyone got an idea about a tool that would monitor and alarm (log) when some process takes mem or cpu over defined limit
<eutheria> Tm_T, nagios? munin? that sort of thing?
<Tm_T> we've been logging once a minute with ps what processes take most of cpu and mem, but between one minute there seems to be something that suddenyl takes all available mem and then disappears (OOM-Kill happens)
<Tm_T> eutheria: something that preferably logs to file with as little setup as possible, and is active on monitoring things, as once a minute, or once every 5 minutes isn't enough
<eutheria> Tm_T, not sure if there is anything that requires little setup
<Tm_T> yeah
<Tm_T> there used to be "runaway process catcher" on KDE3, but haven't been able to find anything similar to server environment
<koolhead17> Tm_T: i dont know about catcher/monitor but cgroup is something you can look it, i heard it does something
<Tm_T> koolhead17: thanks
<Tm_T> I'll try make yet another fancy script too
<koolhead17> Tm_T: love to read your blog on same :)
<thys_> hi.. There are 8 zombie processes on my webhosting server. All my domains stopped working yesterday could the zombies have anything to do with this?
<koolhead17> thys_: who knows
<thys_> how do I get rid of a zombie process?
<eutheria> thys_, fix the parent process
<thys_> how do I see information like this using the terminal?
<eutheria> ps -axuf ?
<thys_> how do I find out which the parent process is
<eutheria> does the pretty tree not help?
<thys_> how do I know which one I am looking for?
<eutheria> thys_, http://bit.ly/AsfyPE
<koolhead17> am having another error/warning during dashboard installation from repository http://paste.ubuntu.com/869792/
<koolhead17> Daviey: ^^
<Daviey> koolhead17: can you report a bug please?
<Daviey> koolhead17: is this a clean box?
<koolhead17> Daviey: yes.
<koolhead17> never installed dash before
<koolhead17> i can start a new VM and try it again before reporting :)
<Daviey> koolhead17: no, both use cases are valid.. but knowing if it is an upgrade bug, or a new install bug is also useful.
<tdn> How can I have my server get two DHCP addresses? It only has one network interface, but I would like to create some aliases for eth0 that also obtains DHCP config. I guess I will have to somehow assign different MAC addresses for each alias. How to do this?
<koolhead17> Daviey: let me know when you want to check the keystone again for the fix you pushed
 * koolhead17 puts all existing keystone documentation in trash
<koolhead17> and points to keystone.openstack.org
<Daviey> koolhead17: it's still in the build queue, should be an apt-get away when resolved.
<koolhead17> sounds great
<rbasak> tdn: perhaps you could use multiple tap devices bridged to eth0 and run dhcp clients against the tap devices. No idea if that'll cause any issues but I can't think of any.
<koolhead17> Daviey: https://bugs.launchpad.net/horizon/+bug/947118
<uvirtbot`> Launchpad bug 947118 in horizon "Horizon package on Precise throws warning during installation" [Undecided,New]
<koolhead17> let me know if i should add some more info?
<tdn> rbasak, hmm... Ok. Not sure how to use tap devs.
<lynxman> jamespage: Question for you sir, if I wanted to say that package B is an upgrade for B but also obsoletes package A just adding in the control file Replaces: A would be enough?
<rbasak> tdn: on second thought I'm not sure it'll work anyway. You have to send to the bridge device to get stuff to go out on the correct interface and then you'd only have one mac address again. Might be worth experimenting though.
<tdn> rbasak, ok. Can I create virtual NICs in ubuntu?
<patdk-wk> the dummy interface :)
<rbasak> tdn: this stuff isn't really about what Ubuntu supports; it's what Linux supports. I'm sure there's a way to do what you need, but I'm not sure if you can do it without writing code. Others may be able to suggest something that just works.
<patdk-wk> oh, this is the multible ip's per dhcp nic thing
<patdk-wk> there is a way to do that, I helped someone a few months ago
<patdk-wk> but I don't remember and didn't really care for it, so dunno how it happened
<koolhead17> Daviey: keystone is getting installed now :)
<koolhead17> bug needs to be closed i suppose
<koolhead17> hey zul
<zul> koolhead17: hi
<zul> jdstrand: fyi keystone mir updated
<jdstrand> zul: ack
<uvirtbot`> New bug: #947183 in setserial (main) "package setserial 2.17-45.3ubuntu1 failed to install/upgrade: ErrorMessage: subprocess installed post-installation script returned error exit status 1" [Undecided,New] https://launchpad.net/bugs/947183
<jdstrand> lynxman: hi! what is the status of the puppet 2.7.11 merge?
<lynxman> jdstrand: it was merged back by SpamapS
<jdstrand> lynxman: ah, perfect :)
<jdstrand> I see it now
<jdstrand> SpamapS, lynxman: thanks! :)
<SpamapS> jdstrand: np :)
<SpamapS> and really I just synced it.. :)
<jdstrand> zul: I'm curious about your change to python-eventlet to allow the tests to unconditionally pass. seems one of the criteria for main acceptance was that its test suite was enabled. is there more information on the failures? are you working on fixing them?
<zul> jdstrand: its on the todo list for today
<jdstrand> zul: excellent, thanks, then please ignore me :)
<zul> jdstrand: consider it done ;)
<axisys> Phinnay: so can you login as root?
<Phinnay> nope, no root logon either
<axisys> can you boot into recovery mode?
<Phinnay> yes, if i use the CD, i can boot from there, mount / and get a prompt
<Phinnay> i see all the files, etc... I just am not sure where to look to determine what is preventing logons from working...
<axisys> without the cd, can you boot into single user moder ?
<axisys> mode*
<Phinnay> i've not tried that, trying now..
<Phinnay> ok, selected recovery mode, its loading now
<Phinnay> nope, it does the same thing
<Phinnay> i am not using the user 'root',  that is disabled on the server for login as per ubuntu
<Phinnay> at setup time, the user i created was 'localadmin' that is the account I tried
<axisys> Phinnay: edit the grub with init=/bin/bash .. that should drop you into root
<Phinnay> so, boot from the CD and mount / to do that?
<axisys> no.. reboot and get hold of the grub
<axisys> i think holding shift while booting gives the grub.. its been a while
<Phinnay> ok, gotcha
<axisys> is it lucid ?
<Phinnay> 11.10
<axisys> ok
<axisys> might be grub2
<Phinnay> it is grub2, am sure of that
<axisys> k
<Phinnay> where in the grub editor thingie do i add the init=/bin/bash?
<axisys> I dont remember.. can you possibly paste it?
<Phinnay> http://www.lphin.com/grub.png
<Phinnay> here ya go
<Phinnay> its in a VM cluster so cant really paste per se ;p
<axisys> on the linux line
<Phinnay> ok, that gave me a 'Kernel panic - not syncing: Attempted to kill init!'
<axisys> remove the 'ro recovery nomodeset'
<axisys> you want rw
<axisys> you need to modify something
<axisys> so remove the 'ro ..' part and add 'rw init=/bin/bash' there (without the quotes)
<wonderman> can someone tell me if this module is needed in apache? modsetenvif
<axisys> wonderman: probably a question for #httpd
<wonderman> not when its default ubuntu setup
<wonderman> they always tell me 'goto #yourdistrohere'
<wonderman> so here i am
<wonderman> i think its a module enabled by default on ubuntu server, but not other OS's
<wonderman> or distros rather
<axisys> dis2mod (?) and try restart apache .. but #httpd guys are the expert
<axisys> a2dismod*
<wonderman> i know howot disable, im asking why/if they are needed, many modules by default
<wonderman> authz for example
<wonderman> mod_reqtimeout
<wonderman> that module rendered the web server unusable ^
<Phinnay>  this is my grub with that init= thinger: http://www.lphin.com/grub.png
<Phinnay> and i got the same kernel panic error
<Phinnay> eep. change that file to grub2.png
<Phinnay> sorry
<axisys> http://www.lphin.com/grub2.png <-- not found
<Phinnay> arrghghhh grub1.png
<Phinnay> im a doof
<axisys> you need rw as well
<axisys> `rw init=/bin/bash'
<Phinnay> ok, added the rw, booting now
<Phinnay> same kernel panic
<axisys> boot from CD .. mount the root partition to /mnt and then chroot /mnt and then give root a password .. make sure shell path is correct and then reboot
<axisys> you could pastebin the kernel panic as well..
<Phinnay> cant copy / paste out of a vsphere
<uvirtbot`> New bug: #947309 in ipsec-tools (main) "racoon phase 2 negotiation fails with Win Vista/7" [Undecided,New] https://launchpad.net/bugs/947309
<Phinnay> ok, so all mounted
<Phinnay> to give root a password i make the edits in the /etc/passwd file?
<axisys> passwd root.. since you chrooted
<Phinnay> right
<Phinnay> ok, done
<axisys> sync
<Phinnay> typed 'sync', got another # prompt, no errors
<axisys> good
<axisys> grep root /etc/shadow
<axisys> do you see a encrypted passwd there?
<axisys> just to make sure
<Phinnay> yep!
<axisys> you are in chroot env .. right?
<Phinnay> i belive so
<axisys> ok.. otherwise you did not change the root passwd .. :-)
<axisys> reboot and you should be able to login as root
<Phinnay> i did the same grep command for one of my local users on this server and it came back with a simalar looking entry so i know im on the hdd filesystem
<axisys> ok
<stgraber> hallyn: around?
<hallyn> stgraber: yup
<stgraber> hallyn: do you already have a fix for LXC not working with the current kernel?
<stgraber> [13879.309454] type=1400 audit(1330969466.790:35): apparmor="DENIED" operation="mount" parent=26752 profile="/usr/bin/lxc-start" name="/usr/lib/lxc/root/" pid=26791 comm="lxc-start" src_name="/home/stgraber/data/vm/lxc/containers/precise-i386/rootfs/" flags="rw, rbind"
<hallyn> stgraber: no
<hallyn> stgraber: I'm trying to amke it work with the *old* kernel right now
<hallyn> (so we can get an 0.8.0 release)
<Phinnay> ok, tried to log in as root, it did not say Access Denied as it did before we did this
<Phinnay> but it still did the same thing with returning me right to the prompt
<hallyn> stgraber: I guess until the real rules come, we need a "allow all mounts" sort of rule
<axisys> your shell might not be working
<stgraber> yeah, I'm trying to figure out the right way of setting that :)
<hallyn> jjohansen: ^ where is a url describing the apaprmor mount rule syntax?
<stgraber> jjohansen: how do we allow all mounts? (a quick grep through the man didn't help)
<jjohansen> stgraber: mount,
<axisys> mount back with cd.. and see if root shell is working
<axisys> init=/bin/bash gives panic might indicates bad shell.. not sure
<Phinnay> www.lphin.com/login.png
<Phinnay> so you have a visual of whats goin on
<axisys> not quite :-) .. but i think you need to fix at least root's shell for a start
<axisys> mount the root partition in /mnt
<stgraber> jjohansen: /sbin/apparmor_parser is stuck at 99% of CPU parsing the profile if I add "mount"
<stgraber> jjohansen: http://paste.ubuntu.com/870223/
<axisys> then find the shell root is using
<axisys> and then run the shell .. see if it is working
<axisys> brb
<jjohansen> stgraber: really :(,  try mount /**,
<stgraber> jjohansen: that one worked apparently (at least /etc/init.d/apparmor reload finished in a few seconds)
<Phinnay> so, in rescue mode, i have the options 'execute a shell in /dev/appserver/root' and 'execute a shell in the installer environment'
<stgraber> or not ...
<stgraber> [14336.219686] type=1400 audit(1330969923.894:76): apparmor="DENIED" operation="mount" parent=27585 profile="/usr/bin/lxc-start" name="/usr/lib/lxc/root/" pid=27604 comm="lxc-start" src_name="/home/stgraber/data/vm/lxc/containers/precise-i386/rootfs/" flags="rw, rbind"
<stgraber> jjohansen: ^
<Phinnay> wich one would be best?
<jjohansen> stgraber: hrmm, something is out of sync.  Try mount /** -> /**,
<jjohansen> hallyn: http://wiki.apparmor.net/index.php/AppArmor_Core_Policy_Reference#Mount_rules
<hallyn> thx
<jjohansen> it hasn't been updated with the full docs but it should cover the basics
<jjohansen> stgraber: there should be a new upload of the userspace today with some bug fixes
<jjohansen> hallyn, stgraber: also for capability you should be able to just use
<jjohansen>   capability,   # allow all capabilities
<jjohansen> and then if you want to not allow a specific one
<jjohansen>   deny capability X,
<stgraber> jjohansen: ok, /** -> /** doesn't work either...
<stgraber> jjohansen: oh, that's really nice!
<jjohansen> stgraber: those are compiling and loading but failing to allow correct?
<stgraber> jjohansen: yep
<jjohansen> stgraber: actually you should be able to do that with file to but there is a bug there, that I need to track down.  That is
<jjohansen>   file,
<jjohansen> should give all permissions
<jjohansen> stgraber: so I have duped, and traced down to the code that is failing, will see if we can't get this fixed in todays upload
<stgraber> jjohansen: cool, thanks
<Phinnay> (axisys): let me know when ya get back :D
<Phinnay> ls
<SpamapS> lynxman: you working on those changes we talked about to rabbitmq-server ?
<adam_g> zul: did that ec2-fixes.patch get merged into nova yet?
<zul> adam_g: dont think so
<zul> adam_g: i been dealing with trying to get libvirt-console patch upstream
<adam_g> zul: if that looks like an uphill battle, it might be easier to add a periodic task to nova that truncates console logs
<adam_g> zul: i actually DOS'd myself over the weekend without that libvirt patch :)
<zul> adam_g: yeah i suggested logrotate but apparently its not the "correct fix"
<lynxman> SpamapS: yes, there's more changes than I foresaw, the config syntax has been changed again and also the init.d file has been completely revamped from scratch
<adam_g> zul: is there something in gerrit atm for the console stuff?
<zul> adam_g: not yet working on it now though
<SpamapS> lynxman: which explains why Thomas saw the regression.. bummer.
<uvirtbot`> New bug: #947342 in euca2ools "euca-describe-instances  should have additional fields in output" [Undecided,New] https://launchpad.net/bugs/947342
<lynxman> SpamapS: yeah also added some extra checks in the control file
<axisys> Phinnay: execute a shell in /dev/appserver/root
<zul> adam_g: https://review.openstack.org/#change,4932
<adam_g> zul: Patch Set 1: Abandoned ?
<zul> adam_g: yeah made a typo
<adam_g> zul: also you have the original review for robbies original patch?
<zul> adam_g: https://review.openstack.org/#change,4932
<Daviey> zul: why did you abandon?
<zul> Daviey: typo in one of the tests
<Daviey> zul: again, why did you abandon ?
<zul> Daviey:  typo in nova/tests/test_utils.py
<Daviey> zul: I think you are missing the question, you do know that you can re-push to the same topic, right?
<adam_g> zul: found it. https://review.openstack.org/#change,706
<zul> Daviey: really?
<adam_g> zul: there are some concerns in there that will block the patch again, i think
<Daviey> zul: i hope you are not being serious.
<zul> Daviey: im not i dont know why i abandoned it
<zul> adam_g: yes unfortunately
<adam_g> zul: for the patches we're currently carrying (specifically the console fifo and the ec2-fixes.patch), moving forward can we do all refreshes in lp:~openstack-ubuntu-testing/$foo/essex and sync the most recent versions into ~ubuntu-server-dev/$foo/essex on upload day? we should ideally have a test case for each one to ensure the patch still does what its supposed to, i can try to come up with one for each of those 2 patches
<adam_g> zul: i think the two of us refreshed console patch in the other branch at different times, and there were merge conflicts at build
<zul> adam_g: sure
<adam_g> zul: hopefully we wont be carrying those for much longer, but i think that is a good way to ensure we're not carrying a busted patch for any of the projects
<zul> adam_g: ack
<adam_g> zul: oh, FYI we're now running CI on KSL
<adam_g> Daviey: ^
<zul> adam_g: sweet...daviey uploaded your keystone fix this morning
<Daviey> adam_g: sweet
<koolhead17> SpamapS, hi
<Phinnay> oooooohh, ok
<Phinnay> so, mounted, went to execute bash, and got the same 'segmentation fault' messages i was seein in the boot log
<Phinnay> looks like bash is corrupt somehow o.o
<Phinnay> strace came back with some stuff, but i dont know how to read it...
<koolhead17> zul, there is another bug with dashboard https://bugs.launchpad.net/horizon/+bug/947118
<uvirtbot`> Launchpad bug 947118 in horizon "Horizon package on Precise throws warning during installation" [Undecided,New]
<zul> koolhead17: k ill have a look
<adam_g> zul: did you already merge https://review.openstack.org/#change,4932 into ~ubuntu-server-dev?
<zul> adam_g: not yet
<adam_g> zul: where did libvirt_console_buffer flag come from? :)
<zul> adam_g: ergh...
<zul> effing hell
<adam_g> zul: theres syntax errors in there, btw
<zul> adam_g: yeah its fixed in my tree sorry about that
<adam_g> zul: well i guess that explains the merge conflicts
<kieppie1> hi guys. are there any details available re virt for the upcoming 12.04 release? I'm thinking of re-installing my new host once it's released, and I'd like to know what to expect. I saw "openstack" as an option when I installed a desktop beta
<Phinnay> ;
<zul> adam_g: the lxc console changes got merged as well so it needs to take that into account now as well
<uvirtbot`> New bug: #947424 in python-boto (main) "boto/utils.py makes use of boto.provider, but doesn't import it" [Undecided,New] https://launchpad.net/bugs/947424
<axisys> Phinnay: do you have sh ?
<axisys> may be /sbin/sh or /bin/sh
<Phinnay> im checking now - was just researching this a bit...
<axisys> grep root /mnt/etc/passwd ?
<Phinnay> yeahhh
<Phinnay> this is weird, for the root user, its set as /bin/bash
<Phinnay> for everything else, its set as /bin/sh
<axisys> grep root /mnt/etc/passwd ?
<Phinnay> that comes up listing /bin/bash
<axisys> ok .. run /mnt/bin/bash .. and tell me what happens
<Phinnay> it says segmentation fault
<axisys> how about run just bash ?
<Phinnay> same thing
<axisys> run which bash
<Phinnay> came back with /bin/bash
<axisys> ls -ld /bin/bash
<axisys> and ls -ld /mnt/bin/bash
<Phinnay> www.lphin.com/ls.png
<axisys> ls -ld /mnt/bin/bash /
<axisys> ls -ld /mnt/bin/bash ?
<Phinnay> i am booting from the CD and using the root partition directly, so no /mnt
<axisys> 15:11:31 < axisys> ok .. run /mnt/bin/bash .. and tell me what happens
<axisys> 15:11:52 < Phinnay> it says segmentation fault
<axisys> how did you run that /mnt/bin/bash ?
<Phinnay> i didnt, i changed it to /bin/bash
<Phinnay> because no mounting
<axisys> that is not what I asked
<axisys> mount root partition of the disk to /mnt
<Phinnay> ok
<axisys> i have to run.. fix your bash.. copy it from cdrom
<Phinnay> just copy the bash file?
<Phinnay> like, /bin/bash ?
<angel282>  Does anyone familiar with the zend optimizer? I have Ubuntu 10.04 lucid, and I cant get it to work?  I've searched google and I found many posts that said optimizer not support php 5.3? any idea?
<Daviey> smoser: can you triage bug 947424, before i upload please? ;)
<uvirtbot`> Launchpad bug 947424 in python-boto "boto/utils.py makes use of boto.provider, but doesn't import it" [Undecided,New] https://launchpad.net/bugs/947424
<smoser> before you upload it ?
<smoser> Daviey, i'm confused
<Daviey> smoser: Can you confirm that the correct fix is to add "import boto.provider" ?
<zul> Daviey: i just fixed up the console stuff that i been working on ill push it tonight
<smoser> it sure looks like it to me, Daviey
<smoser> is there an upstraem bug ?
<Daviey> smoser: thanks, yes
<Daviey> https://github.com/boto/boto/issues/614
<zul> Daviey: the lxc console stuff got merged so ill have to remerge it
<Daviey> smoser: sadly, LP won't allow you to use github as an upstream tracker
<smoser> yeah.
<smoser> i just treid
<Daviey> Seems github isn't popular enough to warrant supporting it
<Daviey> Sourceforge FTW.
<kieppie1>  hi guys. are there any details available re virt for the upcoming 12.04 release? I'm thinking of re-installing my new host once it's released, and I'd like to know what to expect. I saw "openstack" as an option when I installed a desktop beta
<smoser> Daviey, yeah, that looks like a reasonable fix.
<smoser> i added a reproduce to your bug report
<Daviey> thanks smoser
<mok0> I am wondering how to set the hostname of my mailserver, which is connected via portforwarding from my internet router
<Daviey> zul / adam_g: Can you confirm the PPA's used for those wanting to try pre-uploaded openstack?
<Daviey> ie, post jenkins?
<mok0> should I just pretend that the machine is directly on the internet?
<zul> Daviey: that is done the tarball script uploads to the local openstack-ci archive at the same time its uploaded to the ppa iirc
<adam_g> Daviey: https://launchpad.net/~openstack-ubuntu-testing/+archive/openstack-trunk-testing
<adam_g> Daviey: that lags behind whats been recently tested, depending on build queue
<wonderman> can someone please tell me if in ubuntu SYN cookies are disbaled or enabled by default ?
<jpds> wonderman: Enabled.
<jpds> wonderman: See: /etc/sysctl.d/10-network-security.conf
<wonderman> net.ipv4.tcp_syncookies = 1
<wonderman> that is in the normal config
<Daviey> adam_g: right, perfect!
<wonderman> should it be in both places?
<adam_g> Daviey: keep in mind now is probably not the greatest time to install from there
<supremo13> I have a Ubuntu Server 8.04 running BIND. If I upgrade to 10.04 will my server retain the BIND configs?
<EvilResistance> !8.04
<ubottu> Ubuntu 8.04 LTS (Hardy Heron) was the eighth release of Ubuntu. Desktop support ended on May 12 2011, Server support continues until 2013. See !upgrade, !lts and !eol for more details.
<EvilResistance> ah
<EvilResistance> supremo13, it should, afaik it doesnt purge your configs
<EvilResistance> but you might want to back up the configs first
<EvilResistance> as a precaution
<Daviey> adam_g: right, but once we clear up the process, it should be pretty good throught the cycle
<supremo13> Thanks!!
<adam_g> Daviey: well, packages get upload there after a succesful build, not after a deploy/testrun
<Daviey> adam_g: ah, good point.. we might benefit from a 'known reasonably good' ppa
<adam_g> Daviey: thats kinda tricky because theres so many variations of packages being built for every test run, i think we could only reasonably do that with a nova ppa, since thats what we use to trigger deployment tests
<adam_g> Daviey: er, ..so many variations of packages being deployed for every test run
<Daviey> adam_g: I want a place where people can get the latest crack, before it's hit the archives, and be of reasonable standard
<Daviey> Have ideas?
<adam_g> Daviey: once we have this process in shape, we can build nightly/hourly/per-commit packages on changes to ubuntu-server-dev branches. that is, if we keep ubuntu-server-dev branches up to date regularly instead of before an upload
<zul> Daviey: why not something like nightlies
<zul> with using sourece package reciepes
<xr600> Hi... Anybody here with a good load of experience on Ubumtu's support for hibernation on various HW-confifurations ?
<Gran> Hi, everyone! Could someone help me to figure out where is the problem: I'm trying to configure L2TP/IPSec on my Ubuntu Server 11.04 as described at http://blog.riobard.com/2010/04/30/l2tp-over-ipsec-ubuntu and when I'm running command: "sudo /etc/init.d/ipsec restart", it says: "openswan failed to exec the requested action - the following error occurred:" and no error code is given?
<Daviey> zul: ooo, good thinking!
<Gallomimia> after upgrading the server with do-release-update the /boot partition is full. what commands can i run to purge the system of these old kernel releases?
<cereal> can i run a v4 and v6 on isc-dhcp-server ?
<cereal> want to setup radvd to tell my clients to request an ipv6 address ;)
<cereal> previously I had to run two instances to do so
<cereal> one for v4 and one for v6
<zul> Daviey: you'll have to make sure the bzr mirror for the projects in up to date though
<Daviey> zul: right!
<Aison> hello
<Aison> after a reboot today my ubuntu server no longer creates the bonding devices
<Aison> very strange
<Aison> I have to use ifenslave by hand multiple times until it is created
<Aison> Loading kernel module for a network device with CAP_SYS_MODULE (deprecated).  Use CAP_NET_ADMIN and alias netdev-bond0 instead
<Spanky99> If anybody could give me a simple and clean recommendation of hardware and software with minimal amount of fuss for a UPS battery backup solution for Ubuntu 10.04 Server (running Zentyal) let me know.
<Spanky99> I have some old APC Back-UPS 1000/1100's with the "dumb" serial cable.  Looks like a complete pain in the !@#$ from what I've read.  Will happily buy another unit that is easier to hook up and has "plug and play" software in the repositories...
<rbasak> Spanky99: good question. The nut package might be a good place to start. There's a compatibility list here: http://www.networkupstools.org/stable-hcl.html. But I'm not sure about Lucid support (though there is a package in main for Lucid), or if there's a better supported solution.
<JanC> Spanky99: dumb serial cables can't provide plug'n'play, but newer USB ones should
<rbasak> Spanky99: I don't have any experience with UPS management software for Linux myself, apart from with apcupsd from around ten years ago. But I do know that nut exists.
#ubuntu-server 2012-03-06
<uvirtbot`> New bug: #947617 in lxc (universe) "After update, lxc does not start" [Undecided,Confirmed] https://launchpad.net/bugs/947617
<kieppie> hi guys. are there any details available re virt for the upcoming 12.04 release? I'm thinking of re-installing my new host once it's released, and I'd like to know what to expect. I saw "openstack" as an option when I installed a desktop beta
<SpamapS> kieppie: openstack isn't really "virt" as much as "api + management + scaleout of virt"
<SpamapS> kieppie: for just a single box.. libvirt is still good
<kieppie> thanks for that, SpamapS: I'm still running LTS 10.04.x on my production box, so I'd like to upgrade to the new stack with the next release.
<kieppie> using KVM + libvirt
<kieppie> if oVirt (I think?) is production-reasdy & in the repo or a stable PPA by then, that would be nice
<SpamapS> kieppie: yeah not much has changed there.
<kieppie> thinkning about building a HA/faIL-OVER CLUSTER WITH REDUNDENT RESOURCES
<SpamapS> kieppie: ovirt is not included AFAIK
<kieppie> sry (caps)
<kieppie> what's the other one....?
<SpamapS> no clue.
<kieppie> convirt/convirture 2 - that's the one...
<kieppie> also, would be nice to get the desktop-virt going, with SPICE
<kieppie> but I can't find much of the way of news or what to expect on the server-side/virt-side re the next release - much of the focus has been on the desktop/UI advances
<SpamapS> kieppie: spice has had some work done
<kieppie> yea - I figured.... really looking forward to that....
<SpamapS> kieppie: the release notes tend to solidify very late in the cycle
<SpamapS> kieppie: The biggest change is definitely OpenStack vs. Eucalyptus as the cloud service in main
<kieppie> SpamapS: is there anything I could look at now that  could give me some insight or get me exited?
<kieppie> please?
<SpamapS> kieppie: I wrote this blog post a bit ago that talked about the stuff done over the last 2 years, but it is not really virt focused: http://fewbar.com/2012/03/precise-is-coming/
<kieppie> cheers
<kieppie> hehehe - pic looks familiar. ran across this page not that long ago :)
<kieppie> what is Juju? I've encountered it, but not really paid much attention.
<kieppie> is JuJu to services/SaaS what chef/puppet is to PXE hosts?
<SpamapS> kieppie: Its not a perfect map. I say juju is to chef/puppet as apt-get/dpkg are to './configure && make && sudo make install'
<SpamapS> kieppie: the idea is that you just want a service, not necessarily a server.
<kieppie> interresting.....
<kieppie> extremely abstract, though. quite a departure from what I'm used to
<SpamapS> kieppie: its quite concrete when you think about how you actually want to deploy stuff though.
<SpamapS> kieppie: instead of trying to figure out how to deploy stuff *AND THEN* integrate with it.. you just deploy it, then figure out how to integrate with it.
<kieppie> if I understand it (probably very poorly), this could be a great way of fluidly managing services across clusters, local or remote. not unline AC2 instances, etc with OpenStack, Orchestra, Bitnami, TurnkeyLinux, etc
<kieppie> (talking *VERY* broad strokes here)
<j2daosh> anyone know how to make the hostname of a system report to a router?
<SpamapS> j2daosh: report?
<SpamapS> j2daosh: like, with dhcp?
<EvilResistance> j2daosh:  report in what manner?
<j2daosh> all the windows systems in the house, an apple, and a redhat server report their hostnames to my router, but my ubuntu/debian boxes wont
<SpamapS> kieppie: yeah, bitnami and turnkey are similar ideas, though they still focus too much on the server.
<j2daosh> basically i want the hostname to show up on my router statistics page and be able to 'ssh $host' from any system on the network. I don't have any system running as a DNS server so I am not sure how all the windows/redhat/apple systems are able to resolve to a IP from a hostname
<SpamapS> j2daosh: for the ssh $host .. avahi might get that done.. I use 'ssh $host.local' on my work without help from the router
<SpamapS> j2daosh: for the other bit, ubuntu should be sending the hostname in dhcp requests already
<j2daosh> hmmm
<j2daosh> I set static networking though
<j2daosh> did i miss an option for it somewhere?
<SpamapS> possibly
<j2daosh> hmm, i'll go back thru settings and look. thanks for the tip
<Zac_o_O> Hi all!  I have disks that are set to spindown in hdparm.conf, not being woken up by smartd (desired), and noatime set.  The disks spin up after only a few minutes of sleeping.  How do I figure out what's waking them up?
<nguyenthientam1> Hi, I want to intall https on apache , help me
<Zac_o_O> anyone?
<TeTeT> Zac_o_O: maybe try a fuser on the filesystem?
<Zac_o_O> TeTeT: a fuser?
<TeTeT> Zac_o_O: a command for checking which process accesses a file, try fuser /
<Zac_o_O> TeTeT: nice! I'll try that
<Zac_o_O> TeTeT: So I'll do fuser on the mount point/director where this disk is mounted?
<ghost13> question: is there a script that can display the contents of tailf /var/log/auth.log | grep Failed to a webpage so i can see it live as my ssh is attacked?
<twb> ghost13: yes, fail -f /var/log/auth.log | grep Failed >> ~/public_html/index.txt
<twb> s/fail/tail/
<twb> But you would do better to 1) fix your ssh so it can't be attacked in the first place; and 2) use logcheck to have it deliver hourly reports via email instead.
<ghost13> i have denyhost installed so after 10 failed attempts there locked out.
<ghost13> is logcheck installed by default?
<twb> http://cyber.com.au/~twb/doc/iptab.ips
<twb> logcheck is not installed by default.
<ghost13> ok thanks..easy config in terminal?
<twb> You may have heard of logwatch; that does broadly the same thing but is IMO worse, because it must be told specifically to watch for things, whereas logcheck will report anything is has not been told is safe to ignore.
<ghost13> ahh.. just what i was looking for but gave up on that. ill look into it. thanks again
<twb> ghost13: it basically does an egrep -v over your logfiles, so yes, simple to configure.
<twb> You will need to ensure that the system can actually deliver mail to you, of course.
<twb> Also syslog-summary is useful for compressing logs that are very repetetive
<ghost13> it does send to my gmail but..it is from michael@local ?? not my host name and i am running noip
<twb> I have all my systems log to a central logserv, and only it runs logcheck.
<twb> ghost13: then you need to fix your MTA
<twb> ghost13: probably by setting /etc/mailname correctly and restarting postfix, but it all depends.  /topic mentions the 10.04 admin guide which explains how to set up postfix.
<ghost13> will fix my mta and just to make me feel envy..how many systems (servers) you running?
<twb> http://paste.debian.net/158719/ and http://paste.debian.net/158720/
<twb>  
<twb> ...show example output from logcheck w/syslog-summary and appropriate additional site-specific whitelisting.
<twb> The hugin "security" issue is one that has been raised in priority so it stands out, because it is collectd indicating a disk is nearly full
<ghost13> do you run a single server for each task? ssh, httpd, etc?
<twb> ghost13: about one full rack of physical servers, plus about 25 virtual ones, a couple of APs running OpenWRT, a couple of LJ4s, and a hot desk workstation.
<twb> ghost13: I run one container per service, more or less.
<ghost13> fun fun, running 3 services on one laptop hooked into dd-wrt. running ok but hadnt seen much pressure yet :)
<ghost13> is running virtual servers more or less like vhost on apache? or is it for running apps?
<twb> It is more different than similar
<twb> https://en.wikipedia.org/wiki/LXC are "containers", they are very similar to BSD jails or Solaris zones.
<ghost13> never quite got into that yet.
<adam_g> zul: https://code.launchpad.net/~gandelman-a/nova/patch_fixups/+merge/96050  here is that merge that fixes the patches again. this and future proposals should just merge clean into the ubuntu-server-dev branches
<twb> If you are used to KVM VMs, you can think of containers as very low-overhead VMs that are less secure.
<ghost13> ahh ok.
<twb> Sometime when speaking in general I (and others) may refer to containers as another kind of VM, even though this is not strictly accurate
<EvilResistance> how can you set a repository's priority for every package *except* certain packages?
<twb> EvilResistance: set the repo prio, then set the package prio
<twb> This in in apt_preferences(5) or so IIRC
<EvilResistance> twb, thanks
<linocisco> I have one ubuntu server with two NIc cards with different subnets, one card is connected to LAN. one card is connected to Internet. I want to setup route between two cards on server.
<linocisco> what do I do?
<linocisco> I have one ubuntu server with two NIc cards with different subnets, one card is connected to LAN. one card is connected to Internet. I want to setup route between two cards on server.
<linocisco> I have one ubuntu server with two NIc cards with different subnets, one card is connected to LAN. one card is connected to Internet. I want to setup route between two cards on server so that client from LAN can lookup DNS from that ubuntu server.
<twb> !repeat
<ubottu> Don't feel ignored and repeat your question quickly; if nobody knows your answer, nobody will answer you. While you wait, try searching https://help.ubuntu.com or http://ubuntuforums.org or http://askubuntu.com/
<uvirtbot`> New bug: #947744 in apache2 (main) "$ anchor doesn't work in Directory ~ regexp" [Undecided,New] https://launchpad.net/bugs/947744
<TeTeT> linocisco: the server just need to have ip forwarding between the cards enabled, it doesn't need a route, as it can access both networks. the clients however need to have the servers lan address as gateway. when the server also provides DNS, it needs to be supplied in the nameserver config, /etc/resolvonf. Usually DNS server are set via DHCP dynamically
<lucascastro> linocisco:  take a look at ubuntu server guide, firewall
<linocisco> TeTeT
<linocisco> TeTeT, hi thanks for your explanation. I m looking for ip forwarding. acutally my server external card is connected to Host which has got internet from physical gatway. my server is on VM
<linocisco> TeTeT, also my client is on VM
<TeTeT> linocisco: you can check on the server with cat /proc/sys/net/ipv4/ip_forward if forwarding is enabled at all, should be 1
<TeTeT> linocisco: on the VM, depending on the tech used, there might be firewall rules on the host that may make it harder
<linocisco> TeTeT, What I am confusing is that i installed bind9 on that server. so I put that serveritself's IP in resolv.conf so that client can point. but server also has original DNS server got via DHCP entries. what do I do?
<TeTeT> linocisco: the server does not strictly use itself as DNS server, but it may, as it speeds up due to caching. You don't need the DHCP servers if bind is configured correctly
<TeTeT> linocisco: make that: does not need to strictly use itself ...
<linocisco> TeTeT, I have vbox installed on my WindowXP host, which got internet from office router, ubuntu server got internet access from host via NAT. though I installed bind9. mine is still getting DNS from host
<TeTeT> linocisco: well, NAT is quite evil when you want to set up routing, as the route has to go through your host. I don't think I can support you with this. I recommend changing the network structure of the guests to bridged, if possible
<linocisco> TeTeT, all guest OS( ubuntu server and windows client)'s networking mode into bridge?
<TeTeT> linocisco: that's what I did on my ubuntu desktop system with lots of vms on it, makes networking easier, IMO
<linocisco> TeTeT, okok bro. so I have two cards on ubuntu server. should I also make both cards to bridge mode?
<TeTeT> linocisco: really depends on what you want to achieve, two virtual cards bridged to the same LAN don't look to useful to me
<bluefrog> linocisco, you should ask yout IT admin to help you
<linocisco> bluefrog, I am the IT guy
<bluefrog> linocisco, then you should start reading (no offense) seriously
<bluefrog> linocisco, basically all stuff  I read is kind of basic IT knowledge
<bluefrog> linocisco, so depending on what you want to achieve, you should take care security wise. don't expose your intranet to internet and so on...
<linocisco> hi
<gvandeweyer> has anybody tested the ubuntu server lts 10.04.4 on a dell optiplex 990? in the previous version, the nic was not recognised, forcing to upgrade to a non-lts version
<twb> gvandeweyer: run lspci -nn
<twb> gvandeweyer: pastebin the result into kmuto.jp; it will tell you what is supported by what kernel
<twb> If you mean "previous versions of 10.04", they all have the same kernel, so support will be unchanged
<twb> http://kmuto.jp/debian/hcl/ that is
<gvandeweyer> twb: I read that there was backported hardware support in 10.04.4, that's why i asked.
<gvandeweyer> thanks for the lspci hint
<twb> Oh, yeah, possibly if you enable backports and pull in a newer kernel
<twb> I tend to avoid backports
<twb> Anyway 12.04 is coming out in a month, so you might as well aim for that
<gvandeweyer> 'pull in a new kernel' is an issue if you don't have ethernet support :-)
<gvandeweyer> indeed, I just might wait for 12.04.
<twb> gvandeweyer: uh, so put in a temporary second nic
<twb> Or use apt-walkabout, or ethernet over firewire, or whatever.
<twb> Use some INITIATIVE man
<gvandeweyer> :-)
<uvirtbot`> New bug: #947804 in lxc (universe) "Unable to start lxc instances" [Undecided,New] https://launchpad.net/bugs/947804
<lynxman> morning o/
<linocisco> hi all
<linocisco> I found ip_foward is always 0 however I edited or changed via nano. into 1
<linocisco> what do I do?
<rbasak> linocisco: it probably won't work if you use an editor, since it's not a normal file and the editor will try and rename a new file over the top.
<linocisco> so what do I do?
<rbasak> linocisco: use "echo 1 > ip_forward" instead of "nano ip_forward" (and fix the path if you're in a different directory)
<linocisco> I tried "echo 1 > /proc/sys/net/ipv4/ip_forward"
<rbasak> linocisco: this will only change it until next reboot. To keep it persistent across reboots, edit the file /etc/sysctl.conf (you can use nano for that)
<rbasak> linocisco: that should work if you're root. If you're trying to use sudo, it won't work directly, since the redirection is done as the user. I use "sudo -i" to get a root prompt first.
<linocisco> rbasak, but my client could not ping to external card's gateway
<rbasak> linocisco: does "cat /proc/sys/net/ipv4/ip_forward" now say 1?
<linocisco> rbasak, yes. it is now 1
<rbasak> OK, so then you have some other problem. Perhaps routing or firewall.
<linocisco> rbasak, i can ping to external card's IP of ubuntu server from my XP client
<rbasak> Are you sure you don't need NAT?
<linocisco> rbasak,  i need nat
<linocisco> echo 1 > /proc/sys/net/ipv4/ip_forward is not ok?
<rbasak> linocisco: no, that will only enable forwarding without nat
<rbasak> You need to add nat rules as well
<_ruben> assuming you want that to be permanent (persistent across reboots), you should edit /etc/sysctl.conf instead (or probably even better, add a file to /etc/sysctl.d/)
<rbasak> http://www.netfilter.org/documentation/index.html#documentation-howto - there's a nat howto
<linocisco> ya
<Daviey> jamespage: Hey, are you touching ci this week?
<linocisco> rbasak, I think I just need only one line like that" iptables -t nat -A POSTROUTING -o [external NIC card] -j MASQUERADE
<linocisco> " , right?
<linocisco> rbasak, how to check existing iptables command?
<linocisco> rbasak, how to check existing iptables commands?
<linocisco> rbasak, how to check existing iptables commands which has been entered?
<diplo> linocisco, iptables -L
<linocisco> diplo, and then?
<diplo> That will list iptables rules
<diplo> Good read here for basics : https://help.ubuntu.com/community/IptablesHowTo
<linocisco> diplo,
<linocisco> I found Chain input/chain forward and change output with heading
<jamespage> Daviey: yep
<linocisco> entering "/sbin/iptables -P FORWARD ACCEPT
<linocisco> " in rc.local is correct?
<jamespage> jodh, whats the best way to programatically determine the status of a service?  grep the output of service XX status?
<jamespage> Daviey, I see lots of discussion last night - what needs doing?
<jodh> jamespage: you can do that, or maybe use the D-Bus interface if that's more appropriate for your needs? If you care about being notified of state changes, use D-Bus.
<jamespage> jodh, hmm - now that is an interesting idea
<linocisco> hi
<linocisco> i can now ping to gateway of external card
<linocisco> but proxy is not ok yet though I have edited in squid
<linocisco> hi
<linocisco> I followed that https://help.ubuntu.com/11.04/serverguide/C/squid.html. but client don't get interenet through squid yet
<linocisco> my squid doesnot work yet
<aibo> hi after boot I'm getting clean /etc/resolv.conf, I need to store nameserver permanently, how can I do it?
<aibo> oh, solved
<soren> zul: Why did the adduser call in keystone get moved to preinst?
<zul> soren: i was trying to break up the posinst before it got too big
<soren> zul: By moving half of it into the preinst?!?
<zul> soren: yep
<soren> zul: You do understand they serve different purposes, right?
<zul> soren: right
<soren> zul: So you can't just move stuff back and forth willy nilly.
<zul> right
<zul> it will be fixed in the next upload
<zul> i dont know how yet but it will
<soren> zul: Don't... know... how? Just move it back?
<zul> soren: probably
<soren> zul: You said you moved it because the postinst was getting too big.
<zul> soren: im going to play with it this week
<zul> anyways i have to drop liam off at the bus bbl
<soren> Have fun.
<zul> and freeze my arse off at the same time :)
 * koolhead11 burps
<Daviey> soren: Hmm, if it's just adduser handling, what issues do you expect to see, between doing it in the postinst or preinst?
<eutheria> i would like to backup my lucid server to a remote host, I tried duplicity because of its encryption, however it seems to be fairly buggy, can anyone suggest an alternative?
<pmatulis> eutheria: rsync
<eutheria> pmatulis, with encryption?
<eutheria> if duplicity was more reliable it would be fantastic, for backing up to a remote host securely
<soren> Daviey: First of all, it was done without adding a Pre-Depends on adduser.
<soren> Daviey: But that aside, adding users typically happens in postinst. It was *moved* into preinst. There could be reasons why this is needed. I just don't seem them.
<soren> Daviey: "Make postinst shorter".. not a good reason.
<Daviey> soren: To be fair, on Ubuntu, this is just a lintian warning.  I've *read* your views on trivial lintian warnings :)
<soren> Daviey: What is just a lintian warning? The lack of Pre-Depends?
<Daviey> soren: yes
<pmatulis> eutheria: yes, rsync can use ssh encryption
<zul> good morning
<eutheria> pmatulis, not the network layer, the file system of the remote machine is where i need the encryption
<soren> Daviey: How is it deemed just a warning when it'll make the install fail?
<Daviey> soren: How many Ubuntu boxes do you know that don't have adduser installed?
<Daviey> Whilst it isn't Priority: required, it is in base, right?
<Daviey> s/base/minimal/
<soren> Daviey: It *is* priority: required.
<soren> Daviey: And there is a Depends: on it. But there's no PRe-depends. But this is not the point.
<Daviey> is it?
<soren> The point is that postinst and preinst aren't the same thing.
<Daviey> $ dpkg -I adduser_3.113ubuntu2_all.deb  | grep Priority Priority: important
<Daviey> line break fail, but ygti
<soren> So if you move stuff between them, I sure hope, there's a better explanatino that "the other one was getting too big".
<soren> Daviey: That may be what the package claims.
<soren> Daviey: The archive says otehrwise.
<soren> otherwise, even. apt-cache show adduser | grep Priority:
<soren> Priority: required
<Daviey> soren: true dat
<rbasak> eutheria: use LUKS or ecryptfs on the remote end?
<Daviey> soren: so either way, do you agree that it is little more than a lintian warning?
<rbasak> eutheria: or if you want to use an external provider, take a look at tarsnap
<eutheria> rbasak, i have no control over the backend
<rbasak> eutheria: duplicity is the only answer I know of then.
<eutheria> duplicity seems great but buggy
<soren> Daviey: I don't get wound up about what Lintian says. It's an unexplained change that I wondered about. The answer left me wondering even harder.
<Daviey> soren: ok, fair comment.
<koolhead11> nijaba: around
<jamespage> Daviey: you pinged me earlier about CI?
<Daviey> jamespage: ah yes.. Wanted to know what ws in the works for this week?
<jamespage> Daviey: refactoring to make the tarball creation/build process more re-usable
<jamespage> figuring out the best way to manage all of the jenkins jobs...
<jamespage> generally consolidating everything that had been done to-date
<Daviey> jamespage:Have you ben tracking tempest integration ?
<Daviey> and juju as a client test?
<jamespage> Daviey: tempest integration - no adam_g is point on that
<jamespage> juju as a client test == new requirement so I'm guessing no work has been done on that
<jamespage> we are still running devstack in the lab
<uvirtbot`> New bug: #932800 in glance (main) "New glance dependency: ca-certificates" [Medium,Fix released] https://launchpad.net/bugs/932800
<Daviey> jamespage: sorry, what is devstack doing?
<Daviey> the exercise.sh?
<jamespage> yep
<koolhead11> BTW before i could think of it uksysadmin has already made this simple script for keystone https://github.com/uksysadmin/OpenStackInstaller/blob/essex/keystone-services.sh
<koolhead11> am testing it from ubuntu keystone package
<lynxman> jamespage: do you have 5 mins for a packaging doubt I have? If so dm me pls
<jamespage> lynxman, sure
<lynxman> jamespage: thanks :)
<koolhead11> thanks to zul Daviey i can sleep in peace tonight!! :)
<stgraber> jjohansen: any news on a fixed apparmor? we started getting bug reports of broken lxc...
<mali> hey.. I notice slappasswd does not handle passwords wello. it would seem it is most likely the same iossue which seems to have been patched in january by debian aka, passwd field is not encloised by brackets. So what is the best way for me to patch my server... wait for you or sort it out myself?
<uvirtbot`> New bug: #948115 in mcollective (universe) "Detect if system is running upstart seems wrong" [Undecided,New] https://launchpad.net/bugs/948115
<jjohansen> stgraber: sorry fixed the bug I was expecting and turned up more, I am running through some testing on the latest set of patches now
<stgraber> jjohansen: ok
<uvirtbot`> New bug: #948156 in php5 (main) "Include PHP 5.4 to Ubuntu 12.04  release" [Undecided,New] https://launchpad.net/bugs/948156
<uvirtbot`> New bug: #948157 in ntp (main) "package ntp 1:4.2.4p8+dfsg-1ubuntu2.1 failed to install/upgrade: sub-processo script post-installation instalado retornou estado de saÃ­da de erro 1" [Undecided,New] https://launchpad.net/bugs/948157
<therve> hi there
<therve> my nice rabbitmq fix got bumped with the latest upgrade, anything I can do about it?
<therve> #913464 fwiw
<jamespage> lynxman, ^^ know you are working on rabbitmq to tidy up stuff - can you re-instate the fix for bug 913464
<uvirtbot`> Launchpad bug 913464 in rabbitmq-server "rabbit creates new PAM session" [Medium,Fix released] https://launchpad.net/bugs/913464
<therve> jamespage, thanks :)
<lynxman> jamespage: yessir
<jamespage> lynxman, ta
<jamespage> therve, np
<lynxman> jamespage: actually I already had it in mind, it was in the diff (looking at it)
<jamespage> sweet
<mali> hi, which channel is a normal linux support chan_
<mali> ubuntu+1_
<zul> adam_g: can you review the glance ubuntu/debian merge proposal please
<adam_g> zul: yeah, just added a comment about a typo in patch
<adam_g> zul: will look closer in a bit and build some test packages
<zul> adam_g: typo in which patch?
<adam_g> zul: the one that sets the default pipeline/paste flavor
<zul> adam_g: ah ok
<adam_g> zul: also, https://code.launchpad.net/~gandelman-a/nova/patch_fixups/+merge/96050 this syncs patches back to a known working state
<zul> kk
<mali> hey guys
<mali> finally
<mali> I noticed that in slapd when configuring for the ldap admin password, "advanced passwords" often faiil, due to the slappasswd script doesn't enclose the variable in "" . What is the best thing for me to do to patch this?
<mali> patch it locally then lock down my version?
<mali> kinda sounds like security updates can easily break.. or do I give ya the patch and ask why , since this was fixed in january in debian and upstream around then.. it still isn't in ubu? :_p
<rbasak> mali: this fix isn't in the current development version?
<rbasak> mali: and do you know in which version it was fixed in Debian?
<mali> I  just came back to ubutnu server ONLY for server reasons and not ever desktop reasons again so I woudln't lknow. I can only say looking at this: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=635931 and the patch http://bugs.debian.org/cgi-bin/bugreport.cgi?msg=15;filename=slappasswd.patch;att=1;bug=635931 upstream and debiaN fixed this already in jan
<uvirtbot`> Debian bug 635931 in slapd "slapd fails to install due to configuration error" [Normal,Fixed]
<rbasak> OK so this was fixed in Debian in 2.4.28-1
<mali> I can confirm that on the oneiric server I installed today and running the sscript iot fails with my 35ish character long password and does seem however to work if I do ot manually (slappasswd) and enclose with " although I think that becomes part of the password. dpkg-reconfgure does seem to wkr after I reran it manually
<rbasak> Ubuntu precise is on 2.4.28-1.1ubuntu3 so it probably has the fix.
<mali> (I am checking now.. I haven't been on ubuntu , you see, since
<rbasak> Oneiric is on 2.4.25-1.1ubuntu4.1
<mali> ah ok, so precise server is out or in beta?
<rbasak> Beta
<mali> ya ok. I see.
<mali> thank you rbasak . Does this mean then I have to patch a lot of stuff myself for about 3-6 months on a production server, in general?
<rbasak> The bug was fixed in Debian only in January, and Oneiric was released in October. Hence it won't be expected to have the fix unless there's an SRU.
<mali> ok. I know it is not a threat as such, except, it doesn't allow for rather ore secure passowords, which for me... being the root password for ldap, is rather half important.
<mali> so I am just trying to get my head around how it the ubuntu server team works. Sorry if I seem outdated on this as I am.
<mali> but given Canonical and Debian as such is more voluntary or so... how come it goes slower on ubuntu ? (please bear my ignorance as I left Ubuntu Studio at the time due to this unity thing they had) no sure if it still will be in ubuntu but I am only here for the ubuntu server.
<rbasak> mali: if you want, you can request an SRU: https://wiki.ubuntu.com/StableReleaseUpdates
<rbasak> mali: brb
<mali> no , it's ok rbasak : sorry , it is just me who kinda not used to seeing if server / desktop follow similar methods of update.. and also getting used to ubuntu server options as I am starting some businesses but will be setting up most of the infrastructure on th eproduction systems myself along with an admin and two i will enlist. For now I am doing testing to see which system to go for.
<mali> I suspect BSD should be the winner but since I was always a linux bloke, I am sticking to it. I am on arhc linux now which is so amazing but I just can't think quite rolling release might be dodgy on server systems in a small business.
<mali> A huge business with many redundant servers and a large team for testing , for sure it is the best but ye. I do hmmm, worry a bit if certain updates might be slow. Although this is not a security issue more than indirectly (simple passwords do not fail but which production server would use simple passwords)
<kraut> i just went into some creepy situation with ecryptfs on nfs... http://pastebin.com/j0JbCwYn
<kraut> is that interesting for you?
<rbasak> mali: Ubuntu is based on Debian. So updates in Debian filter through to Ubuntu usually upon the following Ubuntu release.
<mali`aweeh> ya, that is an upstream bug though I think. kernel code is erronous.
<kraut> mali`aweeh: did you mean me?
<mali`aweeh> ya
<kraut> mali`aweeh: ah, thanks for the tip. do you got any bug id?
<kraut> or anything else where i can look?
<mali`aweeh> ya I know rbasak but with all the users ubuntu took on from debian and given it is a company which also offers server professional support, one would think it wasn't like just hacking debians stuff again :p but what do I know. that's why I was asking :) anyway, dog walkie time.
<rbasak> mali: once a release is made, it generally isn't changed to keep it stable. This is the same as Debian and most other distributions. Arch is an exception
<mali`aweeh> ye but you do patch security updates though through right?
<rbasak> mali`aweeh: yes, and bugfixes are backported as well
<mali`aweeh> so I agree, one wouldn't get the upstream version fix but
<mali`aweeh> ya.. ok cool.
<kraut> oO
<rbasak> mali`aweeh: usually bugfixes are backported on request
<mali`aweeh> I would expect perhaps a patch
<rbasak> mali`aweeh: see https://wiki.ubuntu.com/StableReleaseUpdates for details of the policies and process
<jdstrand> mali`aweeh: we have a team dedicated to providing security support for ubuntu. it is separate from the bug fix updates you initially asked about
<mali`aweeh> ok good. so my initial question then, which was:
<mali`aweeh> got ya jdstrand : and that is a paid service yes?
<jdstrand> mali`aweeh: no. it is free
<rbasak> mali`aweeh: no, it's not paid.
<rbasak> mali`aweeh: you can follow the process yourself
<jdstrand> mali`aweeh: fyi, https://wiki.ubuntu.com/SecurityTeam/FAQ
<mali`aweeh> Nice.. thanks
<mali`aweeh> so in general, say I find N patches to perform locally, which some are low/,edium priority , is it better to lock down my system for updates since I am patching myself?
<mali`aweeh> thats the final question.. since there is info on this page
<rbasak> mali`aweeh: if you do that you'll miss out of security and stable updates
<rbasak> mali`aweeh: the best thing to do is to supply the patches and get them sponsored. If they conform to policy then they'll go in.
<mali`aweeh> ye I know. that is why I am not sure what happens, if I still make locally patched versions of packages, and then wish to update other downstream fixes
<rbasak> mali`aweeh: you can control the version number of your own packages, and you can use apt pinning to avoid getting updates for particular packages if you want
<rbasak> mali`aweeh: you might want to look into PPAs as well
<rbasak> https://help.launchpad.net/Packaging/PPA
<mali`aweeh> okidokie. Well. In that case, I will patch it for now locally. repackage it. lock it. then continue ldap and all the other horsepulling mauling setup of stuff! :)
<mali`aweeh> thanks for the help and time.
<rbasak> no problem
<raubvogel> If I am not mistaken, when you want to see the cert for a ldap server, you usually would do something like openssl s_client -connect ldapserver.domain.com:636 -showcerts
<raubvogel> But, what if the ldap server only supports tls instead of ldaps?
<mali`aweeh> I just find it funny now one has set up ldap on ubuntu server for 3 months or so, asking for this to be patched :p can confirm the old password thing still fails manually. i.e. the patch is needed. I will post it tonight if i ever get the time, sigh.
<rbasak> mali`aweeh: I think ldap being fairly enterprisey is mainly used on the LTS release. Is this patch required there?
<phretor> I've set the hard/soft nofile limits for my user into /etc/security/limits.conf but ulimits -n keeps displaying the default value (1024): Any clue?
<mali`aweeh> rbasak, actually, true.. I am waiting for the new lTS release... and indeed I am using the oneirc as a testbed till it is out. I was just curious thought about the process, given the LTS releases still follow the same principles, right?
<mali`aweeh> As I am waiting for new servers anyway in about a monnth, which I with a little hope. will coincide more or less with the new LTS
<mali`aweeh> and I do have the 10.04 in a vm from yesterday , I could check but for now, I am not gonna get around to do anything for a few hours
<mali`aweeh> rbasak, nevermind, I will patch it myself either tonight or tomorrow *as I need to refresh the debian packaging system anyhow* and in precise it will be fixed (I will chuck in a report on it if there isn't)
<smoser> utlemming, i dont think that apt retry would change much.
<utlemming> yeah, that's what my testing is proving
<smoser> i'm not sure whether or not it will retry on a 403, and that is the only remotely "retryable" tihng
<smoser> s/thing/error wer're seeing/
<utlemming> smoser: http://paste.ubuntu.com/871898/
<utlemming> smoser: if you fetch the file via wget/curl, its okay, while if you fetch via apt, it fails
<smoser> but is that reproducible ?
<smoser> ie, does it fial again for apt ?
<smoser> or was it just transient and you not lucky with wget/curl
<utlemming> I'm getting the failure consitantly on my instance now
<smoser> can i come in ?
<utlemming> I can reproduce it will....yup, give me a minute
<utlemming> smoser: dns pinged to you privately
<utlemming> apt is configured in debug mode
<smoser> run by
<smoser> run byobu, utlemming
<smoser> and showme
<utlemming> see the 403?
<rbasak> thanks mali`aweeh. If you're not planning on deploying things in production until 12.04 is out, you might consider using 12.04 as your testbed now instead of oneiric. It's in beta, past feature freeze, it's mostly there apart from bugfixes, and that way you'll have an opportunity to get bugs that affect you fixed much more easily.
<adam_g> smoser: yeah, same errors across different instance types too ive got nova-compute on one node, glance and everything else on another.
<smoser> http://paste.ubuntu.com/871947/
<smoser> and
<smoser> http://paste.ubuntu.com/871940/
<mali`aweeh> rbasak, in fact, that is a very good idea.
<smoser> in yours (second one), it seems to me that init in the ramdisk must be failing *very* early
<mali`aweeh> back, by the way. Grrr, I have installed a server now for the 5th time in 7 days hehe. but how long would you say till 12.04 is out? mid april?
<adam_g> smoser: can you pastebin the libvirt template for the instance?
<smoser> mali`aweeh, https://wiki.ubuntu.com/PrecisePangolin/ReleaseSchedule?action=show&redirect=PreciseReleaseSchedule
<smoser> adam_g, that is from canonistack, so no, i cannot.
<adam_g> ah
<smoser> adam_g, can i get at your instance ?
<mali`aweeh> ok end of april
<smoser> er...
<smoser> at your host
<smoser> mali`aweeh, it will release on the 25th of april
<smoser> ubuntu releases arrive on time
<mali`aweeh> hmm, its pushing it for me but I might as well though run it and see if I can follow through.
<mali`aweeh> ye, for me it doesn\t matter if its beta or oneiric atm so sure, am downloading now.
<adam_g> smoser: ehh not really without a bit of work
<smoser> mali`aweeh, wait. sorry, 26th.
<uvirtbot`> New bug: #948320 in postfix (main) "main.cf should not refer to localhost" [Undecided,New] https://launchpad.net/bugs/948320
<uvirtbot`> New bug: #948323 in ipxe (main) "Rom images for e1000 and ne2k missign vendor and device id" [Low,New] https://launchpad.net/bugs/948323
<mali`aweeh> ya tis ok. I was hpoing to go live more around 14/15th but then again, I can't afford redundancy in servers enough to run arch *which I admit would be my preference* , besides, I need to reteach myself deb* style managment again
<mali`aweeh> but I shall rarely ever forgive the desktop attempt of forcing unity on old timers ,p
<lamont> I'm inclined to call 948320 a configuration error: localhost had better be resolvable
<_ruben> and localhost is ::1 as well ;)
<_ruben> and not being able to resolve localhost is indeed, well, atlteast troublesome :)
<SpamapS> several RFC's require localhost to be resolvable and always treated specially
<smoser> adam_g, so you have the fifo patch from rbasak ?
<smb> smoser, note above ipxe bug. I think the quicker fix could be in xen (I am working on another report for that). KVM itself seems to work differently, so it does not seem to require the pci id in the rom header.
<smoser> adam_g, you're in the initramfs at this point
<smoser> so you might be able to reproduce just using the initramfs and kernel (kvm -kernel -initramfs -apend)
<smoser> but i don't know.
<smoser> as it seems to me like it is racy
<smoser> you are using the fifo output ?
<adam_g> smoser: adding --no-log to kernel parameters fixes it
<adam_g> smoser: https://bugs.launchpad.net/ubuntu/+source/upstart/+bug/936667
<smoser> adam_g, i don't know that i understand (or believe) that :)
<uvirtbot`> Launchpad bug 936667 in upstart "Upstart early job logging causes boot failure for systems with no initramfs (error is "No available ptys")" [High,Confirmed]
<smoser> well, maybe now i believe it
<zul> smoser: heh
<smoser> but how did you get no initramfs
<smoser> ?
<adam_g> smoser: no idea, just gave that a shot when i had a libvirt domain manually defined. adding it to the nova xml template gets me a booted instance
<smoser> that doesn't make sense.
<smoser> oh.
<smoser> i see.
<smoser> you registered a kernel
<adam_g> smoser: http://paste.ubuntu.com/871975/ same instance
<smoser> not disk image, but kernel.
<smoser> ie, you used the tarball
<adam_g> smoser: i extracted and used glance add..aki, glance add..ami
<smoser> right.
<smoser> so generally, you dont want to do that :)
<smoser> its good you found this bug, but you really want the .img file, not the .tar.gz file.
<adam_g> smoser: well, in theory that should work just as well as any other method, no?
<smoser> well...
<smoser> you want the .img file.
<smoser> because it is a "full disk image" whereas inside the .tar.gz file there is only a partition image (or, rather a un-partitioned disk image).
<smoser> the issue with the second is that there is no bootloader installed, so you have to supply a kernel
<smoser> and in doing so, you will not be able to 'apt-get dist-upgrade && reboot' and get a new kernel.
<smoser> ie, if you do, you'll reboot into that old kernel that you registered with.
<adam_g> right
<smoser> but yeah, other than that, it "should work"
<smoser> :)
<adam_g> smoser: whats the workflow for upload the .img?  just 'glance add container_format=ami disk_format=ami < foo.img' with no aki specified?
<smoser> i have to look in devstack.
<smoser> cloud-publish-image ....
<adam_g> ok
<smoser> or cloud-publish-ubuntu
<adam_g> ill check. i didnt know devstack did anything other than what i was doing
<smoser> (you are more than welcome to make those 2 commands use glance and shortcut the ec2 api)
<smoser> adam_g, you're right
<smoser> glance add -A $SERVICE_TOKEN name="${IMAGE_NAME%.img}" is_public=true container_format=ami disk_format=ami ${KERNEL_ID:+kernel_id=$KERNEL_ID} ${RAMDISK_ID:+ramdisk_id=$RAMDISK_ID} < <(zcat --force "${IMAGE}")
<smoser> adam_g, in essex is there a reasonable expectation that the above would be doable by a non-admin user ?
<adam_g> smoser: yes, you dont need to be an admin to use the glance client.
<smoser> if so, and we had bug 928378 fixed, then we could easily make cloud-publish-image upload to glance.
<uvirtbot`> Launchpad bug 928378 in glance "glance client should be separate from server" [Medium,New] https://launchpad.net/bugs/928378
<adam_g> smoser: AFAIK, in theory the images a regular user publishes are accessible by users associated with its tenant, unless is_public=true.
<adam_g> ill check on that, though.
<smoser> we'd just have to make bucket optional if nova path was taken (ie, normally it requireds 'arch, image, bucket' as inputs)
<smoser> adam_g, i would like to do this.
<smoser> as it would make people able to use 'cloud-publish-image' or 'cloud-publish-tarball' as a consistent'ish interface.
<adam_g> smoser: im gonna get something to eat, get the regular .img published through glance w/o using any utils. i want to verify what i just said about users/tenants, too
<adam_g> smoser: isn't glance client part of glance-common?
<adam_g> (which alone doesn't pull in either server)
<smoser> $ dpkg -S `which glance`
<smoser> glance-common: /usr/bin/glance
<smoser> it appears to be now.
<soren> Doh.
<soren> Oh, that's the client?
<smoser> yeah.
<soren> s/Doh//
<smoser> so thats a good thing.
<soren> Yeah.
<adam_g> it perhaps should be seperated into its own package though
<smoser> but 'glance-client' would be better.
<smoser> yeah.
<adam_g> glance-common should contain common dependencies for the servers, not the client
 * adam_g lunch
<zul> agreed
<smb> zul, smoser, bug 948333 (I tried to be helpful by providing a debdiff ;))
<uvirtbot`> Launchpad bug 948333 in xen "Xen: pxeboot for e1000 emulation not working" [Medium,In progress] https://launchpad.net/bugs/948333
<zul> smb: ill get to it tonight
<smb> zul, Cool, make sure I did not mess up any formalities (changelog and style) its kinda latish
<zul> smb: ack
<smoser> smb, thank you. zul thank you.
<uvirtbot`> New bug: #939766 in nova "python-novaclient flavor-list is broken against nova diablo/stable" [High,Fix released] https://launchpad.net/bugs/939766
<zul> bbl
<Daviey> smb: Great contribution !!
<Daviey> smb: I am suprised xen is still using etherboot, i thought we switched over to ipxe
<utlemming> smoser: I found the cause of the S3 Hashsum/Size mismatch: Bug 948461
<uvirtbot> Launchpad bug 948461 in apt "apt-get hashsum/size mismatch due caused by swapped local file names" [Undecided,New] https://launchpad.net/bugs/948461
<robbiew> SpamapS: https://bugs.launchpad.net/ubuntu/+source/chef/+bug/948437
<uvirtbot> Launchpad bug 948437 in chef "Remove unsupported release from Precise" [Undecided,New]
<robbiew> https://bugs.launchpad.net/ubuntu/+source/ohai/+bug/948438
<uvirtbot> Launchpad bug 948438 in ohai "Remove unsupported release from Precise" [Undecided,New]
<robbiew> ...and boom goes the dynamite :/
<smoser> utlemming, that doesn't make any sense.
<smoser> packages.bz2 shows python-defer has md5sum of 3653165af1f20a437a14632ce0a2e6c2
<smoser> but the 'Get:65' showed that 'aptdaemon' had that
<SpamapS> robbiew: ACK
<smoser> and per 'md5sum *' , xul-ext-ubufox_2.0-0ubuntu1 had that!
<utlemming> smoser: yup
<utlemming> smoser: I'll let you take a look at the evidence
<smoser> that just seems like a really unlikely race condition.
<smoser> i dont trus the log output
<smoser> as it could just be serialized badly
<smoser> but the file you have on disk there definitely seems to have different content than its name implies
<utlemming> I've ping you the DNS name
<uvirtbot> New bug: #948447 in lxc (universe) "Starting an LXC changes the volume (sound!) of the host" [Undecided,New] https://launchpad.net/bugs/948447
<smoser> utlemming, i'm just trying to think of how that could happen.
<utlemming> smoser: I'm pulling the code now to see if I can make heads or tails of it
<smoser> uless you're lying to me, and you must renamed those files as a joke, i have no idea what would do that :)
<utlemming> lol
<utlemming> believe me, I wish it was _that_ simple
<uvirtbot> New bug: #948481 in telepathy-mission-control-5 (main) "adjust Build-Depends to include dh-apparmor" [Low,Triaged] https://launchpad.net/bugs/948481
<smoser> utlemming, how does htis fail?
<utlemming> smoser: this one is either a hashsum or size mismatch
<smoser> you attached the wrong file in comment 2
<smoser> (you attached a screenshot)
<smoser> please do attach the output correctly there.
<smoser> and then also, see if you can't reproduce on oneiric
<utlemming> lol that was entertaining
<smoser> or even, try installing oneiric apt on precise and see.
 * utlemming tries replicating with oneiric
<smoser> and have you actually seen this on non-s3 mirrors ?
<utlemming> I have, but _very_ rarely
<smoser> fyi, you can potentially short cut this with --download-only for apt
<smoser> (assuming it goes through the file checks in that path)
<smoser> utlemming, https://bugs.launchpad.net/linaro-android-infrastructure/+bug/932088 bug they're not on precise.
<uvirtbot> Launchpad bug 932088 in ubuntu "Ubuntu EC2 package mirror intermitent failures" [High,Confirmed]
<smoser> so either that is not related to this, or they are seeing in on natty even.
<smoser> anyway.
<smoser> i've got to run.
<utlemming> k, I'll see where I can replicate this
<smoser> good sleuthing, utlemming
<smoser> you should maybe tag bugs that have mention of the ec2 mirrors with a given tag
<smoser> so we can remember them easily
<smoser> utlemming,
<utlemming> ec2-s3-mirrors
<smoser> well, i'd skip 's3-mirrors'
<smoser> er...
<smoser> skip 's3'
<smoser> but i dont know
<smoser> i just want to see the others too
<smoser> maybe tag for that too
<utlemming> "all-hail-smoser"?
<smoser> exactly
<uvirtbot> New bug: #948559 in vlan (main) "eth* NIC names hardcoded" [Undecided,New] https://launchpad.net/bugs/948559
#ubuntu-server 2012-03-07
<adam_g> zul: you around?
<uvirtbot> New bug: #948623 in lxc (universe) "Can't start more than 35 containers on my machine" [Undecided,New] https://launchpad.net/bugs/948623
<adam_g> smoser: so, with keystone in place regular users can access glance directly through glance client. not sure how youd like to extend the publish scripts, but OS_USERNAME, OS_PASSWORD, OS_TENANT_NAME and OS_AUTH_URL need to be set accordingly
<smoser> adam_g, right.
<smoser> i think the goal would be to maybe take a flag '--cloud=nova', but basically just DTRT if the environment had nova config versus ec2.
<smoser> and in the case where both were present consult a environment variable, or require the flag
<Zanzacar> I am trying to find a text based installer image for ubuntu-server 32bit but am not sure which is which.
<Zanzacar> This is where I went http://releases.ubuntu.mirrors.uk2.net/ for my information.
<Zanzacar> can I just download the alternate version here? http://www.ubuntu.com/download/ubuntu/alternative-download#alternate
<qman___> Zanzacar, ubuntu server uses the text based installer already
<qman___> if you're having problems, try the nomodeset option
<Zanzacar> This computer I am trying to install ubuntu-server on locks up at the selection of the language.
<Zanzacar> I thought it might be a video card problem. What is nomodeset option?
<twb> Zanzacar: what release are you installing?
<Zanzacar> 11.10
<qman___> if it locks up before you can select a language, odds are you won't be able to install
<qman___> could try the key presses blind and see if it goes
<qman___> nomodeset disables KMS, which doesn't work in some rare instances, it's the new thing that enables a high resolution console
<qman___> I think it's F6 to disable, but that's after you select a language
<Zanzacar> I will trying pressing f6 and see what happens, or maybe trying the keys blind but that doesnt seem reasonable.
<uvirtbot> New bug: #888643 in zookeeper (universe) "Zookeeper listen only to IPv6 interface" [Medium,Expired] https://launchpad.net/bugs/888643
<Zanzacar> so F6 didnt do anything and I didnt see any changes from trying to just press enter a bunch of times and go throught he menus blind.
<Zanzacar> any other thoughts?
<Tohuw> If my local network is 10.254.7.0/24, what is the proper syntax to express every 10.in-addr.arpa address except that subnet? I need to know so that I can list it in my modified rfc1918 zones file. Or is it top-down processing, such that a later reference to that subnet and another db will take precedence?
<qman___> Zanzacar, try a different graphics card, or try 10.04 or 8.04 to see if either works, it'll help narrow down the problem
<qman___> also verify the md5sum on your burn
<qman___> you can literally md5sum /dev/scd0 and it should match the ones on the mirror
<Zanzacar> gotcha I think I might try a previous version
<Zanzacar> qman I have tried version 8.04 and that didnt work either :( I am guessing this system is just not supported?
<SpamapS> Zanzacar: perhaps try the mini.iso
<Zanzacar> I think it isnt ubuntu I think it is this computer. I tried to boot to a windows xp CD that I know works and I just get a blinking _
<SpamapS> Zanzacar: yeah, step 1.. get a decent computer. :)
<twb> SpamapS: when one is ever made, you let me know.
<Zanzacar> so I think I figured out my "problem" my bios was disabling my usb-keyboard. which was giving me problems.
<SpamapS> twb: the Amiga 500 was pretty good
<Zanzacar> thats an awesome comp.
<Zanzacar> ya for on board keyboard. i wonder how fast i can type with this.
<jamespage> morning all
<lynxman> jamespage: morning!
<jamespage> lynxman, howdy!
<jamespage> lynxman, hope it nicer wherever you are :-)
<lynxman> jamespage: I'm almost finished with rabbitmq-server but now... (oh the news) looks like the cddb packaging skips a fair amount of files that are required to be there, so I'm converting it to plain install
<lynxman> jamespage: it's raining and gray here
<jamespage> lynxman, snap
<jamespage> although my weather indicator just died so I can't really tell...
<jamespage> :-)
<jamespage> lynxman, switching to straight debhelper is probably a good thing
<jamespage> but I would suggest we get it stuck in the PPA for the openstack test lab before it gets uploaded just like we did for the 2.7.1 upgrade
<jamespage> I don't suppose that SpamapS is still awake?
<lynxman> jamespage: don't think so, but I'm more than happy with that, I'm just comparing notes with the release the rabbitmq guys do
<lynxman> jamespage: anyway I'll get my hands dirty with this this morning ;)
<jamespage> \o/
<jamespage> Daviey, around?
<Daviey> jamespage: o/
<jamespage> Daviey: are you intending on reviewing any of the zentyal packages?
<Daviey> jamespage: Yes, SpamapS should be sharing them out.. but i guess if we get to them first, it works well.
<Daviey> jamespage: Are you able to poke what is going on with https://jenkins.qa.ubuntu.com/view/Precise%20ISO%20Testing%20Dashboard/view/Daily/job/precise-server-amd64_lamp-reboot/lastCompletedBuild/testReport/test/LampRebootTest/testModPhp/ ?
<jamespage> Daviey, I was going to knock some off this morning
<jamespage> Daviey, SpamapS is looking at that (one of his new reboot tests)
<Daviey> jamespage: ahh, cool
<jamespage> Daviey, I wanted to get you opinion on some general observations before I started - do you have time?
<Daviey> jamespage: always
<jamespage> Daviey, OK so 1.  All of the packages are native format - I think this is OK but wanted to check....
<jamespage> The VCS is upstream and the code is Ubuntu specific as far as I can tell
<jamespage> 2. copyright files are not DEP-5 format - I know this is optional -I would normally request that this be updated but this late in the cycle I think as long as the content is correct we should not block on that
<Daviey> jamespage: I have no problems with native packages in Ubuntu, but it does make life harder for derivatives of Ubuntu.
<Daviey> It's policy compliant, but i did see a rejection recently asking about it.
<Daviey> jamespage: Well, if it's a one-time job for all the packages, fixing to DEP-5 would be nicer.
<Daviey> (considering it's now 'offical')
<jamespage> Daviey, yeah - so I see
<Daviey> jamespage: if it's a cheap thing to do for all the packages, lets do it.. Otherwise, lets leave it.
<jamespage> Daviey: OK - although of course they are native packages so upstream will have to make all of the amends....
<Daviey> jamespage: Okay, i imagine we might want to make other changes aswell.
<Daviey> Lets convert them to 3.0 (quilt)
<Daviey> Then we can post a diff back.
<jamespage> Daviey, explain - not sure I get it?
<Daviey> jamespage: Sorry.. I mean.  Do you think we should convert all the packages to 3.0 (quilt), rather than native..
<Daviey> And fix the changelog
<Daviey> As in, shall we open bzr branches?
<jamespage> Daviey, that would be my preference
<jamespage> I think its just easier to manage
<jamespage> but its more work now
<Daviey> jamespage: Can you point me to the src?
<jamespage> Daviey, packages for review are here https://launchpad.net/~jacalvo/+archive/zentyal-precise/
<Daviey> jamespage: Ok, i'll import them all to bzr now.
<Daviey> (unless you want to?)
<Daviey> jamespage: for starters, the Maintainer field isn't policy compliant
<jamespage> Daviey, missing Uploaders?
<Daviey> jamespage: no, it should be @ubuntu.com
<Daviey> (minor quibble really)
<jamespage> Daviey, even if it is a native package?
<Daviey> Makes no difference, native to Ubuntu, not native to upstream.
<jamespage> I guess thats why I'm a little uncomfortable with native format
<jamespage> with the way its structured the packaging is maintained in the upstream VCS
<Daviey> The main PITA is carrying patches
<Daviey> ie, you patch directly.
<jamespage> to which NO ubuntu-devel has access
<jamespage> so it really is native to upstream - not Ubuntu :-)
<jamespage> I had similar with the rds packaging - took a while to explain
<Daviey> jamespage: *awesome* LP is offline
<jamespage> Daviey: lol
<jamespage> Daviey: ebox was not native format - as this is basically a rename/upgrade I think that it should not change
<jamespage> Daviey, infact it looks like the native-non-native transition happened last time as well.
<Daviey> lol
<jamespage> Daviey, so are we agreed that WE should be making that transition, not upstream
<jamespage> or do we need to discuss with them first?
<Daviey> jamespage: They have euro TZ people iirc
<Daviey> jamespage: Fancy trying to look up irc nicks?
<jamespage> Daviey, on it now
<Daviey> cool
<jacalvo> jamespage, do you want to discuss anything about zentyal packages? :)
<jamespage> jacalvo, you read my mind!
<jamespage> jacalvo: Daviey and I where just discussing whether we should switch them from native to non-native format
<jacalvo> I'm sure bencer would also be present in the discussion, he's AFK now, but he can read the log later
<jamespage> its been done in the past for ebox
<jacalvo> I suppose it's not a problem, specially if there is no other option :)
<jamespage> jacalvo, well native really means native to Ubuntu, not native to zentyal
<jamespage> so having them as non-native packages would make more sense IMHO
<jamespage> easier to manage as well...
<Daviey> jamespage: https://code.launchpad.net/zentyal
<jacalvo> so we need to set the versions to something like 2.3-0ubuntu1 ?
<jacalvo> or does it have more implications?
<Daviey> jacalvo: that is perfect.
<jamespage> jacalvo, spot on
<Daviey> jacalvo: As long as it is > that what is currently in Ubuntu (any release)
<jacalvo> seems easy then, I'm a bit busy now but I'll work on that asap
<jacalvo> thanks for your help!, and let me know if we can do anything else
<Daviey> jacalvo: What is the 'version' of this release?
<Daviey> jacalvo: 2.3.1?
<jacalvo> well, each module has its own version, and some of them are already 2.3.2
<Daviey> ah, ok..
<Daviey> jacalvo: Do you happen to know what versions diverged between Ubuntu and your PPA's?
<Daviey> as in, I see some ones that really went into Ubuntu, and others such as 1.5.1-0ubuntu1~ppa1~lucid1
<jamespage> Daviey, so those should be the old ebox packages?
<Daviey> right
<jacalvo> the old ebox packages are 2.0
<jacalvo> they were introduced in natty
<jacalvo> 1.5 are even older
<Daviey> jacalvo: right, but i'm trying to find an easy way of trimming the changelog to reprenset exactly what went into Ubuntu
<jacalvo> not sure if I understand your questions about what versions diverted...
<jacalvo> diverged*
<jacalvo> ah ok
<jacalvo> let me see
<Daviey> maybe steal the oneiric ubuntu changelog, place it in, and prepend with "New upstream version"
<jacalvo> you mean changes in the code? there a lot because there is a whole major release in the middle (2.2)
<jacalvo> which was never uploaded to ubuntu
<jacalvo> all the changes of the intermediate 2.1.* and 2.2.* versions
<jacalvo> or you mean changes in the packaging?
<jacalvo> http://git.zentyal.org/zentyal.git/blob/refs/heads/precise:/main/core/ChangeLog (from 2.3.2 to 2.0)
<jacalvo> to 2.0.15 more precisely
<jamespage> Daviey: I think this links to the whole native -> non-native packaging format switch
<jamespage> Daviey: I would not expect to find entries for PPA's/package updates that have never been in any distro in the distro changelog
<jamespage> Daviey: ?
<Daviey> right, so stealing the Oneiric changelog is probably sane.. and adding a new entry?
<jamespage> Daviey: I think so - I'm just trying to figure out how we can converge the packaging maintenance going forwards
<jamespage> rather than having the 'import native version' + 'delta non-native version' that we seem to have been doing with ebox
<jamespage> if that makes sense...
<Daviey> right
<Daviey> jacalvo: Would you be happy to revert to non-native?
<jacalvo> yes, I think there is no problem at all
<Daviey> Then, all we should have to do is import.. and flush non-ubuntu changelog entries
<jamespage> Daviey: the problem is that the zentyal release is a native package is it not?
<jamespage> rather than a tar.gz of the source code?
<Daviey> jamespage: right, but if they revert, we are gold
<jamespage> ah -  I see
<jamespage> so in the future zentyal releases 2.4.0-0ubuntu1 into PPA
<jamespage> someone then merges that into the distro packaging branch and uploads?
<jamespage> picking up any deltas that have been made since the previous upstream zentyal package?
<Daviey> jamespage: right..
<jacalvo> mm, but I was going to release a 2.3 installer right today, I can't change that to -0ubuntu1 now...
<jacalvo> is that ok?
<jamespage> I guess that could be jacalvo once he gets from PerPackage upload rights :-)
<jacalvo> I mean, can be done just in the future when a major version switch is done?
<Daviey> jamespage: ideally, they'd do something like 2.4.0-0ubuntu1~zentyal for non-ubuntu uploads.
<jacalvo> bencer is already applying for that :)
<jamespage> jacalvo, great
<jacalvo> for the Per-Package Upload rights
<Daviey> \o/
<jamespage> Daviey: still feels sticky to me
<Daviey> jamespage: oh?
<jamespage> I don't like that fact that we potentially have packaging delta in the distro
<jamespage> that just makes work for someone
<Daviey> jamespage: Hmm, i'm not sure we will?
<jamespage> Daviey, agreed but it is possible
<Daviey> jamespage: have a plan?
 * jamespage scratches his head
<jamespage> other than ask jcalvo to start releasing the source code for each module in a completely different way - not really
<jamespage> but that does not make much sense either....
<jamespage> jacalvo, zentyal is Ubuntu only?
<jacalvo> yes
<jacalvo> it started as debian only
<jacalvo> but it turned to ubuntu only in 2004
<jamespage> jacalvo, Daviey: OK so lets just make sure we work really closely together going forwards an use the zentyal released packages as upstream for Ubuntu
<jamespage> having a ~zentyalX suffix on the version number makes alot of sense from that perspective and we should probably retain those in the Ubuntu changelog.
<bencer> jamespage: Daviey i was reading the backlog
<bencer> zentyal is ubuntu only software
<bencer> so for me makes sense to release it as native packages
<Daviey> jamespage: I hate having non-archive uploads in d/changelog :)
<bencer> what is not pretty straigthforward is how to deal with ubuntu uploaded packages versioning and ppa uploaded packages versioning
<bencer> Daviey: i agree
<bencer> and what we have in debian/changelog is a mess now
<bencer> as we are uploading the packages i was thinking about forget the previous things in debian/changelog and do a clean start
<jamespage> bencer, +1 on that
<jacalvo> yeah, that sounds good
<bencer> jamespage: do you agree on maitaining the native packaging too?
<bencer> we have a lot of things that go in the packaging like upstart jobs
<bencer> that we totally depend on that
<Daviey> bencer: If you do something like, 2.4.0-0ubuntu1 for Ubuntu uploads, then do 2.4.0-0ubuntu1+ppa[0.9] to incremement on the prior upload.. Then as you get closer a new 'release' you can do 2.5.0-0ubuntu1~ppa[0..9] (~ means less)
<jamespage> hmm
 * jamespage thinks again about native packaging approach
<bencer> i like the native thing, we dont have plans to port zentyal to other distros
<bencer> we depend on upstart, we depend on ubuntu packages versions for the configuration templates...
<jamespage> bencer, OK you are talking me round to the idea
<bencer> i think native packaging is ok, what i'm not sure is how to deal with ubuntu uploaded versions and our ppa uploaded versions then
<jamespage> bencer: we need to ensure that upgrades select ubuntu over PPA
<jamespage> so if someone is using the PPA things work out OK
<bencer> jamespage: this is "desired" or is in the policy?
<Daviey> no
<jamespage> desired
<Daviey> If zentyal want to make a post release PPA that users can use, that is fine.
<Daviey> So the version needs to be higher than Ubuntu
<jacalvo> I don't understand that, so if a user wants to get a newer version from our ppa he should be able to...
<Daviey> .. but smarts have to be taken to make sure you don't go higher than the next Ubuntu version.
<Daviey> (hence appending +ppa0 or ~ppa0)
<jamespage> Daviey: so using a ~zentyal on the PPA uploads makes sense then
<jamespage> native or non-native packaging.
<jamespage> jacalvo, so in the current versions:
<jamespage> PPA currently has 2.3.1~zentyal for precise
<jamespage> we push 2.3.1 into precise - folk who have the PPA enabled get the version from precise
<jamespage> post release of precise you push 2.3.2~zentyal to the PPA for precise - people get the PPA version instead of distro
<bencer> that sounds fine for me
<bencer> jacalvo: what do you think?
<jamespage> when 2.4.0 is pushed into 'Q' then users get that
<bencer> jamespage: sorry, what 'Q' means?
<jacalvo> the one after 'P' ;)
<jamespage> bencer: next release of ubuntu
<jamespage> precise+1
<bencer> ok
<jamespage> Daviey: are you happy with this proposed approach?
<jacalvo> I suppose it is ok
<jacalvo> but I can change the ppa versions now, it will have to wait some days until the next release
<jacalvo> is that a problem for uploading the current ppa:jacalvo/zentyal-precise ones?
<jacalvo> I suppose when you talk about PPA you mean ppa:zentyal/2.3, right?
<bencer> jacalvo: yes
<bencer> i think as long as we have the packages in the ppa with that versioning once precise is released, is ok
<jacalvo> we can have them before that for sure
<Daviey> jamespage: wfm
<jacalvo> so finally we stick to native with package versions like 2.3.3~zentyal, right?
<Daviey> Before saying that is OK, i'd like to discuss it with an Archive Admin.
<Daviey> (sorry)
<jacalvo> no problem
<bencer> 2.3.3 for ubuntu universe, 2.3.3~zentyal for out ppa
<bencer> *our ppa
<bencer> jamespage: Daviey how do you suggest to deal with the debian/changelog then, imho upstream changelog and debian/changelog on native packages should be exactly the same
<jamespage> jacalvo, bencer, Daviey: I'll start working through the packages now in terms of general review pending confirmation from an AA on the discussed approach to versioning
<bencer> jamespage: ok, thanks
<jacalvo> thanks!
<jamespage> bencer, jacalvo: I'll update the bug report with feedback on each one
<jacalvo> great
<bencer> jamespage: do you have any opinion on the changelog thing?
<jamespage> bencer: I think we should retain the entries for the ~zentyal versions
<jamespage> its a bit like what we do with Debian - but we are downstream to you
<bencer> as long as the version in the ppa is the same than in the ubuntu should be fine
<jamespage> after all we keep Debian changelog entries even tho they have not been uploaded to Ubuntu
<bencer> i wonder how we would deal if we had to do any upload to -proposed or -security
<jamespage> I think we should deal with that in the distro; for example if we need to update 2.3.1 we go to 2.3.1ubuntu0.1 for the fixes
<bencer> and then merge that changelog in the upstream changelog?
 * jamespage hopes his thinking is rationale
<jamespage> bencer: the fix should land in the upstream version first; then land in the current Ubuntu dev release - and then be backported
<bencer> imagine we are in upstream 2.3.5 and we need to upload 2.3.3ubuntu0.1
<bencer> ok
<bencer> in that case, we 2.4 gets uploaded to ubuntu+1, the changelog for 2.3.3ubuntu0.1 would be lost?
<jamespage> in your VCS yes
<Daviey> jamespage: did you see i imported all the packages to bzr?
<jamespage> but not in the version maintained for Ubuntu in launchpad
<jamespage> Daviey: yes - thanks thats really helpful
<jamespage> I'll review from there
<jamespage> Daviey: if you are intending on looking at some I'll pickup zbuildtools -common and -core now
<bencer> Daviey: jamespage did you see the review that christophe already did on the packages?
<bencer> os this is inteded to be a parallel review?
<jamespage> bencer, no - its not in the bug report - do you have a link
<jamespage> ?
<bencer> he sent me that by mail
<Daviey> i don't think is aw it either
<bencer> still i didnt have time to have a look at his comments
<jamespage> bencer: please could you paste it into the bug report
<bencer> sure, give me 20min to have a look at it
<bencer> so, the workflow should be maintaining the ubuntu packaging in bzr
<bencer> and sync from out upstream git to there
<bencer> merge with the possible ubuntu-specific changes, like security uploads in the changelog, or whatever
<bencer> and push to the archive, right?
<jamespage> thats pretty much inline with what we have discussed
<bencer> understood then, sounds good
<jamespage> actually taking it directly from git makes alot of sense.
<bencer> a bit weird that upstream gets the ~zentyal and not the plain release
<bencer> but not a big deal
<Daviey> zul: Anything left to do on, bug 934064 ?
<uvirtbot> Launchpad bug 934064 in openstack-dashboard "Installing openstack-dashboard on Precise removes Keystone package" [High,In progress] https://launchpad.net/bugs/934064
<Daviey> smb: In the meeting yesterday, i intended to bring up bug 905219, is it on your radar?
<uvirtbot> Launchpad bug 905219 in linux "Linux Kernel crash in Netfilter both in Natty (2.6.38-8-server) and oneiric(3.0.0-13-server/3.0.0-14-server) kernels" [Medium,Confirmed] https://launchpad.net/bugs/905219
<smb> Daviey, No it was not
<bencer> jamespage: Daviey going to review huats comments and i will attach them on the lp issue
<smb> Daviey, but I see Chris assigned there
<Daviey> bencer: cool
<Daviey> smb: great
<iclebyte> is there some app which lets you pick a mirror and setup your /etc/apt/sources.list file?
<jamespage> bencer: OK I'll find something else todo until thats posted (don't want to dupe effort)
<Daviey> iclebyte: we talked about it, but don't thik we put proper effort into it.. you could try apt-spy
<bencer> jamespage: https://bugs.launchpad.net/ubuntu/+source/ebox/+bug/928501/comments/15
<uvirtbot> Launchpad bug 928501 in ebox "Precise will ship totally broken ebox packages" [Undecided,Confirmed]
<lynxman> jamespage: need to poke your brain for a bit whenever you're around :)
<zul> Daviey:  dont think so
<uvirtbot> New bug: #948909 in puppet (main) "puppetmaster-passenger does not install cleanly from scrach" [Undecided,New] https://launchpad.net/bugs/948909
<rbasak> jamespage: ping
<jamespage> lynxman, rbasak: pong
<jamespage> lynxman, wassup
<lynxman> jamespage: hey :)
<uksysadmin> can I bug someone about rabbitmq and clustering vs HA?
<uksysadmin> (it is in a ubuntu install ;-))
<lynxman> uksysadmin: clustering in 2.6.1 is a bit tricky, but go ahead :)
<lynxman> jamespage: so rabbitmq 2.7.1 package, it's based on the upstream rules and it's cddb
<lynxman> jamespage: problem being I've already added a quilt patch (for a bug fixed by therve) and we use the new install method for the other subpackages
<jamespage> lynxman, lemme take a look
<lynxman> jamespage: so we can either rework the cddb into the new format and push the change upstream to rabbitmq or try to keep it as close as possible to the original
<lynxman> jamespage: let me paste you the rules file
<lynxman> jamespage: http://pastebin.ubuntu.com/872948/
<lynxman> jamespage: now problem being that with the mixed format DEB_MAKE_INSTALL_TARGET doesnt work properly and only packs the binaries
<uksysadmin> its more a general q - we're looking at rabbitmq in prod, and I believe already we have to stray from ubuntu 12.04 rabbitmq for some reason (I'm late in with the project - they're now shouting help).
<jamespage> lynxman, hmm
<lynxman> uksysadmin: just wait for 2.7.1 new package then :)
<uksysadmin> lynxman, when's that due?
<lynxman> jamespage: I know I'm frying something not properly, for sure, I can push my debian directory to a branch for review
<lynxman> uksysadmin: as soon as I finish :)
<jamespage> lynxman, I think I see the issue
<jamespage> the package does not use any sort of patch system and is implicitly format 1.0
<lynxman> jamespage: so what do you reckon it is?
<jamespage> thats all bad
<lynxman> jamespage: yeah I moved it to quilt 3.0 format
<uksysadmin> lynxman lol
<jamespage> so adding a quilt patch and switching format it probably not the right way to approach this at this point in the release
<jamespage> I would apply the patch directly into the source tree (as someone has already done)
<uksysadmin> and then I'll get the guys to follow the clustering recommendations.  what does clustering give that load balancing doesn't? in a cluster is one node acting as some sort of master?
<lynxman> jamespage: lp:~lynxman/junk/rabbitmq271debian
<lynxman> jamespage: yeah saw that but I just wanted to be clean, you reckon that's the problem then? :)
<lynxman> uksysadmin: active active vs active passive pretty much
<jamespage> lynxman, it might be; I'd endeavour to have as little impact on this package to make your changes at this point in the cycle
<lynxman> jamespage: alright, I'll go that way then and see if that recovers the issues :)
<lynxman> jamespage: wish me luck
 * lynxman dives
<jamespage> lynxman, onesecond - lemme check
<lynxman> jamespage: alright
<uksysadmin> where load balance is active active (as you can hit multiple nodes) vs cluster which is replicating to slaves? Or have I got that the wrong way around?
<jamespage> so what specifically was the issue you are seing?
<lynxman> uksysadmin: wrong way around in this case
<uksysadmin> lynxman, ok cheers.
<lynxman> jamespage: all is packaging okay, but the rabbitmq-server package lacks the libraries, so it's not listening to $RABBIT_BIN and $RABBIT_LIB in the rules
<uksysadmin> (guess who has a meeting on rabbitmq in 1 hr... ;-))
<lynxman> jamespage: I reckon that's due to the package format change
<lynxman> uksysadmin: I hope not me :D
<uksysadmin> you can be invited if you want
<uksysadmin> ;-)
<lynxman> uksysadmin: I have hmm... to pay my taxes... yes
<jamespage> lynxman, so long as you have managed your patches OK cdbs + source format 3.0 (quilt) should be OK
<lynxman> jamespage: so then the lack of libraries must be something else
<jamespage> rabbitmq-server.links looks dodgy
<uksysadmin> damn, should've thought of that one.  I said washing my hair but it didn't go down too well.
<lynxman> uksysadmin: maybe lack of long hair makes that one a bit more dubious ;)
<lynxman> jamespage: hmm haven't touched that one
<uksysadmin> :)
<jamespage> lynxman, I think its the way you have transitioned the rabbitmq-server binary package stuff
<jamespage> lynxman, just trying something
<lynxman> jamespage: hmm okay I'll wait for your feedback then
<lynxman> jamespage: this is quite a complicated package :/
<jamespage> lynxman, it def running the make install correctly
<jamespage> lynxman, well I've learn't something new today
<jamespage> lynxman,  $(DEB_DESTDIR) for a source package with a single binary package looks to get set to debian/$package_name
<jamespage> but with multiple binary packages it get set to debian/tmp
<jamespage> so the package was working implicitly before as everything got installed to debian/rabbitmq-server
<jamespage> and is now borked as there is no explicit install for rabbitmq-server
<lynxman> jamespage: aha!
<lynxman> jamespage: very interesting :)
<lynxman> jamespage: so I should just change $DEB_DESTDIR for debian/$package_name right?
<jamespage> no
<lynxman> jamespage: hmm what do you recommend then :)
 * lynxman is clearly out of his depth in this baby
<jamespage> lynxman, $***"Â£"$%"Â£!"Â£!"$%
<jamespage> lynxman, write an rabbitmq-server.install file that picks up the right bits.
<lynxman> jamespage: while at the same time keeping the rules file as it is
<lynxman> jamespage: correct?
<jamespage> almost
<jamespage> lynxman, you will have to tweak install/rabbitmq-server::
<jamespage> maybe
<lynxman> jamespage: hmm would you reckon just converting it to dh_ would be better?
<jamespage> lynxman, well maybe but I would not want to switch build system without collab from the debian maintainer
<jamespage> even with dh you will still need to override dh_auto_install or whatever todo the same as the rules file is doing now
<Daviey> utlemming: what is the status of locale issue on the cloudimg's?
<zul> good morning
<Daviey> afternoon zul
<ivoks> hi guys
<lynxman> zul: morningtons
<jamespage> lynxman, you just need to make sure that the .install file also picks up the files details in rules OR install them directly to debian/rabbitmq-server in rules
<jamespage> rather the DEB_DESTDIR
<lynxman> jamespage: that's what I'm saying, substitute $DEB_DESTDIR for debian/rabbitmq-server
<Daviey> ivoks: hola
<lynxman> jamespage: that would be the less delta-ish change
<jamespage> yes but only in the install/rabbitmq-server target
<Daviey> ivoks: It seems the mail stack might want some love, would you be such a lover?
<lynxman> jamespage: like this http://pastebin.ubuntu.com/873007/
<lynxman> Daviey: smooth one
<ivoks> Daviey: lol
<Daniel__> i installed ubuntu server onto my computer and then installed gnome after my server software installed, but it says could not update ICEauthority file and then my home folder/.ICEauthority.
<ivoks> Daviey: i can add it to my TODO list... it can't get any love before friday :)
<Daniel__> me
<Daviey> ivoks: \o/
<Daviey> ivoks: You might be interested in bug 930916, it looks pretty painless :)
<uvirtbot> Launchpad bug 930916 in amavisd-new "amavis start-stop script fails to stop amavisd" [High,Confirmed] https://launchpad.net/bugs/930916
<Daviey> smoser / utlemming: At some point, would either of you two be able to revist running cloud img's outside of the cloud?
<Daviey> ie, does it still work
<Myrtti> Daniel__: have you perchance enabled the root account?
<lynxman> jamespage: yeah that did it :)
<smoser> Daviey, it does work.
<smoser> in precies images its much simpler.
<ivoks> Daviey: one question thou...
<Daviey> smoser: is there doc's?
<ivoks> Daviey: sure i can take a look, but i'm not core-dev; i'm not even motu anymore :) what else can i do for that bug? it does have a patch attached
<Daviey> ivoks: well you are rubbish :)
<Daviey> ivoks: It would be great to see you push or ubuntu server package set :)
<lynxman> Daviey: by extension all non MOTUs as myself are rubbish? ;)
<Daviey> lynxman: no, just ivoks
<ivoks> i guess i have to re-apply for motu and apply for core-dev eventually
<ivoks> yeah, i sucks
<Daviey> ivoks: if you let MOTU expire, it should be a pretty simple task to re-gain it.
<lynxman> jamespage: package looks good now and all plugins work properly, where do you want it so it can be properly sponsored and tested
<jamespage> lynxman, please can you push it as a branch to launchpad
<lynxman> jamespage: will do
<lynxman> jamespage: the bzr branch for rabbitmq-server is still on 2.6.1
<lynxman> jamespage: you want me to do the upstream merge and push the debian changes into the new branch? or just push the debian dir as it is
<Daviey> smoser: Have you tried to use nested kvm in canonistack?
<smoser> $ modprobe kvm-intel
<smoser> FATAL: Module kvm_intel not found.
<smoser> GAH!
<Daviey> smoser: i installed -generic
<Daviey> and it is found, but fails to load
<smoser> yeah
<smoser> but...
<smoser> maybe we shoudl put those into -virtual
<Daviey> smoser: This is what i am thinking...
<smoser> Daviey, doc on cloud-init
<smoser>  http://bazaar.launchpad.net/~cloud-init-dev/cloud-init/trunk/view/head:/doc/nocloud/README
<Daviey> but i wanted to get it working first.. :)
<Daviey> "kvm: no hardware support"
<smoser> (on running images outside of cloud)
<Daviey> Shame hallyn is away
<Daviey> smoser: thanks
<jamespage> lynxman, debdiff then
<smoser> Daviey, its unlikely that hte host has the kvm module loaded with support for nested
<Daviey> smoser: it's default in precise.
<smoser> well, ask is.
<smoser> IS
<Daviey> on it :)
<smoser> oh, and i know you dont care, Daviey (since your "`id -u` == 0" on your systems), but all of that link runs non-root
<Daviey> smoser: lolz
<lynxman> jamespage: roger that
<smoser> Daviey, fyi http://paste.ubuntu.com/873047/
<smoser> i'll open a bug for kvm in guests
<smoser> but...
<smoser> its not free (~1M in modules)
<Daviey> smoser: dude, steal all my thunder, why not :)
<Daviey> smoser: yeah, i tried intel and amd64 for luck.
<smoser> $ apt-cache show linux-image-3.2.0-18-virtual  | grep ^Size
<smoser> Size: 12084572
<smoser> you can open a bug.
<smoser> go for it.
<Daviey> smoser: TBH, i think 1M makes sense.. Considering the default is to enable nesting, we should allow clouds to do it by default IMO.
<smoser> Daviey, its probably a toy
<smoser> toys are nice.
<smoser> but they're toys
<lynxman> smoser: toys are flashy too
<smoser> its an add of 950896 to a package that is 12084572
<smoser> and lynxman and Daviey both like flashy (as noted by their laptop vendor)
<Daviey> smoser: being able to run a half decent development cloud within the cloud is pretty swish.
<Daviey> smoser: Think it's better just to suggest people switch to -generic?
<smoser> i think "half decent" might be a bit of an exageration.
<smoser> but sure.
<Daviey> it's only an apt-get away!
<smoser> open a bug.
<zul> Daviey: so question for you, I have been talking to ttx about swift
<zul> Daviey:  swift 1.4.7 is going to be released real soon now.
<zul> however 1.4.8 is going to have some new featues (i dont know what they are since i dont follow swift as closely as i probably should)
<uvirtbot> New bug: #948983 in puppet (main) "puppetmaster-passenger default vhost has wrong documentroot" [Undecided,New] https://launchpad.net/bugs/948983
<zul> do we want to do a FFE for 1.4.8 or just leave it at 1.4.7
<ttx> Updated http://wiki.openstack.org/EssexReleaseSchedule with their new schedule
<zul> my prefrence is to leave it at 1.4.7
<smoser> zul, but features are shiney
<smoser> and Daviey likes shiney
<smoser> :)
<zul> smoser: shiney like dubloons
<smoser> i dont care if that decorated egg is hollow and extremely fragile, ITS SHINEY!
<zul> Daviey: the point being that 1.4.7 you get a known quantity with 1.4.8 close to an ubuntu release you dont
<smoser> you could ask yourself, wwttxd
<lynxman> jamespage: bug #948993 with debdiff attached, you can take it at will :)
<uvirtbot> Launchpad bug 948993 in rabbitmq-server "rabbitmq-2.7.1-0ubuntu1 lacks compatibility with plugin packages" [Undecided,New] https://launchpad.net/bugs/948993
<smoser> (ww ttx do)
<zul> smoser: i ask myself that question everyday, additionally what would brian boitano do as well?
<zul> crap now i have that song in my head
<smoser> he'd make a plan and he'd follow through
<smoser> thats what brian boytano would do
<ttx> I ask myself what would Chuck Norris do.
<zul> and have save the maidens fair
<lynxman> ttx: just punch the bad guy in the face, and resist gravity like a boss
<smoser> http://youtu.be/XuRJSsAYxDA
<smoser> awesome.
<ttx> lynxman: that's what I suggested to zul in PM
<zul> lynxman: very pratical
<Daviey> ttx: Development through PM's++
<Daviey> zul: Really don't have enough information.  The fact that a swift release *is* a production release is encouraging
<Daviey> Really, what matters - is what is tagged as essex aswell.
<Daviey> The fact that if they didn't use 'releases', but used milestones, such as essex-4.. we'd adopt it without a second thought.
<uvirtbot> New bug: #948993 in rabbitmq-server (main) "rabbitmq-2.7.1-0ubuntu1 lacks compatibility with plugin packages" [Undecided,New] https://launchpad.net/bugs/948993
<ttx> Daviey: I think you need to wait for the change to see if it's worth it
<ttx> i.e. ship 1.4.7 until you can assess if 1.4.8 is worth the FFe hassle
<Daviey> ttx: What release is being tagged as essex final?
 * Daviey raises again that swift being an openstack project is as transparent as mud.. the Release schedule indicates that .8 could be an option?
<Daviey> ttx: ?
<ttx> Daviey: "the last they release". Hopefully 1.4.8
<zul> Daviey: im just afraid its not going to get enough testing done by us
<ttx> Daviey: see  #openstack-meeting about making them change
<ttx> arh
<ttx> see #openstack-packaging
<jamespage> lynxman, does this fix the issue therve was talking about yesterday?
<lynxman> jamespage: as well, it's the patch I ported to quilt :)
<jamespage> lynxman, inets-plugin?
<lynxman> jamespage: yesh
<rbasak> jamespage: bug 932628 is fixed in ubuntu, right?
<uvirtbot> Launchpad bug 932628 in openmpi "opal_wrapper crashed with SIGSEGV in __libc_calloc()" [High,In progress] https://launchpad.net/bugs/932628
<jamespage> yes
<rbasak> never mind, of course it is
<rbasak> ok
<jamespage> lynxman, not sure I get the need for -erlang-client
<jamespage> the old package did not enable it and restart
<lynxman> jamespage: erlang-client is required by the stomp plugin, it's the ampq_client plugin, it's automatically enabled by dependencies if you enable stomp but I included it in order to maintain 100% compatibility with the previous packages
<jamespage> lynxman, hm
<jjohansen> stgraber: the new apparmor should hit the archive today some time (ie its just waiting on the submission processes atm)
<lynxman> jamespage: if you don't fancy it removing the package and dependency will have the same effect
<jamespage> I think that the rabbitmq-server package needs to replace it and earlier versions of the rabbitmq-stomp package otherwise its going to break on upgrade
<jamespage> lynxman, let me have a hack at it...
<lynxman> jamespage: that's why I added the package here as well
<lynxman> jamespage: either that or obsolete the erlang-client package
<smb> More smb nitpick reloaded: bug 949028
<uvirtbot> Launchpad bug 949028 in ubuntu "libvirt: xen: never use type=ioemu for vif definitions" [Medium,Triaged] https://launchpad.net/bugs/949028
<stgraber> jjohansen: good to hear. I turned off apparmor for lxc yesterday, once I see the new apparmor landing I'll try it, update the profile and re-enable it in LXC
<jamespage> lynxman, did earlier versions of rabbitmq-stomp actual enable the plugin?
<lynxman> jamespage: earlier versions had the plugin binary and the config necessary for rabbitmq to enable the plugin
<lynxman> jamespage: there was not an enablement mechanism per se, that's new to 2.7.1
<jamespage> ah - I see
<lynxman> jamespage: so the packages have become empty of binary content but just config and enablement mechanisms
<jamespage> lynxman, did plugins enable automagically < 2.7.1
<lynxman> jamespage: not always, just adding the binary didn't, you also needed to provide config (in some cases), in some others just providing the binary did it
<lynxman> jamespage: for ampq_client (erlang-client) just providing the binary works, but now you actually need to activate it
<jamespage> lynxman, so rabbitmq-erlang-client is needed in actual fact - just todo that enablement
<lynxman> jamespage: correct
<lynxman> jamespage: same for rabbitmq-stomp
<lynxman> jamespage: but it's a very explicit way of saying "I really want that plugin going"
<lynxman> jamespage: in rabbitmq-stomp case there's also extra config
<jamespage> lynxman, OK - I understand now
<jamespage> we need to add some Breaks to rabbitmq-server - I can do that
<jamespage> its going to replace files owned by other packages so they have to be un-installed first
<zul> smoser: /usr/bin/glance has been split out into its own package btw
<lynxman> jamespage: I added them and then removed them when adding the other packages, but you're right (must have thought about that)
<lynxman> jamespage: Breaks: rabbitmq-stomp (<< 2.7.1-0), rabbitmq-erlang-client (<< 2.7.1-0)
<jamespage> and plugins
<jamespage> 2.7.1 is enough
<lynxman> jamespage: cool :)
<SpamapS> jamespage: Breaks+Replaces will be in order actually
<smoser> zul, woot. youcan slose that bug if you think it should be.
<zul> smoser: will do so on friday when i upload it
<jamespage> SpamapS, Replaces as well? we will still have -stomp and erlang-client packages
<smoser> ah. k.
<SpamapS> jamespage: Breaks will only prevent concurrent configuration
<smoser> thank you zul.
<zul> smoser: no worries
<jamespage> SpamapS, to replaces will ensure it drops the package before unpacking?
<SpamapS> jamespage: so if your new package overwrites files from a previous version of some other package, it needs to Replaces: it so that it can do that before the upgrade of the other package.
<jamespage> snpa
<SpamapS> jamespage: no, Replaces allows you to selectively replace files.
<jamespage> SpamapS, ah - I see
<SpamapS> jamespage: then later the new version will be extracted and configured.
<SpamapS> s/will/can/
<SpamapS> jamespage: if you don't do Replaces.. you may still get conflicting file problems
<lynxman> SpamapS: jamespage: would it be convenient then to do Replaces: per subpackage?
<jamespage> lynxman, do you think that plugins-common should be part of rabbitmq-server now?
<jamespage> it just enables a .d configuration directory
<lynxman> jamespage: it does make sense to centralise the packaging if we pull in the plugins doesn't it
<lynxman> jamespage: otherwise you can just strip it out, the existing package is OK as it is
<lynxman> jamespage: until the rabbitmq guys change something again :)
<SpamapS> lynxman: no, if its the same binary name, it doesn't need to do a replaces.
<SpamapS> thats assumed
<SpamapS> its only if rabbitmq-server replaes a file that was in rabbitmq-stomp ...
<SpamapS> replaces rather
<lynxman> SpamapS: it does since the plugin is now in the server package
<SpamapS> lynxman: same path? I thought they had different paths
<lynxman> SpamapS: same path just different filename
<lynxman> SpamapS: if I recall properly (which at this point I might not)
<lynxman> SpamapS: you're right, different path /usr/lib/rabbitmq/lib/rabbitmq_server-2.7.1/plugins/rabbitmq_stomp-0.0.0.ez
<lynxman> SpamapS: jamespage: so no need for Replaces:
<SpamapS> Is there even a reason for a Breaks ?
<jamespage> SpamapS, lynxman: sounds like there might not be
<jamespage> aside from for plugins-common
<lynxman> SpamapS: jamespage: only if the previous package dependencies were not declared properly, then in that case we can be in a case where stomp plugin for 2.6.1 is side by side to server from 2.7.1, and even with that I can see a partial use for Breaks, not a full justification
<SpamapS> lynxman: I thought we were going to add a rabbitmq-stomp to the rabbitmq-server package
<lynxman> SpamapS: that's what we did
<lynxman> SpamapS: have a look at the debdiff
<lynxman> SpamapS: attached to bug #948993
<uvirtbot> Launchpad bug 948993 in rabbitmq-server "rabbitmq-2.7.1-0ubuntu1 lacks compatibility with plugin packages" [Undecided,Confirmed] https://launchpad.net/bugs/948993
<jamespage> lynxman, I posted a revised debdiff to bug 948993
<uvirtbot> Launchpad bug 948993 in rabbitmq-server "rabbitmq-2.7.1-0ubuntu1 lacks compatibility with plugin packages" [Undecided,Confirmed] https://launchpad.net/bugs/948993
<jamespage> it drops the plugins-common package altogether
<lynxman> jamespage: fair enough
<jamespage> I did a quick test and it upgrades OK from what it already in the archive
<jamespage> SpamapS, any chance you could have a quick peek as well ^^
<lynxman> jamespage: I was quite doubtful about adding it or not, I erred on the side of concentrating everything on the same source package
<jamespage> lynxman, OK - so that was the easy bit done
<uvirtbot> New bug: #948719 in keystone (universe) "uninstall  keystone error" [Undecided,New] https://launchpad.net/bugs/948719
<jamespage> lynxman, I think this will need a FFe for two reasons
<jamespage> 1) its two NEW packages from rabbitmq-server
<jamespage> (but they do replace existing ones so that should be OK)
<jamespage> 2) the new packages will need to sit in main; the old ones are in universe - so its all a little confused.
<jamespage> feels like an MIR albeit a minor one
<lynxman> jamespage: hmm alright, I'll be excited to assist into this :)
<jamespage> Daviey: as our friendly release team member are you able to confirm the above?
<uvirtbot> New bug: #944235 in horizon (universe) "python-django-horizon has a missing dep on python-django-nose" [Low,Incomplete] https://launchpad.net/bugs/944235
<Daviey> lynxman: do you have a debdiff i can look at?
<lynxman> Daviey: attached to bug #948993
<uvirtbot> Launchpad bug 948993 in rabbitmq-server "rabbitmq-2.7.1-0ubuntu1 lacks compatibility with plugin packages" [Undecided,Confirmed] https://launchpad.net/bugs/948993
<Daviey> SpamapS has been tracking rabbitmq.. do you have thoughts SpamapS ?
<lynxman> Daviey: reviewed and finely tuned by jamespage
<Daviey> well it's certainly rock solid then!
<jamespage> Daviey: don't count on it
 * jamespage still gets confused by Breaks/Replaces...
<lynxman> Daviey: I can't look for a higher blessing than jamespage's one
<Daviey> jamespage: everyone does :)
<SpamapS> I'll take a look shortly
<SpamapS> lynxman: which debdiff am I looking at.. yours or james page's?
<jamespage> SpamapS, second one (mine)
<lynxman> SpamapS: second (jamespage)
<jamespage> I add some tweaks and tidy
<lynxman> jamespage: you gave it the pixie dust of quality :)
<jamespage> :-)
<SpamapS> ah ok, so rabbitmq-plugins-common is entirely removed?
<lynxman> SpamapS: yes because it's already a package existing in universe, the inclusion on rabbitmq-server was just done to centarlise the rabbitmq package management on the rabbitmq-server source (which makes sense) but doesn't modify in any way the current package
<SpamapS> and the only thing that depended on it, rabbitmq-stomp, doesn't anymore, so yeah, the Breaks/Replaces should cause its removal, if not, autoremove will
<SpamapS> +Suggests: ruby
<SpamapS> lynxman: ??
<SpamapS> usually only hipsters Suggest ruby..
<lynxman> SpamapS: that's legacy from iamfuzz, discard :)
 * lynxman removes his hipster glasses
<jamespage> lol
<lynxman> SpamapS: in this case the pacakge as existing is fine, it shouldn't be removed otherwise the plugins config will break badly
<lynxman> SpamapS: so the intention (just to be clear) is that rabbitmq-plugins-common is still used by rabbitmq-stomp
<lynxman> SpamapS: I was doubtful about which way to go (include it in the source or not) so I did, and jamespage (in his good sense) thought that it wasn't really necessary
<lynxman> SpamapS, jamespage: although now we'll finish with a package in main that provides a plugin package in main that depends from a package in universe
 * lynxman thinks its early enough to drink now
<jamespage> lynxman, SpamapS: for the sake on one config file that could quite happily site in rabbitmq-server it felt like overkill
<jamespage> lynxman, ?
<jamespage> no I dropped the need for plugins-common completely
<lynxman> jamespage: ah, it shouldn't :)
<jamespage> it can be rm'ed
<SpamapS> lynxman: rabbitmq-erlang-client.postrm has a *very minor* error in it
<lynxman> jamespage: the structure that plugins-common provide is required and necessary for any and all plugins
<lynxman> jamespage: so we need to depend on it
<lynxman> SpamapS: oh :)
<lynxman> SpamapS: do tell!
<SpamapS> lynxman: http://www.debian.org/doc/debian-policy/ch-relationships.html .. note that Depends are not guaranteed to be around during postrm, so you need to handle the case where rabbitmq-server has been removed
<lynxman> SpamapS: oops... that'll be a tricky one
<SpamapS> lynxman: basically, if $? == 100 after invoke-rc.d rabbitmq-server restart , that should be accepted
<lynxman> SpamapS: that's why I added the exit 0 at the end of postrm though
<SpamapS> lynxman: your set -e will fail before thats reached
<lynxman> SpamapS: hmm true
<SpamapS> lynxman: actually you also need to do a -x check on rabbitmq-plugins before executing it
<SpamapS> lynxman: in fact, I think its sufficient to just wrap the two actions in that
<SpamapS> if rabbitmq-plugins is gone, its not likely that rabbitmq-server is restartable, or that it matters if you're trying to restart it. :)
<jamespage> that will need to be applied to rabbitmq-stomp as well
<lynxman> jamespage: yeah both postrm scripts are almost identical
<jamespage> +1
<SpamapS> heh.. haven't gotten to that yet. :)
<lynxman> rabbitmq-plugins-common needs to be there, or integrate what it does into -server otherwise
<jamespage> lynxman, already done the second debdiff
<lynxman> jamespage: cool
<jamespage> (last line of rules file)
 * SpamapS wishes the bzr branch were up to date. :-P
<SpamapS> lynxman: has rabbit always purged all of its data on purge w/o asking the user's permission?
<SpamapS> I think thats a bug that we should look at fixing.
<lynxman> SpamapS: yes as far as I'm concerned, that's untouched
<lynxman> SpamapS: agree
<SpamapS> mysql gets this part right.. need a debconf question
<SpamapS> lynxman: I know these aren't your bugs.. but this is also wrong: +                deluser rabbitmq
<SpamapS> users should simply be left on the system forever
<lynxman> SpamapS: I'm writing all this down so we can fix all this, I'd rather just publish a quality package if I have my name in it :)
<SpamapS> lynxman: indeed, me too. :)
<SpamapS> lynxman: if nothing else, lets get these reported as bugs
<SpamapS> lynxman: we should also see if Debian is interested in syncing ubuntu -> debian for rabbit.. looks like the Debian maintainers are kind of MIA
<lynxman> SpamapS: I know the debian maintainer, will ping him with the new package
<lynxman> SpamapS: he's a busy guy :)
<lynxman> SpamapS: would it be okay then if I open a couple bugs then modify the debdiff to fix all this?
<SpamapS> lynxman: indeed.. I just now noticed 2.6 is there now.. it had a bit of a lag last cycle which is whyw e ended up with a -0ubuntu version
<lynxman> SpamapS: could have this done by the end of the night
<Ayrton> Hello everyone. I seted up a openvpn server, and trying to access it through a socks proxy with the command "openvpn --socks-proxy localhost 1080 --config client.ovpn" and I get this error: http://paste.ubuntu.com/873096/
<SpamapS> lynxman: sure, I'll stop my review until your post a new change
<lynxman> SpamapS: cool, thank you!
<SpamapS> lynxman: let me know if you need anything else.
<lynxman> SpamapS: will do, hope I can have a new debdiff in under 20 mins
<lynxman> SpamapS: as soon as its considered solid I'll ping the debian maintainer too
<grendal-prime> mount.cifs works fine from cli...even in a script..but cron execution fails?
<grendal-prime> anyone else run into this?
<grendal-prime> because im totally blown away by this straight up crazness
<uvirtbot> New bug: #949163 in bacula (main) "bacula-dir not starting up" [Undecided,New] https://launchpad.net/bugs/949163
<jetole> Does anyone know about how to setup traffic shaping and policing using tc from iproute2? I want to create a tbf or an htb with all vlans except on in it but it looks like I need to specific a device for each tc rule and this is confusing the heck out of me
<zul> adam_g: i added glance-client and some horizon fixes this morning
<adam_g> zul: sweet
<rbasak> jetole: do you know about http://lartc.org/howto/? Lots of useful help there.
<adam_g> zul: where are those changes at?
<zul> lp:~openstack-ubuntu-testing/{swift,glance,horizon}/precise-essex-proposed
<jetole> rbasak: yes I have read parts here and there over the years including some recently but will look again
<rockets> I need to backup files over a network - I can access said files via smb, sftp, scp, ftp, or NFS. I *cannot* use rsync, due to a bug in my NAS where when you rsync tons of files, some of them are randomly deleted ON THE NAS (yes I know, I know, horrible). Any suggestions for an alternative to rsync?
<rockets> I'm backing up to an ubuntu server.
<jetole> rbasak: I found a section about the intermediate quueing device a moment ago while AFK and looking on my phone but looks like I will have to compile that in
<jetole> according to lartc.org, one of the problems with queuing that IMQ solves is "A qdisc can only see traffic of one interface, global limitations can't be placed" http://lartc.org/lartc.html#LARTC.IMQ
<SpamapS> rockets: if your NAS has a bug that causes rsync to delete files, any other thing that does individual files will also be problematic
<SpamapS> rockets: I'd suggest doing snapshots with tar in that case.
<rockets> SpamapS, can tar do incremental backups?
<rockets> our current solution, rsnapshot, uses hardlinsk to create many incrementals without using additional space, unless a file has changed
<rockets> it works via rsync
<lynxman> SpamapS: I've added the new debdiff to bug #948993 whenever you can review it I'll be grateful
<uvirtbot> Launchpad bug 948993 in rabbitmq-server "rabbitmq-2.7.1-0ubuntu1 lacks compatibility with plugin packages" [Undecided,Confirmed] https://launchpad.net/bugs/948993
<lynxman> SpamapS: need to leave now for the evening, will be online again in ~5 hours
<SpamapS> lynxman: cheers, thanks!!
<roaksoax> zul: have tyou ever handle postgresql user/pass/db creation in a postinst?
<zul> roaksoax: not personally but you might want to look at dbconfig-common
<roaksoax> zul: cool, thansk
<rbasak> jetole: I don't really know anything about advanced routing that isn't on lartc.org :-)
<adam_g> zul: note https://github.com/openstack/nova/commit/314dd69ab00cb35b0683a384023e0cae9844428b  <- not sure if we want to choose one auth strategy to specify in nova.conf as a default
<zul> adam_g: nah
<pabelanger> ubuntu-motu suggested I ask my openstack (nova) packaging questions here.  I've uploaded a debdiff for bug 907152 to resolve a race condition between nova-compute-kvm and libvirt.  I've subscribed to ubuntu-sponsors but also wanted to make sure I notified the package maintainers too
<uvirtbot> Launchpad bug 907152 in nova "Error: unable to connect to '/var/run/libvirt/libvirt-sock', libvirtd may need to be started: No such file or directory" [Medium,Triaged] https://launchpad.net/bugs/907152
<zul> pabelanger: we are a bit backed up but we can get to it today
<pabelanger> zul: ya, no rush.  Just wanted to notify the proper people.  Thanks
<adam_g> pabelanger: is this something that should be proposed to openstack upstream?
<adam_g> pabelanger: oh, i see. nevermind
<pabelanger> adam_g: Possible. Right now I am not sure of the workflow of who maintains the packages
<pabelanger> I was under the impression the packages are managed in Ubuntu, rather then upstream
<adam_g> pabelanger: yeah, my bad. didn't realize it was an issue with the upstart job
<SpamapS> pabelanger: that start on condition may cause issues later on
<SpamapS> pabelanger: any time you use *and*, you may find unintended consequences.
<pabelanger> SpamapS: OIC
<SpamapS> actually really the start on condition that it has now is a bit silly
<pabelanger> recommendations?
<SpamapS> Because a box may have tons of IFACE!=lo
<SpamapS> pabelanger: perhaps just 'start on started libvirt-bin' .. if libvirt-bin is a) Depended on by the package, and b) using a sane start on
<pabelanger> Ya, somebody suggested they be removed and only start on libvirt-bin
<pabelanger> doh
<pabelanger> too slow
<pabelanger> Let me check the package
<pabelanger> and re-upload
<SpamapS> The stop on then needs adjusting
<SpamapS> to 'stop on stopping libvirt-bin'
<pabelanger> ack'd
<SpamapS> Otherwise nova-compute will be stopped when the system goes into runlevel 1, but not started back up when it returns to runlevel 2
<SpamapS> (which is actually already an open bug)
<SpamapS> Oo we should have a push to fix all the runlevel1 bugs
<SpamapS> pabelanger: I lied.. its not an open bug, but it should be one
<SpamapS> and I lied again, it is, bug 820694
<pabelanger> A quick look at the control file shows nova-compute-xcp does not depend on libvirt-bin
<uvirtbot> Launchpad bug 820694 in nova "nova upstart jobs will be stopped but not restarted on transition from runlevel 1 to 2" [Low,Confirmed] https://launchpad.net/bugs/820694
<SpamapS> silly launchpad search doesn't find tags when you search for them
<pabelanger> however, I have never used nova-compute-xcp, so I don't really know what that package does
<SpamapS> pabelanger: does nova-compute-xcp contain that upstart job?
<pabelanger> SpamapS: no :(
<SpamapS> pabelanger: ahh, looks like you have a problem there.. ;)
<pabelanger> Yup, suggestions on how to account for nova-compute-xcp?
<SpamapS> pabelanger: couple ideas..
<SpamapS> pabelanger: either you can have a 'start on runlevel [2345]' job, /etc/init/nova-compute-xcp.conf , which starts nova-compute...
<SpamapS> pabelanger: or you can find an "or" that is suitable and will always be after libvirt-bin
<SpamapS> pabelanger: I suspect that XCP has a daemon that needs to be started for it to work as wel
<pabelanger> okay, let me check for option 2
<pabelanger> seems like the cleaner one to do
<SpamapS> pabelanger: I don't see anything in xcp though.. so I think you're going to have to go with option 1.. we *have* identified a need for a "late in boot" event in upstart, but it does not exist yet.
<SpamapS> as its going to require some re-structuring
<pabelanger> ack'd, let me do that then
<SpamapS> xcp-xapi: /etc/init.d/xcp-xapi
<SpamapS> pabelanger: thats probably the service you want to start after, and since it is a sysvinit script, you probably want 'start on stopped rc RUNLEVEL=[2345]'
<SpamapS> pabelanger: in truth, doing that as the 'or' with libvirt-bin would *probably* work fine.. but it will race with libvirt-bin
<SpamapS> pabelanger: ok, now that I've loaded up your head with upstart madness.. time to eat lunch
<pabelanger> ya, let me see if I can get my brain around that
<smoser> roaksoax, ping
<smoser> you have any reason not to take bug 943000
<uvirtbot> Launchpad bug 943000 in cobbler "update to system fails with  Exception value: 'NoneType' object has no attribute 'os_version'" [Critical,Confirmed] https://launchpad.net/bugs/943000
<smoser> for oneiric updates
<smoser> hggdh, can you put a SRU blob in the description on that one ?
<roaksoax> smoser: i'll take a look at it later today
<hggdh> smoser: roj
<smoser> roaksoax, i can do it.
<smoser> i'm patch piloting
<roaksoax> hggdh: how were you trying to update it and what ISO were you using?
<smoser> roaksoax, but if you want to say "go away smoser, then i'im good with that"
<smoser> i did wonder about the recreate, but it is clearly a bug
<smoser> but, yeah...
<roaksoax> smoser: if you want it, go for it, though, since I haven't experienced that issue myself, I'm wondering why. Cause last time I had an issue with os_version *wasn't* because of a bug per se, but rather an issue of not having the os_version in the list of os_versions
<smoser> its not fixed in precise as i see.
<smoser> yea.
<smoser> so we should  make sure it is fixed in precise
<smoser> which at the moment it is not
<smoser> but why you can have something there without a distro is i guess the real question
<hggdh> roaksoax: I had just edited a system def, and clicked on save
<hggdh> this is not so much "without a distro", as a different code path taken
<hggdh> if you look at the backtrace, you will notice that the call had "distro=None" as one of the parameters
<roaksoax> hggdh: ahh this issue is in esxi
<benji> hey guys, I'm trying to start two ephemeral lxc instances of the same base machine but they both have the same MAC and therefore both claim the existing DHCP lease.  Am I missing something?
<roaksoax> smoser: yeah just fix it in precise, and go ahead with the SRU
<smoser> actually... we do have his change
<smoser> in precise
<smoser> that code is garbage
<gary_poster> put another way (I think), how do you tell libvirt to go get a new MAC address for a particular container
<smoser> and there are multiple blocks that lok the same
<smoser> we do have that one
<smoser> ah.
<smoser> we have the first hunk of hggdh change, but not the second in trunk
<smoser> s/trunk/precise/
<smoser> upstream seems busted too if you hit the profile without a distro path.
<hggdh> this is probably because the affected code changed a lot
<smoser> no. its broken upstream.
<smoser> clearly.
<smoser> unless you can no longer get to that code without distro being set.
<hggdh> so I had to rebase & extend the commit to apply
<smoser> (in which case there are pointless checks for that)
<smoser> so what did you do hggdh to see this ?
<hggdh> I just updated an existing system def
<smoser> what update did you make ?
<hggdh> I changed a profile -- which had not been changed for quite a while
<hggdh> I then went on to look at the profile itself -- had a distro set
<hggdh> and the distros did not get changed in a very long time (mostly the one I was using, Lucid-i386)
<roaksoax> zul: how is the database creation and stuff handled in horizon?
<zul> roaksoax: you might want to look at keystone
<hggdh> smoser: of course, there is the question of why the different code path *now*. But the upstream commit pretty much just checked if distro was set before using it, so I did the same on my code path
<roaksoax> zul: cool, using dbconfig-common
<smoser> hggdh, yeah, its clear to me that upstream trunk is broken if somehow you get into write_pxe_file at https://github.com/cobbler/cobbler/blob/HEAD/cobbler/pxegen.py with a 'distro' set to None
<smoser> i'm not sure how you got there, but if you do, it will clearly die at append_line = "BOOTIF=%s"
<smoser> i just dont know how you're hitting that code.
<smoser> hggdh, i can't reproduce anything here.
<smoser> in fact, the upstream commit you point to seems like it would still fail for whatever case it was failing.
<pabelanger> SpamapS: so you think 'start on stopped rc RUNLEVEL=[2345] or libvirt-bin' is the solution? I'm still unclear why 'start on stopped rc RUNLEVEL=[2345] and libvirt-bin' would cause issues.
<SpamapS> pabelanger: because rc could, in theory, finish before libvirt-bin is started
<SpamapS> pabelanger: but in reality, that is very unlikely
<pabelanger> okay, so 'start on stopped rc RUNLEVEL=[2345] or libvirt-bin' it is
<pabelanger> and, 'stop on runlevel [!2345] or libvirt-bin' too?
<pabelanger> err
<pabelanger> and, 'stop on rc RUNLEVEL=[!2345] or libvirt-bin'
<RoyK> 'stop on nervous breakdown or panic'
<pabelanger> still new to upstart
<hggdh> smoser: this is where we get the error:
<hggdh> dammit
<smoser> boy, hggdh you were upset
<smoser> :)
<hggdh> heh
<hggdh> my IRC client decided to misbehave
<smoser> so.
<hggdh> smoser: this is the code path taken:
<smoser> it looks to me like if you have an 'Image' loaded, then you'
<smoser> then you're dead
<hggdh>         # image names towards the bottom
<hggdh>         for image in image_list:
<smoser> yeah
<hggdh>             if os.path.exists(image.file):
<hggdh>                 contents = self.write_pxe_file(filename=None, system=None,
<hggdh>                         profile=None, distro=None, arch=image.arch, image=image)Y
<smoser> you're done there if image_list is not empty
<hggdh> yes
<smoser> and that is the case now in upstream trunk too
<hggdh> hum
<smoser> roaksoax, ^
<smoser> you see that.
<smoser> basically if you get an image, you're hosed
<hggdh> there are a lot of places where the code can misbehave on the call above, not only distro
<hggdh> I based my patch on the commit I saw, and adjusted for another test on distro
<hggdh> but did not change anything else, since I have no idea of the consequences
<hggdh> but, at least now, I can use cobbler on oneiric
<smoser> yeah. hggdh k.
<smoser> thanks for being patient with me
<smoser> except for when you said 'dammit' and left
<smoser> :)
<hggdh> thank YOU for being patient with me
<hggdh> and for the record, the dammit was not for you, but for weechat
<smoser> hggdh, https://github.com/cobbler/cobbler/issues/16
<smoser> sure it was, hggdh.
<hggdh> yeah, this is it
<hggdh> smoser: never! I would never say 'dammit
<hggdh> ' to you, dammit!
<cemc> hi. how can i check if I have packages installed from outside main/universe/multivers? like PPAs, third party repos etc?
<cemc> without looking in /etc/apt/sources* obviously
<hggdh> smoser: so. Do I add the SRU data?
<smoser> sure.
<smoser> please do.
<smoser> can't helpk.
<smoser> can't hurt
<smoser> and i will get the precise fixed.
<hggdh> perfect, thank you
<grendal-prime> nevermind i figured out the answer...you all can stop looking
<uvirtbot> New bug: #949362 in lxc (universe) "lxc.conf post-stop gets called even if LXC_AUTO is set to false" [Undecided,New] https://launchpad.net/bugs/949362
<gary_poster> smoser, hi.  do you have any knowledge of libvirt and MAC addresses, or can you point to someone who might, or should we wait for hallyn?
<smoser> i didn't understand your question above, gary_poster but all i saw was your "put another way" statement.
<koolhead17|afk> soren, around
<SpamapS> pabelanger: hrm. stop on complicates things.
<pabelanger> indeed
<gary_poster> smoser, we use lxc-start-ephemeral, which puts an overlayfs over an existing lxc container, gives it another name, and starts it.  The problem is that the MAC address for the ephemeral is the same as the base--and this is the case for all of the ephemeral instances with the same base.
<SpamapS> pabelanger: no, actually I think its ok.. let me think about it
<gary_poster> smoser, so, we are looking at various hacks around this that we can do in our instance, but it would be very nice if we could tell libvirt "hey!  please make a new virtual MAC for this ephemeral instance, and don't use that one that we're based on!"
<jetole> Hey guys, if anyone knows tc and qdiscs and all that, I am still trying to find the best way to attach multiple devices under the same queuing discipline for example we have about a dozen vlans going through the firewall connected to a 10mbps/10mbps symmetrical metro ethernet connection and I want to place a limit of 9mbps on all vlans except one but on the some total of all vlans so, for example, vlan1 can use 9, vlan2 can use 9 but vlan1 and ...
<gary_poster> smoser, and we don't see how to do that yet.  Does that make sense yet?  If so, any ideas?
<jetole> ... vlan2 at the same time, both of their traffic can never use more then 9
<jetole> does anyone know how I can do that?
<smoser> i didn't realize lxc-start-ephemeral had anything to do with libvirt
<SpamapS> pabelanger: I think you can just do 'stop on runlevel [016]' .. This means you might stop libvirt-bin while nova is still running, but thats something libvirt should handle gracefully.
<SpamapS> it shouldn't
<SpamapS> why would lxc-start-ephemeral make use of libvirt?
<jetole> while reading the docs I see different ways to attach qdiscs to a specific device i.e. I can rate limit vlan1 but it has no effect on vlan2 or I can rate limit each one separately but the sum of both having a 9mbps limit would be a total of 18mbps. I can't see how to do a collective rate limit on all
<SpamapS> other than to potentially make use of libvirt-bin's default virbr0 ?
<pabelanger> zul: re: glance package, I wondering if chmod 0700 /etc/glance/ is too restrictive of the directory.  While all the files inside have 644 permissions.  Any thoughts on loosing it a bit?
<zul> pabelanger: there is a fix pending
<pabelanger> great
<gary_poster> smoser, it doesn't directly, and maybe we are barking up the wrong tree.  the script is pretty simple right now and doesn't touch libvirt.  We thought it might need to.  Let's get back to the core problem then.  As I said, ephemeral instances have the same MAC addresses as their base.  That means they get the same ip addresses from the local dhcp server.
<gary_poster> this means that if you run them simultaneously, you hav an insane state
<gary_poster> in which one IP points to multiple instances
<lifeless> hah! I was wasking wgrant this yesterday
<lifeless> the ephemeral script needs to mangle the hwaddr in the config
<lifeless> s/wasking/asking/
<pabelanger> zul: do you happen to have a bug number?
<zul> pabelanger: no but it is pending
<pabelanger> ack'd
<smoser> gary_poster, right.
<gary_poster> lifeless, ah! I think I understand.
<smoser> that *does* make sense.
<smoser> i just was confused by libvirt
<smoser> as it has nothing to do with it as i undertsand it.
<gary_poster> sorry, it seems not
<smoser> gary_poster, look in lxc-clone
<smoser> # change hwaddrs
<smoser> you probably need to do that.
<gary_poster> smoser, sounds perfect
<smoser> ther eight be other stuff you need to do also.
<gary_poster> ack
<koolhead17|afk> Is there any reason why oVirt is not available on Ubuntu? :(
<lifeless> koolhead17: noone has packaged it ?
<koolhead17> lifeless,  does it mean it will only be available for RPM based distros :(
<lifeless> no
<SpamapS> gary_poster: I know that ephemeral is attractive because of the cleanup/overlayfs .. but is it worth trying to just use lxc-clone ?
<lifeless> it means it will be available where people package it
<lifeless> SpamapS: s/attractive/omgessential/
<koolhead17> lifeless,  it means its not even in Debian as o now!! :P
<lifeless> SpamapS: the LP tree is a pretty heavy footprint, the shared disk cache *and* the tempfs combine to give us ~0 IO during a test run
<gary_poster> SpamapS, heh, we were just discussing that. :-)  the overlayfs gives us speed that we believe we need because the whole point of this is to be running in parallel.  Past experiments in other similar approaches ran against...what lifeless said
<mdeslaur> SpamapS: didn't get any feedback on mysql in -proposed by any chance, have you?
<SpamapS> mdeslaur: no feedback, the one server I tested them on has been working fine
<SpamapS> mdeslaur: the updates I did for Debian progressed faster than I thought they would.. so they just released 5.1.61 for stable... which I'm sure you noticed ;)
<mdeslaur> SpamapS: ok, thanks...FYI, I'm going to push them out on monday, and then the regression fix on tuesday, and then the regression fix for the regression fix on wednesday :)
<mdeslaur> SpamapS: yeah, I saw that
<SpamapS> mdeslaur: I'll be watching the New list closely
<mdeslaur> SpamapS: cool, thanks
<SpamapS> mdeslaur: I suspect many will have to be Won't Fix though. :-P
<mdeslaur> hehe
<gary_poster> whee, hangs & restarts are fun
<jMCg> Hey folks -- how do I allow multicast in ufw?
<smoser> gary_poster, another option (which i'm almost certain you aren't going to like)
<smoser> is to just use lxc-clone, but have btrfs in /var/lib/lxc
<smoser> then it "just works" and does btrfs snapshots.
<smoser> :)
<smoser> but then you have to cleanup also
<koolhead17> Ursinha, around. the guy erased it all. :D
<Ursinha> koolhead17, lol
<koolhead17> hahahaha. :P
<gary_poster> smoser, :-) cool idea.  The in-memory part of our overlayfs approach is believed to be very important though
<adac> hi guys: I got the following problem: http://pastebin.com/sr4W847a but -f unfortunately does not solve the problem.  I noticed that my boot partition seems to be completely full: /dev/sda5             228M  228M     0 100% /boot Is this maybe th reason for this behaviour?
<lynxman> SpamapS: did you have time to review? :)
<SpamapS> lynxman: no. :(
<lynxman> SpamapS: aww, well anytime you can please :)
<lynxman> SpamapS: I still have a couple puppet patches to do tonight
<psyferre_> Hey folks, would anyone have a quick moment for advice?  My putty session timed out while running a grub update, and like an idiot I decided to just give the machine a quick reboot to resolve the dpkg lock.  Now the system starts to boot but does not quite get to a prompt.  I assume I just need to get in and run dpkg --configure -a... is a live cd the best way to go about this?
<pabelanger> psyferre: try #ubuntu for support
<hggdh> smoser: SRU data added to the bug. I will install your version as soon as it is available (but it will be a manual install via dpkg, we do not allow -proposed on this server)
<Myrtti> pabelanger: actually the topic states "Ubuntu Server discussion and support" - but I suppose that particular problem might be answered in #ubuntu too
 * pabelanger nods
<pabelanger> not really a server specific issue, but grub in general
<psyferre> pabelanger: thank you for the response!
<pabelanger> psyferre: but yes, I would use the live boot-cd to try and repair it
<imcsk8> hello i have a problem authenticating a ssh session via pam-ldap. i can connect succesfully to the ldap server whith this user. i get this error in auth.log "pam_ldap: error trying to bind as user "uid=108584,ou=fing,dc=uach,dc=mx" (Invalid credentials)  Failed password for invalid user 108584 "
<imcsk8> can somebody give me a hint? here are extracts from the log file and from the config files http://pastebin.com/NdiRLriQ
<uvirtbot> New bug: #949508 in bacula (main) "symbol lookup error in libbaccats-5.2.5.so" [Undecided,New] https://launchpad.net/bugs/949508
#ubuntu-server 2012-03-08
<GrueMaster> Yea, I filed the bacula bug.  apparently, only x86_64 is correct.  ldd fails to find libmysqlclient.so on i386, armel, and armhf, possibly ppc as well.
<SpamapS> GrueMaster: should be looking for libmysqlclient.so.18
<GrueMaster> Yes, it should.
<SpamapS> the way bacula supports multiple db backends is kind of silly I think
<GrueMaster> (see the bug report for the gory details).
<SpamapS> they should have figured out dlopen() years ago
<GrueMaster> It looks like we made a half hearted attempt to fix multilib issues in 5.2.5-0ubuntu1 by adding the path for mysql lib64.  I say half-hearted as the patch failed to add support for any other arch.
<SpamapS> GrueMaster: *DOH*
<uvirtbot> New bug: #949608 in samba (main) "package winbind 2:3.5.8~dfsg-1ubuntu2.3 failed to install/upgrade: subprocess installed post-installation script returned error exit status 127" [Undecided,New] https://launchpad.net/bugs/949608
<nOStahl> hi guys, I'm trying to install ubuntu on my first raid setup. raid1
<nOStahl> it gets to partition area and asks for iscsi stuff?
<twb> nOStahl: md or fakeraid
<nOStahl> I setup the raid in bios
<nOStahl> not sure what md stands for
<nOStahl> k I'm at screen now says ! detect disks / one or more drives container serial at a raid configurations have been found, do you wish to activate these Raid devices?
<twb> nOStahl: do not set up raid in the bios
<nOStahl> why not
<twb> nOStahl: because it is fakeraid
<nOStahl> ok so go back into bios and blow away the raid stuff
<twb> Yes
<nOStahl> then restart the installer?
<twb> set it back to AHCI
<twb> always set it to AHCI not hybrid or traditional or raid
<nOStahl> learning something new everyday :)
<nOStahl> it has option for SATA EMULATION legacy mode IDE or Native Mode IDE
<nOStahl> in my bios
<nOStahl> or RAID
<nOStahl> its an hp dc5750 microtower
<twb> How old is this box?  Several years?
<nOStahl> 2006
<nOStahl> i'd say
<twb> probably predates AHCI
<twb> Try native mode
<nOStahl> noticed the bios for it is up to 2.36 and its running 2.25
<twb> I am usually pretty wary of firmware upgrades
<twb> I tend to avoid upgrades unless there's a problem you KNOW it will fix
<nOStahl> aye I don't like chancing a brick
<twb> s/know/are reasonably confident/
<nOStahl> almost back to partition area
<nOStahl> so it will let me setup the raid1 here soon?
<nOStahl> k it is asking me again if I want to activate serial at a raid devices
<qman___> you do not
<qman___> though you may have to zero the disks to fix this problem, I ran into it
<qman___> even though I said no, it detected and assembled anyway
<qman___> and screwed everything up
<nOStahl> k
<nOStahl> so now at partition disks screen
<nOStahl> guided - use entire disk or guided - use entire disk and setup lvm etc
<nOStahl> or manual
<qman___> if you want raid you want manual
<nOStahl> k
<nOStahl> so at screen now showing the two 1.5 terabyte hard drives
<qman___> to do md raid, you have to create partitions of type 'volume for RAID' on each disk, then create the raid, then create partitions on the raid
<qman___> you may want to create a /boot or swap area outside of the raid on the bare disks, though
<nOStahl> hrmm
<nOStahl> i am setting this tower up as a cloud controller / storage controller
<nOStahl> with two dell optiplex 760 towers as nodes
<nOStahl> so this box will be serving the images for the instances etc.
<nOStahl> ok so I need to setup how large of a partition for /boot
<nOStahl> qman___: the wiki does not say to select volume for RAID it says to partition each drive as normal and then go back and select configure software raid
<nOStahl> does that sound right?
<twb> qman___: yes, easiest solution is to write zeros to the first and last ~16MB of disk
<roaksoax> da/win 6
<twb> roaksoax: ENOCHAN
<roaksoax> lol
<linocisco> my ubuntu squid server with two NIC doest not work
<linocisco> hi all
<linocisco> my squid ubuntu server with two NIC doest work. one is for wan IP and one is LAN
<linocisco> my squid ubuntu server with two NIC does not work. one is for wan IP and one is LAN
<Anaphaxeton> hello. i need that a couple of packaged be of newr version
<Anaphaxeton> what could i do? add mirrors for later versions of ubuntu? i am on LTS
<Anaphaxeton> also i found out there is some update-manager?
<Anaphaxeton> is  there hope i can update the server without formatting?
<RoyK> Anaphaxeton: do-release-upgrade
<Anaphaxeton> No new release found
<RoyK> Anaphaxeton: that'll upgrade the release to whatever's next, or to the next LTS if running an LTS, that is, if running 10.04, it won't do much, since 12.04 isn't released
<Anaphaxeton> :(
<Anaphaxeton> ok
<RoyK> Anaphaxeton: running lucid?
<Anaphaxeton> is lucid 10.04?
<RoyK> if so, you can choose to upgrade to a 'normal' release (default is next LTS release)
<RoyK> yes
<Anaphaxeton> i used the -d flag
<RoyK> if you want to upgrade to 10.10, change /etc/update-manager/release-upgrades and set prompt=normal
<RoyK> erm...
<RoyK> that'll upgrade to 12.04 *beta*
<RoyK> which may not be a good idea
<Anaphaxeton> yes
<Anaphaxeton> maybe
<RoyK> but it's up to you ;)
<Anaphaxeton> however i am not using it for exotic stuff
<RoyK> then it'll probably work
<Anaphaxeton> a simple home server for irc logging and torrents
<RoyK> keep a backup in case the midden hits the windmill...
<cemc> hi. how can i check if I have packages installed from outside the standard repos main/universe/multiverse? like PPAs, third party repos etc?
<twb> apt-cache policy foo, might help
<uvirtbot> New bug: #946953 in samba (main) "'Permission denied' when using a windows share" [Undecided,New] https://launchpad.net/bugs/946953
<cemc> twb: I would have to do this on every single package I have installed. isn't there a more efficient way?
<lynxman> morning o/
<twb> cemc: write a sh script?
<Anaphaxeton> i ve done it
<Anaphaxeton> i destroyed my server
<Anaphaxeton> the upgrade process could not complete
<Anaphaxeton> and a reboot made the system useless
<Anaphaxeton> then running a usb stick distro
<Anaphaxeton> seems to not see mt raid 0
<Anaphaxeton> my*
<uksysadmin> hello all
<drag0nz> hey guys, im sorry for the n00b question, but can someone explain to me what does ubuntu cloud means exactly?
<uksysadmin> My Ubuntu 12.04 A2 and B1 installs keep kernel panicking on boot: log.c:768: Assertion failed in log_clear_unflushed: log->remote_closed (Kernel 3.2.0-17-generic)
<bluefrog> drag0nz, http://en.wikipedia.org/wiki/Cloud_computing
<uksysadmin> anybody else see this - was hoping it was an Alpha-2 issue.
<twb> drag0nz: it's a buzzword.  It basically means the same thing as time-sharing (60s) or thin clients (90s)
<uksysadmin> drag0nz: its ubuntu's ability to provision cloud IaaS services out of the box
<kai> hey folks
<kai> I'm trying to script the creation of LXC containers, using disk image files
<kai> is there a way to get mkfs.ext4 to not ask if the device specified is not a block device?
<kai> s/ask/ask for confirmation/
<cemc> what is the recommended way to restrict ssh access to only scp/sftp (no shell) on lucid 10.04 ?
<kai> I tried -q, but that doesn't seem to make a difference
<kai> cemc: http://www.debian-administration.org/articles/94 comes to mind
<cemc> kai: thanks!
<kai> first hit for "ssh sftp only" on google, btw :)
<kai> cemc: http://solderintheveins.co.uk/2011/03/ubuntu-sftp-only-account-how-to/ has a bit more comprehensive setup
<cemc> thanks
<kai> no worries :)
<bluefrog> cemc, you may have to add a Match to close the Match Group "directive" in sshd_config
<koolhead17> hi all
<cemc> bluefrog: thanks for that. the manual says it's either another Match to close the block or the end of the file. since the guide adds those at the end probably that's why it doesn't need a closing Match
<Daviey> lynxman: do you have access to any amd servers?
<lynxman> Daviey: yessir and they're even running Ubuntu
<Daviey> lynxman: \o/, precise?
<lynxman> Daviey: Oneiric, they're prod machines
<lynxman> Daviey: AMD Opteron(tm) Processor 242
<lynxman> Daviey: was thinking about upgrading them to precise though
<Daviey> lynxman: dammit, any lab machines running precise on amd64, that you know of?
 * RoyK has one or two
<lynxman> Daviey: all of them are xeon
<RoyK> pentium III xeon? ;)
<lynxman> Daviey: as said, I can upgrade them to precise, its my mysql prod db
<lynxman> Daviey: nothing wrong can happen right? *wink*
<RoyK> lynxman: really, upgrading a production machine to precise? now?
<lynxman> RoyK: I'm reckless like that
<lynxman> RoyK: it's actually an active-passive cluster, so if I upgrade just one should be fine
<RoyK> and you're not afraid that the older version of mysql will get a nervous breakdown when its peer has been upgraded and data on disk changed to a new format? ;)
<Daviey> eeek
<Daviey> RoyK: Yeah, i really want to get some data from an amd64 machine on precise :(
<Daviey> thanks anyway
<lynxman> RoyK: nah ;)
<Anaphaxeton> upgrading an ubuntu server is a pita...
<Anaphaxeton> goodbye... going to my desktop distro, archlinux!
<lynxman> oh divas :) *shrug*
<jamespage> Daviey: I think I'm misunderstanding the triage report - http://reports.qa.ubuntu.com/reports/ubuntu-server/triage-report.html
<jamespage> when I set the importance I would expect bugs to move from New/Undecided to New?
<jamespage> is that not correct?
<Daviey> jamespage: it should...
<jamespage> Daviey: is there a nice way to make apt-get be more verbose on about what happens in maintainer scripts
<jamespage> error code 11 is not very descriptive...
<Daviey> jamespage: set -x ?
<jamespage> Daviey: doh!
<Daviey> jamespage: dpkg --debug=1000
 * jamespage faceplants
<rbasak> jamespage: if I could get a patch that fixes bug 949044 and touches only ARM specific code, this could get sponsored through feature freeze, right?
<uvirtbot> Launchpad bug 949044 in openmpi "Basic openmpi hello world fails on arm" [High,Triaged] https://launchpad.net/bugs/949044
<Daviey> rbasak: how is that a feature?
<rbasak> Daviey: that's what I mean. It's a bug, so should have no issues getting uploaded? That's my understanding, I just wanted to check!
<Daviey> rbasak: right! :)
<koolhead17> hey zul
<koolhead17> apart from changing the middleware configs at api-paste.ini does packages(services) nova/api/volume/glance  really needs some more changes after the new keystone?
<spajderix> hi
<jamespage> rbasak, as Daviey says - that should not be an issue
<rbasak> jamespage: great, thanks
<eagles0513875_> what is the url that one shoudl use to be able to have a server doa  network install from the archive?
<eagles0513875_> is this the url that i want http://archive.ubuntu.com/ubuntu/dists/lucid/
<jamespage> lynxman, are you doing some updates for puppet?
<zul> Daviey: i havent been able to reproduce that lxc network injection bug
<nOStahl> hey guys, I'm setting up my first raid   a raid1 setup with two 1.5 terabyte hard drives, should I also do LVM?
<Daviey> zul: :/
 * smb guesses this is not a particularly good time to nag zul about reviews/sponsoring...
<zul> smb: xen right?
<smb> zul, Right, though I have another one for libvirt by now...
<smb> bug 948333 and bug 949028
<zul> smb: queue them up right now before i forget :)
<uvirtbot> Launchpad bug 948333 in xen "Xen: pxeboot for e1000 emulation not working" [Medium,In progress] https://launchpad.net/bugs/948333
<uvirtbot> Launchpad bug 949028 in ubuntu "libvirt: xen: never use type=ioemu for vif definitions" [Medium,Triaged] https://launchpad.net/bugs/949028
<zul> smb: doing it right now
<smb> zul, many cheers :)
<_ruben> eagles0513875_: http://archive.ubuntu.com/ubuntu/ oughta be enough for a netinstall url
<eagles0513875_> _ruben: well xenserver is complaining when it tries to update the archives saying there is no release file
<ikonia> that is just a http reference to the URL
<ikonia> you need more info that that
<eagles0513875_> ikonia: like what version etc
<Daviey> jamespage: fancy reviewing a srcNEW?
<jamespage> Daviey: OK
<ikonia> correct
<eagles0513875_> ok thanks ikonia
<Daviey> jamespage: http://people.canonical.com/~davewalker/convoy/
 * jamespage goes to grab coffee
<zul> whats convoy?
<Sliptik> Hello - i am needing to setup an smtp server - before i get to far in - am i on the right path with using Postfix for this
<Daviey> zul: https://launchpad.net/convoy
<uvirtbot> New bug: #949956 in lxc (universe) "lxc-start-ephemeral keeps same MAC address, and so same IP address, as base instance" [Undecided,New] https://launchpad.net/bugs/949956
<zul> Daviey: oooooh...
<zul> smb: did the libvirt patch come from upstream or totally original
<smb> zul, Done by me
<zul> smb: ok just wondering
<smb> zul, It might be something to feed back
<zul> smb: i was just thinking that
<smb> zul, Just not sure what the "usual" procedure would be
<zul> smb: i would say talk to hallyn since he maintains it but he isnt here this week
<zul> smb: anyways uploaded both
<smb> zul, Ok, will do so. Great, thanks
<nOStahl> hey guys, i installed ubuntu server and now when I reboot it show grub and then its blank right after that..
<nOStahl> ubuntu 11.10
<smb> zul, Btw, the xen patch also might be something to feed back to Debian. I think the change of rom file was part of a Debian patch.
<zul> smb: ack
<nOStahl> any ideas?
<lynxman> jamespage: yes, adding some patches that are required to revert a previous behaviour in lockfile treatment
<lynxman> jamespage: almost done, it's a bit of a pita :)
<glenn_> lo.
<jamespage> lynxman, can you pickup a couple of fixes for bug 948983
<uvirtbot> Launchpad bug 948983 in puppet "puppetmaster-passenger default vhost has wrong documentroot" [High,Confirmed] https://launchpad.net/bugs/948983
<jamespage> I think they are both trivial - glenn_ is the reporter
<lynxman> jamespage: glad to do so :)
<smb> nOStahl, Could be various things. You could try to user "nomodeset" on the kernel arguments from grub. I think 11.10 did not use quiet anymore...
<glenn_> jamespage: as i was saying, it might be a good idea, that the puppetmaster-passenger checks if there is a /etc/puppet/puppet.conf before installing, and either backups that file or asks the user for confirmation
<nOStahl> k so I'm in grub and I hit e
<lynxman> glenn_: I reckon that's done automatically by the packaging for any config file, right jamespage?
<nOStahl> shows things like setparams and ins mod stuff
<nOStahl> where do I do nomodeset
<jamespage> glenn_, ah - so that file is provided by puppet-common
<smb> nOStahl, Should be the line which also sets the root= I believe, give me a sec
<nOStahl> ty smb
<jamespage> and lynxman is correct in that any changes to that file made locally are preserved by default be the package management system
<jamespage> you can elect to take the new file - but its an interactive prompt
<glenn_> jamespage: i didnt got that question, but perhaps thats because of the error in the package?
<smb> nOStahl, Actually the one starting with linux and with root=xxx ro <nomodeset> <- there
<jamespage> hmm
<iclebyte> if I've created my own package repo, how do I sign it with gpg?
<jamespage> it should be classified as a conffile
<jamespage> so it should prompt
<nOStahl> in the < >?
<lynxman> jamespage: will tackle both at the same time and repush the branch, if you fancy reviewing later I'll be honoured :)
<smb> nOStahl, no, sorry, without
<nOStahl> k ty
<glenn_> lynxman i can test if you want
<jamespage> lynxman, ack - happy todo so
<lynxman> glenn_: oh that would be superb :)
<lynxman> jamespage: yay \o/
<glenn_> lynxman if youd put it on ur ppa i can test it
<jamespage> lynxman, I need to look at that rabbitmq package again don't I
<glenn_> did that for the backports of lucid/./. too
<lynxman> glenn_: will do so
<lynxman> glenn_: thank you very very much!
 * jamespage pokes himself on behalf of lynxman
<lynxman> jamespage: yeah :)
<nOStahl> smb: k did that then hit f10 to boot and still black screen
<smb> nOStahl, f10?... not sure I user ctrl-x to boot a changed setup. but maybe I just ignore other keybindings
<glenn_> jamespage: so, if id have /etc/puppet/puppet.conf created on a fresh server, you say that if the package install wants to replace that file it should prompt the user?
<nOStahl> ah ok
<nOStahl> restarting lets check
<nOStahl> k tried it again hit e and added nomodeset to the end of ro line
<nOStahl> ctr-x and still black screen
<smb> nOStahl, Yes, actually says both do the same
<nOStahl> this is on a fresh install of ubuntu server 11.10 raid1
<smb> nOStahl, Just had never relaized it changed or was added
<nOStahl> what do I do now heh
<smb> nOStahl, you could add "debug" instead of nomodeset, which will make more boot messages visible
<nOStahl> just tried recover mode kernel
<smb> nOStahl, And what kind of raid1 (hw, fakeraid/dmraid or softraid/md)?
<nOStahl> its booting
<nOStahl> softraid/md
<nOStahl> dropped me saying degraded drive
<SpamapS> softraid.. UGH
<smb> SpamapS, purist. :)
<SpamapS> nOStahl: you should be able to say "Y" to boot degraded
<SpamapS> smb: apologist!
<smb> SpamapS, Never! :-P
<nOStahl> its saying things like md0 unknown partition stuff
<smb> Anyway, that actually reminds me that I am not sure how smart grub nowadays is, but I'd always have /boot on a non-raided partition. I think normally the installer does that automatically
<nOStahl> mdadm CREATE user root not found
<smb> nOStahl, unknown partition may be if the whole md is used a lvm pv
<nOStahl> I  didn't setup lvm
<glenn_> jamespage, lynxman: the install of the puppetmaster-passenger package asks me if it should replace the config file
<nOStahl> ya its just looping trying to start in degraded mode
<jamespage> glenn_, puppetmaster-passenger should not touch /etc/puppet/puppet.conf
<jamespage> but it will pull in puppet-common which will want to update that file
<nOStahl> reinstall is in order it looks like
<glenn_> puppet-common that is ofcourse, as dependency
<jamespage> update/replace
<glenn_> who is squigley.namespace.at ?
<glenn_> i got that in my puppetmaster vhost now :)
<smb> nOStahl, Hard to say... trouble is that it is rather rare I have to resort to mdadm command. so I forget
<smb> nOStahl, I think there was a command to inspect the individual disks meta data...
<SpamapS> mdadm --excamine /dev/xxxx
<SpamapS> examine even
<smb> SpamapS, Right, thanks
<SpamapS> nOStahl: what happened? RAID1 problems post install?
<nOStahl> ya
 * SpamapS tests that every release, and so would be interested to hear if there are holes in the testing
<nOStahl> I followed the ubuntu server setup guide
<nOStahl> I'm running an hp dc5750 with two caviar black 1.5 terabyte hard drives
<glenn_> lynxman: can you double check if that hostname is in the puppetmaster-passenger code? it seems hardcoded
<glenn_> lynxman: on my server i have the hostname of a developers machine
<SpamapS> nOStahl: the degraded boot should drop you to a shell if you say N
<nOStahl> SpamapS: should i do that first before trying a reinstall?
<smb> I think that would be helpful to find out what went wrong
<nOStahl> k one min
<SpamapS> nOStahl: yes, there may be a bug that needs fixing.. it would help a lot. :)
<SpamapS> nOStahl: is this 11.10 ?
<jamespage> Daviey: convoy feedback - http://pad.ubuntu.com/convoy
<nOStahl> k at initramfs
<nOStahl> 11.10 yes
<SpamapS> nOStahl: so first I'd just do mdadm --examine on each device you think should be part of the array
<nOStahl> example?
<smb> mdadm --examine /dev/sda
<smb> if you have an sda
<nOStahl> k ty
<dkn> hey guys, if install the tomcat java server do i need to install the java JRE?
<nOStahl> no md superblock detected on /dev/sda
<nOStahl> same with /dev/sdb
<nOStahl> df shows no devices exempt for udev and tmpfs
<ikonia> nOStahl: partitions not devices
<smb> nOStahl, And when you created the raid, you used sda and sdb or sda1/sdb1
<nOStahl> k walk me through this lol df shows no devices except for udev and tmpfs
<dkn> http://paste.ubuntu.com/874680/
<nOStahl> so mdadm can't find any devices to check?
<smb> nOStahl, what does cat /proc/partitions show?
<nOStahl> checking
<nOStahl> sda / sdb / dm-0 / dm-1
<smb> nOStahl, hm the dm-* ones are surprising... dmsetup ls --tree (hoping this works)
<nOStahl> that spit out pdc_bchdbda1
<nOStahl> and some other lines
<smb> that reeks a bit os fakeroot....
<smb> nOStahl, could you paste me the whole output as a pm or pastbin
<nOStahl> done
<smb> So that looks like a bit like a dmraid consisting of sda and sdb and probably a partition on that...
<smb> If you could paste dmsetup table
<smb> So yes the pdc_bchdbda1 is a partition on a mirror. But not managed by md
<smb> nOStahl, Can it be that you also have some RAID1 option set up in the BIOS
<nOStahl> I did at first
<nOStahl> but then i put it back to normal
<nOStahl> as I was told I didn't want the bios version
<smb> nOStahl, Ah, that is potentially the problem. Maybe meta data on the devices was not removed properly. So now dmraid still grabs the devices
<nOStahl> boot up a gparted disk and zero them out or something and reinstall ?
<jdstrand> zul: I tried to approve the quantum in binNEW, but got:
<jdstrand> ** quantum could not be accepted due to The following files are already published in Primary Archive for Ubuntu:
<jdstrand> quantum-common_2012.1~e4-0ubuntu1_all.deb
<zul> gah?
<smb> nOStahl, about. potentially you could boot the installer and switch to a different vt when it comes to disk setup. But also make sure to have disbanded the raid in the bios and maybe change the mode from raid to ahci if possible in a second step
<iggi__> Hello, I seem to have a common problem across multiple Ubuntu Version, Multiple Pieces of hardware. Basically what happens is I do a net install via PXE boot, once it completes it boots, but stops at a flashing cursor. I know the system itself boots since I can switch to tty2 and it runs without issue.
<nOStahl> my bios dosnt have ahci
<patdk-wk> iggi__, kinds of sounds like a video driver issue
<jdstrand> zul: looks like python-quantumclient and quantum both provide quantum-common and they have the same version
<jdstrand> zul: I need to reject this for now
<smb> nOStahl, ok, then at least it the disks should show up as unmanaged there. I think, bit fuzzy since every bios is a bit different
<zul> jdstrand: ok thanks
<nOStahl> k going to reboot into ubuntu live and check out the disks  there in gparted and format them
<smb> nOStahl, k, not sure how well it is done. Usually a dd if=/dev/zero of=/dev/sda bs=1M should be clean but also takes ages (with 1.5TB)
<nOStahl> what would you say an eta would be for dd'ing
<glenn_> lynxman: did you got my message regarding the developers hostname hardcoded in puppetmaster-passenger?
<smb> nOStahl, no clue, sorry. can depend on a lot of things and rarely done. You may try to be smart and only erase the beginning and use skip= to erase the end in a second step
<smb> nOStahl, But then there is also the chance that the raid bios plays trick with host protected areas
<iggi__> patdk-lap, I've been told that before, but it's different server models. I'll dump the VGA info and check if they're the same chip, I don't think they are though. I'll just file a bug report I suppose
<nOStahl> ugg :P
<patdk-wk> most *server* boards use that matrox 400 chip
<patdk-wk> and I believe is one of the chips with the issue
<patdk-wk> or the old ati chips
<iggi__> Well this one is an ASPEED technology which I've not heard of before
<iggi__> ASPEED Graphics Family (rev 10)
<jamespage> Daviey: do we need to get an FFe/release team ack for the changes we are making for rabbitmq-server?
<jamespage> its fixing up existing universe packages by moving them into rabbitmq-server as they can all be built from one source tree now
<glenn_> jamespage/lynxman: i found the lines: ext/rack/files/apache2.conf:        SSLCertificateFile      /etc/puppet/ssl/certs/squigley.namespace.at.pem
<glenn_> jamespage/lynxman: thats in the puppet source
<jamespage> hmm
<glenn_> should i create a bug for that a puppetlabs?
<glenn_> s/a/at
<jamespage> no
<jamespage> that gets used at the template for /etc/apache2/sites-enables/puppetmaster
<glenn_> jamespage: better they use example.com or whatever
<glenn_> jamespage: thats the developers hostname
<Daviey> jamespage: is there a diff for rabbit?
<jamespage> Daviey, linked to bug 948993
<uvirtbot> Launchpad bug 948993 in rabbitmq-server "rabbitmq-2.7.1-0ubuntu1 lacks compatibility with plugin packages" [Undecided,Confirmed] https://launchpad.net/bugs/948993
<benji> I have submitted an MP to fix bug 949956: https://code.launchpad.net/~benji/ubuntu/precise/lxc/bug-949956/+merge/96601
<uvirtbot> Launchpad bug 949956 in lxc "lxc-start-ephemeral keeps same MAC address, and so same IP address, as base instance" [Undecided,New] https://launchpad.net/bugs/949956
<glenn_> jamespage: so i should leave it like that ? the template?
<jamespage> glenn_, I'm not sure why you have the raw template - it should be re-written during configuration of puppetmaster-passenger
<glenn_> jamespage: that was in my vhost
<glenn_> jamespage: i put bla in puppet.conf
<glenn_> jamespage: guess its a bug then
<Daviey> jamespage: looking
<jamespage> Daviey: ta very much
<jamespage> the debdiff has had review from me and SpamapS
<lynxman> Daviey: thanks for the reviews
<lynxman> jamespage: SpamapS just posted one minor correction to the debdiff
<lamont> puppet/precise seems to wind up with zombie children from time to time, which it then fails to reap
<glenn_> puppet is weird with children anyway, they just detach it in ruby
<lamont> select(0, NULL, NULL, NULL, {0, 994126}) = 0 (Timeout)
<lamont> select(0, NULL, NULL, NULL, {1, 0})     = 0 (Timeout)
<lamont> select(0, NULL, NULL, NULL, {1, 0})     = 0 (Timeout)
<lamont> that's the parent
<glenn_> lamont: do you have custom modules/manifests which could cause this? I had something familiar too
<lamont> dunno... a backport of 2.7.11 to lucid (and hardy for that matter) does not show this
<glenn_> are you on the 0.24?
<lamont> 0.24?
<glenn_> puppet 0.24 is default on lucid, backports put you higher
<lamont> 2.7.11-1 backported to lucid and hardy seem to not hit this
<glenn_> oh
<glenn_> nm :)
<lamont> only seeing it on machines running precise.  and there it is common
<glenn_> did you backport the precise version to lucid?
<lamont> yes
<glenn_> because the official backports for lucid come from oneric i believe, and they are on 2.7.1. does that version have the same behaviour, or is it only with 2.7.11 ?
<lamont> we've seen it since at least 2.7.9
<lamont> I think our use of 2.7.9 predated our use of precise
<lamont> though not 100% sure on that
<micahg> bigon was complaining of the same thing a few days ago I think
<lamont> micahg: that it's new to 2.7.11 or that it's there wiht 2.7.1?
<bigon> +1
<glenn_> i had issues with an upstart script regarding children, but that was totally something else
<bigon> https://launchpad.net/~bigon/+archive/lucid-backports << just started my backport ppa :p
<micahg> lamont: the problem is the precise package changed too much to make an official backport easy from precise
<glenn_> micahg: what exactly is so different?
<lamont> micahg: yeah... we kinda ripped out cjwatson's change
<glenn_> micahg: it would be very nice to have precise puppet package backported to lucid in the future, instead of the oneric one
<micahg> glenn_: ruby deps, dpkg-maintscript-helper usage
<glenn_> micahg: ah ok
<bigon> ruby gem name
<micahg> bigon: we can't do that for backports ;)
<bigon> it's only s/ruby-json/libjson-ruby
<micahg> well, that part would be easy, but some of the other packaging changes were more intrusive, if there's an actual bug in the oneiric package and the fix isn't too big, maybe that can be SRUd
<glenn_> i still dont understand the template vhost issue with puppetmaster-passenger
<bigon> the path of the docroot is not ok?
<bigon> glenn_:  http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=662866?
<uvirtbot> Debian bug 662866 in puppetmaster-passenger "puppetmaster-passenger: Incorrect DocumentRoot in apache2.site.conf.tmpl" [Normal,Open]
<glenn_> bigon: well i have been testing some things, and when i just put bla in puppet.conf, then install puppetmaster-passenger without replacing the SSL certificates are names according to the raw template
<glenn_> bigon; no not that one
<bigon> ah well I didn't saw this I think
<bigon> -> home
<glenn_> guess people should just use a proper puppet.conf then, else they experience weirdness
<glenn_> but i think it should be catched and put in the right way, to be more user friendly
<kawer_>                             .::::..:::....
<kawer_>                           .:""":::..::.  :::..
<kawer_>                       ...::::::.     :.::: ':::
<kawer_>                   ..:::::.. ..:::.  .  '::: :".::.
<jamespage> lynxman, I'll pester Daviey tomorrow about rabbitmq-server....
<lynxman> jamespage: :)
<lynxman> jamespage: I think I'll push another debdiff with SpamapS suggestion, it's a very minor one
<glenn_> lynxman: where in the puppet source can i find the code which would use the template and create the actual vhost?
<lynxman> glenn_: it should be on the debian packaging part, gimme some mins to get my head around this patch and I'll assist you :)
<glenn_> lynxman: awesome
<glenn_> seems to be puppetmaster-passenger.postinst
<glenn_> this is worse then i thought :>
<glenn_> since it seems to reside in the puppet binary
<lynxman> glenn_: all the modifications are in puppetmaster-passenger.postinst yeah
<lynxman> glenn_: so? we just need to patch it
<glenn_> err: Could not parse /etc/puppet/puppet.conf: Could not match line bla at /etc/puppet/puppet.conf:bla
<glenn_> notice: Removing file Puppet::SSL::CertificateRequest err: at '/etc/puppet/ssl/ca/requests/err:.pem'
<glenn_> notice: Removing file Puppet::SSL::CertificateRequest err: at '/etc/puppet/ssl/certificate_requests/err:.pem'
<glenn_> root@puppetclient:/etc/puppet/ssl/private_keys# ls
<glenn_> ?[1;35merr:.pem  could.pem  not.pem  parse.pem
<glenn_> nice :>
<glenn_> before this i had the hostname from the template itself
<glenn_> root@puppetclient:/etc/puppet/ssl/private_keys# puppet config print certname
<glenn_> err: Could not parse /etc/puppet/puppet.conf: Could not match line bla at /etc/puppet/puppet.conf:bla
<glenn_> puppetclient.glennaaldering.nl
<glenn_> how would you patch something like this
<glenn_> cut out the err: line?
<glenn_> yeah that would work
<glenn_> lynxman: if i put this in the postinst the cert is created ok:             puppet cert generate $(puppet config print certname |grep -v err)
<glenn_> lyxnman: but the problem is that the first line of the output is used for creating things, it goes for all puppet config options
<glenn_> lynxman: the installer should exit i think
<lynxman> glenn_: still not with you :) 1 sec
<glenn_> lynxman: it helps when i just talk :)
<lynxman> glenn_: lol
<glenn_> lynxman: it does :) i got my first deb package build :>
<glenn_> i could fix my own bug :>
<glenn_> put it a2enmod headers
<glenn_> nice
<glenn_> s/it/in
<glenn_> but lynxman is fixing that already lol
<lynxman> :)
<lynxman> glenn_: okay I reproduced the issue
<glenn_> lynxman: i am doing an if statement at the top now, checking for err in puppet config print
<lynxman> glenn_: http://pastebin.ubuntu.com/874923/
<glenn_> lynxman: and if so it should exit
<glenn_> lynxman: um, is ur paste the fixed one?
<lynxman> glenn_: nope, its just the one I just built (with my own set of patches applied), now hunting down yours :)
<glenn_> lynxman: ur paste is not the same as my issue
<lynxman> glenn_: yeah that's why I needed to first finish this patching
<glenn_> lynxman: whats wrong with this:     if [ $(puppet config print) =~ "err" ]; then
<glenn_> this is what i want to achieve :>
<lynxman> glenn_: just diving into it right now, let me see...
<glenn_> stupid bash
<glenn_> why cant i use islike
<glenn_> oh i have to use regex
<glenn_> lynxman: are you able to reproduce it?
<lynxman> glenn_: on it
 * lynxman is being pulled in different directions
<glenn_> im just strugging with sh syntax
<lynxman> glenn_: found the errors and fixed them already :)
<lynxman> glenn_: let me update the bug
<glenn_> lynxman how
<glenn_> ive been staring an half hour
<glenn_> :>
 * glenn_ curious now
<glenn_> whats the bug id/url
<lynxman> glenn_: you reported it ;)
<lynxman> glenn_: https://bugs.launchpad.net/ubuntu/+source/puppet/+bug/948983
<uvirtbot> Launchpad bug 948983 in puppet "puppetmaster-passenger default vhost has wrong documentroot" [High,Confirmed]
<glenn_> lynxman: thats old, im on a new one :>
<glenn_> you must be really busy..
<lynxman> glenn_: it really shows ;)
<glenn_> uhuh
<lynxman> jamespage: any other puppet bug I must look at? #948983 is done
<glenn_> lynxman: the one im onto is pretty nasty
<lynxman> glenn_: can you point me at the bug in launchpad?
<glenn_> lyxnman: i should create it for you then
<glenn_> but its easy to reproduce
<glenn_> should i just file it?
<lynxman> glenn_: please, otherwise I can't track it
<glenn_> sure ok
<Daviey> jamespage: I don't need no pestering! :)
<lynxman> Daviey: you're a star ;)
<zul> smoser: ping
<zul> oooh...jono needs help with a server ;)
<Plizzo> I need help with my server, when I try to boot it it says "There appears to be one or more degraded RAID devices" and a ton of other information. What could be wrong, all my disks are working properly..
<smoser> zul, here.
<Plizzo> It's been working great for the past 15 days, just rebooted it
<glenn_> Plizzo: seems like one of the disks is not ok
<zul> smoser: have you run across any documentation for valid ec2 key names
<glenn_> Plizzo: have you tried megacli to return information regarding the raid arrays?
<Plizzo> glenn_: But I ran the server 5 minutes ago, everything was working fine, just did a normal shutdown and this happened
<Plizzo> glenn_: What is that?
<glenn_> Plizzo: its a tool which you can use in a running system to show all information regarding raid stuff
<Plizzo> Right now I'm stuck in BusyBox because I don't want to boot degraded
<glenn_> Plizzo: ouch, already rebooted...
<glenn_> Plizzo: have you tried looking in the controller itself?
<Plizzo> glenn_: I don't have a controller, it's a software raid
<Plizzo> glenn_: Or what do you mean?
<glenn_> Plizzo: nevermind the megacli then
<glenn_> Plizzo: i was figuring ur on hardware raid :)
<glenn_> Plizzo: i dont know much about software raid sorryz
<glenn_> Plizzo: i suggest you try to get information from the commandline using the software raid tools
<smoser> ec2 key
<Plizzo> glenn_: Alright, thanks anyway
<smoser> as in ssh key you mean ? zul ?
<glenn_> Plizzo: to see if there is an error or any other message regarding the arrays or disks
<smoser> i can just try some if you'd like
<Plizzo> glenn_: But I don't want to boot degraded, what will happen if I do?
<zul> smoser: as in keypair name
<glenn_> Plizzo: what kind of raid set do you have?
<zul> smoser: im assuming that its similar to bucketnames
<Plizzo> My system is on a 64GB SSD, and I have three 2TB seagate drives in RAID5 array
<adam_g> zul: any idea sup with this one ? just hit it myself https://bugs.launchpad.net/ubuntu/+source/keystone/+bug/948719
<uvirtbot> Launchpad bug 948719 in keystone "uninstall  keystone error" [High,Confirmed]
<Plizzo> glenn_: My system is on a 64GB SSD, and I have three 2TB seagate drives in RAID5 array
<glenn_> Plizzo: if its raid 5 and one disk is bad, i dont think much would happen
<glenn_> plizzo: if its raid 5 and 2 disks are bad, the data should be broken already :)
<Plizzo> glenn_: I've been using the server all day, streaming content. I've had this error once before but it wen't away when I rebooted
<zul> adam_g: havent seen that before ill take a look
<glenn_> Plizzo: how did you get into busybox? was that due to the reboot?
<Plizzo> glenn_: I'm going to open the computer and check that all SATA sables are in place
<adam_g> zul: there are some tempest tests that test constraints on keynames, but i was never able to find any documentation to support those rules.
<glenn_> plizzo: next time get more information before you reboot a server when raid is degraded, at least that is what i would do
<Plizzo> glenn_: It automaticly jumps to busybux when the "Boot degraded" question times out
<zul> adam_g: right im looking for ec2 specific
<glenn_> Plizzo: so your running system just went into busybox?
<glenn_> cant imagine
<zul> adam_g: because right now " " is a valid character and it probably shouldnt be
<adam_g> zul: yea, i was trying to find ec2 API docs that defined that stuff, couldn't find it
<Plizzo> glenn_: No, I rebooted my server like normal, and at boot-up it gave me the "degraded raid" message, and when I did not choose anything it wen't into BusyBox
<zul> adam_g: trying to make ec2 api suck less :)
<glenn_> Plizzo: You should have checked the raid status before rebooting :)
<glenn_> Plizzo: you should try it from busybox, using ur software raid tools
<glenn_> Plizzo: find out why the array is degraded, and fix accordingly
<glenn_> lynxman: https://bugs.launchpad.net/ubuntu/+source/puppet/+bug/950183
<uvirtbot> Launchpad bug 950183 in puppet "puppetmaster-passenger postinst creates wrong certificate files and puppetmaster vhost if puppet config print has an error" [Undecided,New]
<glenn_> root@puppetclient:/etc/puppet/ssl/private_keys# ls
<glenn_> ?[1;35merr:.pem  could.pem  not.pem  parse.pem
<glenn_> :>
<glenn_> Plizzo: something like mdadm -Q i suppose
<SpamapS> Plizzo: if you say "Y" to the boot degraded message, does it boot fine?
<SpamapS> Plizzo: the reason for the busybox is to allow you a chance to fix any weirdness in your raid superblocks that may have come from disconnecting/reconnecting drives
<Plizzo> SpamapS: I booted Linux degraded and ran cat /proc/mdstat
<uvirtbot> New bug: #950183 in puppet (main) "puppetmaster-passenger postinst creates wrong certificate files and puppetmaster vhost if puppet config print has an error" [Undecided,New] https://launchpad.net/bugs/950183
<Plizzo> I have three disks /dev/sda, /dev/sdb, /dev/sdd
<Plizzo> This disk is not in the list of active devices: /dev/sdd
<Plizzo> But the disk is recognized by the system otherwise
<Plizzo> Which I find odd
<Plizzo> glenn_: What does mdadm -Q do?
<glenn_> man mdadm
<glenn_> it queries ur raid device
<glenn_> mdadm --query /dev/md0
<glenn_> something like that
<SpamapS> Plizzo: mdadm --examine /dev/sdd
<glenn_> or that :)
<Plizzo> "mdadm: No md superblock detected on /dev/sdd."
<Plizzo> But all disks say that
<SpamapS> Plizzo: wha?
<SpamapS> Plizzo: can you pastebin mdstat ?
<Plizzo> Sure
<Plizzo> http://pastebin.ubuntu.com/875049/
<SpamapS> md0 : active raid5 sda1[0] sdc1[1]
<SpamapS> Plizzo: AHA
<SpamapS> Plizzo: --examin /dev/sdd1
<SpamapS> Plizzo: you forgot to mention you had partitions defined
<Plizzo> SpamapS: I'm not that good with this, a friend of mine helped me set up the array, and mdadm would not let us create the array without partitions
<Plizzo> I'll paste the command output
<Plizzo> http://pastebin.ubuntu.com/875051/
<zul> adam_g: do you have a /etc/dbconfig-common/keystone.conf?
<Plizzo> SpamapS: http://pastebin.ubuntu.com/875051/
<Plizzo> SpamapS: To me everything looks normal, what does it say to you?
<glenn_> Plizzo good luck on the array
<glenn_> im off
<SpamapS> Plizzo: mdadm -A /dev/md0 /dev/sdd1
<SpamapS> Plizzo: that *should* add it back in
<Plizzo> SpamapS: mdadm: /dev/md0 is already in use.
<Plizzo> Should I stop the array?
<zul> smoser adam_g: a hah http://docs.amazonwebservices.com/AWSEC2/latest/CommandLineReference/ApiReference-cmd-CreateKeyPair.html
<Plizzo> SpamapS?
<SpamapS> Plizzo: no it should be able to be hot-added
<Plizzo> SpamapS: Seems not :/
<SpamapS> Plizzo: what version is this?
<Plizzo> OS?
<Plizzo> SpamapS: I'm running Ubuntu Server 11.10 x64
<SpamapS> Plizzo: weird
<smoser> nice work, zul
<Plizzo> SpamapS: What can I do? :(
<Plizzo> I found it
<Plizzo> It should be a lowercase "a"
<Plizzo> sudo mdadm -a /dev/md0 /dev/sdd1
<SpamapS> Plizzo: ahhh
<SpamapS> I think I actually usually use --add
<adam_g> zul: cool
<Plizzo> SpamapS: http://pastebin.ubuntu.com/875077/
<SpamapS> Plizzo: gggrrrreeatt success!
<Plizzo> SpamapS: Why /dev/sdd1?
<SpamapS> http://cdn.pimpmyspace.org/media/pms/c/e7/7l/l3/borat.jpg
<SpamapS> Plizzo: most likely it had some problem during one of your boots
<SpamapS> Plizzo: any inconsistency is met with refusal to go forward..
<Plizzo> SpamapS: I'm going to do a reboot and see if it still works ;)
<Plizzo> Wish me luck
<SpamapS> Plizzo: wait for the recovery!
<Plizzo> SpamapS: Huh?
<SpamapS> Plizzo: it should continue the recovery on reboot.. but.. well if you are willing to sacrifice your data, I'd be interested ;)
<Plizzo> SpamapS: I already rebooted, did not know it had to do that :/
<SpamapS> Plizzo: your md0 is still rcovering
<SpamapS> Plizzo: it said 275min .. what did you think it was doing?
<SpamapS> Plizzo: its possible you will be fine now though
<Plizzo> SpamapS: Guess I was too quick..
<SpamapS> Plizzo: and actually I'd be interested to hear how it goes.
<Plizzo> SpamapS: Well, it booted into the message about "a degraded raid" and displayed the recovery message.. then it went into Busybox..
<Plizzo> SpamapS: Should I reboot into the degraded raid and let it perform the recovery?
<Plizzo> SpamapS: I need some advice :/
<SpamapS> Plizzo: I'd suggest that you boot to degraded mode (answer Y)
<SpamapS> Plizzo: cat /proc/mdstat , it should probably show a recovery in progress
<SpamapS> Plizzo: at the worst, it will show the same old problem (sdd1 missing)
<Plizzo> SpamapS: http://pastebin.ubuntu.com/875101/
<Plizzo> It's progressing
<lynxman> Daviey: does bug #950183 deserve some attention? afaict the package shouldn't gracefully recover from a previous config misconfiguration right?
<uvirtbot> Launchpad bug 950183 in puppet "puppetmaster-passenger postinst creates wrong certificate files and puppetmaster vhost if puppet config print has an error" [Undecided,Confirmed] https://launchpad.net/bugs/950183
<SpamapS> Plizzo: alright. Good luck going forward. :)
<lynxman> SpamapS: I have a packaging question for you
<lynxman> SpamapS: I have a patch that removes 3 files and modifies a bunch more, everytime I apply it and run debuild -S -sa it generates a debian-changes because it says there's more changes, looks like it can't really keep track of this humongous patchfile
<lynxman> SpamapS: tried patching and then letting debuild generate a debian-changes file and using that one, same result
<lynxman> SpamapS: any other recommended ways to tackle that?
<Plizzo> SpamapS: Thanks for all the help!
<reisi> evening, just noticed one of my hosts apt-get update no longer works; any ideas? http://pastebin.com/z2Tb0dht
<reisi> does this mean that the package lists are broken or...?
<reisi> other lucid host seems to work ok, with same mirrors
<reisi> broken one has apt 0.7.25.3ubuntu9.9 and working has apt 0.7.25.3ubuntu9.10 so...
<reisi> the changelog says nothing that'd help here
<SpamapS> lynxman: I've never had issues with that. Usually I use 'dpkg-source --commit' and then the changes patch isn't generated anymore.
<lynxman> SpamapS: ooh thanks, I'll try that :)
<reisi> hmm i wonder if anyone answered to me while i magically parted the channel?
<guntbert> reisi: not after 21:31
<reisi> well, removal of apt lists cleared the situation
<lynxman> SpamapS: just updated bug #948993 with your suggestions, thanks :)
<uvirtbot> Launchpad bug 948993 in rabbitmq-server "rabbitmq-2.7.1-0ubuntu1 lacks compatibility with plugin packages" [Undecided,Confirmed] https://launchpad.net/bugs/948993
<lynxman> Daviey, SpamapS, jamespage: If someone fancy reviewing the merge I'd be grateful (https://code.launchpad.net/~lynxman/ubuntu/precise/puppet/puppetlabsfixbug12844/+merge/96391)
<gary_poster> smoser, if you are willing and able, it would be lovely to have a review of https://code.launchpad.net/~benji/ubuntu/precise/lxc/bug-949956/+merge/96601 (and then a merge if it is OK)
<smoser> gary_poster, did you add the ( ) around the while ?
<SpamapS> lynxman: wow thats a massive diff
<gary_poster> smoser, benji says they were copied straight from lxc-clone
<gary_poster> and they are needed
<smoser> just curious. they're not necessary.
<smoser> not needed.
<gary_poster> oh
<smoser> ie, instead of the ( ) you coul dmove the '< $c.old > $c' up to the 'done' line
<smoser> but i wouldn't touch it if its the same as the source
<gary_poster> smoser, ah ok, I wondered if that was what you meant.  but yeah, that's direct from -clone
<smoser> onlu other question..
<smoser> is there a use case where someone would not want to change the MAC but want ephemeral ?
<lynxman> SpamapS: it is :/ it reverts a previous behaviour on lock files
<gary_poster> smoser, interesting question.  I don't *think* so, but a real answer would probably become philosophical fast.  Our project was the one that needed this, and that's not what we want; moreover, if you want multiple ephemerals simultaneously, you want different MAC addresses.  Therefore, I'd argue that we don't want it now, and if there's a use case for it in the future, what we have now should be the default behavior
<gary_poster>  (so we can add an option if we need it)
<gary_poster> (if you want simultaneous multiple ephemerals all based on the same base container, I should say)
<smoser> gary_poster, uploaded.
<gary_poster> awesome, thank you smoser
<uvirtbot> New bug: #950357 in php5 (main) "package php5-cgi 5.3.5-1ubuntu7.7 failed to install/upgrade: le sous-processus script post-installation installÃ© a retournÃ© une erreur de sortie d'Ã©tat 10" [Undecided,New] https://launchpad.net/bugs/950357
<stgraber> jjohansen: oh, I forgot to poke you about apparmor today, well I guess it's not too late for that just yet ;) so what's happening there?
<jjohansen> stgraber: the patches etc have been for review and its now waiting to be uploaded, jdstrand normally does that but I don't think he has time todo it today, and will probably get to it in the morning
<jjohansen> stgraber: sorry its taken so long its the quality assurance process where all of our patches must be reviewed and acked, and that has taken a couple days with other peoples work loads
<stgraber> jjohansen: ok, if it's uploaded today that's fine, then I can fix LXC and have my blog post about LXC in 12.04 published over the weekend
<stgraber> s/today/tomorrow morning/g
<jjohansen> stgraber: yeah that shouldn't be a problem
#ubuntu-server 2012-03-09
<MTecknology> How can I resize a volume group to match the size of an increased physical volume?
<rockets> Nothing makes server maintenance go more quickly like joy division
<twb> MTecknology: pvresize?
<MTecknology> twb: I did pvresize to get that bigger, but now I can't get the volume group to see that it's bigger
<MTecknology> frick
<MTecknology> twb: i was looking at the wrong volume group.... sorry
<seas> Is there a way to get gfs2 working alongside pacemaker in 12.04? dlm_controld.pcmk and gfs_controld.pcmk seem to be gone and pacemaker refuses to start with cman+corosync (https://bugs.launchpad.net/ubuntu/+source/pacemaker/+bug/887165)
<uvirtbot> Launchpad bug 887165 in pacemaker "Pacemaker built without cman support." [Wishlist,Triaged]
<uvirtbot> New bug: #950450 in euca2ools (main) "Short options mislabeled" [Undecided,New] https://launchpad.net/bugs/950450
<marcoceppi> Is there a 12.04 server install out yet? Or will that land when 12.04 goes live?
<twb> You can do one at any time using auto-built installer media
<twb> Obviously until 12.04 is released, it will only be a alpha or beta install
<twb> e.g. http://archive.ubuntu.com/ubuntu/dists/precise/main/installer-amd64/current/images/netboot/mini.iso
<twb> Note that's effectively the same as the "alternate" installer, the main difference between the alternate and server install media is what tasksel prompts you for, whether the language-pack packages are installed, and what packages are cached on the CD.  The last of these doesn't apply for the mini ISOs.
<adam_g> zul: ping
<pabelanger> marcoceppi: not sure what you mean, 12.04-beta1 is out. For desktop / server / etc
<marcoceppi> pabelanger: I can't find the ISO for it, I guess it was just a lazy way of saying "Where can I grab a beta ISO" other than install 11.10 and upgrade -d
<pabelanger> marcoceppi: https://wiki.ubuntu.com/PrecisePangolin/TechnicalOverview/Beta1
<pabelanger> links listed
<Luisinho> PESSOAL EU QUERO APRENDER A NUKAR UM SERVIDOR OQUE EU FAÃO ?
<marcoceppi> pabelanger: Thanks o/
<twb> !pt
<ubottu> Por favor, use #ubuntu-br para ajuda em portuguÃªs. Para entrar no canal por favor faÃ§a "/join #ubuntu-br" sem as aspas. Para a comunidade local portuguÃªsa, use #ubuntu-pt. Obrigado.
<marcoceppi> So, I've never done a bare server install. I've got a HP Proliant that I'm going to be using to run OpenStack on. I'm assuming it's just something as simple as "Install Ubuntu Server, Install OpenStack, Profit!"?
<pabelanger> marcoceppi: you forgot step 3... ???
<pabelanger> :)
<pabelanger> but basically, yes
<marcoceppi> But it's so easy, you don't need a step 3 \o/
<twb> Installing a base Ubuntu Server is reasonably straightforward.  The main consideration is how to partition / raid / lvm your disks.
<marcoceppi> Well, I take that back. I've done a few Ubuntu Server installs, but they were on smaller machiens
<marcoceppi> This is the first time we'll be racking something this big with the express purpose of virtualzing machines
<twb> IIRC proliant's aren't exactly big iron
<qman__> hardest part is if you care about HP's management software
<qman__> have to source debs for it
<qman__> otherwise it's just the normal deal
<marcoceppi> I don't particularly care for that
<qman__> only reason I do is I have to be in the same room as it when I use it, and that's the only way to slow the fans down
<qman__> but mine's an old one
<qman__> newer ones that may not be the case
<qman__> mine's a dual P3 model, and the HP software brings it from 'hearing damage' to 'vacuum cleaner'
<marcoceppi> twb: Sorry, 8 cores and 20GB of RAM are big for us
<marcoceppi> :)
<twb> marcoceppi: it's still just a beefy x86 workstation, architecture-wise
<marcoceppi> qman__: This will be racked in a DC soon, so I don't have to worry about noise too much
<qman__> yeah
<adam_g> zul:  i sent two packaging merges to ubuntu-server-dev for keystone + nova. i'd take a look at keystone, i dont think your fix resolved the uninstall bug.  i have nothing propose for other packages. i think glance is mostly quiet other than the debian merge stuff, which hasn't been merged and tested in -propsed yet
<uvirtbot> New bug: #950485 in samba (main) "package samba 2:3.6.3-1ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 2" [Undecided,New] https://launchpad.net/bugs/950485
<uvirtbot> New bug: #950525 in php5 (main) "Packages Missing in both php5 and php5.3 folders since March 6th" [Undecided,New] https://launchpad.net/bugs/950525
<linocisco> hi anybody
<linocisco> anybody who has configured server and clients on vbox as guest?
<linocisco> my squid server on guest never work for my client on Guest
<linocisco> hi i have followed all squid documentation, I was never ok
<Daviey> Gooooood Morning people!
<linocisco> hi
<linocisco> all
<linocisco> who could help me with squid?
<ikonia> linocisco: depends what you want/need
<linocisco> i just want pure squid first with the need of client to point squid's server IP and port 3128, before I can test transparent squid.
<lynxman> morning o/
<linocisco> ikonia, I have two NICs on ubuntu server
<linocisco> ikonia,  one is for WAN and one is for LAN
<lynxman> Daviey: does bug #950183 deserve some attention? afaict the package shouldn't gracefully recover from a previous config misconfiguration right?
<uvirtbot> Launchpad bug 950183 in puppet "puppetmaster-passenger postinst creates wrong certificate files and puppetmaster vhost if puppet config print has an error" [Undecided,Triaged] https://launchpad.net/bugs/950183
<ikonia> linocisco: ok, so what are you stuck with ?
<Daviey> lynxman: If you want to prepare a debdiff, i'll certainly sponsor
<Daviey> (precise)
<Daviey> lynxman: Can you take the lead in helpig to close the delta with Debian?
<lynxman> Daviey: there's already a merge request for another bug and the puppetlabs merge
<lynxman> Daviey: sure! I'll be glad to do so
<Daviey> \o/
<Daviey> lynxman: So, point me to the puppet merge!
<lynxman> Daviey: was just wondering if this one merited patching or not, since it parts from a broken premise
<lynxman> Daviey: https://code.launchpad.net/~lynxman/ubuntu/precise/puppet/puppetlabsfixbug12844/+merge/96391
<Daviey> lynxman: Right, but the issue is that it's not exit 1'ng on failure
<Daviey> right?
<lynxman> Daviey: hmm I reckon so
<Daviey> Well it *should* exit 1 on failure :)
<Daviey> or at least non-0
<lynxman> Daviey: fair enough :)
<lynxman> Daviey: I'll have a look after my GP visit
<linocisco> iknon, i never got internet page
<Daviey> lynxman: the package maintainer scripts will barf if a command exit's non-zero and mark the package as not configured
<Daviey> lynxman: Have fun :)
<lynxman> Daviey: heh, thanks :)
<Gallomimia> can someone quickly remind me how i should install the tool to do-release-update?
<uvirtbot> New bug: #950664 in postfix (main) "Wrong FQDN after disconnected CD Install of precise beta1 - package postfix 2.8.7-1ubuntu2 failed to install/upgrade" [Undecided,New] https://launchpad.net/bugs/950664
<koolhead17> hi all
<Daviey> Gallomimia: update-manager-core
<uksysadmin> morning koolhead17
<uksysadmin> (and others)
<koolhead17> hey  uksysadmin. wassup
<uksysadmin> yeah good. just doing the usual: install ubu, run install of OpenStack, rinse and repeat.
<uksysadmin> and decided that I'm actually fed up of doing the basics of that and decided on looking at Orchestra again
<uksysadmin> so may actually get around that that promise of that partitioning ;-)
<eagles0513875> ikonia: are you around im still having issues doing a net installation for some reason
<ikonia> I am here yes
<KM0201> when you're installing ubuntu server 11.10, what is the "ubuntu-desktop-usb" package that you can select to install? (along w/ openssh, samba, etc..)
<koolhead17> uksysadmin: adam_g answered some of your queries i suppose :)
<lynxman> Daviey: already fixed the postinst script, it's available for review at the merge, if you need a debdiff otherwise let me know :)
<Daviey> lynxman: do you have a debdiff handy?
<lynxman> Daviey: hmm let me prepare one quickly
<iclebyte> i've been searching for days and I cannot find a single concise document on how to create your own SIGNED repo. I've built repo's which work fine using various methods but I need it signed so that I can install custom packages via puppet without them failing. Can anyone point me in the right direction?
<lynxman> Daviey: debdiff attached to bug #950183
<uvirtbot> Launchpad bug 950183 in puppet "puppetmaster-passenger postinst creates wrong certificate files and puppetmaster vhost if puppet config print has an error" [Undecided,Fix committed] https://launchpad.net/bugs/950183
<lynxman> Daviey: also there's a branch merge with this fixes for bzr extra goodness
 * lynxman runs to the doc
<Daviey> thanks lynxman
<Daviey> lynxman: your debdiff includes .bzr :o
<iclebyte> nothing?
<Daviey> iclebyte: reprepro
<Daviey> It's the most elegant small apt repo manager, includes built in signing support
<iclebyte> i've built it using that.
<Daviey> great
<iclebyte> when I go apt-get update on the other node it says 'The following signatures couldn't be verified because the public key is no avilable: NO_PUBKEY A95723464'
<_ruben> iclebyte: i sign my internal repo manually, and have a post-installation script that imports its key into apt
<Daviey> Well, that is a different issue iclebyte
<iclebyte> _ruben, that is exactly what I have been looking for
<Daviey> iclebyte: you need to import the key.
<iclebyte> how?
<iclebyte> with apt-key some how?
<_ruben> yes
<twb> 21:07 <dpkg> gpg --keyserver keys.gnupg.net --recv-keys import deadbeef ; gpg --export import deadbeef | sudo apt-key add -
<Daviey> hmm
<_ruben> $WGET -q -O - $KEYURL | apt-key add -
<iclebyte> apt-get add 291F3DF9 ?
<Daviey> Or... wget htp://path/to/key/on/mirror - | sudo apt-key add -
<twb> (It would be nice if ubottu had more of dpkg bot's entries)
<Daviey> (you won't need the sudo if you run it as a post_install option)
<twb> Personally I use apt-ftparchive because reprorepo was overkill and also hard to type three times fast
<Daviey> twb: Yeah, but you must admit that rerepro is more gentlemanly
<Daviey> (although, didn't support udeb's OOTB last time i checked.)
<_ruben> i use mini-dinstall myself
<twb> Well, sure, it's all slicked up, and not like us cowboys
<iclebyte> okay, lets go the download the key from my own repo path. I need to export the key to somewhere avilable by the webserver. using gpg --export > file.gpg ? ?
<iclebyte> okay got it exported. gpg --export -a > mykey.gpg
<iclebyte> wooohoo! =)
<Daviey> cool
<iclebyte> I couldn't find anything which explained the process that simply.
<iclebyte> so I just need to use puppet to download and import that key on each node then add my custom repo to /etc/apt/sources.list and i'm cooking with gas.
<Daviey> iclebyte: Fancy writing up a how-to, and we'll include it in the server guide?
<iclebyte> Daviey, yea okay. I'll have to document it today anyway
<Daviey> super!
<iclebyte> I'm interested, how can you manually sign the repo? i.e. if I didn't want to use reprepro and I'd created my Packages.gz manually using 'dpkg-scanpackages . /dev/null | gzip -9c > Packages.gz' ?
<Daviey> it's just signed..
<twb> http://paste.debian.net/159093/
<Daviey> twb: why use that?
<iclebyte> but which file do you sign? Packages.gz ?
<twb> Daviey: he asked "how do you do it manually"
<twb> That's how I do it manually
<twb> iclebyte: Release
<iclebyte> okay. thanks.
<Daviey> twb: you are nuts :)
<twb> iclebyte: look at the pastebin
<twb> Daviey: I was lazy
<twb> Daviey: doing it by hand is straightforward; learning to use a "helpful" tool was going to take all day
<twb> When I have >>1 arch or >>1 site I will probably bother
<Daviey> twb: right.. but i don't grok why people would us apt-ftparchive
<twb> Because it's simple and obvious and easy to spell
<Daviey> twb: do you have to support multiple releases?
<lynxman> Daviey: reuploaded, sorry, I'm in a hurry to get to the GP (I'm late already)
<twb> Daviey: nope
<Daviey> lynxman: eeek
<Daviey> twb: ah, ok - no real benefit from a pool i guess.
<twb> Daviey: that cron job literally just adds some apt metadata to a single dir, no pool/ even
<Daviey> right
<twb> http://paste.debian.net/159094/
<twb> That's what's in there atm
<Daviey> twb: i'd love to see the diff's yo apply to ubuntu packages.
<twb> the ldap one just uses openssl because TLS + ppolicy is broken
<eagles0513875> ikonia: for some reason citrix xen server is giving me issues even when specifying what version to pull the necessary files from
<Daviey> twb: ahh
<ikonia> you need to explain more than that
<eagles0513875> ikonia: in the process of getting the error msg
<twb> The mutt one basically tells mutt not to believe dovecot when it says the folder is read-only, because it *is* read only, but it will still remember read vs. not read
<ikonia> eagles0513875: are you using a cyrtix xen server, or just xen
<eagles0513875> citrix xen server the free license
<twb> ikonia: here I have slapo-ppolicy(5) enabled and require all LDAP traffic to go over the ldaps port.  When linked with gnutls, it just silently fails to work, when linked with openssl it works fine.
<twb> I can't remember which bit breaks specifically
<ikonia> twb: sorry, have we been discussing this before ? I have no context in what you are talking about / why you are singling me out
<twb> Ah, sudo-ldap doesn't work at all, and using passwd to reset your own password completely fails (over the wire w/exop)
<twb> ikonia: I must have misread 21:24 <ikonia> you need to explain more than that
<ikonia> twb: sorry, was talking to eagles
<twb> Ah, I'm ignoring him, sorry about the noise
<ikonia> twb: was lacking context on your problem, hence surprised on your question to me
<eagles0513875> ikonia: yes this is in relation to yesterday when i asked you about creating a vm and the url i should point it too
<ikonia> eagles0513875: again, but are you using the cytrix out of the box product or the linux xen components
<eagles0513875> ikonia: citrix out of the box
<ikonia> eagles0513875: comercial product - not ubuntu
<ikonia> eagles0513875: contact cirtix
<eagles0513875> ok
<ikonia> eagles0513875: I'm assumign it's xenserver your using ?
<eagles0513875> correct
<ikonia> yeah, it's got excellent comercial support, if you've bought it they will really hold your hand and walk you through things
<ikonia> it's very very well supported by cirtix, even for quite complex "away from the norm" type situations, you'll have no problem with them
<uvirtbot> New bug: #950711 in autofs5 (main) "autofs needs nis started first when using maps in nis" [Undecided,New] https://launchpad.net/bugs/950711
<ikonia> that's a pretty obvious bug
<ikonia> if you are using nis maps for auto mounter, than of course nis must be started and bounc
<ikonia> bound
<Dioxin> is it possible to get a little assistance with PXEBooting an Ubuntu-Server?
<Dioxin> I'd like to be able to boot almost completely disklessly
<ikonia> ok
<Dioxin> I have PXEBoot configured already, the issue I have is that I'm not sure how to generate the file system correctly to boot the way I'm intending
<Dioxin> my intention is to have no dependence on the network once its booted
<Dioxin> and the target system wont have any local disk, so I'm hoping to use some form of RAMDisk for system files
<ikonia> Dioxin: have you looked at the ltsp project
<ikonia> Dioxin: while this isn't exactly what you want, it does have good docs on creating rambased disk installs
<Dioxin> I think so, let me pop off and remind myself, one second
<koolhead17> !ltsp
<ubottu> LTSP is the Linux Terminal Server Project, which adds thin-client support to Linux servers. See chapter 3 of the !edubuntuhandbook, http://www.ltsp.org and/or http://en.wikipedia.org/wiki/Linux_Terminal_Server_Project
<koolhead17> Dioxin: :P
<ikonia> Dioxin: it's not the same process, but the concept of booting into ram is in their docs
<ikonia> Dioxin: hopefully enough to get you moving, then we can look at specific things
<Dioxin> cheers, I'm just bouncing round the wiki
<ikonia> Dioxin: or we can just dive right in, I've not done %100 diskless ram machines for a while, maybe intersting
<Dioxin> :)
<Dioxin> let me just get some of the issue in my head, so I don't have a brainfart
<ikonia> they key part is making the boot image as I recall
<Dioxin> this is the precise point I'm stuck on ;)
<ikonia> you need a specific image though, or you are just going to user the installer desktop
<ikonia> I made an install, then made an image of it, then booted that image
<ikonia> the cd installer wasn't good for that functionality
<ikonia> (from memory)
<koolhead17> Dioxin: and once your done, make sure to update the wiki in case you find t outdated!! :P
<Dioxin> not a specific image per se.
<Dioxin> the LTSP appears to use a specific image for the thin-client end, and doesnt seem to point to anything regards a custom one
<Dioxin> I'm intending to only access the target system via ssh or some such (diskless and headless ;) )
<Dioxin> but I've got it hooked up to a monitor and keyboard for now
<Dioxin> would it make sense to boot from a CD, install to NFS on the PXE Server, and then amend the root file system to load itself onto the Ram Disk?
<ikonia> that's an interesting idea
<ikonia> I'd be interested in how that works out for you
<ikonia> could you not just mount the NFS server AS the root file system on th client
<ikonia> that is in essense running in rmdisk
<Dioxin> but let just say that I unplugged the network, wont the system drop out?
<ikonia> yes
<ikonia> how much ram does your client have ?
<Dioxin> 8 gigs
<ikonia> so you should be able to hold an uncompressed file system quite comfortably
<ikonia> I think the CD is 2.4 gig when uncompressed
<Dioxin> the plan is once I get one running system, to twink to reduce the footprint
<Dioxin> tweek*
<ikonia> Dioxin: I like the idea of installing it to NFS, tune the install, then make a boot image from that
<Dioxin> is it trivial to install to NFS from the Server Boot Disk?
<ikonia> should be, it's just going to ask you for target file systems
<ikonia> although.....I'm wondering if it won't like it as it's not /dev/something
<Dioxin> only one way to find out ;)
<ikonia> good attitude
<Dioxin> ok I'm going to pop away for a short while to burn a disc and see if I can install to NFS
<ikonia> Dioxin: I'll try to dig out some notes
<KM0201> whats the command to reconfigure your sources list, so you can choose a different mirror?
<Dioxin> ikonia: just creating a Ubuntu Server USB stick
<KM0201> .
<Dioxin> KM0201: not sure of the command but I think you can access them from /etc/apt/sources.list
<KM0201> Dioxin: i know that, but then i have to retype it all, don't want to do that
<KM0201> there's a way to reconfigure it (you know how when you were installing, and you chose your repository mirrors)
<KM0201> so you can choose another mirror
<Dioxin> KM0201: http://repogen.simplylinux.ch/index.php ;) this at least saves the typing ;)
<KM0201> i don't care about the typing
<KM0201> i just want the command
<Dioxin> ikonia iSCSI seems to be the only option
<ikonia> Dioxin: in what respect
<Dioxin> I've booted the server iso, and gone through the install steps
<Dioxin> I'm at the setup disks part
<Dioxin> and the only option is iSCSI (unless I should have set some tags earlier)
<ikonia> ah, so it hits a problem at the target file system install point
<Dioxin> yes
<Dioxin> should I execute a shell and somehow mount the NFS?
<ikonia> Dioxin: suggestion, do it in a VM, then export/copy the file systems off
<ikonia> nah, I don't think that will work
<Dioxin> it is possible to mount a VM image to copy from it?
<ikonia> not directly, I meant do the install, then copy the file systems off it
<Dioxin> I'm not 100% sure how its best to approach that part
<Dioxin> install the server edition and just copy the rfs from the running VM?
<ikonia> Dioxin: not running, but certainly from a VM
<ikonia> Dioxin: eg: build  VM, install, then boot the VM from the iso so the file systems are not in use, then copy the file systems out of the VM into directories/NFS mounts to make a "boot" image for your diskless clients
<ikonia> follow ?
<Dioxin> think so
<smb> Daviey, Is upgrade testing for orchestra installations from O to P something that is on your radar?
<Daviey> smb: sort of, depends what the subject is.
<smb> Daviey, subject it sucks? ;-P
<Daviey> smb: I mean, /what/ are you testing? :)
<smb> Daviey, basically standard install on oneiric then upgrading to precise. One thing that seems consistent is that cobbler_web is in rc state.
<smb> Then I think whatever squid configuration is set up in O , it did not seem to move to squid3 in P
<KM0201> does anyone know the command to reconfigure your source list?... so you can choose a different mirror (rather than retyping your entire source list)
<KM0201> i was thinking it was dpkg-reconfigure .... then i draw a blank
<twb> KM0201: there's no standard one
<twb> You can use mirror:// urls in your sources.list
<twb> Or there are older tools like apt-spy, but I don't think they work for ubuntu
<KM0201> hmm
<KM0201> i was thinking there was something like dpkg-reconfigure... then you could choose a new source.
<KM0201> oh well, no big deal
<twb> if you use mirror method it gives you a public one based on your geoip
<KM0201> ok
<Daviey> smb: Yes, the squid3 issue is known
<Daviey> adam_g is tackling that
<glenn___> lyxnman: is there something that i can do to perhaps speed up the process for the latest puppet bug fixes so it will be available on the official repos? perhaps test packages?
<glenn___> lyxnman: or is this something i should just wait for patiently? :)
<ubusnoob> hello ubuntu server newbie looking for some help here with postfix!
<Dioxin> if I wanted to cp a root filesystem do I need any special modifiers?
<Dioxin> I dont wish to screw up the file owners
<ubusnoob> How can I configure postfix to act as a pop server in a small lan with windows clients only with no interenet connection? Just a small lan for ECDL courses.
<xranby> Dioxin: in short: use cp -a   it will preserve the premissions.
<ikonia> Dioxin: arp
<ikonia> cp -arp
<Dioxin> thanks, next question, how do I write permissions to my NFS :(
<ikonia> same as a normal file system
<Dioxin> my nfs mount is complaining that its a read only file system
<xranby> Dioxin: on your nfs server edit the /etc/expots file
<seas> anyone here who got pacemaker+gfs2 working in 12.04? cannot figure out how to because dlm_controld.pcmk and gfs_controld.pcmk got removed and pacemaker doesn't support running alongside cman (yet?)
<Dioxin> xranby: cheers... it was set as ro :(
<Dioxin> xranby: ok I changed the exports to rw, remounted and restarted nfs but still no permissions
<xranby> Dioxin: you are tackling a differnet issue here
<xranby> the nfs server simply refuses you to create some permissions
<xranby> it would have worked if you did the copy to a harddrive under controll by the user who did the copy
<Dioxin> permission denied on the write
<Dioxin> let me see if I can remove the hdd file permissinos
<ikonia> whoaaa
<ikonia> Dioxin: stop stop
<ikonia> Dioxin: two seperate issues
<ikonia> Dioxin: 1.) fix your NFS permissions
<ikonia> Dioxin: 2.) deal with your pxe image creation
<Dioxin> drwxr-xr-x 2 root root      4096 2012-03-06 19:35 node
<Dioxin> isnt that the issue?
<ikonia> Dioxin: that means only root can write to it
<Dioxin> exactly, my VM isnt root
<ikonia> Dioxin: hang on
<ikonia> Dioxin: you've not copied anything to the NFS file systems yet have you ?
<ikonia> or have you ?
<Dioxin> no I havent
<ikonia> Dioxin: what is your current usename on the system
<ikonia> ok, so then your VM has nothing to do with this - don't include it in the discussion to confuse it
<Dioxin> on the VM I'm user:ubuntu on the nfs server I'm user:dioxin
<Dioxin> I would have thought that the nfs mount on the VM doesnt have root permissions on the folder
<ikonia> Dioxin: no - forget the vm
<ikonia> Dioxin: ok, so you are logged in as "dixon" so your user has no capabilities to write to a file system with permissions owned by "root:root"
<ikonia> Dioxin: you need to fix that, so you can copy your vm file systems off your machine and copy them to your nfs server
<ikonia> Dioxin: try not to confuse/make the issue more complex, it's a simple permissions issue at this time
<Dioxin> but user:dioxin isnt doing the writing, I thought
<ikonia> Dioxin: how are you trying to copy the file systems ?
<Dioxin> in VM booted from liveCD, mounted nfs, mounted VM HDD, cp -arp * ../node/
<lamont> tiaz: barberry/elderberry /1
<lamont> bah
<lamont> .1
<Dioxin> ikonia: ok, I've fixed it, it was the folder permissions + exports rw issue + no_root_squash issue
<Dioxin> apologies for the confusion
<ikonia> Dioxin: no need for apologies
<Dioxin> I should have done this on my other computer... 10/100 is slow!!!
<Daviey> smoser: cloud-init used standlone, local-hostname: foo .. doesn't set foo in /etc/hosts.. is that known?
<Daviey> (using nocloud)
<smoser> you have to tell it to do that.
<Daviey> smoser: shouldn't it do it auto-magically ?
<smoser> its a mess.
<smoser> if you do it automagically, someone gets pissed off.
<smoser> if you dont
<smoser> someone else gets pissed off
<smoser> so it is how it is
<smoser> if you want it, tell it to do so in config
<Daviey> smoser: ok, is it worth updating the README? :)
<Daviey> smoser: But i do want to mention, it's a very graceful way of starting vm's
<Daviey> good job. :)
<smoser> thanks.
<smoser> you need to set
<smoser> manage_etc_hosts:
<smoser> to true
<smoser> or template
<Daviey> ah nice, i thought i'd have to echo myself
<smoser> or 'localhost'.
<smoser> localhost might be the best decision there.
<smoser> rbasak, which do you use ?
 * rbasak looks
<rbasak> smoser, Daviey: http://paste.ubuntu.com/876070/
<Daviey> rbasak: do you have a wrapper?
<rbasak> Daviey: the wrapper I showed you at the oneiric release sprint you mean?
<rbasak> Daviey: yes, I do :)
<Daviey> rbasak: a wrapper for starting cloud-img's using cloud-init data?
<Daviey> on localhost, with an iso attached as datasource?
<rbasak> Daviey: no, not yet. I plan to add support for local stuff, but haven't started that yet
<Daviey> ah, ok, cool
<smoser> Daviey, i'll take a patch to put 'manage_etc_hosts: localhost' into that README
<smoser> if you'd like.
<Daviey> smoser: Do i get mentioned in the AUTHOR's file?
<Daviey> Do i need to sign a CLA?
<smoser> well, you'll have to ask your manager if you need to sign the CLA
<smoser> but traditionally... in to get into the AUTHORS file, there is usually a paypal or fermented beverate exchange required.
<rbasak> smoser: shouldn't you be checking with _your_ manager? :)
<Daviey> smoser: sadly, i don't have a manager, only a director :(
<smoser> hm.. i think rbasak is right, i'll ask my manager.
<Daviey> cool
<smoser> Daviey, do should Dave Walker need to sign the CLA to contribute a documentation fix ?  I'm not sure if his employer, Canonical, has signed the CLA or not.  Could you check with legal ?
<smoser> s/do //
<Daviey> smoser: wilco!
<pabelanger> So, more upstart and openstack :)  Any thoughts about adding mysql as a 'start on' dependency for nova, glance, etc packages.  Obviously this only affect installs where mysql is on the local system.
<pabelanger> So using start on (local-filesystems and net-device-up IFACE!=lo) and started mysql for glance's upstart help glance cleaner however I'm using an 'and'
<pabelanger> I just added a debdiff for bug 950935 If accepted, I'd like to do the same for nova
<uvirtbot> Launchpad bug 950935 in glance "Allow adm group to read log files" [Undecided,New] https://launchpad.net/bugs/950935
<reisi> how did one fix a package with broken scripts? x11-common (1:7.6+7ubuntu7.1) seems to refer to "tempnam": "tempnam: No such file or directory"
<jorge> somebody could help me to understand how nova-* packages works in oneric 11.10 server? I can see 3 versions with apt-cache show nova-api (for example), but i seems the operate system is not upgrading the packages.
<SpamapS> jorge: apt-acache policy nova-api will show you the priority/version/etc
<jorge> *** 2011.3+git20111117-0ubuntu1 0      2011.3-0ubuntu6.4 0      2011.3-0ubuntu6 0
<jorge> what is the newer one?
<jorge> i think 2011.3-0ubuntu6.4 is the newer version for all nova packages, right?
<uvirtbot> New bug: #928378 in glance (main) "glance client should be separate from server" [Medium,Fix released] https://launchpad.net/bugs/928378
<jorge> SpamapS: I can see here my policy is to use nova* packages of *** 2011.3+git20111117-0ubuntu1. However,
<jorge> SpamapS: I think 2011.3-0ubuntu6.4 version has some bug fixes and a security update.
<jorge> SpamapS: I expected that the system automatically upgrade to this new version, but this didn't happen.
<SpamapS> jorge: 2011.3+git is higher than 2011.3
<SpamapS> $ dpkg --compare-versions 2011.3+git '>>' 2011.3 && echo 2011.3+git is higher
<SpamapS> 2011.3+git is higher
<SpamapS> jorge: that *should* have been ~git
<nOStahl> hey can I dd a drive from ubuntu server installer?
<zul> jorge: hmmm?
<nOStahl> anyoe know?
<SpamapS> nOStahl: dd might not be available. What exactly are you wanting to do?
<nOStahl> zero out the first meg and last meg of my drive
<nOStahl> doesn't look like dd is an option
<SpamapS> nOStahl: just for fun? ;)
<nOStahl> guessi 'll have to boot up a desktop live cd heh
<SpamapS> nOStahl: you could boot a live CD and do that.
<nOStahl> ya
<nOStahl> I'm switching a power edge 2850 from raid to single drive mode
<SpamapS> nOStahl: what reason do you have for 0'ing those two sections though?
<nOStahl> had hard drive go out
<SpamapS> nOStahl: what would the 1st MB/last MB have to do with that?
<nOStahl> I'm told meta data is held there from the raid
<SpamapS> nOStahl: but what would zero'ing them out do?
<nOStahl> get rid of it
<nOStahl> I'm just following orders :)
<nOStahl> lol
<SpamapS> yay, you got rid of it. Why go through trouble to do that?
<nOStahl> just want to get a fresh install of ubuntu server running on the box (tried wouldn't boot kept trying to pick up raid config
<nOStahl> even though its been disabled in bios with the hardware raid controller etc.
<stgraber> jjohansen: apparmor? :)
<jdstrand> stgraber: I am preparing the upload
<stgraber> jdstrand: rocks!
<jdstrand> stgraber: it should be soon
<stgraber> cool so I can hopefully upload a new LXC with the mount rules later this afternoon/this evening then
<arosales> lynxman: Thanks for the mcollective patch to remove ohai in bug 948437 :-)
<uvirtbot> Launchpad bug 948437 in chef "Remove unsupported release from Precise" [High,Confirmed] https://launchpad.net/bugs/948437
<lynxman> arosales: np :)
<jorge> SpamapS: sorry man! i'm back now. i've tested the commands ... 2011.3+git is higher
<jorge> SpamapS: the issu is that i'm having some problems with the packages... now, i know i have to wait some new packages that fixe the problems.... i'm having this problem: https://bugs.launchpad.net/nova/+bug/855660
<uvirtbot> Launchpad bug 855660 in nova "DescribeInstances fails sporadically" [Undecided,Fix released]
<stgraber> jdstrand: yeah! thanks for the upload
<jorge> uvirtbot: ok, thanks! i think it will be available in essex... i'm using diablo packages from ubuntu oneiric repository. my packages are up to date and i'm still having problems. anyway, thanks!
<uvirtbot> jorge: Error: "ok," is not a valid command.
<jorge> uvirtbot: ok thanks! i think it will be available in essex... i'm using diablo packages from ubuntu oneiric repository. my packages are up to date and i'm still having problems. anyway, thanks!
<uvirtbot> jorge: Error: "ok" is not a valid command.
<jdstrand> stgraber: your welcome. hopefully it'll work well for you
<jdstrand> s/your/you're/
<SpamapS> jorge: you can force the installation of any version with  apt-get install package=xxxx .. though it will likely "upgrade" you to the other version on your next upgrade unless you use "pinning"
<jorge> SpamapS: ok! thank you!
<_GoRDoN__> Hi! I'm having some problems with mdadm. Yesterday I switched a failde disk in my raid5 array to a new one. Rebuild startede automatically and after it finished everything worked perfectly. However after I rebooted my machine array stopped working and by that I mean cryptsetup wouldn't accept any passpharases or keyfiles. After couple of hours of googling and panicing =) I noticed that mdadm was using /dev/sdd instead of /dev/sdd1 and if I 
<SpamapS> _GoRDoN__: truncated at "and if I"
<_GoRDoN__> ...and if I unplugged the new disk, remaining array worked again. So how'll I tell mdadm to use /dev/sdd1
<SpamapS> _GoRDoN__: I'd remove /dev/sdd from the array (mdadm --remove /dev/mdX /dev/sdd)
<SpamapS> _GoRDoN__: Then zero both superblocks with mdadm --zero-superblock /dev/sdd and mdadm --zero-superblock /dev/sdd1
<SpamapS> _GoRDoN__: then add /dev/sdd1 (mdadm --add /dev/mdX /dev/sdd1)
<SpamapS> _GoRDoN__: Make sure your data is backed up btw. :)
<_GoRDoN__> SpamapS: /dev/sdd disappeared from the array stats in /proc/mdstat  when I unplugged it and after that I added sdd1 to array. Wouldn't rebuild overwrite superblocks or can I zero them after/during rebuild?
<patdk-wk> that is just what it's actually using, realtime
<patdk-wk> check what the config file says, in /etc/mdadm
 * SpamapS does not ever trust /etc/mdadm
<patdk-wk> no, but you should update it
<patdk-wk> so it's accurate
<SpamapS> ...
<SpamapS> we should really just not have the stupid thing
<SpamapS> an on disk file to define the on disk state of superblocks.. wtf?
<_GoRDoN__> There are no devices listed in /etc/mdadm/mdadm.conf
<patdk-wk> ok, then that isn't helping to cause the issue
<patdk-wk> a rebuild of sdd1 won't overwrite the superblocks of sdd
<SpamapS> _GoRDoN__: well if sdd1 has never been part of the array, then you don't need to zero superblocks
<SpamapS> _GoRDoN__: but as patdk-wk says.. still zero'ing /dev/sdd's superblock is a good idea to keep it clean
<_GoRDoN__> No it's brand new disk
<_GoRDoN__> Can I do that while array is rebuilding or should i remove it from array first?
<patdk-wk> hmm
<SpamapS> _GoRDoN__: I think it might be safe... fun experiment if you're willing to don the bomb-squad suit and light it on fire to see if it burns or not ;)
<_GoRDoN__> It seems that rebuild has reserved the disk entirely to itself and neither removing or zeroing wont work
<_GoRDoN__> And fdisk says that partitiontable is invalid
<patdk-wk> how exactly did you tell mdadm to use that disk?
<patdk-wk> last I knew, it wouldn't automatically reuse a disk unless it was marked as a spare
<_GoRDoN__> patdk-wk: mdadm /dev/md1 --add /dev/sdd1
<_GoRDoN__> Okay... I'll try to remove both sdd and sdd1 from array, repair partitiontable, zero superblocks for both and add sdd1 back to array and see how it goes
<stgraber> jjohansen: apparmor tech support? :)
<uvirtbot> New bug: #951087 in samba (main) "Samba non-functional on boot." [Undecided,New] https://launchpad.net/bugs/951087
<stgraber> jjohansen: so I can now use mount without it getting into an infinite loop, though it doesn't seem to actually work...
<stgraber> jjohansen: I started with http://paste.ubuntu.com/876509/ to just allow everything but I'm still get the mount DENIED
<stgraber> jjohansen: my first try was with "mount /** -> /usr/lib/lxc/root" which is actually what we want to allow but that didn't work either
<stgraber> jdstrand: ^
<jjohansen> stgraber: hrmm, it should work, I did test.
<stgraber> [36108.427446] type=1400 audit(1331323087.420:170): apparmor="DENIED" operation="mount" parent=32353 profile="/usr/bin/lxc-start" name="/usr/lib/lxc/root/" pid=32375 comm="lxc-start" src_name="/home/stgraber/data/vm/lxc/containers/precise/rootfs/" flags="rw, rbind"
<jjohansen> stgraber: alright, I will take another look, I may need to give you a test kernel
<stgraber> jjohansen: ok :)
<jjohansen> stgraber: is there anything specific you where doing?  You where just using lxc-start and the lxc profile right
<stgraber> jjohansen: yep, just lxc-start with the profile I linked above which is the standard lxc profile with mount added
<stgraber> I have apparmor 2.7.100-0ubuntu1 and 3.2.0-18-generic (64bit)
<jjohansen> stgraber: okay, thanks. I'll start from a clean install, maybe I had something present messing with things
<stgraber> jjohansen: I'm testing on my laptop so I'm not excluding I have something causing problems but I'm not running any non-official packages or kernel
<jjohansen> stgraber: uh my bet is its the kernel, on the bind path, I am building a new kernel to test
<axisys> how do I install ubuntu on a remote system.. i only have ilom access through the SP.. it is physically connected to the switch at the site..
<axisys> it is sun fire x4270
<axisys> java wbstart to the remote console shows all the devices grayed out.. so cannot map a iso to the cdrom device
<guntbert> axisys: what is "ilom access through the SP" ?
<axisys> guntbert: network management port
<axisys> i can bring the system up through that port.. i can use java ws to remote console into it and could map a iso to the cdrom device if not grayed out
<axisys> so other option would be install over the network
<axisys> like net install
<axisys> planning to install latest LTS
<axisys> 64bit
<axisys> net install is not so easy compare to install from a virtual cdrom..
<guntbert> axisys: why can't you  map the iso? On my vps that is managed via the web GUI
<axisys> guntbert: the web gui has an option for that.. but it is grayed out like this
<axisys> http://picpaste.com/pics/ilom-t8IvCeF9.1331325919.png
<axisys> i tried few versions of java webstart .. same issue
<guntbert> axisys: ah, now I know what ilom means :-)  - one idea: try to power on the machine, maybe the redirections are only available when powered on
<axisys> guntbert: it is on
<axisys> Host Power: On
<guntbert> axisys: and when it is off?
<axisys> guntbert: have not tried with off
<guntbert> axisys: I'm just fishing around :-)    maybe try to ask support
<axisys> guntbert: means ubuntu server mailing list?
<guntbert> axisys: no, Oracle
<axisys> guntbert: oh ok
<guntbert> axisys: I assume they will know under which circumstances you can attach a virtual device
<axisys> guntbert: i will go ahead and create a ticket.. thanks
<guntbert> axisys: don't they have a forum too?
<axisys> guntbert: they should.. i thought google would find something in there..
<guntbert> axisys: they are talking about some sort of dongle needed
<axisys> guntbert: hmm.. that's first time.. i usually make virtual device fine.. this is the first server
<guntbert> axisys: I searched for      ilom "attach devices"
<axisys> Remote console does not need it
<axisys> you were looking at local console
<guntbert> axisys: you know definitely more about it than I do :)
<axisys> I am just going to do a net install.. it might take a while for oracle to get back
<axisys> so any good page on net install that I should follow
<axisys> i have a server on same network that is running ubuntu lts
<axisys> lucid 64bit
<guntbert> axisys: not from me, sorry -- with ubuntu netinstall means obviously "boot from the minimal CD"...
<axisys> guntbert: i meants PXE
<axisys> meant*
<uvirtbot> New bug: #947118 in horizon (universe) "Horizon package on Precise throws warning during installation" [High,Fix released] https://launchpad.net/bugs/947118
<guntbert> axisys: I assumed as much -- did you see igor.chudov.com/projects/PXE-Netinstall-Of-Ubuntu/  or    my.opera.com/ilogico/blog/how-to-netboot-and-netinstall-ubuntu  ?
<axisys> so far I found this https://help.ubuntu.com/community/PXEInstallServer
<axisys> let me look through all
<uvirtbot> New bug: #951150 in lxc (universe) "lxc-start-ephemeral is not all ephemeral" [Undecided,New] https://launchpad.net/bugs/951150
<smoser> roaksoax, i just uploaded cloud-init with maas support.
<smoser> so right now, cobbler is the last piece of the maas -> cloud-init puzzle.
<smoser> i can look at that on monday.
<smoser> it looks like we just need a hole in the preseed files for kickstart variable MAAS_PRESEED
<koolhead17> zul, :)
<roaksoax> smoser: cool stuff
<roaksoax> smoser: monday will distributed stuff from orchestra to cobbler and so on
<uvirtbot> New bug: #951181 in lxc (universe) "lxc-wait: bind : Address already in use." [Undecided,New] https://launchpad.net/bugs/951181
<axisys> i have 8 300GB disks and 2 148GB disks.. should I do a raid10 of 8 big and raid1 of 2 small disks and then apply lvm on top.. or do I raid1 of 2 small and the 8 disks all LVM w/o md ?
<axisys> cost is not an issue.. space is not an issue..
<SpamapS> axisys: lvm of 10 disks would be almost as bad as RAID 0
<SpamapS> axisys: a RAID 10 for the 8 disks will give you excellent performance for almost any workload, assuming you have enough bus to handle 10 disks reading/writing in parallel :)
 * SpamapS goes to eat lunch
<jjohansen> stgraber: do you have a specific config file you are using or are you just using the default
<ubu-stu> Q How do you create a samba share on a PDC so that only one person can update the web site vis their windows login.?
<SpamapS> ubu-stu: its highly dependent on how you have your users setup
<SpamapS> ubu-stu: if the PDC's users are the "real" users, then just create a share with 'write list = thatuser'
#ubuntu-server 2012-03-10
<_John-Doe_> hello ubuntu community!
<SpamapS> hello JOHN
<stgraber> jjohansen: default
<jjohansen> stgraber: okay thanks
<axisys> is there a puppet recipe anyone know of that sets up pxe boot server ?
<spm_Draget> Greetings. I am running u-server 10.4 LTS (lucid) on my own machine, and have access to a second machine running the same version. On this machine there is a packate installed 'mapserver-6.0.1' while on my serve rthe repos only show mapserver-5.6 avialable. I thought it was a backport - but how do I find this ou?
<spm_Draget> I looked into /etc/apt/sources.list and the backport repos seem to be commented out on the other machine.
<spm_Draget> Is there a way to find out why the other machine has mapserver-6.0.1 available and mine not?
<spm_Draget> (Oh sorry, it is called 'cgi-mapserver')
<shauno> spm_Draget: 'apt-cache policy cgi-mapserver' may render some clues
<shauno> (I'm not sure if it needs to be still available via apt sources to show up, however)
<spm_Draget> 500 http://ppa.launchpad.net/ubuntugis/ppa/ubuntu/ lucid/main Packages - is this the open communty repository? Hmm, I'll check sources.list agian, maybe I overlooked something
<spm_Draget> Nope, sources.list are identical. Must admit that I am not too familar with any other means of installing 'additional' packges by anything else but adding something to my sources
<shauno> any differences in /etc/apt/sources.list.d/ ?
<shauno> I believe add-apt-repository will create individual *.list files under there, rather than editing your actual sources.list
<spm_Draget> Thats it! Thank you. I will copy these over
<ghatak> Hi, i am having little trouble with mdadm, i created an md device md0 at level 1 (mirror) by adding only one partition. That works fine, however when I reboot the system, it complains that array is degraded, and renames md0 to md127 and asks start array degraded (y/n). I am ok with starting array degraded, but why does it rename the array to md127?
<dns53> no idea, but you should be using the uuid of the device and not the device name as the device can potentially move
<uvirtbot> New bug: #951493 in lm-sensors (main) "package libsensors4 1:3.3.1-2ubuntu1 failed to install/upgrade: conffile './etc/sensors.d/.placeholder' is not in sync with other instances of the same package" [Undecided,New] https://launchpad.net/bugs/951493
<thafreak> is there still a separate virt channel?
<jparker> hey guys I need help, I need to figure out how to install a newer version of mysql on ubuntu 10.4 that isnt in the repository
<Patrickdk> just install it :)
<jparker> basically ubuntu 10.0.4 uses mysql 5.1.41 and I need to install mysql 5.1.61
<jparker> yeah but unfortianltly I dont really know where to start
<jparker> :(
<qman__> in order of preference, backports, PPA, manual deb, compile from source
<jparker> backports  would have newer versions?
<qman__> that's what backports are
<Patrickdk> if someone requested one, and someone built it
<qman__> porting newer versions of software back into old releases
<jparker> but this is to go to the newest verion
<Patrickdk> personally I use my own rebuils of: http://www.percona.com/downloads/Percona-Server-5.1/
<jparker> not going back to a older one
<qman__> new software, old release
<qman__> 10.04 is nearly two years old, and its supported/included software versions are also two years old
<Patrickdk> you also loose security updates, when going with backports
<jparker> gotcha
<jparker> so its as simple as adding deb http://archive.ubuntu.com/ubuntu lucid-backports main restricted universe multiverse to my /etc/apt/sources.list ?
<qman__> if that version of mysql was backported, yes
<qman__> I don't know if it was or not, you'll have to search
<jparker> doesnt look like I can find any mysql in backports
<jparker> wow looking into this it seems pretty hard to do this
<jparker> we are just trying to import a database, but there is a bug in mysql 5.1.41 which is the version in lucid
<jparker> and apparently mysql 5.1.47 has the fix
<jparker> but trying to find a way to upgrade it on our server proves to be hard :/
<jparker> if anyone can help me figure this out that would be so great, I did look at back ports but couldnt find any thing new
<stgraber> jjohansen: did you manage to reproduce the issue?
<jparker> solved my problem by finding this! https://launchpad.net/~ubuntu-security-proposed/+archive/ppa
<jparker> thanks for your guys help
<delinquentme> hey all so I'm attempting to describe some server-related task that I'm after and I'm wondering if im using the correct terminology ... therefore does anyone happen to have a link to the general processes servers carryout?
<delinquentme> im describing what im after as binary protocols ... and I think it would be perfectly equipped to handle it .. im not 100% sure though
<qman__> not a clue what you're talking about, which probably means you have the wrong terminology
<delinquentme> so maybe API calls
<delinquentme> basically I've got a primary server ( rails deriv ) and then polling servers which drive microcontrollers ( hardware )
<delinquentme> primary server will init calls to the polling servers and thus init stuff on the robotics
<delinquentme> API calls would be correct no?
<qman__> if you designed your protocol that way, sure
<qman__> an API only exists inside the terms of the application though
<qman__> e.g. GTK API, kernel API, ...
<jjohansen> stgraber: I haven't got a chance yet but I did find an uninitialized value in one bind path, if you get a chance you might want to try this kernel people.canonical.com/~jj/linux-image-3.2.0-18-generic_3.2.0-18.29_amd64.deb
#ubuntu-server 2012-03-11
<stgraber> jjohansen: ok, giving it a try now
<stgraber> jjohansen: still no luck
<jjohansen> stgraber: what was the error you got from apparmor that kernel has a tweak to say where it failed the mount
<jjohansen> sorry, /me is in and out today so haven't really gotten a chance to work with it yet
<stgraber> [  227.801504] type=1400 audit(1331427700.899:53): apparmor="DENIED" operation="mount" info="failed flags match" error=-13 parent=3224 profile="/usr/bin/lxc-start" name="/usr/lib/lxc/root/" pid=3245 comm="lxc-start" srcname="/home/stgraber/data/vm/lxc/containers/qatracker01/rootfs/" flags="rw, rbind"
<stgraber> the profile is still with only "mount", so no restriction on source, location or flags
<jjohansen> stgraber: okay it will be a bit before I can get to it, but I will have another kernel up later tonight.
<stgraber> jjohansen: cool, thanks. I'm trying setting the flags now in the profile, see if I can get it to work with that
<stgraber> jjohansen: even with "mount options=(rw,rbind) /** -> /usr/lib/lxc/root/," it doesn't seem to match...
<UberSlackr> Hello, I really need some help. I got Ubuntu Server to install just fine. But I'm trying to get a GUI installed but its not working
<UberSlackr> I would have gone with just Ubuntu Desktop but I can't get that to install. While the server edition installed just fine
<kklimonda> how does keeping systems updated fits into ubuntu orchestra? as I understand we can deploy new software using juju, but can we choose which updates to install, see which updates are available etc. without paying for Landscape?
<scubes13> running a virtual kvm of ubuntu 10.04 serverâ¦. when running rsyslog, I am getting "Could no open output file '/dev/xconsole' [try http://www.rsyslog.com/e/2039 ]" in the logs...
<scubes13> apparently the /dev/xconsole device doesnt existâ¦ can I point this to another location? IE, a file in /var/logs maybe and avoid the above error?
<blendedbychris> https://launchpad.net/~brianmercer/+archive/php  << anyone if there is an official lucid package of php5-fpm?
<ju1c3> anyone have experience setting up SIP VOIP on ubuntu and android?
<jacobw> hi, where's the server guide for 12.04 at now?
<jacobw> i want to read it in its current form, whatever that is
<MatBoy> mhh... ldap is more difficult than it seems :)
<jacobw> MatBoy: i'm working on ldap right now
<jacobw> MatBoy: what are you trying to do?
<MatBoy> jacobw: ah nice... I'm totally new to it... I'm a decent admin but always tried to avoid ldap :)
<MatBoy> jacobw: just setting up... I have installed ldap and phpldapadmin
<jacobw> MatBoy: ok, does olcRootDN and cn=config mean anything to you right now?
<MatBoy> jacobw: little bit... I have setup my own part alreayd that I need for my doamin
<MatBoy> domain
<jacobw> cool :)
<jacobw> be aware that all configuration in openldap > 2.4 is done by modifying the cn=config DIT which contains the directives previously in /etc/ldap/slapd.conf
<koolhead17|away> has anyone tried http://salt.readthedocs.org/
<jacobw> i've seen it mentioned before
<MatBoy> jacobw: thanks... I already thought something like it... but I need users in it now :)
<jacobw> it seems to perform the same function as puppet, which makes me want to know why i should consider it over puppet
<jacobw> MatBoy: that's quite a simple use case, remember than in rfc2307bis which the schema that ships with openldap that posixAccounts and posixGroups are both auxillary objectclasses, you need a structural objectclass, like inetorgperson, to define each user
<jacobw> MatBoy: i've been struggling with openldap oddities for a while now :p
<uvirtbot> New bug: #952199 in apache2 (main) "oneiric LAMP server: Apache consumes 100% of cpu in QEMU" [Undecided,New] https://launchpad.net/bugs/952199
<airtonix> ubuntu server, i have a " 06:00.0 RAID bus controller [0104]: Marvell Technology Group Ltd. 88SE6145 SATA II PCI-E controller [11ab:6145] (rev a1) ", and ubuntu doesn't see the 4 2tb drives i have connected as proved by "sudo  fdisk -l " (the four drives are seen by the controller on POST bootup)
<airtonix> version 12.04
<MatBoy> jacobw: yeah me too... normally I use MySQL for a lot of stuff
<uvirtbot> New bug: #950589 in mysql-5.1 (universe) "unmet dependencies on installing mysql-server-5.1" [Undecided,New] https://launchpad.net/bugs/950589
<airtonix> http://shrubbery.mynetgear.net/c/display/W/Marvell+SATA+RAID+Controller+-+Linux+Not+Happy
<airtonix> please help me kill this pata_marvel driver
<airtonix>  http://dpaste.com/714958/
<imanc> how can I find out  a list of all the automated processes running on the server?
<imanc> I'm getting a weird error that seems to crop up every now and again and suspect it may be due to some scheduled process â¦
<imanc> but the crontabs are empty
<prasys> imanc, even the root crontab is empty ?
<prasys> imanc, whats the error ?
<imanc> hmm - ther eis no home/root is the root crontab in etc or something?
<imanc> exim is bailing with a memory alloc error for like a few seconds. It happened at 5am this morning when there's no server activity
<imanc> 2012-03-11 05:42:52 daemon: accept process fork failed: Cannot allocate memory
<imanc> on top of that, there's a weird python error - the site can't find a specific modue. It happesn only for about a minute every once in awhile, and seems to bring down the site. But again, there's no reason for it - and if it was occuring, no reason that it'd suddenly self rectify.
<imanc> something freaky is going on
<prasys> imanc, check out /etc/cron.d/php5
<prasys> do you have any entries there ?
<imanc> actually â¦ there's a few entries in cron.daily including an entry for sendmail, which I uninstalled
<prasys> probably comment it out
<prasys> when you apt-get remove , probably it did not 'clean' it
<imanc> yeh
<imanc> hmm
<imanc> there's also apache2, apt.dpkg-dist
<imanc> yes there's also the php5 script on cron.d but nothing on the server is running php, AFAIK
<prasys> is there something in it
<prasys> gotta check
<imanc> yes, the php5 stuff is just clearing any expired sessions
<imanc> can't see how it'd be affected django
<imanc> or exim
<imanc> apache2 script is just clearing the cache too
<imanc> there seems to be sysklogd and logrotate, which both claim to rotate the logs
<SpamapS> imanc: any disks near full? Also do you have swap configured?
<imanc> hmm checking disc usage now
<imanc> there's only one fiesystem .. /dev/vzfs and it's at 16% usage, so I assume that means no swapping has been configured
<imanc> as there isn't a swap partition
<imanc> mem usage is at 485 mb of a total 1265mb
<imanc> The server hosts a website and app used by architects, and I'm assuming they upload huge files - so that may account for some of the issues. But they're definitely not doing that at 5am on a Sunday
<SpamapS> imanc: I'd recommend hooking up detailed logging of system status. collectd is useful for that
<SpamapS> imanc: why not at 5am on a sunday? Architects are weird. ;)
<imanc> ha ha
<imanc> awesome, I'll check that out SpamapS
<SpamapS> imanc: also to check if there is swap, 'free -m' would be a good command.. (-m means it shows all numbers in Megabytes)
<imanc> It just dawned on me tho, the server is in US time, and we're uk based. so I think 5am is more likely 9am here, and it's entirely feasible they were doing some work on the server.
<imanc> SpamapS: yeh free -m shows 0 for cache
<SpamapS> imanc: cache != swap
<imanc> Mem:          1751        487       1263          0          0          0
<imanc> -/+ buffers/cache:        487       1263
<imanc> Swap:            0          0          0
<SpamapS> imanc: can you install the 'pastebinit' package and run 'free -m | pastebinit' ? That will give you a URL you can paste here
<SpamapS> imanc: ahh while I typed you just pasted it. 3 lines is ok I guess. ;)
<SpamapS> imanc: 0 cache is... something is wrong!
<imanc> cache is not zero, but swap is .. hmm
<imanc> wow, pastebininit is cool
<SpamapS> imanc: shared, buffers, cache is all 0 there
<Patrickdk> maybe he never uses the disk :)
<imanc> http://pastebin.com/055yHWqV
<SpamapS> imanc: is this some kind of shared host?
<imanc> nope - it's a dedicated or cloud server
<imanc> running ubuntu
<imanc> I've inherited the project and am seeing strangeness
<imanc> I assume the guy who was managing it before me configured ubuntu
<jacobw> so its a VM?
<SpamapS> imanc: I've never seen a box have 0 cache and buffers
<Patrickdk> oh, probably a hmm, what do they call that thing
<imanc> SpamapS: what does it mean? :)
<Patrickdk> the pre-lxc thing
<imanc> jacobw: I assume so. The guy who handed over the project is a graphic designer and not overly clued up on tech stuff. I just got "here's the ssh details, it's with media temple"
<jacobw> hmm
<jacobw> where 'media temple' is?
<imanc> suspect it's their 'dedicated virtual' package
<imanc> but there is no control panel
<SpamapS> Patrickdk: OpenVZ
<Patrickdk> my cat just can't get enough of my mouse on my screen, following it like it was a laser pointer
<Patrickdk> ya, openvz thing
<imanc> so you think it's the virutalisation system that is reporting 0 for cache, buffers, etc.?
<SpamapS> looks like it is openvz .. lots of reports in the googles about openvz and mediatemple
<imanc> aha
<SpamapS> so perhaps openvz does not report cache/buffer utilization to the containers
 * jacobw thinks so
<SpamapS> which kind of sucks.. but makes sense
<SpamapS> imanc: so.. you're on a shared host
<SpamapS> imanc: and likely overcommitted
<imanc> interesting
<SpamapS> imanc: so this is probably *not* your "server"'s fault
<SpamapS> imanc: call MediaTemple. Explain. *COMPLAIN*
<imanc> It would explain the weird, random problems
<SpamapS> yes it would
<imanc> including this error, which makes no sense: Try using django.db.backends.XXX, where XXX is one of:
<imanc> Â Â Â 'dummy', 'mysql', 'oracle', 'postgresql', 'postgresql_psycopg2', 'sqlite3'
<SpamapS> its my main reason for thinking the container idea is a fail for anything but testing
<imanc> For that to happen, a python module would have to be removed
<SpamapS> imanc: or memory allocation failures to cause your app to perform stupidly. ;)
<SpamapS> I don't know how well python handles ENOMEM
<imanc> SpamapS: is that the same for cloud based solutions?  I've never had any issues with Linode, but anytime I've used VPSs in teh past, I've always had trouble. And typically the hosting companies support dept. deny that the server is overtaxed
<Patrickdk> I thought linode was all vps also
<SpamapS> Nooo
<SpamapS> Linode is VMs
<Patrickdk> plus, the definition of overtaxed, is not always the same
<SpamapS> far less opportunity to overcommit
<imanc> ahh linode are Xen VPS, apparently
<SpamapS> imanc: If a hosting company treated me like that, I'd take my business elsewhere.
<imanc> SpamapS: yes, well apparently they have been pretty crappy in general
<Patrickdk> heh, I hate people used these new amazon t1-micro thing
<Patrickdk> then asking why they don't work
<imanc> but my client didn't see a clear reason to trasfer to linode. I think now we have one.
<SpamapS> I went to a party they threw in Portland where they paid for about 200 peoples' bar tabs all night. They can afford to not f*** you over.
<Patrickdk> I see them contantly going with 0 cpu availablity for >min at a time
<imanc> SpamapS: media temple?
<imanc> whoa
<SpamapS> Patrickdk: oh yeah, t1.micro is a total fail for anything but the tiniest load.
 * SpamapS waves his hands in front of his own wordpress site running on t1.micro .. "NOTHING TO SEE HERE"
<Patrickdk> ya, nothing like 2min page load times :)
<SpamapS> Patrickdk: yeah, you're at the mercy of all the m1.small's on the same hardware. ;)
<SpamapS> Patrickdk: aggressive caching is where its at. :)
<Patrickdk> this was a pure static site :)
<SpamapS> Patrickdk: if I haven't updated anything on the site, it pretty much just serves everything out of the ondisk cache.
<SpamapS> Patrickdk: that has never happened to me.. but.. I think I get 100 page views per day. ;)
<imanc> a
<imanc> Thanks for your help guys!
<uvirtbot> New bug: #952340 in autofs5 (main) "autofs5 fails to install:  post-installation script returned error exit status 1" [Undecided,Confirmed] https://launchpad.net/bugs/952340
<Code_Factory> hey guys hi all.. I have an issue, I've lost a db schema of an ubuntu server
<Code_Factory> The only solution I think that i can perform is to try and restore the deleted data files
<RoyK> a db schema?
<Code_Factory> does anybody think that will help?
<Code_Factory> yes
<RoyK> what is that?
<Code_Factory> sorry a mysql database
<RoyK> then you have to restore from backup, yes...
<RoyK> (unless the database resided on a snapshot-capable filesystem and you took snapshots regularly)
<Code_Factory> RoyK: well thats the issue, I have  a month old backup
<Code_Factory> RoyK: nope
<RoyK> what happened to the db?
<RoyK> disk crash?
<Code_Factory> I'm between a rock and a very hard place right now
<Code_Factory> RoyK: no someone messed up using the workbench
<RoyK> oh...
<RoyK> DELETE FROM blah; ?
<Code_Factory> no "DROP schema"
<Code_Factory> :S
<RoyK> heh - so "drop database" (schema is a synonym for database)
<RoyK> meaning, basically, you're in deep brownies
<Code_Factory> yeah
<Code_Factory> I have a month old backup
<Code_Factory> but thats just bad business
<RoyK> I'm afraid that's all you have, then
<Code_Factory> I'm trying to user photorec
<Code_Factory> to restore .frm files
<RoyK> unless you want to attempt to do low level recovery
<RoyK> and if so, unplug the server asap
<Code_Factory> yes thats what i'm thinking of
<RoyK> if you want to do low level recovery, you need a full copy of the disk as it is
<Code_Factory> but the problem is that the recovery tools in ubuntu are queit complicated for me
<Code_Factory> and I'm not that experienced
<RoyK> I somewhat doubt you'll get much out of it unless you're really good, though
<Code_Factory> yes i understand that, but it won't hurt to try
<RoyK> then poweroff the machine, boot on something like a live usb stick, connect a largeish disk and dd off the entire partition or disk with that filesystem
<Code_Factory> photorec tells me no hard disk
<RoyK> photorec sucks
<RoyK> it probably only knows fat32
<RoyK> and you probably use ext3 or ext5
<Code_Factory> and skalpel and magic rescue requires my to make header and footer in the extension files
<RoyK> erm, ext4
<patdk-lap> hmm, ext5
<Code_Factory> one sec, I'll tell you
<RoyK> recovery from ext[234] is generally very hard, MUCH harder than with fat32
<Code_Factory> would you know of a tool that would help?
<RoyK> not really
<RoyK> even if there was an undelete tool, it wouldn't help much, since the database is removed from inside mysql
<Code_Factory> yes, but there's a place where the files reside.. thats where the data is kept in binary format
<Code_Factory> if i get to them, i can savor some importand data from my VM
<Code_Factory> than update the db with the difference
<Code_Factory> those last couple steps seems of a less challenge to me than recoviring lost files from ubuntu server
<RoyK> problem is, with fat32, only the index is removed when a file is deleted. with ext[234], the filesystem is cleaned for references for the file
<RoyK> meaning the file is GONE
<Code_Factory> ah,, )(**&&(
<RoyK> indeed
<RoyK> that's why it's crucial to keep a backup...
<RoyK> Code_Factory: what was in that database?
<Code_Factory> LOL. I'm on the mysql channel hearing the same words
<RoyK> :)
<Code_Factory> RoyK: its a database for a social website ('self -driven content')
<Code_Factory> so it loox very poor now when users are sent back to a month old system, some users will need to resign up
<Code_Factory> its really a very bad situation we have jere
<Code_Factory> here
<patdk-lap> daily backups :)
<qman__> yep
<qman__> unless you shut off the server pretty much immediately after it happened, there's almost zero chance of recovery
<qman__> consider it lesson learned, backups are important
<Code_Factory> RoyK: thank you I gtg now and jump in my problems
<Code_Factory> one more question if possible: how to find out what filesystem i'm running?
<qman__> lots of ways, mount, cat /etc/fstab, sudo fdisk -l
<qman__> cat /proc/partitions
<qman__> df -h
<Code_Factory> qman__: df and fdisk gave me info except the type of filesystem
<Code_Factory> qman__: actually none of them did
<qman__> mount does for sure
<qman__> df doesn't, that's my bad, fdisk only shows 'linux' which could be any linux type
<Code_Factory> qman__: yes thank you
<Code_Factory> qman__: I"m on ext3  do you know of any file recovery tools?
<qman__> nope, like I said
<qman__> unless you shut off the server almost immediately after it happened, it's gone
<Code_Factory> qman__: thank you
<Gallomimia> scuse me. what's the command (i need to read and study) to control services such as sshd and a new service i've just installed (named murmur) a link to a manual about the same would be appreciated. thanks in advance
<guntbert> Gallomimia: try with sudo service ssh status   (or start     or stop)
<Gallomimia> service. okay. i want to read manuals and pages first
<Gallomimia> thanks guntbert
<scubes13> running a virtual kvm of ubuntu 10.04 serverâ¦. when running rsyslog, I am getting "Could no open output file '/dev/xconsole' [try http://www.rsyslog.com/e/2039 ]" in the logs...
<scubes13> apparently the /dev/xconsole device doesnt existâ¦ can I point this to another location? IE, a file in /var/logs maybe and avoid the above error?
<qman__> scubes13, you can configure rsyslog to not log to console, and log to files only
<pabelanger> Good news everybody!  After a few hours of testing, I've managed to add dbconfig-common support to glance (mysql ATM).
<SpamapS> pabelanger: I *think* that is cool
<SpamapS> pabelanger: tho dbconfig-common can sometimes be a double-edged sword.. since you *have* to have a running db server to complete installation
<pabelanger> SpamapS, indeed!  Automated database configuration
<pabelanger> yar
<SpamapS> reminds me that I need to write the dbconfig-common charm helper so juju charms can make use of it more easily
<pabelanger> Will likely have to talk more about that, but for now the default database is sqlite (boo).  Perhaps we can see about changing it to mysql or pgsql
<pabelanger> SpamapS, Ya, I have some existing puppet manifests that will use dbconfig-common, the main reason for making the changes
<SpamapS> pabelanger: I'd think sqlite being default is a good way to go. Casual users will appreciate it.. larger systems require testing/planning/etc and so people will have to pre-seed values anyway.
<pabelanger> SpamapS, Ya, I'm just going to leave it as the default.
#ubuntu-server 2013-03-04
<Syria> Hello!! I have deleted all the users in the phpmyadmin by accedent!! How can create a new user agian?? I can't log in.
<andol> Syria: http://dev.mysql.com/doc/refman/5.0/en/resetting-permissions.html#resetting-permissions-unix
<Syria> andol:  After submitting the query I got this "Rows matched: 0  Changed: 0  Warnings: 0"
<Syria> I don't think that I have a "root" user now, I have deleted all the users.
<Syria> andol:  Can I remove it compeletly and re-install it agian from the scratch please? I don't have important information like data bases or something.
<andol> Syria: You can do that too.
<Syria> Lost the connection!
<dchevak> hello all how are you
<dchevak> I wish I new about IRC before changing anyway I was running ubuntu 12.04 server on 2 pc's for a small wireless intranet anyway switched one to CentOS 6.3 I always seem to have problems with ubuntu updates with apt-get
<dchevak> can someone give me a link to search for IRC chat rooms looking for BIND NAME server ISC maybe I should go there maybe they have it posted on there web site
<psivaa> jamespage: hallyn: Reported a new bug on lxc test cases, for a failure in SimpleLxcTests: bug 1144111
<uvirtbot> Launchpad bug 1144111 in ubuntu-test-cases ""Error: Failed copying lxc package contents in container test-raring" in SimpleLxcTests test step" [Undecided,New] https://launchpad.net/bugs/1144111
<zul> jamespage:  quantum has testrepository support now maybe we should consider switching the packaging to use it? (i havent tested it though)
<jamespage> zul, if you would like to test and propose it please feel free :-)
<zul> jamespage:  ack
<hallyn> psivaa: yeah i hadn't had a chance to verify, but some comments after stgraber's PEP8 cleanup patch made me think he might have accidentally undone a fix
<hallyn> i'll merge a fix, thanks
<zul> jamespage:  yeah not going to happen
<hallyn> (i'll address stgraber's other comments - which i hadn't yet - at the same time :)
<psivaa> hallyn: ack, thank you
<g0tcha> hey guys, everytime i try to install something using apt-get i get this msg http://paste.ubuntu.com/5585178/
<g0tcha> can someone help me out with this? i tried to run 'apt-get -f install' and 'apt-get autoremove' and still the same problem
<stgraber> hallyn: oops, sorry about the breakage... I thought the diff looked reasonable here after I handled the conflict, but apparently not...
<hallyn> stgraber: it's a long string of chrooted commands, eye-numbing.  completely understandable :)
<hallyn> psivaa: fix should be pushed.  are you goign to be doing a new run very soon, or should i?
<psivaa> hallyn: i could run once the fix goes to  lp:ubuntu-test-cases/server. Until then our tests wont pick the fix, but if you want me to run it against your personal branch, i could try
<hallyn> psivaa: i pushed the fix to there
<psivaa> hallyn: ahh ok, ill run the tests then. thanks
<hallyn> psivaa: thanks.  (i had to nuke themachine i was last testing on :)
<psivaa> hallyn: np, the tests are running now, I'll let you know the results once they are done
<lyda> Looking at the ubuntu cloud server images here: http://cloud-images.ubuntu.com/precise/current/
<lyda> is there an easy way to go from the .img files to an AMI?
<lyda> in other words can i configure server images locally, run them through local testing and then release them as AMIs?
<SpamapS> lyda: IIRC there's a tool that does exactly that
<SpamapS> lyda: curious though, why not customize an EBS root instance and then just snapshot it and turn it into an AMI?
<lyda> SpamapS: that's a valid way to do things of course, but I'd like to create an instance that i can use on open stack as well.
<lyda> in addition i'd like to use it for running tests locally - without fears of incurring huge costs.
<eagles0513875_> hey guys i am looking for documentation on how to setup sieve on ubuntu 12.04 does anyone have a good link on how to configure it
<lyda> why bzr, why?
<eagles0513875_> ?
<eagles0513875_> that came out of nowhere lol
<lyda> (sorry, nothing against bzr, but the rest of the world has chosen git.)
<eagles0513875_> lyda: canonical seem to enjoy being different. hwo did you find setting up openstack on ur system? when i read the open stack documentation i find it rather daunting and intimidating
<lyda> i find it a bit of a pain.  we don't really have a decent setup yet.
<eagles0513875_> lyda: have you taken a look at cloud stack
<eagles0513875_> citrix open sourced it under the apache license nto sure if that would be any easier
<lyda> not really, no.
<lyda> is it an openstack setup tool?
<lyda> they often seem worse than openstack!
<eagles0513875_> no
<eagles0513875_> concept i would say is similar to that of open stack but its focus is infrastructure as a service
<eagles0513875_> lyda: i guess it depends on the project
<lyda> ah.  well, an amazon compatable api is important.
<lyda> and honestly i think open stack is the right direction.
<lyda> specifically i'm interested in the lxc "virtualisation."
<lyda> ha!
<eagles0513875_> :) lyda thanks for confirming with me though that im not the only one who finds open stack setup and configuration daunting
<lyda> sudo pip install bzr
<eagles0513875_> bzr is python based O_o
<lyda> git clone bzr::lp:cloud-init
<eagles0513875_> O_o
<eagles0513875_> lyda: are you setting up your own instance of launchpad
<lyda> i'm just checking out the code.  but with git, not bzr.
<eagles0513875_> interesting
<eagles0513875_> i have heard that launchpad isnt an easy thing to work with or setup
<eagles0513875_> lyda: are you looking for a bug tracker of some sort?
<lyda> nope.
<lyda> internally we use jira.
<lyda> and for SCM we use gitlab.
<eagles0513875_> nice :) im hosting a few personal repos on a virtual server of my own but i think im going to start using bitbucket more
<eagles0513875_> with bitbucket you have a choice between mercurial and git
<eagles0513875_> lyda: if you looking for an external bug tracker checkout redmine as I have heard alot of good things about it
<lyda> i have two oss projects and i actually use all the major git code hosters so contributors can use what they feel comfy with.
<psivaa> hallyn: the LXC tests have another failure, http://pastebin.ubuntu.com/5585410/. Please let me know I should report a separate bug
<lyda> see the README for https://github.com/lyda/misspell-check
<eagles0513875_> lyda: have you used any web frameworks or anything seeing as you like using python
<lyda> i've been trying out bottle (framework) and waitress (for serving).
<lyda> they seem to work well.
<eagles0513875_> does anyone know if i install the dovecot-sieve package on 12.04 if that will effect the current operation of my mail server? or will i still continue to to get emails and send them
<eagles0513875_> lyda: if you like python check out django its is probably the most complete in terms of documentation
<lyda> it is, but it also seems kind of heavy.
<lyda> i have played with it.
<eagles0513875_> lyda: what webserver did you try it out on
<eagles0513875_> i need to when i have the time migrate all myservers away from apache prefork
<eagles0513875_> that thing is a memory hog and implement php-fpm
<lyda> for waitress i just used it directly for an internal deployment.
<lyda> i think if i was actually deploying it i'd put it behind ngnix or apache.
<eagles0513875_> what exactly is waitress like a pos system for restaurants or something
<eagles0513875_> what about lighttpd lyda i have been told that has virtually 0 memory footprint somehow
<sliddjur> Can someone help me out with enabling pam module cracklib to set password complexity rules? I've come to the point where I dont know what im doing anymore... :s
<sliddjur> ./etc/pam.d/common-password:password     required        pam_cracklib.so retry=3 minlen=8 difok=3 dcredit=1 ucredit=1 lcredit=1 ocredit=1
<hallyn> psivaa: d'oh.  typo.  sorry
<hallyn> oen sec,
<sliddjur> I thought this would enable password rules, but it doesnt seem to be enabled when I change my users password (not with root)
<hallyn> psivaa: fix pushed, thanks
<psivaa> hallyn: ok thanks, running again
<SpamapS> lyda: perhaps have a look at https://github.com/stackforge/diskimage-builder
<SpamapS> lyda: it will output a raw image that, I think, will boot just fine on ec2
<rbasak> jamespage: hey! I've prepared an upload for ipmitool in bug 1074443 that I'd like to get in before feature freeze. Should I put this in the sponsor queue as usual in the hope that it'll go in on time, or could you review/upload it for me please?
<uvirtbot> Launchpad bug 1074443 in dell-poweredge "Please upgrade ipmitool to 1.8.12 for 13.04" [Wishlist,In progress] https://launchpad.net/bugs/1074443
<SpamapS> eagles0513875_: also re "why bzr" its not so much that canonical enjoy being different as the fact that bzr and git grew at the same time... git in the kernel community (and later everywhere else) and bzr in canonical and its projects....
<SpamapS> lyda: ^^
<eagles0513875_> SpamapS: what advantages does it have over the already established ones such as git svn mercurial
<SpamapS> lyda: anyway, since you are interested in openstack .. di-b is nice.. and developed using the same model.
<SpamapS> eagles0513875_: bzr is already established too ;)
<SpamapS> eagles0513875_: its just not widely adopted
<eagles0513875_> what advantages does it have over the main stream ones  SpamapS
<SpamapS> eagles0513875_: bzr doesn't ever rewrite history unless you explicitly say "delete that commit" and it can only pop them off the top.
<SpamapS> eagles0513875_: instead it folds them down into commits underneath the larger ones
<eagles0513875_> interesting but technically isnt that what the others do as well?
<SpamapS> eagles0513875_: it also is *FAR* easier to learn how to use the whole bzr toolset. If you've never used bzr or git, bzr will take maybe a week to master.. git .. well I've been using git since December and I know f*** all about it.
<SpamapS> eagles0513875_: forget svn, its not even in this conversation.
<eagles0513875_> interesting
<eagles0513875_> lol
<SpamapS> eagles0513875_: hg I know very little about
<eagles0513875_> lyda: have you looked at juju and charms for what you are doing to help ease your deployments of frameworks etc
<SpamapS> eagles0513875_: git does rewrite history.. you can delete commits going back forever w/ rebase.
<SpamapS> heh... IMO juju is not quite there for "easing deployment of frameworks"
<SpamapS> It eases deployment of infrastructure like a champ
<SpamapS> databases, monitors, logging, queues, all good. frameworks.. well.. just go try the django charm. :-/
<rbasak> Technically git doesn't rewrite history, and you can't delete commits. You only create new history and generally choose to forget about old branches by moving branch tips. What I find interesting is that when we say we "merge" an Ubuntu package with a newer Debian package, what we actually do is in git parlance a "rebase" (despite what we might commit in bzr UDD).
<SpamapS> rbasak: yeah, the way bzr is abused for separate tracking of upstream source and debian changes is definitely more git's territory
<SpamapS> rbasak: you are tainted by git mastery .. git masters *HATE* bzr
<SpamapS> and, I get it now
<SpamapS> because git has all the tools to do the appropriate surgery on your VCS to make it be representative of what you want.
<SpamapS> bzr hides them or outright makes them impossibly hard to find, because bzr is a perfectionist
<rbasak> I think the problem is that bzr is very poorly documented for git masters. It hides what's really going on. So yeah, exactly what you're saying.
<SpamapS> I also have the bad fortune to be dealing with OpenStack's limited git workflow, which isn't helping me love git ;)
<rbasak> All the documentation is workflow based, which works until I have an unusual workflow. Then there is no documentation, and all I can do is ask others what they do. With git, the documentation is extremely details always enough (if you're willing to delve into the data structures, which is easier with a CS background).
<jamespage> rbasak, ok - I'll take a look
<jamespage> rbasak, is it actually a merge from upstream or a new upstream release?
<rbasak> jamespage: I meant upstream as in not Debian. New upstream release that I've merged with previous Ubuntu package.
<rbasak> As you're asking, I guess the answer is "new upstream release". I guess I shouldn't call it a merge then in this case?
<jamespage> rbasak, yeah - I'll fix it up locally and upload for you
<rbasak> Thank you!
<jamespage> rbasak, uploading now
<jamespage> rbasak, thanks for picking that up
<jamespage> rbasak, build failure on powerpc - https://launchpad.net/ubuntu/raring/+source/ipmitool/1.8.12-0ubuntu1
<rbasak> jamespage: :-(
<rbasak> jamespage: looking at it now. Looks like a simple endianness/porting issue.
<tkeith> I upgraded a package and it asked me what I want to do about changed configuration and I hit N for "keep current config". Now I want to know what the changes were. How do I get apt or dpkg to give me that option again?
<rbasak> tkeith: sounds like a conffile prompt. Usually you'll end up with .dpkg-dist or .dpkg-old files in the same directory as the conffile affected. I'm not sure how to identify which conffile was affected after the prompt though. Searching for files with a .dpkg-dist suffix in /etc might be your best bet.
<tkeith> rbasak: Ah, thanks! I knew which file it was, and there's a .dpkg-disk
<rbasak> Great!
<smoser> hallyn, i dont know if you're aware and it is by design or not
<smoser> but i think that default memory size to kvm changed
<smoser> i think at one point in ubuntu it was 256 maybe.
<smoser> now it seems like 128
<smoser> but i could be just mis-remembering
<hallyn> smoser: yeah, kirkland carried a patch setting it actually to 356 i think,
<hallyn> no you're right
<hallyn> smoser: we can re-add that patch if it's needed for something, i'm just trying to get delta from debian as small as possible
<hallyn> i do agree default size is useless :)
<hallyn> shout if you want the patch back
<smoser> hallyn, perhaps try to push that to debian?
<smoser> to keep the delta small
<mattrae> anyone familar with apt-mirror? my first download completed but i wanted to run again to just get anything that updated. now its saying its downloading the same amount of data i initially downloaded. anybody know if this is actually an incremental download?
<hallyn> smoser: lemme ask there real quick
<mattrae> i don't want to re-download everything if i can avoid it
<tasslehoff> on my synology-nas it was possible to have an encrypted volume that I could decrypt and share via samba. how can I do the same on ubuntu? must I manually do the decrypt, and then restart samba with an added share on the mount point?
<tasslehoff> or are there more elegant solutions?
<sarnold> tasslehoff: how did you give the key to the synology to decrypt the data?
<tasslehoff> sarnold: I think I only had to give a password when creating the share
<tasslehoff> so, not sure exactly how secure it was
<sarnold> tasslehoff: aha, so it stored the key somewhere?
<RoyK> or used the password hash as the key?
<sarnold> tasslehoff: you could re-create that with ecryptfs or dm-crypt and store the key on the server somewhere, so it doesn't require your interaction to mount it every boot...
<sarnold> RoyK: ah, another good possibility
<RoyK> meaning !secure
<tasslehoff> I would have to make sure samba starts after the encrypted folder is mounted?
<tasslehoff> Is truecrypt a good solution as well? Have used it on my desktop before, but never on a server.
 * tasslehoff will google
<guntbert> Where resides the setting if I want be prompted for non-LTS upgrades or not?
<guntbert> s/if/whether/
<patdk-wk> /etc/update-manager/
<guntbert> patdk-wk: thx so much :-)
<guntbert> hmm - two systems (12.04.02 LTS), both have "prompt=lts", one prompts me for 12.10 on login, one does not
<zul> jamespage:  ping i filed the MIR for python-json-patch and python-json-pointer fyi
<hallyn> stgraber: triggered a few pre-existing bugs in my cgroup patch, so the patchset i'm sending out is growing...  on the bright side it'll survive all the tests i can throw at it
<hallyn> stgraber: interestingly, lxc-destroy isn't yet lxcpath aware (be careful with that!).  (patch to fix that going out now)
<stgraber> hallyn: oh, so apparently I just used rm and not lxc-destroy when doing lxcpath testing ;) good catch
<hallyn> smoser: mjt says he intended to send a patch to up default memory size upstream.  so we'll get this fixed through debian at least - thanks
<utlemming> smoser: Bug #1145215
<uvirtbot> Launchpad bug 1145215 in cloud-init "cloud-init mangles sources.lists if mirror can't be found" [Undecided,New] https://launchpad.net/bugs/1145215
<smoser> utlemming, what release is this ?
<utlemming> precise
<utlemming> I booted this on a non-EC2/Openstack cloud
<axisys> how to install netbackup client?
<axisys> dont see one
<axisys> should this question be in offtopic ?
<smoser> utlemming, it seems there is a bug there, but i dont understand how it would ocur with the /etc/cloud/cloud.cfg that is packaged.
<utlemming> smoser: I am overriding the cloud-config. See: http://paste.ubuntu.com/5586309/
<RoyK> axisys: heh - call support ;)
<smoser> buti i think your file inside the image is busted.
<smoser> as it should look like: http://paste.ubuntu.com/5586315/
<utlemming> smoser: is the apt_mirrors syntax deprecated?
<axisys> RoyK: heh
<smoser> utlemming, yes. https://bugs.launchpad.net/cloud-init/+bug/1006963 has the correct way to do that.
<uvirtbot> Launchpad bug 1006963 in cloud-init "sources.list configuration does not cover security" [Medium,Fix released]
<smoser> it was intended for what you did to work, but clearly it did not.
<utlemming> smoser: ack, thanks for the clarification
<smoser> utlemming, fwiw, i cannot reproduce this.
<smoser> it works as expected on openstack.
<hallyn> stgraber: hm, (testing now, but) does /etc/init/lxc.override work in lucid?
<stgraber> hallyn: not sure, I can't remember using those back then
<utlemming> smoser: interesting. I'm doing another test
<utlemming> smoser: I'll give you access once its booted
<smoser> http://paste.ubuntu.com/5586373/
<hallyn> stgraber: oh, sorry, that wasn't the problem...
<jcastro> smoser: do you have any generic cloud talks? We have that cloud talk in Ann Arbor on Wednesday btw.
<jcastro> smoser: I was just going to do Juju but I think some info about Guest would be welcome.
<aleza84> how can I connect to a wireless lan wpa2 encrypted via console?
<tsaavik> Anyone know if/where there are docs on the various default user groups in ubuntu?
<tsaavik> Yes, there is checkout:
<tsaavik> https://wiki.ubuntu.com/Security/Privileges
<sarnold> tsaavik: neat, thanks
<azbyin> hi all..
<azbyin> what is the essential difference between  %admin ALL=(ALL) ALL     and   %sudo   ALL=(ALL:ALL) ALL  in the sudoers file?
<sarnold> azbyin: depends on the contents of the 'admin' group vs the 'sudo' group
<sarnold> oh, there's the (ALL) vs (ALL:ALL) difference, too...
<azbyin> i have identical sudoers files on my local workstation and a uec image running on a vm. both os are precise lts. on my local workstation my user is 'azbyin' and am in the 'sudo' group. on the cloud machine the user is 'ubuntu' and is in the 'admin' group
<azbyin> now, my workstation asks for my passwd when i try any command with sudo (with the obvious credential caching (for 15 mins?)) while on the cloud machine ubuntu is able to run any sudo command without request for passwd
<azbyin> from my understanding of reading the sudoers manpage, it should ask for a password _unless_ NOPASSWD is present in the rule
<azbyin> so, i don't understand the difference in behaviour
<bmoyles> is there a defaults line in sudoers that specifies anything around authentication?
<azbyin> oh, also.. on my workstation my user is uid 1000, on the cloud machine ubuntu user is uid 999
<bmoyles> you can turn off authentication globally in sudoers
<azbyin> bmoyles, as i mentioned above, the sudoers files on my machine and the cloud machine are *identical*
<azbyin> does it differentiate between 'system' users with uid < 1000 and non-system users where uid >= 1000 ?
<azbyin> if yes, i do not see this in the manpage
<azbyin> so, i assume it must be because of the differing group membership and consequently differing rule being applied
<azbyin> but the rule by itself does not indicate that passwd will not be authenticated! so i do not see how this behaviour occurs
<bmoyles> yes, they're identical, but look in /etc/sudoers.d
<azbyin> ah indeed
<azbyin> i was accidentally looking at the wrong tab
<azbyin> i.e. i looked at /etc/sudoers.d/ on my own workstation *twice* and saw only the README file
<azbyin> grr..
<azbyin> thanks for the clarification. and i'm happy that i could understand the manpage by myself :)
<sarnold> bmoyles: nice :)
<bmoyles> the sudoers manpage has to rank as one of the more confusing manpages to ever exist :)
<azbyin> well, it does list the BNF grammar
<azbyin> but compensates by giving very clear examples at the end
<sarnold> the downside is that the examples it gives are for a very comprehensive deployment suitable at a business or something
<sarnold> it needs a "dumb guy" section for simple uses for people like me :)
#ubuntu-server 2013-03-05
<adam_g> jamespage, ive just consolidated all changes to $charm/hooks/lib/* and hopefully resolved all diffs safely and pushed to lp:~openstack-charmers.~openstack-charmers/openstack-charm-helpers/ha-helpers, going to sync across all ha-support branches that use them off
<smoser> jcastro, oh. wow. wednesday.
<jcastro> I know right
<spencer> Hey, anyone got experience with inotify or inotifywait to watch for file system changes?
<sicness> Hello. By default dhclient runs with parametr "-1" that meen to be dead if dhcp server will not respone. How to make dhclient "PERSISTENT" at network start?
<qman__> you could probably just set the max tries to something astronomical
<sicness> qman, thx, I'l do that if wouldn't find right way.
<sicness> Anybody know who does start  dhclient usually?
<Syria> could someone please tell me how can I completly remove phpmyadmin and SQL ! after deleting the users from phpmyadmin by accedent I cannot log in anymore!
<andol> Syria: Generally phpmyadmin doesn't know anything about your users, but merely relays the login to the mysql server.
<Syria> andol:  So deleting the mysql-server should solve this problem?
<Syria> and re-installing for sure.
<andol> Syria: Well, there are a few more packages related, to might want to for all packages matching mysql-server*, as well as running the apt-get remove with the --purge flag. Depending on whatever the removal removes the /var/lib/mysql or not (depends between versions) you might manually need to remove that as well. That is assuming that you are still fine with the option of completly starting over with MySQL.
<andol> (As I pointed you to yesterday, there are otherwise more surgical solutions to recreating your mysql users.)
<Syria> andol:  Yeah I don't have any important information, so I have to start with "sudo apt-get remove --purge mysql-server" right?
<Syria> andol:  The remove the files in " /var/lib/mysql " ?
<andol> Syria: Well, mysql-server is really only an (empty) meta package, so as I said, you want to do the same with your other installed mysql-server* packages
<Syria> andol:  I see.
<Syria> andol:  Then it might be an easier thing that I try to add a "root" user !
<Masshuu> I want to get the contents from either a running screen or tmux. Issue is both require there be a terminal to attach to and i'm trying to do it programmatically where thats not an option.
<Piego> hi! I have a problem. I have a linux box perfectly configured whose connection does not work. It is a virtual machine so it cant be a hardware problem. What can it be the problem? The ip address is correctly configured and route too. Dns is fine. The gateway works because other vms pass through it. Im lost :-/
<nilli> I'm looking to install a php extension and the latest version I can find is a .deb for ubuntu 7 but my server is ubuntu 8.04.4. is that definitely a bad idea or should I just and see?
<nilli> test and see*
<apelles> hello.  can someone here help me setup email server - packages needed tweeks and stuff
<apelles> is there special time i should visit this irc channel to get hel?
<apelles> maybe i should leave my email address, and someone will get back to me: apellesnoel@gmail.com
<nilli> that probably won't happen
<maxb> apelles: I think your problem is that your question is too general
<nilli> apelles: this article could help you get better help http://www.sabi.co.uk/Notes/linuxHelpAsk.html
<maxb> Most people are happy to help on IRC with specific probles. However most people don't want to talk people through entire setup procedures
<apelles> is there a server i can get help from? or a channel  to visit
<apelles> nilli - article is great !  thank you
<nilli> I think you'll have a hard time finding any one person to help you through every step, unless you ask the right questions or pay someone for it
<maxb> Best start by reading some documentation, having a go, and asking questions about specific things which are unclear or which don't work
<apelles> thank you - bye for now
<mark__> hello
<mark__> i'm seeking help
<mark__> i cannot use my apt-get to do anything
<mark__> when i want to install anything apt tells me that the package exim4-base is broken
<mark__> when i want to remove it (because i don't use it) it tells me it's broken and to reinstall it
<mark__> when i reinstall it breaks
<mark__> and when i want to remove it, it returns with an error from post-removal
<mark__> can anyone shed some light on it?
<mark__> i wanted to install postgresql-contrib-9.2 but i get errors about exim4-base
<yolanda> hi, can you try with: dpkg -r <<name of package>> ?
<mark__> i did. DPKG tells me that exim4-base should be reinstalled
<mark__> is there a way to brutally remove exim4, so that apt forgets about it and will not try to do anything with exim4 while installing other packages?
<yolanda> dpkg -r exim4-base doesn't do the trick?
<mark__> tried that several times, but it tells me to first reinstall exim4-base
<mark__> when i try apt-get install --reinstall i get errors
<yolanda> and with --force flag?
<mark__> apt-get install --reinstall --force exim4-base?
<mark__> or dpkg -r --force exim4-base ?
<yolanda> dpkg -r --force exim4-base, but not sure
<Seveas> mark__, that's the 'dpkg is very confused' warning. Best to follow its advice
<Seveas> can you pastebin the foll error that you get when reinstalling?
<Seveas> s/foll/full
<g0tcha> hey guys, really need some help, whenever i try to install something on my ubuntu server i get this: http://paste.ubuntu.com/5587550/
<g0tcha> and the package doesnt get installed.. anyone know how to fix that by any chance?
<Seveas> g0tcha, try removing redmin and ruby-rails-3.2
<g0tcha> Seveas, i did, i still get the same error when i try to remove a package too
<Seveas> g0tcha, pastebin the output of: dpkg -P redmin ruby-rails-3.2 (this will purge the packages completely from your system)
<g0tcha> Seveas, here are the results: http://paste.ubuntu.com/5587557/
<g0tcha> when i run apt-get install it gives another error
<Seveas> g0tcha, typo in the command. redmin should be redmine
<g0tcha> Seveas, cool.. i think it worked now!
<g0tcha> Seveas, thanks alot, this fixed my issues no doubt.. i just have a question, what does "apt-get autoremove" does exactly?
<g0tcha> last time when it suggested to run it, it was going to remove 380MB of data from the server
<Seveas> autoremove removes packages that got installed as dependencies, where the dependent has already been removed manually
<g0tcha> so its safe to run this from time to time to make sure the system is clean?
<Seveas> so if you do 'apt-get install foo' and foo has bar as dependency, 'apt-get remove foo' won't remove bar but a subsequent 'apt-get autoremove' will.
<g0tcha> it will Not remove something thats being used by something else, correct?
<g0tcha> right.. interesting
<g0tcha> thanks for the info
<Seveas> it's safe to run if you inspect the list of packages beforehand
<freakynl> Hi, I'm running badblocks on 12 SAS disks connected to a LSI SAS controller. iostat shows they only do 7.3MB/s though, any ideas? 7.3 is really low, have system that's identical (hardware wise) that went way over 100MB/s (the first so much data (outter ring) anyways)
<freakynl> Hmm dd does ~130MB/s (1mb bs), any guesses why badblocks would be so slow?
<freakynl> The only thing I can come up with is that it's related to the USB stick it's running off which is connected to a USB 1.1 port (why would one wire the USB 2.0 the chipset provides if you can just wire 1.1 and forget about it)?
<patdk-lap> freaknl, maybe you should actually show the iostat values?
<ruben231> hi guys, i have installed apache2 on my ubuntu 10.04 LTS but problem when i reboot it wont start automatically i need to induce it with command before it starts /etc/init.d/apache2 restart <<<<<-------------------any idea how to solve this..?
<Daviey> I want a biscuit
<g0tcha> would changing the hostname of an ubuntu server break anything?
<g0tcha> if its still a fresh install, just need to change the hostname set durring the installation
<patdk-lap> ruben231, how exactly did you install apache2?
<ruben231> patdk-lap: apt-get install apache2
<ruben231> any idea..?
<rbasak> jamespage: powerpc ftbfs fix: https://bugs.launchpad.net/ubuntu/+source/ipmitool/+bug/1074443/comments/11
<uvirtbot> Launchpad bug 1074443 in dell-poweredge "Please upgrade ipmitool to 1.8.12 for 13.04" [Wishlist,In progress]
<jamespage> rbasak, ta
<jamespage> I'll review and upload
<rbasak> Thanks!
<jamespage> rbasak, as the resident non-x86 expert any ideas on the armhf failure here - https://launchpad.net/ubuntu/raring/+source/mongodb/1:2.2.3-0ubuntu1
 * rbasak looks
<jamespage> rbasak, I'm sure this worked OK for me locally but I think it may have been with 2.2.2 rather than 2.2.3
<jamespage> my panda is being temporamental right now
<rbasak> jamespage: looks like a preprocessor accident to me. I'll pull the sources and take a look.
<Nul0>  Hello. I'm considering formatting my external drive as ZFS and using it as a backup storage system (mainly for its inbuilt deduplication). I'm running Ubuntu 12.04. Does this sound like a good idea? Any words of caution I should bear in mind?
<jamespage> rbasak, ta
<zul> hallyn:  ill get 1.0.3 packaged today (i hope)
<ruben231> hi guys, i have installed apache2 on my ubuntu 10.04 LTS but problem when i reboot it wont start automatically i need to induce it with command before it starts /etc/init.d/apache2 restart <<<<<-------------------any idea how to solve this..?
<hallyn> zul: nonsense, you're busy today
<zul> hallyn:  im always busy :)
 * SpamapS wonders if the server team went out drinking on Google+ last night to make it a proper UDS
 * jamespage is still getting over the hangover
<ogra_> SpamapS, yeah, and they all ctached virtual ubuflu ... !
<Daviey> i'm hanging out of bed
<SpamapS> yeah I seem to have caught real ubuflu even w/o the flights and many nights of sleep dep and self-poisoning
<ruben231> hi guys, i have installed apache2 on my ubuntu 10.04 LTS but problem when i reboot it wont start automatically i need to induce it with command before it starts /etc/init.d/apache2 restart <<<<<-------------------any idea how to solve this..?
<GridCube> hi, what is the alternative to use >> sysctl net.inet.tcp.msl=2500 << in ubuntu, given that there is no /proc/sys/net/inet directory?
<SpamapS> ruben231: you should see something in the console/boot messages about why it is failing.
<SpamapS> ruben231: any reason you're not using 12.04 ?
<SpamapS> GridCube: is it possible that setting has been deprecated?
<jamespage> rbasak, uploaded
<rbasak> jamespage: thank you!
<GridCube> SpamapS, and what would be an alternative to that?
<rbasak> jamespage: I'm reproducing your mongodb ftbfs now
<jamespage> rbasak, thanks for looking at that - it does take a v long time to build on arm btw
<GridCube> http://serverfault.com/questions/129950/can-i-make-tcp-ip-session-to-run-less-than-60-seconds this is from where im taking it
<GridCube> its there something like tcp.nolocaltimewait?
<rbasak> GridCube: looks like tunables are in /proc/sys/net/ipv4 now. I don't see msl though
<rbasak> GridCube: I don't think this is an Ubuntu-specific thing. I think the change probably applies to anyone running a more recent Linux kernel. That might help your Googling perhaps?
<GridCube> :( i've been searching for hours
<GridCube> well, 'bout two
<rbasak> You could find the Linux git changelog message associated with the change. The commit message might list something useful.
<rbasak> (eg. what replaces it, or why they removed it)
<jamespage> rbasak, w00t - https://launchpad.net/ubuntu/raring/+source/ipmitool/1.8.12-0ubuntu2
<hdd1> rbasak: but then the msl is hardcoreded in some sys/*.h library?
<rbasak> hdd1: they removed the tunable sysctl and hardcoded it?
<rbasak> If they did, presumably they had a reason and the commit message would be where to start looking
<hdd1> rbasak: thanks we will keep looking
<GridCube> where would one find such commit message?
<rbasak> I would start by going to a kernel that had the sysctl and finding the source code responsible. Then go to the current kernel and ask git for changes only to that file
<rbasak> jamespage: \o/
<rbasak> jamespage: this mongodb build is indeed taking a while. I'll leave it going :)
 * rbasak didn't run it inside a screen though :-/
<SpamapS> GridCube: why do you want to make tcp sessions run less than 60 seconds?
<GridCube> SpamapS, to many conections that saturate the server
<SpamapS> hm
<hdd1> SpamapS: as GridCube say, there are too many tcp connections and that "overbloat" the server with timewait
<hdd1> SpamapS: we try with tcp_recycle and reuse, but got the problem that sometimes when an old conection is reused,this old connection can send again a new package and all got miss up
<hdd1> SpamapS: but this can only happend with the WAN connections, so the perfect value that solves all is nolocaltimewait
<SpamapS> interesting
<nxvl> Daviey: c'mon!
<hdd1> SpamapS: yup. We saw some forums where they set the net.inet.tcp.nolocaltimewait=1 , but we try this and we get the unknow key error
<nxvl> Daviey: don't make that face again!
<hdd1> SpamapS: i know that in freebsd that value stills on (its really usefull in servers) but dont know what append in ubuntu-server
<g0tcha> when trying to bring a network interface up using 'ifup eth1' and it says "RTNETLINK answers: File exists" .. does this mean the IP is being used?
<eutheria> hello, i was wondering, is there something like landscape for my LAN?
<SpamapS> eutheria: yes you can get an on-premise landscape
<eutheria> i bet that is expensive
<g0tcha> heya guys, i installed LAMP on ubuntu server and the home dir is /var/www, if my username is 'gotcha', how can i give permission to 'gotcha' to be able to edit /var/www ?
<Nafallo> SpamapS: hey. I have a question for you, if you're around :-)
<CPrompt^> greetings.  For some reason apache will not run on my ubuntu server unless I am logged in.
<CPrompt^> where can i start to look for a cause?
<CPrompt^> i have not changed anything except that I pointed the main web directory to a directory in my home folder
<CPrompt^> i have done this in the past and it never requried me to log in
<Pici> CPrompt^: is your home encrypted?
<Nafallo> CPrompt^: ecryptfs?
<CPrompt^> ah...that is a good question.  I just installed did a fresh install a few days ago so honestly I can't remember if I told it to encrypt the home directory or not.
<CPrompt^> oh man
<CPrompt^> yeah.  you are correct
<CPrompt^> it is set to encryptfs.  So...since I made a bonehead move, is there a way to allow it run without being logged in?
<Nafallo> not without running with ecryptfs.
<CPrompt^> bummer
<Nafallo> alt. changing directory
<CPrompt^> so...if I create a new user will it automatically use ecryptfs?
<Nafallo> my tests say no
<CPrompt^> yeah that's an easy test.
<Nafallo> but then, do you need ecryptfs on a server? :-)
<CPrompt^> well...this is just for my personal use so to me? no, I don't
<Nafallo> CPrompt^: https://help.ubuntu.com/community/EncryptedPrivateDirectory#How_to_Remove_an_Encrypted_Private_Directory_Setup
<CPrompt^> oh nice.  I'll give that a go.  Need to back a backup and try it out
<CPrompt^> thanks Nafallo
<Nafallo> no worries :-)
<Nafallo> glad I could help
<thane_> Hi, I'm trying to configure an virtual Ubuntu server as a router. IP forwarding is on, interfaces are running, routing table looks ok, other machines can ping the server, but other machines cannot ping eachother using the server. Any tips on how to troubleshoot this?
<CPrompt^> i'm glad you could too :)
<thane_> Hi, I'm trying to configure an virtual Ubuntu server as a router. IP forwarding is on, interfaces are running, routing table looks ok, other machines can ping the server, but other machines cannot ping eachother using the server. Any tips on how to troubleshoot this?
<Nafallo> !ask | thane_
<ubottu> thane_: Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<Nafallo> bah, that might not be the one for repetative questions :-P
<GridCube> !patience | should be
<ubottu> should be: Don't feel ignored and repeat your question quickly; if nobody knows your answer, nobody will answer you. While you wait, try searching https://help.ubuntu.com or http://ubuntuforums.org or http://askubuntu.com/
<jcastro> robbiew: I'll fire up the plenary like 10 minutes early if you want to prepare
<robbiew> jcastro: cool, thx
<rbasak> smoser: could you please comment on bug 1069570? What's our current answer, and is the patch anywhere?
<uvirtbot> Launchpad bug 1069570 in isc-dhcp "1 MAC Address, two IPs - DNS is "out of sync" with DHCP leases databases, I think..." [Undecided,Confirmed] https://launchpad.net/bugs/1069570
<hallyn> smoser: fwiw, http://thread.gmane.org/gmane.comp.emulators.qemu/198455/focus=198477    mjt brought up the memory size patch on qemu m-l
<hallyn> smoser: i particularly love the second email - basically a previous patch had been nacked bc it didnt' also handle numa (feh)
<smoser> rbasak, the patch is in the branch there.
<rbasak> smoser: ah yes of course - thanks. I missed that.
<smoser> i'll put a comment in though
<smoser> rbasak, i just re-based raring branch there.
<rbasak> smoser: thanks!
<smoser> stgraber, you've recently touched isc-dhcp...
<smoser> so i'm wondering on your feelings on https://bugs.launchpad.net/ubuntu/+source/maas/+bug/1069570
<uvirtbot> Launchpad bug 1069570 in isc-dhcp "1 MAC Address, two IPs - DNS is "out of sync" with DHCP leases databases, I think..." [Undecided,Confirmed]
<stgraber> smoser: I've seen a few emails from LP this morning about that bug. I'm currently busy preparing my plenary but I'm scanning through isc-dhcp bugs fairly regularly, so I'll get to it
<smoser> read comment 34 and see patch in my branches.
<smoser> stgraber, no hurry.
<smoser> thanks.
<rbasak> smoser: thanks for the update on that bug!
<adam_g> jamespage, is this fix still appropriate for the charms? it was proposed to into nova-compute but i'd like commit the same to the other relevant places.  https://code.launchpad.net/~gandelman-a/charms/precise/cinder/lp1099900/+merge/151812
<jamespage> adam_g, yes it is
<adam_g> jamespage, thanks
<jamespage> adam_g, man do we need to migrate to python :-(
<jamespage> maybe raise that at the charms session for post HA work
<adam_g> jamespage, yeah...
<SpamapS> Nafallo: I'm around now, wassup?
<jamespage> adam_g, I added a comment to https://code.launchpad.net/~gandelman-a/charms/precise/glance/lp1099900/+merge/151813
<jamespage> re the get_ip function
<jamespage> and some feedback jimbaker gave me on the ceph charms which made sense to me
<adam_g> jamespage, ah,thanks
<jamespage> adam_g, with regards you comment on https://code.launchpad.net/~gandelman-a/charms/precise/hacluster/ocf/+merge/151345
<jamespage> would the packages ocf's not overwrite the charm ones?
<adam_g> jamespage, yeah, thats what i was getting at (sorry, it was 6AM:) if the ceph-resource-agents package does not provide the rbd OCF, it will fallback to what is installed by the charm
<jamespage> adam_g, ah - right I think I see now
<paco1> hello masters!
<paco1> i have a little with my bind servers. i have 2 servers, master and slave with TSIG and it works fine. if i incorpore a second slave bind server with the same TSIG key, i have that error: zone 172.in-addr.arpa/IN: refresh: failure trying master 172.31.250.1#53 (source 0.0.0.0#0): tsig indicates error
<paco1> i generated the TSIG key like that: dnssecâkeygen âr /dev/random âa HMACâMD5 âb 512 ân HOST name
<paco1> -n HOST: is it just for one slave server?
<rbasak> jamespage: I couldn't reproduce the ftbfs in mongodb. My build succeeded using sbuild. There is only one build dependency selection difference, which is a missing libsqlite3-0 on the buildd, but I don't see how it could be related. I'll dig more tomorrow.
<smoser> hallyn, or anyone...
<smoser> how can i know how many blocks are on a block device
<smoser> hoping not to parse /proc/partitions
<RoyK> smoser: /proc/partitions is pretty easy
<RoyK> it's just 1kB blocks
<smoser> RoyK, if you happen to know the kernel name
<smoser> which, yes, is fairly easy to find out given udev's nicely created /dev/block/MAJOR:MINOR
<smoser> but i'm just hoping to depend on just about as little as possible.
<smoser> RoyK, (sorry if i sound ungrateful, thanks for your input)
<RoyK> smoser: np
<smoser> i think i might have to end up parsing /proc/partitions
<smoser> but its a PITA for testing
<smoser> (since not only am i needing to read that, i'm wanting to invoke 'update' and see it change)
<astor> what is *roughly* the minimum image/install size for a server that is set up to be part of a juju-cluster? before any services are installed?
<sarnold> astor: I think "hundreds of megabytes" isn't too far wrong
<astor> sarnold: ok, thanks.
<astor> second question: The faq states: "Currently each service unit is deployed to a separate machine that...".  I assume that jojo can create a separate VM on a single machine for each service? True or not?
<sarnold> astor: it's complicated...
<sarnold> astor: in 'local' mode, juju can deploy services in LXC containers -- but that won't ever leave the one machine
<sarnold> astor: you can also start a pile of VMs yourself and have them run openstack or MAAS and deploy to those VMs, but juju doesn't provide much help in that case, as I understand it
<hallyn> smoser: uh, sudo fdisk -l?
<hallyn> you probably mean from c code...
<sarnold> hallyn: I thought about suggesting that but figured (a) it only reports partitions tables, not actual device data (b) it doesn't grok gpt partition tables either :(  ...
<smoser> well, no. i meant from python.
<smoser> i was just wondering if hter ewas something easy.
<smoser> ie, an explicit size attribute back from stat or something.
<soren> smoser: blockdev --getsz?
<astor> sarnold: if I spin up a dozen VMs that have the "hundreds of megabytes" image that is juju-ready, then I can somehow register these with juju, and juju can deploy to them, but not create new ones (or make changes to them).  Is that close to the truth?
<smoser> that would seem to be it, soren.
<hallyn> cool
<soren> Yeah. That's why I suggested it. :)
<soren> Happy UDS, by the way.
<soren> Or is it merry UDS? I always forget.
<astor> another q: does MAAS only cover the concept of Linux+LXC, and not Xen+Linux?
<sarnold> astor: it ought to be able to make changes as needed; just not create new ones itself
<astor> sarnold: ok, thanks. good to know.
<sarnold> astor: well, my suggesting MAAS on top of kvm or xen is an abuse of maas -- which is intended for running on bare metal
<smoser> http://unix.stackexchange.com/questions/52215/determine-the-size-of-a-block-device gives lots of answers
<astor> sarnold: I understand. I'm looking for a small TCB.  OpenStack is Xen + lots of services, while MAAS is without Xen, so there's something missing in between.
<soren> smoser: If you want to avoid shelling out (even though that's a perfectly reasonable thing to do, but I know many frown upon it), the ioctl you want is BLKGETSIZE64.
<smoser> soren, right.
<smoser> but i think i might just read /sys/class/block/<devname>/size
<smoser> although i'm not certain that is in 512 byte blocks (always).
<fluvvell> Does anyone have a happy tale to tell about grub installing on a new GPT partitioned drive? I've got one that wont boot without some help
<sarnold> astor: you may wish to ask in #juju if there's a better provider for your goals :)
<SpamapS> smoser: ioctl(3, BLKGETSIZE, 0x7fff215a5f60)    = 0
<sarnold> astor: (everything I've got is second-hand at best :)
<astor> sarnold: ok, thanks.
<SpamapS> smoser: unfortunately, its not clear whether python has a way to know what BLKGETSIZE is
<soren> SpamapS: ..and hope it fits in an int.
<SpamapS> yeah, fcntl.ioctl looks really low level and not very python-programmer friendly
<SpamapS> http://stackoverflow.com/questions/2773604/query-size-of-block-device-file-in-python
<SpamapS> smoser: ^^ might work
<smoser> hm... thats interesting.
<smoser> SpamapS, that seems pretty nice.
<soren> smoser: You can rely on /sys/block/blah/size to results consistent with --getsz (i.e. both in sector counts).
<soren> smoser: fwiw
<hallyn> heh, that (seek to end) is what i like to do for files, but some filesystems don't support it
<hallyn> (esp some proc files)
<soren> smoser: They are implemented pretty much the same in the kernel.
<smoser> hallyn, well, here i know the file is a block device
<hallyn> smoser: I know, i chuckled bc i didn't think to do it for a blockdev, whereas it would be myd efault for a file
<hallyn> i was bein gsilly
<hallyn> ttyl :)
<hallyn> stgraber: see my reply to Christian about merge requests.   we should perhaps formalize some workflow.  You and I work differently so I'm not sure what would be preferred in the end...
<hallyn> (several ppl submitting patches have github trees, so we can at any rate make this easier than hand-applying patches from email)
<stgraber> hallyn: I tend to prefer processing the patches with git am. I also tend to review the ones we get through github, but it's usually more painful as I need to click through the whole site to get meaningful diffs, then cherry-pick and edit the commits to ack them
<hallyn> stgraber: agreed, i don't want pull requests
<hallyn> git fetch + get cp or get rebase is nice
<stgraber> hallyn: so it's nice to have a github branch to be able to easily see the end result and try some test builds, but for the actual review, I prefer individual patches to the ML
<hallyn> (especially since email patches tend to be line-wrapped)
<hallyn> stgraber: so it sounds like we're agreed,
<hallyn> to my surprise :)
<hallyn> see the process i recommended in email and lemme knwo if you'd change anything
<stgraber> the only pull requests I deal with is the ones I send to Daniel for releases because sending a few hundred e-mails to him seems rather pointless when he realistically won't look at them all anyway
<hallyn> yup
<hallyn> hm, i was hoping that with vUDS going on, ppa build farm would be under-utilized, and builds woudl go through quicker :)
<hallyn> alas, no
<stgraber> hallyn: if you give me a URL I can bump the score for you
<hallyn> stgraber: qemu build in https://launchpad.net/~serge-hallyn/+archive/virt
<hallyn> i'm hoping it'll give a more stable qemu-arm-static for builders
<stgraber> hallyn: bumped
<hallyn> thanks!
<hallyn> well that was underwhelming
<Dataoriginal> hello
#ubuntu-server 2013-03-06
<ruben231> hi guys, i have installed apache2 on my ubuntu 10.04 LTS but problem when i reboot it wont start automatically i need to induce it with command before it starts /etc/init.d/apache2 restart <<<<<-------------------any idea how to solve this..?
<sarnold> ruben231: try "chkconfig apache2 on" -- stolen from http://manpages.ubuntu.com/manpages/precise/man8/chkconfig.8.html   ...
<rocket> Looking for a regular expression channel
<patdk-lap> #regexp ?
<jamespage> rbasak, I hit the rebuild button last night for mongodb and its now fine
<jamespage> rbasak, probably something transitory I suspect
<rbasak> jamespage: OK, great. I'll leave it then.
<rbasak> I still wish I had a way to get sbuild to match the buildd exactly for build dep resolution :-/
<Ng> is cloud-init supposed to execute all the cloud config files in /etc/cloud/cloud.cfg.d?
<Ng> as in, always? I'm firing up a test instance in a local kvm without any cloud infrastructure and the config file I've added seems to be ignored
<jamespage> adam_g, some comments on the rabbitmq-server HA merge
<jamespage> but hacluster and mysql LGTM to merged
<lynxman> Ng: as far as I remember you need to trigger cloud-init metadata execution for that to be read, but my information might be clearly outdated
<Ng> hmm
<lynxman> Ng: cloud-init reads the metadata instructions and stores them in /var/lib/cloud somewhere, then that is used to execute the rest, should need to look at the code to see if that has changed
<xnox> roaksoax: jamespage: sorry for missing the HA session.
<xnox> roaksoax: jamespage: debian release team are unhappy about the current state of redhat-cluster, corosync, clvm and friends. To the point where they are aggresively trying to remove those from debian archive now, on the basis that all of those packages have not been updated in a while.
<xnox> Surprisingly clvm is more or less up to date, it's the others that are lagging.
<xnox> but it's the clvm that was first to be removed from wheezy.
<xnox> roaksoax: jamespage: is there an action plan to update / maintain this set of packages? if yes, are we willing to do so via Debian or not?
<zorky> anyone here who have any knowledge on juju charm concerning zentyal?
<jcastro> not offhand
<jcastro> is it broken?
<xnox> jamespage: thanks for taking over mongodb =)
<zorky> jcastro, theres a problem for us. anyhow. we can't seem to get access beyond the zentyal web interface. The password is unknown. something to do with kerberos password
<jcastro> have you set the password?
<jcastro> juju set zentyal-single password="foo"
<jcastro> according to the readme for a single node thing
<Sparky-UK> Hi, does anyone know why (my) snmpd does not increment result for NIC's (particularly eth0) on ubuntu 12.04, counters update if i restart the service tho
<zorky> jcastro, yes we tried to set the password to our own choosing. just tried setting the password from the command juju set zentyal-single password="foo" but still no access
<jcastro> zorky: hmmm, well, all I can offer is the author's contact info
<jcastro> https://launchpad.net/~christophe.sauthier
<jcastro> He knows the zentyal guys very well, so hopefully that'll get you on the right track?
<maveas> I'm about to write a upstart script for openerp, which relies on postgres, but I'm uncertain about upstart emits during sysvinit scripts. Does upstart emits event from a successfully started sysvinit script?
<maveas> Which translates to.. can I use the old sysvinit script for postgres or should I write an upstart script?
<maveas> for postgres too?
<zorky> jcastro, Will do, thats for the info :)
<zorky> jcastro, Thanks*
<vezq> maveas: I find sysvinit works more reliably
<maveas> vezq: Explain?
<vezq> maveas: maybe just more familiar with sysvinit
<vezq> for example having different start and stop commands seem not to be trivial with upstart
<maveas> vezq: How different? With variables or?
<mkander> I want to pay someone to setup raid on my ubuntu server that runs on lvm (default). Anyone interested? Thanks for the help!
<maveas> vezq: I am asking because I am still quite new with init (sysv+upstart)
<vezq> maveas: just running any different command with upstart
<vezq> I'm not that familiar with upstart either
<vezq> mkander: RAID should be configured before LVM
<vezq> mkander: I might be able to help if needed
<mkander> vezq: It is already set up unfortunately
<mkander> been running like this for a year, but now I want added security
<vezq> mkander: then it's about the only way to recreate the server...
<xnox> mkander: just follow https://help.ubuntu.com/12.04/serverguide/advanced-installation.html
<maveas> It is possible to do scripts in upstart so I don't see any problems there. It is possible to do pre-start, post-start, pre-stop and post-stop script beside the start script
<mkander> vezq: Reinstall everything? Hmm hope there is another way
<vezq> mkander: yep I don't really see any other way
<mkander> must be possible to install a raid 1 seperately and then move everything there or something
<maveas> RAID or no RAID that is the question..
<vezq> mkander: sure but might be easier to copy data to safety, delete current stuff, create raid etc.
<xnox> mkander: if you have enought disks plugged in, you can configure & setup raid1, then lvm, and then move everything from the non-raid disk across, setup/update bootloader and reboot and hopefully be golden.
<mkander> xnox: Yes must be something like that...
<setra> hi
<setra> Looking for an automation tool which runs on a ubuntu server to handle bash script commandline GUIs which can not be automated through parameter, rather than that need user interaction.
<melmoth> setra, your question is unclear... The way i understand it, is "i m looking at a universal graphical interface wrapper for any exisiting shell script"
<melmoth> wich i doubt exist
<lynxman> jcastro: o/
<jcastro> lynxman: yo yo!
<lynxman> jcastro: very well done yesterday sir
<jcastro> oh you were watching?
<jamespage> xnox: np on mongodb - I'm adding some DEP-8 tests (and probably enabling SSL support) in the next few days as well
<blazindrop> good day I have a problem with MAAS on ubuntu 12.10. MAAS status page continually says "No boot images have been imported yet...." I've ran maas-import-pxe-files multiple times but this still displays.
<jamespage> xnox: re the cluster suite generally - I'd defer to roaksoax on that as he's much closer to me
<jamespage> blazindrop, hmm - I've seen that as well - its lying
<blazindrop> jamespage, I thought it may be but wasn't sure
<blazindrop> jamespage, trying a new install from maas master in a few minutes so will find out the hard way :)
<jamespage> blazindrop, well I guess there is the possibility that in your instance its not but I would suspect now
<jamespage> now/not
<blazindrop> jamespage, ok
<jcastro> lynxman: I am looking forward to the webscale session soon
<jcastro> \o/ come on nginx in main!
<jamespage> jcastro, now you are making me feel guilty
<jamespage> that BP has not had alot of love this cycle
<jcastro> I know
<jcastro> we got clinted.
<jcastro> but it's ok, I always have hopes for you to pick up the slack!
 * jcastro snickers
<Daviey> jcastro: Did you just volunteer ?
<lynxman> jcastro: I was! :) nginx in main is schweet
<lynxman> Daviey: I think he did?
<jcastro> Daviey: meh, it's in the charm store, that's just as good right? :)
<setra> melmoth, I have a bash script I run on a server console which installs a lot of tools automated to fit my needs, but there are sometimes user interaction needed to move on. this I would like to eliminate
 * Daviey marks blueprint complete, and cancels the vUDS session
<setra> with an automatic tool like xdotool which does not work since there is no desktop/window anywhere
<melmoth> setra, ok, i think i understand the use case.
<melmoth> setra, what about using something like expect , or expect like (there s an expect like module for python) ?
<melmoth> http://pexpect.sourceforge.net/pexpect.html
<Jeeves__>  debconf-set-selections
<setra> melmoth, yes expect is what I found, but I'm not sure how to incorporate it, since I did not find an example for an application like squirrelmail-configure...
<setra> do I need to be a python expert?
<Jeeves_> setra: debconf-set-selections allows you to set the answers dpkg wants to ask you in advance
<melmoth> you ll need to be fluent in wichever tool you want to use. Expect requires tcl knowledge.
<melmoth> the python module let you do the same with python (but...requires you to know python :) )
<setra> melmoth, just got in touch with bash since I thought I can solve it all, but bummer...
<melmoth> if your only problem is some pakcage reconfigure stuff, Jeeves_ is right, you want to have a look at preseed and debconf selection
 * melmoth sing it s a long way to the top if you wanna rock n roll.
<Jeeves_> setra: Correctly built packages should all use debconf, iirc.
<Jeeves_> So you can just set stuff using debconf
<Jeeves_> from bash
<setra> Jeeves_, thx that solves 95% for me...
<Jeeves_> echo "kerio-connect     kerio-connect/force-config      boolean false" | debconf-set-selections
<jamespage> Daviey, which session are you running as we appear to have a conflict
<Jeeves_> Quite easy, if you ask me.
<setra> Jeeves_, straight forward
<Jeeves_> `debconf-get-selections | grep 'packagename'` shows you which vars are available for setting
<setra> melmoth, so now you know why I struggle a little, for another 5% putting a undefined amount of time in expect...btw, do you got an example for handling an application in a console from a bash script.
<melmoth> there was an example using python expect module in th elink i posted above (a simple scp command line prompting for user/password)
<setra> melmoth, thx
<dv> Hi all. I have a question on MAAS / JuJu
<dv> Suppose i said `deploy mysql` and it now serves 100 reqs per sec
<Daviey> jamespage: sorry, i am FPI
<dv> What will happen with my 4-node cluster after adding three new nodes and removal of three other?
<roaksoax> xnox: hi! i thought madkiss was taking care of corosync pacemaer etc etc
<roaksoax> xnox: our update plans is to basically drop redhat cluster
<roaksoax> and clvm too
<xnox> roaksoax: ok. drop clvm without replacement? just use resource agents / something else?
<roaksoax> xnox: afaik upstream was dropping ra's and stuff
<xnox> roaksoax: "upsream" as in Debian or RedHat? RedHat say it's all still supported, just unmaintained in Debian.
<roaksoax> xnox: looing from where i read that
<xnox> roaksoax: sorry, what does "looing" mean?
 * xnox is not a native speaker.
<roaksoax> xnox: if we upgrade, we would be doing option 3: http://theclusterguy.clusterlabs.org/post/34605496260/can-pacemaker-1-1-8-be-used-with
<roaksoax> looking*
<roaksoax> xnox: currently, both debian an ubuntu support option 2
<xnox> ok.
<roaksoax> xnox: nd afaik the package versions are similar
<roaksoax> and debian has newer of the stack in experimental
<xnox> roaksoax: so do you want anything from the lvm2 package? ship  / don't ship clvm package / status quo?
<xnox> (currently I kept clvm package around)
<roaksoax> so the reason of not upgrading to latest software is a technical decision that would drop support for ofs2
<roaksoax> and as i was pointed out  couple months ago
<roaksoax> clvm ws to be dropped for no due to lack of support iirc
<roaksoax> that's why i need to find where i read that frm
<roaksoax> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=697676
<uvirtbot> Debian bug 697676 in lvm2 "lvm2: cLVM binary package is missing" [Serious,Open]
<roaksoax> which you are currently aware of
<jcastro> smoser: we have like 3 hours from the end of UDS to the LUG talk, so we should be fine.
<roaksoax> xnox: err i gave you a wrong link: http://theclusterguy.clusterlabs.org/post/34604901720/pacemaker-and-cluster-filesystems
<dv> Bob_: Yes, i knew it, just wanted dv
<dv> sry not relevant
<blazindrop> jamespage, looks like that is just a false positive alert about pxe images not loaded. so far I have a MAAS slave booting fine
<zul> jamespage:  can you have a look please? http://paste.ubuntu.com/5590733/
<jamespage> zul: "This is a transitional dummy package> It can be safely removed."
<jamespage> typo
<jamespage> > -> .
<zul> jamespage:  doh
<jamespage> zul, typos:
<jamespage> Replaces: pyhton-oslo-config (<< 2013.1~b5~)
<jamespage> Breaks: pyhton-oslo-config (<< 2013.1~b5~)
<jamespage> spelt wrong
<zul> jamespage:  doh got it
<jamespage> zul, I'd personally add a comment re the package renaming and transitional package in the changelog as well
<jamespage> i.e. why thats happening
<zul> jamespage:  done
<jamespage> zul: please fix the watch file as well - it needs to take into account the package rename
<zul> jamespage:  k
<zul> jamespage:  this probably should be vcs controlled like the openstack packages me think
<jamespage> zul: not quite sure what you mean?
<zul> jamespage:  ie like python-glanceclient
<jamespage> zul, you want to set it up in the CI?
<jamespage> or just have a non-distro packaging branch?
<zul> jamespage:  i think it should be in the ci so we can catch breakages
<zul> jamespage:  lp:~openstack-ubuntu-testing/oslo/grizzl
<zul> jamespage:  er lp:~openstack-ubuntu-testing/oslo/grizzly
<jiboumans> jjohansen: are you around? I could use your input on a kernel/UDP issue i'm having.
<jjohansen> jiboumans: what is the problem?
<jiboumans> jjohansen: prefixing this with "I'm a total newbie C/socket programmer", I'm trying to figure out if I can make a write(udp_fd, str, len) call faster - it's taking 50 microsecs on my VM, and this is for a patch inside Redis (in memory store), where the actual processed commands take 40-100 microsecs in total.
<jiboumans> this is to send stats off to Statsd on localhost, so I'm ok playing a bit fast & loose with losing a stat here & there if it gains some speed in the process.
<jiboumans> in short, the stat collecting is slowing the rest down so much (relatively speaking) it's prohibitive to run it.
<sarnold> jiboumans: 50 _microseconds_ or 50 _milliseconds_?
<jiboumans> microseconds
<sarnold> jiboumans: you may wish to try timing a tight loop of umask() or something similar to see what syscall overhead is expected to be. that sounds pretty snappy to me.
<jjohansen> jiboumans: there isn't a lot you can do to optimize at the syscall level. What networking does your VM use
<jiboumans> sarnold: in absolute numbers it's pretty snappy indeed, but relatively speaking it throttles the redis througput to about a third. Obviously the call is doing more than just copying the string into kernel memory, and if I could get it to return when that was done and handle the sending 'later' at the risk of losing some error handling, i'd be fine with that.
<jiboumans> jjohansen: this is to 127.0.0.1, so it doesn't go off box. I'm assuming it'd use loopback for that.
<jjohansen> jiboumans: you can try doing async io, http://www.ibm.com/developerworks/library/l-async/ has a decent introduction to it
<jiboumans> jjohansen: here's the code https://github.com/jib/redis/compare/2.6...statsd-support-2.6#L4R57 (linked to connect). The send is on line 162.
<jiboumans> jjohansen: hmm, that looks different than the O_ASYNC/O_NONBLOCKING flags, right?
<jjohansen> jiboumans: yes
<jiboumans> jjohansen: i'll give that a try. is this linux kernel only thing?
<sarnold> I think there's a POSIX spec for aio but I wouldn't be surprised if implementers are few..
<jjohansen> jiboumans: I am not sure what the status of aio is on other kernels but it is a posix spec
<jiboumans> jjohansen: will have to dig into this then.. pretty sure redis folks wnat to keep building on BSD etc too.
<jiboumans> but first, let's test that it goes faster indeed. thanks for the pointer!
<jiboumans> jjohansen: i may be doing something very silly, but I'm getting this error when calling aio_write: redis/src/statsd.c:191: undefined reference to `aio_write64'. Looking in /usr/local/include, I can't find any definitions for aio_write64 indeed. Does this come from an extra kernel module or so? I have libaio-dev & libaio1 installed.
<jiboumans> manpage suggests I only need <aio.h>, and that does provide the struct needed, but no definition of aio_write.. bit puzzled.
<sarnold> jiboumans: my aio_write64 is protected by #ifdef __USE_LARGEFILE64
<jjohansen> jiboumans: its in the aio.h include here as sarnold says its protected by an ifdef
<jjohansen> jiboumans: aio.h is installed by libc6-dev:amd64:
<jiboumans> hmm, i dont even see it in the /source/ though. Never mind the #ifdef not exposing it.
 * jiboumans checks versions
<jiboumans> ii  linux-libc-dev 2.6.32-41.89 Linux Kernel Headers for development
<jiboumans> (this is on lucid btw, I should have probably mentioned this earlier)
<jiboumans> hmm, looking at the right aio.h may help.. there are many.
<jiboumans> sarnold, jjohansen: so, what should i be doing at this point? I'm a tad lost.
<SpamapS> jiboumans: o/
<jiboumans> SpamapS: howdy!
<SpamapS> jiboumans: still plugging away on ye olde lucid eh?
<SpamapS> haven't you heard, the cool kids just run raring now
<SpamapS> forever
<jiboumans> on daily snapshots right?
<sarnold> jiboumans: heh, sorry, haven't used it beyond toys in ages :/
<jcastro> oh hey jiboumans!
<jiboumans> damn i wish i were cool
<SpamapS> jiboumans: snapshots are for pussies.
<SpamapS> jiboumans: while apt-get update ; apt-get dist-upgrade -y ; done
<SpamapS> NO WAITING
<jiboumans> jcastro: howdy sir!
<jiboumans> sarnold: thanks for trying. I'd expected to at least have a working aio_write definition in there though :)
<sarnold> jiboumans: indeed :)
<jjohansen> jiboumans: sorry I haven't played with it either
<jiboumans> jjohansen: let me ask you this then, should __USE_LARGEFILE64 be undefined? What sets it for ubuntu kernels?
<jiboumans> (sarnold got the cause for the error right with that)
<sarnold> jiboumans: Wouldn't it be something you've got to set in your makefiles, similar to __GNU_SOURCE or related feature macros?
<sarnold> (i'll admit a strong weakness here...)
<jiboumans> sarnold: by all intents and purposes, i shouldn't be allowed to code C, so i'm relying on y'alls input here :)
<sarnold> jiboumans: hehe :D
<jjohansen> jiboumans: define  _GNU_SOURCE in your source
<jiboumans> jjohansen: kernel source yeah? i'm obviously out of my depth here.
<jiboumans> and if ubuntu kernels don't build with this, i'm assuming a lot of 'm don't.. meaning aio_write wouldn't work for them either? sad face.
<jjohansen> jiboumans: no, at the top of your C prog, put
<jjohansen>  #define _GNU_SOURCE 1
<jjohansen> and then do your includes
<jiboumans> ah interesting. in the redis src there's a "#define _GNU_SOURCE" - no value. wonder why they did that
 * jiboumans chagnes and tries
<jiboumans> still undefined reference to aio_write64. i'll dig further - thanks for pointing me in the right direction jjohansen, sarnold.
<sarnold> jiboumans: oh man :/ good luck :)
<zul> adam_g: https://code.launchpad.net/~zulcss/glance/glance-fix-ups/+merge/152048
<keithzg> Arghh, why am I having such a hard time configuring an IMAP server? Fail, me.
<keithzg> ...wait, IMAP authentication works fine if I'm using a local user? Why wouldn't users auth'd via LDAP work, since PAM is being used for auth and thus ostensibly querying LDAP?
<sarnold> keithzg: does your /etc/pam.d/<imap service name> config file allow ldap?
<keithzg> sarnold: I don't see anything in /etc/pam.d that'd be related, actually (I'm trying Courier at the moment, btw)
<sarnold> courier-imap: /etc/pam.d/imap
<sarnold> keithzg: does that file look sane?
<keithzg> sarnod: oh, durr, don't know how I didn't see that. But yeah, it looks sane to me, @include lines for common-auth, common-account, common-password and common-session.
<sarnold> keithzg: and do the common-files work for e.g. ssh or ftp or lightdm or login or su or sudo or .. some other easily-testable service? :)
<keithzg> I can certainly ssh into them; the server is headless so can't try lightdm. But it also works if I ssh in as a local account then 'su username' with that user's password.
<keithzg> sarnold: Although auth *does* take a troublingly long time (lag of several seconds at least)
<sarnold> keithzg: hrm, failing dns queries are often a source of noticable lag.. are you logging reverse-lookup names instead of ips in your connection logs?
<keithzg> sarnold: I must admit I'm not sure what you're referring to; do you mean mail.log?
<keithzg> sarnold: if that's the case, I'm seeing bits like "connect from siddhartha.gmcl.internal[10.1.187.23]" and "LOGIN, user=blahblah, ip=[::ffff:10.1.187.23], port=[60758], protocol=IMAP"
<sarnold> keithzg: that'd be the 'siddhartha.gmcl.internal' portion
<sarnold> keithzg: though in that case it succeeded :) hehe -- how long does it take to run 'host 10.1.187.23' on that machine? or nearby IPs?
<keithzg> sarnold: a long lag as I installed bind9-host, heh, but about 1 second to actually resolve IP to name or vice-versa
<keithzg> sarnold: I have a suspicion the auth delay is thanks to the virtual server that's running being periodically snapshotted to discreet external-file snapshots; it's really helpful for backup purposes, but unfortunately the version of kvm-qemu that ships with 12.04 isn't new enough to blockpull the snapshots back to collapse them, thus eventually leading to an extremely long backing chain, heh.
<sarnold> keithzg: ooooof.
<sarnold> keithzg: that sounds painful :)
<keithzg> sarnold: yeahhhh, I'm probably going to eventually give in an upgrade to a non-LTS!
<keithzg> Other possible option is I could transfer the VMs to a 12.10 or later box, blockpull, and then copy them back. Kindof an ugly way of doing it, though (and far from automatic or foolproof)
<sarnold> keithzg: It might be worth considering an SRU for that new feature, it sounds useful...
<keithzg> sarnold: not a bad idea a'tall
<keithzg> sarnold: hmm, if I try a manual login via telnet I get "* BYE Temporary problem, please try again later"
<sarnold> keithzg: o_O
<sarnold> that's .. odd
 * keithzg is the king of strange and confusing errors ;)
<keithzg> Yeesh this is an extremely hard issue to Google for, since most people using LDAP and IMAP are doing rather different and far more complex things than I.
<keithzg> Is it possible that Courier cannot authenticate via ldap through the 'authpam' module, and would have to actually use its own discrete 'authldap' module? That'd be rather annoying for my use-case, sigh.
<Seveas> keithzg, it's been a while since I used courier, but I'm pretty sure I used pam (and pam used ldap)
<keithzg> Seveas: Okay, that's good to know. So this *should* be working, then.
<Seveas> keithzg, what does authtest say? And does tcpdump see any ldap bind attempts?
<Seveas> keithzg, I've always found http://www.courier-mta.org/authlib/README.authdebug.html helpful in debugging courier auth issues (and I've had a few...)
<keithzg> Seveas: oh, thanks! I'll check that page out.
<keithzg> ...alas, everything relevant in there I have already tried.
<keithzg> Seveas: authtest sadly albeit predictably gives the same error as mail.log show, ie. "Authentication FAILED: Input/output error". Working on tcpdump, I feel like I'm missing something since I don't see anything at all when I try to connect, even though on the client end I'm getting responses to my telnet commands.
#ubuntu-server 2013-03-07
<phretor> I'm using `logger -n 192.168.42.229 -P 55514 "TEST"` to send a test message to a remote logger; however, I see the message to /var/log/messages - indeed, tcpdump on each host shows nothing. I'm using rsyslog. Any hint on how could I debug this?
<phretor> I tried to telnet to that host port 55514 and I can send stuff there
<sarnold> phretor_: do you need -d to use udp instead?
<sarnold> phretor_: does netstat -lnp | grep rsyslog on the destination show it listening on all interfaces or the public interface?
<zul> adam_g:  alot of the other openstack packages already depend on oslo-config
<adam_g> zul, right but the library changed its name from oslo-config to oslo.config
<zul> adam_g: right i uploaded that this morning so its making its way through
<zul> adam_g: anwyays im out of here
<adam_g> zul: ok, pydist-overrides will need updating elsewhere. quantum is broken on the same thing but needed to get keystoneclient updated (its a BD)
<adam_g> cya
<nibalizer> I'm trying to make contributions ot the server guide, and getting no response in ubuntu-doc
<nibalizer> anyone involved in that project in here?
<thekev> I filed a launchpad security bug for a possible problem with official amazon AMIs.  I feel like that's the wrong group to look at it though.  Think there's a better place to report?
<thekev> (where official is canonical's supported image)
<histo> official supported image of what?
<thekev> ubuntu server 12.04
<histo> ubuntu.com
<histo> thekev: http://www.ubuntu.com/download/server
<thekev> uh, ok... ubuntu.com.  there's a lot of content there. :)  I found my way to launchpad bug tracker by way of https://help.ubuntu.com/community/ReportingBugs
<thekev> uh, I'm not looking for how to get it.
<thekev> some critical files fail debsums and there's a smell of evil
<thekev> in the AMIs prepared by canonical
<histo> thekev: you can appport-bug packagename
<histo> on a running system it will walk you through the process
<thekev> it's not a package bug
<thekev> and I'm not a noob
<histo> I didn't say you were a noob. I'm just not understanding your questions then.
<thekev> bad choice of words on my part.  stressful day.
<thekev> I'm trying to be a bit vague because if it's what it could be, there's a big, big problem.
<ivoks> adam_g: are you around maybe?
<thekev> canonical provides AMIs for Amazon AWS, officially built by them, and supported.  Debsums validates what the package says on disk is actually still the same.  There are some things which are not.  The contents of the package are correct, but the image canonical built is not.
<histo> thekev: Have you tried contacting canonical?
<ivoks> thekev: what files are failing debsum?
<thekev> that is my question for the group.  how to contact proper group, or if a security bug on launchpad seems correct
<thekev> ivoks, I can share details in private.  PM ok?
<ivoks> security bug is a way, you can make bug private and then it will be seen by security members
<thekev> it is that way
<thekev> marked private security
<ivoks> ok
<ivoks> then it will be seen by security group only
<histo> thekev: now you are making sense.
<histo> thekev: yes you did i the proper way. The only other option is to actually call canonical http://www.canonical.com/about-canonical/contact/our-offices
<thekev> ok
<ivoks> mdeslaur: jdstrand ping
<utlemming> thekey: can you grant me access to the bug. I spin those images.
<med_> thekev ^
<med_> (not thekey)
<thekev> ok
<thekev> done
<thekev> I'm going to attach the offending binaries for analysis
<thekev> thanks for the prompt attention.  hopefully this turns out to be benign.
<ivoks> thekev: and it is...
<utlemming> thekey: I'm taking ownership of the bug and will solve it tomorrow
<utlemming> thekey: this is a live-build artifact, which is demonstrated in the code
<utlemming> thekey: and we have confirmed the sums match previous versions of the upstart package
<med_> thekev,
<med_> not thekey
<med_> ^
<utlemming> thekev: so its annoying, but not a serious issue. When this is solved, new cloud images for everyone. :)
<utlemming> thekev: ^^^
<med_> good find.
<utlemming> +1. This bug has existed since Oneiric.
 * utlemming goes to bed
<arrrghhh> hey all.  if I start swapping, will the system remove that allocation or do I need to reboot/restart the process that started swapping?
<arrrghhh> I'm trying to figure out why I'm swapping too, system says I have a lot of free RAM.
<ivoks> swappines can be controled
<ivoks> but swapping by itself doesn't mean something bad is happening
<ivoks> and it's a broad subject :)
<ivoks> everyone has has their own oppinion on swapping :)
<ivoks> opionon too
<thekev> nobody but me runs debsums? :)
<thekev> thanks.
<thekev> odd it's exactly the same size, but that makes sense.  some old cruft from a bootstrap back in time.
<arrrghhh> ivoks, well I seem to have plenty of RAM
<arrrghhh> says 6gb free
<arrrghhh> but obviously with caching that's not exactly accurate
<arrrghhh> with caching I have 700mb free lol
<ivoks> linux is pretty smart when it comes to memory usage
<ivoks> do you have memory to look at it or to use it?
<arrrghhh> ehm
<ivoks> if your apps need 1GB of memory, why not use rest of it for filesystem cache
<arrrghhh> obviously I don't mind Linux using 5gb of RAM for cache
<arrrghhh> it knows what it is doing
<arrrghhh> but I'm just wondering why I also see almost a gig of swap usage
<arrrghhh> as I know when it starts swapping (hard), things do not work so well
<arrrghhh> it's not doing that now... but seeing that it used almost a gig of swap makes me wonder
<ivoks> eh
<ivoks> so... swappines is a 'swap factor'
<ivoks> it tells the system how to use swap
<arrrghhh> yea, I do remember this value
<ivoks> while you have free memory, system will never get into 'swap death' state
<arrrghhh> I haven't mucked with it yet ^^
<ivoks> swappines in ubuntu is 60, iirc
<arrrghhh> yea sounds right
<ivoks> if you set it to 0, swap will be empty until it's really needed
<arrrghhh> hm
<ivoks> system uses swap for data that hasn't been used, but might be used
<thekev> default good for desktop, I tend to set my server boxen (that have swap) to 10
<ivoks> when it calculates that it's better to store some memory data to disk and rather put filesystem cache into the memory
<arrrghhh> I noticed I have 12gb of swap on this box haha
<thekev> Found it fixed issues back in my former life with a memory-piggy cluster application we wrote
<arrrghhh> I think an old hard drive needs to get pulld from this rig tho
<thekev> but if my application is leaky, I prefer no swap.  just oom-kill it. :)
<arrrghhh> anytime I see swap being used, makes me think that I don't have enough RAM haha
<ivoks> that would be the case if swappines is set to 0
<arrrghhh> oook, but the default 60 it will use some swap even if it doesn't absolutely need to
<ivoks> right
<ivoks> it will use swap when it decides that performance-wise, some disk data is better to be kept in memory, while some memory data is better to be kept on disk
<arrrghhh> I was thinking about putting more RAM in this rig, but I don't think it really needs it
<ivoks> i think tmpfs uses swap, but i haven't checked
<histo> ivoks: tmpfs doesn't use swap
<histo> it uses ram
<ivoks> right, it uses ram
<ivoks> but considering that some stuff never changes (there are files in the end), it might end up in swap
<arrrghhh> ok, just set it to 10
<arrrghhh> vm.swappiness that is
<thekev> well, unless you do some crazysauce (guilty) like making 128GB swap and 128GB of tmpfs on a 32GB machine
<thekev> my use case made this actually good, but I don't recall if I changed swappiness
<arrrghhh> heh
<arrrghhh> I was thinking about getting more RAM to put some crap in a ramdisk
<thekev> we'd do some i/o intenstive stuff, then leave it in the tmpfs while the session was open - in 99% of the cases, we didn't need to swap it back in
<thekev> ramdisk good if you're being held back by io-wait, otherwise... meh, get an ssd :)
<arrrghhh> hah.  just got one for the lappy
<ivoks> 10 years ago, when i was running a mosix cluster, i used swap for storing processes that were stopped during the day
<thekev> my crazy was in like.. 2009, so ssd wasn't really feasible then
<ivoks> then i had more swap space than memory on the main node
<thekev> and then you installed RAM Doubler?
<ivoks> nope
<ivoks> it was a 60 node cluster
<thekev> trollin some old school, that's all
<ivoks> it was a cluster only over night, during the day those were 60 workstations
<thekev> ah, clever
<arrrghhh> trollin for sure, RAM doubler lol
<ivoks> so all processes running on those machines were brought back to main node, which was up all the time
<ivoks> first the process was stopped and then pulled in, stored in swap
<thekev> the kind of thing page-in and page-out was meant for
<thekev> "by day, a non-descript accounting firm. by night, a code br^W^@weather modeling machine"
<thekev> er s/^@/^W/
<arrrghhh> well, restarted some processes.  down to 97mb in swap...
<thekev> one thing I learned the hard way... bytes in swap means nothing
<thekev> cat /proc/meminfo - SwapCached (IIRC) are pages that have been brought back into main memory but not yet freed from swap.  in case they need to be paged out again, it avoids actual copying
<arrrghhh> ah well.  I should get to bed - thanks for the help guys, take it easy!
 * thekev goes back to crashing simcity 5
<jamespage> xnox, around yet?
<Laney> hello
<Laney> is there some VCS for the openstack related packages or can I just upload them (oslo-config)
<Laney> ?
<Laney> well, I did it
<xnox> jamespage: I didn't notice embedded js engine =)
<jamespage> xnox, lots of embedded stuff in mongodb - well less now (I fixed some of that last upload)
<jamespage> xnox, I have sad broken arm tho
<xnox> jamespage: to sidetrack 7h of build time, the compiled tests maybe should be shipped in a deb, such that we can run them afterwards?!
<jamespage> xnox, the tests are written in python so are easy to run
<jamespage> and can be run from the source branch
<jamespage> xnox, to execute the full test suite as part of the build (as we do on x86) I estimate 7 hours
<jamespage> xnox, it takes about 5 just to build the code
<xnox> =/ sad. Last time i was trying it, the armhf testsuite was segfaulting rather quckly with unalligned memory access.
<xnox> seems like the patch we had, bitrotted and is now incomplete.
<xnox> i should tinker with mongodb on a n7. adding a todo for myself.
<jamespage> xnox, afaict the arm fixes for 2.0.x made it upstream
<jamespage> xnox, however I needed a whole new set for 2.2.x
<jamespage> xnox, as some bits of the codebase where strewn with x86 asm calls
<jamespage> xnox, I picked an initial patch from the fedora-arm ML and then added use of gcc __sync primitives myself (if avaliable)
<jamespage> xnox, but right now; mongod fails to startup correcty (spins in some of the __sync code)
<jamespage> and the client throws a SIGBUS
 * xnox is sad.
<jamespage> zul, when you start we need an update to pyparsing as well (but I suspect you already know that right :-))
<jamespage> zul, and Laney fixed oslo-config for you as well :-)
<Daviey> zul: can you land Laney's upload into bzr
<xnox> jamespage: i wish linaro maintains mongodb =)
<xnox> (well the armhf / arm64 builds of it)
<koolhead17> jamespage: smoser https://bugzilla.redhat.com/show_bug.cgi?id=910619
<uvirtbot> koolhead17: Error: Could not parse XML returned by bugzilla.redhat.com: HTTP Error 404: Not Found
<mdeslaur> ivoks: what's up?
<ivoks> mdeslaur: it was https://bugs.launchpad.net/bugs/1150737 but it got resolved
<uvirtbot> Launchpad bug 1150737 in live-build "live-build causes installation old /sbin/initctl and start-stop-daemon to be installed in Cloud Images" [Medium,Confirmed]
<mdeslaur> ivoks: ah, cool. thanks
<dragoonis> I just done apt-get remove mysql-server. and then apt-get install mysql-server
<dragoonis> but what's the default root pw?
<dragoonis> all good i overwrote it anyway
<nordm> I have setup OpenStack with the folsom basic install guide, but Im having problems with connecting to the VMs from external networks. I have traced the ping and it drops the reply from the VM on the br-tun bridge on the network node.
<nordm> due to an drop rule
<nordm> Anyone have any ideas?
<nordm> To add, Im running 12.10
<soren> nordm: Did you add a security group rule to allow ping?
<nordm> soren: yes
<nordm> the ping req is reaching the vm, ping reply exits the compute node, enters the physical interface of the network node, and drops at the br-tun
<nordm> questions is how should the flows look at the br-tun bridge?
<dragoonis> Guys this is driving me nuts, every time i try to start mysql it starts but when I try to connect to it I get
<dragoonis> ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)
<dragoonis> I've googled loads and nothing i've tried has worked.
<PeterGriffin> Hi all. I have ubuntu server 12.04 on RAID 1, but it can't find GRUB and keeps asking me for a system disk. I installed GRUb form live dvd few times but it doesn't work. HELP
<blazindrop> dragoonis, is mysql running and listening on that socket?
<blazindrop> dragoonis, what is the output of "ps auxw|grep mysql"
<dragoonis> blazindrop: i had a few in memory but i killed them. I've tried a re-install of mysql-server package, but i'm now missing the "my.cnf" file and the ".sock" file
<dragoonis> blazindrop: can you help me get these back so I can get back to where I was earlier when i posted my mg
<blazindrop> dragoonis, what version of ubuntu
<dragoonis> blazindrop: i'm going to install from the source, from mysql's website
<dragoonis> blazindrop: Description:	Ubuntu 10.10
<blazindrop> dragoonis, I won't be able to help with a source build :( must you use ubuntu 10.10 vs. say 12.04 LTS?
<dragoonis> blazindrop: okay let me get it up and running first, downloading the src
<acalvo> Hello. I'm trying to set up an unattended installation, but after loading the preseed file (either by URL or by kernel parameter) it just boot and show the installation dialog. Anyone has worked with that in the past and has an example/tutorial? Thanks
<dragoonis> blazindrop: hey you here?
<dragoonis> apt-get install mysql-server does pretty much nothing now :S, it doesn't install a my.cnf file or the .sock file, and I can' run 'service mysql start'
<james2013> hello
<james2013> i'm interested in learning more about web servers in general. I have setup a VM to use for testing stuff out. I followed a howtoforge guide on how to setup the server. But when I try to send emails both from in thunderbird or webmail the fail and don't display any real error msgs
<james2013> where would be the logs so I can see what is going on ?
<arrrghhh> what do you use for an mta?
<arrrghhh> or whatever it's called.  the email server lol
<james2013> are you asking if I use smtp, pop3, or imap ?
<james2013> like I said i'm new to this
<arrrghhh> no
<arrrghhh> the server
<arrrghhh> I'm not an email guy sorry
<arrrghhh> uhm, I can't think of the name of an mta jeebus
<arrrghhh> link me the guide
<james2013> http://www.howtoforge.com/perfect-server-ubuntu-12.04-lts-apache2-bind-dovecot-ispconfig-3
<james2013> i think it was dovecot
<arrrghhh> yea dovecot
<arrrghhh> did you configure it?
<arrrghhh> there should be logs for it too
<james2013> configured as the guide had examples then had to find another guide for the ispconfig setup
<arrrghhh> well you have to configure it for your site
<dragoonis> $ start mysql
<dragoonis> start: Rejected send message, 1 matched rules; type="method_call", sender=":1.27" (uid=1000 pid=16330 comm="start) interface="com.ubuntu.Upstart0_6.Job" member="Start" error name="(unset)" requested_reply=0 destination="com.ubuntu.Upstart" (uid=0 pid=1 comm="/sbin/init"))
<james2013> i'm just not sure where the logs are at since total new. Yeah I did that in ispconfig you have to setup the main site, then the mail server details, then setup accounts
<dragoonis> can someone tell me why mysql isn't starting ?
<Daviey> mdeslaur: wow, busy update to django!
<mdeslaur> Daviey: yes :)
<arrrghhh> dragoonis, why aren't you using sudo service mysqld start?
<dragoonis> i am
<dragoonis> it just hangs
<dragoonis> can you help me figure out why ?
<arrrghhh> hm
<arrrghhh> I was just wondering why you were starting it like that
<arrrghhh> I would guess you need to strace it
<arrrghhh> as far as solving it, sorry that is a bit beyond my ability/time right now
<dragoonis> ok
<dragoonis> how does one pass options to the 'service mysql start' job ?
<dragoonis> I want to specify the location of the config file.
<dragoonis> It's not picking up /etc/my.cnf or /etc/mysql/my.cnf
<acalvo> dragoonis, even touch the init script or look in the default config file
<acalvo> has anyone used preseeding before?
<dragoonis> acalvo: it's getting locked into an infinite startup loop, this is what "service mysql start" produces while it's busy executing: https://gist.github.com/dragoonis/f3ec4308a9facde132ee
<dragoonis> this is the syslog output ^
<acalvo> your goal is to have a separate config file?
<dragoonis> acalvo: my goal is just to have it boot, normally
<acalvo> if you made any change, try reverting them
<dragoonis> then i ran 'mysql' it would say couldn't connect to the sock path defined in /etc/mysql/debian.cnf, but I have a different pat in /etc/mysql/my.cnf that it's not even looking at
<acalvo> perform a purge of the package and reinstall again
<dragoonis> acalvo: done, and this is where we are.
<dragoonis> acalvo: I can try again if you're up for helping me :-)
<acalvo> I'm installing mysql myself
<acalvo> are you on LTS?
<dragoonis> acalvo: i don't think so, I'm on Ubuntu 10.10
<acalvo> well, that's old
<dragoonis> acalvo: i know, but ain't got the time to upgrade and reinstall  things
<acalvo> however, try to purge the package and remove any file it could have left
<dragoonis> acalvo: apt-get --purge remove mysql-server ?
<acalvo> yes
<acalvo> and apt-get --purge autoremove
<dragoonis> acalvo: done
<acalvo> did it removed anything else?
<acalvo> is the directory /etc/mysql done?
<dragoonis> acalvo: it's not took this long before to do the autoremove, lets wait :)
<acalvo> sorry, meant gone
<dragoonis> Removing libhtml-template-perl ...
<dragoonis> Removing mysql-server-5.1 ...
<dragoonis> hasn't done that before, perhaps it wasn't uninstalling properly before.. i'll let you know when autoremove is completed.
<acalvo> take into account that it will remove anything related to mysql
<acalvo> ok
<dragoonis> acalvo: thanks
<zul> adam_g: https://code.launchpad.net/~zulcss/keystone/keystone-cleanup/+merge/152212
<arrrghhh> 10.10... dragoonis why isn't it on LTS release?  It's server ed right?
<acalvo> dragoonis, how did it go?
<dragoonis> acalvo: i'm back
<dragoonis> acalvo: it's done.
<dragoonis> apt-get install mysql-server again ?
<acalvo> yes
<dragoonis> it's in progress
<acalvo> let's see
<dragoonis> looks like i didn't do --purge autoremove last time
<adam_g> zul, http://people.canonical.com/~agandelman/folsom/python-django_1.4.1-2ubuntu0.3~cloud0/
<dragoonis> so it wasn't actualy removing anything
<zul> adam_g: +1
<acalvo> dragoonis, that means it's working?
<dragoonis> acalvo: it's at this right now "Setting up mysql-server-5.1 (5.1.61-0ubuntu0.10.10.1) ..."
<hdd1> Hello, im currentrly using ubuntu-server 12.04 with kernel 3.5.0-generic into a msi 970g46 with a amd 8150 proc and 16Gb ram with a kvm. I installed the gnome-core so i can have gnome-classic (failsafe). It works fine. but if i enable the autologin option, x does not start. Also if i push x with startx, i et an error: xkbcomp report: warning type "ONE_LEVEL" has 1 leves, but RALT hast 2 symbols ignoring extra symbol, errors from
<hdd1> any help to fix no x with autologin?
<dragoonis> acalvo: it failed using the mysql-server install :(
<dosaboy> Daviey: ping
<Daviey> dosaboy: hey, i see there are two nova proposed updates to precise?
<dosaboy> SRU? lemme get that page up
<Daviey> yeah
<Daviey> dosaboy: who sponsored them?
<Daviey> they've been sat in the queue for a while.. was about to take a look at it.
<dosaboy> so I'm not sure why there are 2, they look like duplicates
<Daviey> yeah, look sthere there was a typo on one of the changelogs
<Daviey> adam_g / zul: How does this fit into your next openstack hunk sru?
<dosaboy> they stem from an SRU that I had to redo a while back. zul and jstrandb reviewed them
<Daviey> dosaboy: can you tell me who sponsored it?  It's easier if you can tell me than checking the sig :)
<dosaboy> Daviey: if you mean who accepted the merge it zul
<dosaboy> https://code.launchpad.net/~hopem/nova/precise-updates-sru-lp1119248/+merge/148663
 * dosaboy is new to this process
<Daviey> dosaboy: Yeah, we are trying to improve it all.. And you contribution is appreciated, just a pain it's been blocked so long
<adam_g> dosaboy, Daviey the two older SRu's in-queue (2012.1.3.XXX.2) would be superseded by the newest upstream stable snapshot (2012.1.4.XXX)
<acalvo> dragoonis, any output?
<zul> Daviey:  if the next SRU hunk happens next week thats fine with me ;)
<dosaboy> Daviey: so one question I have is that the SRU ticket/public bug (this is tied to a private UA issue) is still in the "In progress state". Does it need updating?
<dragoonis> acalvo: meh, just more crazy infinite startup loops
<dosaboy> https://bugs.launchpad.net/ubuntu/+source/nova/+bug/1119248
<uvirtbot> Launchpad bug 1119248 in nova "[SRU] nova does not set container_format when snapshotting instance with ref image deleted" [Undecided,In progress]
<dragoonis> acalvo: it said some things liek 'unable to connect to the mysql server' so it ended the install and i ran 'service mysql stop'
<dosaboy> adam_g: ack
<Daviey> dosaboy: Nah, that is fine.  I was just looking at it in the archive queue for acceptance.. but before i accept it, i wanted to see how close we are to a larger nova upload
<adam_g> dosaboy,  where did use_bare_container_format_by_default.patch come from? stable/essex?
<dosaboy> Daviey: there is no immediate pressure for this since we provided the custmer with a hotfix for the interim
<Daviey> adam_g: So, dosaboy's work is in your more recent upload?
<adam_g> no
<dosaboy> adam_g: yes stable/essex
 * Daviey scratches his head
<adam_g> https://launchpad.net/ubuntu/precise/+queue?queue_state=1&queue_text=nova
<adam_g> is this what we're talking about?
<Daviey> yes
<adam_g> one sec
 * dosaboy checks
<Daviey> dosaboy: I just removed the bad upload, of your 2... So we now have two proper ones
<dosaboy> adam_g: so the top of those two is mine i.e. 2012.1.3+stable-20120827-4d2a4afe-0ubuntu1.2
<dosaboy> 2013-02-19
<dosaboy> adam_g, Daviey: does that look right?
<adam_g> 2012.1.3+stable-20120827-4d2a4afe-0ubuntu1.2 (dosaboy's package) contains a cherry-picked patch from stable/folsom to fix his bug (LP: #1119248)
<Daviey> dosaboy: yeah, trying to work out which one to accept
<Daviey> it would be nice if we could do this with one upload :)
<adam_g> that bug is actually an upstream bug  (LP: #921774) which was fixed in 2012.1.3
<adam_g> the second pending SRU 2012.1.4+stable-20121217-9f277e38-0ubuntu1 is a snpashot of upstream stable/essex which should contain the same fix, in this case fixes the upstream bug (LP: #921774)
<Daviey> adam_g: So i can drop dosaboy's upload, and yours will cover it?
<adam_g> Daviey, it should, might check that the patch is really applied in the upstream orig.tar.gz. one sec
<adam_g> Daviey, also, yolanda's upload :)
<Daviey> okay, going afk.. will check back in 30 mins.
<Daviey> adam_g: I'm looking at uploads in strict upload ordering :)
<acalvo> dragoonis, any update?
<acalvo> try to start in safe mode and reset the root password
<adam_g> Daviey, yeah, that breaks down though when snapshots sit there for 3-4 months :\  people need fixes so they base them on the currently released package and we end up with duplication of work
<dragoonis> acalvo: i'm deleting the package again and atttempting to reinstall
<dragoonis> acalvo: the package install failed.
<acalvo> dragoonis, clear the package cache
<acalvo> apt-cache clean
<dragoonis> ok
<dragoonis> # apt-cache clean
<dragoonis> E: Invalid operation clean
<adam_g> Daviey, dosaboy yeah, the 2012.1.4+stable-20121217-9f277e38-0ubuntu1 upload is the one to accept. it contains dosaboy's cherry-picked fix + a bunch of others
<acalvo> sorry
<acalvo> apt-get clean
<dragoonis> done.
<dragoonis> going to re-install the package now and hope for the best
<dragoonis> # ps -A | grep mysql
<dragoonis> 18865 pts/2    00:00:00 mysqld_safe
<dragoonis> 19110 pts/2    00:00:08 mysqld <defunct>
<zul> adam_g: https://code.launchpad.net/~zulcss/python-quantumclient/2.1.2/+merge/152230
<acalvo> dragoonis, kill any mysql process
<dragoonis> acalvo: killall -9 reports 'no process found'
<dragoonis> and kill, gives no output
<acalvo> kill -9 19110
<acalvo> kill -9 18865
<RoyK> acalvo: or kill -9 19110 18865 ;)
 * adam_g afk
<RoyK> dragoonis: better get used to using pkill - killall on BSD and SysV isn't like linux' killall...
<dragoonis> kill -9 worked
<dragoonis> yay
<dragoonis> ok reinstalling mysql-server now
<RoyK> well, it works, but if you do a killall -9 on a BSD box, you learn it the hard way (it's like killall5 on linux)
<zul> adam_g:  last one for now https://code.launchpad.net/~zulcss/python-glanceclient/0.8.0/+merge/152234
<acalvo> dragoonis, any difference?
<dragoonis> totally not working
<dragoonis> reinstalled, it installed perfectly
<dragoonis> so I ran 'mysql --user=root -p'
<dragoonis> an i got
<dragoonis> ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)
<RoyK> dragoonis: then it's probably not running
<dragoonis> apt-get auto ran it
<dragoonis> mysql start/running, process 25740
<dragoonis> I've done service mysql restart, it's just hanging
<dragoonis> nothing is syslog
<sarnold> if it dies ungracefully, you might not see that printed... check ps to make sure the process is still  alive
<dragoonis> okay so the service mysql restart works
<dragoonis> root@Cobra:~# mysql --user=root
<dragoonis> ERROR 2002 (HY000): Can't connect to local MySQL server through socket '/var/run/mysqld/mysqld.sock' (2)
<dragoonis> sarnold: acalvo RoyK ^^^, i replied above the netsplit :)
<RoyK> dragoonis: pastebin "ps fax"
<dragoonis> RoyK: https://gist.github.com/dragoonis/041d710cda03ec1ad7f1
<RoyK> looks clean - nothing in D state...
<RoyK> dragoonis: what sort of setup? what version of ubuntu? anything custom compiled?
<dragoonis> no custom compiled. Ubuntu 10.10
<RoyK> that's not supported anymore
<RoyK> dragoonis: better upgrade to 12.04LTS
<dragoonis> RoyK: do you retain all your user files when you upgrade? this is a production box
<RoyK> yes
<RoyK> but keeping a backup is always good
<RoyK> something may go wrong
<RoyK> but do-release-upgrade is fairly safe
<dragoonis> I can spin up a new cloud box on ubuntu latest and copy the stuff over and wipe this one
<RoyK> dragoonis: 10.10 support expired almost a year ago
<RoyK> dragoonis: yes, or use do-release-upgrade three times to get it to 12.04LTS, which is supported until 2017
<dragoonis> RoyK: okay, but i'll have to backup all my stuff first :)
<dragoonis> I'll give it a go
<dragoonis> thanks for your help, i'll probably be back once i do the upgrades :)
<sarnold> dragoonis: cool :)
<RoyK> !pastebin
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imagebin.org/?page=add | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<adam_g> zul, ive got a keystoneclient branch coming at you in a few
<zul> adam_g:  ack
<Daviey> hallyn: hey
<Daviey> hallyn: jamespage said that, http://bazaar.launchpad.net/~virtual-maasers/charms/precise/virtual-maas/trunk/view/head:/scripts/setup-maas#L19 was your work
<Daviey> That uses OVS for a bridge for multiple guests, on one node
<Daviey> If i wanted to share that bridge between two real hardware nodes.. i'd want a GRE tunnel going in each direction right?
<hallyn> Daviey: uh, i think so, lemme check that code
<hallyn> Daviey: right, one in each direction, but note you don't need all nodes to be connected.  i.e. if a is connected to b is connected to c, a and c can talk
<adam_g> rbasak, around?
<acalvo> has anyone used preseeding before?
<ogra_> no, nobody ever ... :P
<koolhead17> adam_g, ping
<hallyn> Daviey: fwiw you can look at lp:~serge-hallyn/charms/quantal/ovs-lxc/trunk for how my charm handles slaves comign/going with ovs
<ogra_> (its only around as long as debian :) )
<adam_g> koolhead17, hi
<acalvo> so, can anyone give me a hint why it seems to load the preseed file but it does nothing?
<adam_g> zul, still around?
<zul> adam_g:  yep
<adam_g> zul, about those packages that need updating before RC1. what do you mean exactly? i see some of them were updated just today/yesterday but others not. are some blocked?
<zul> adam_g:  erm...uploading to the CA
<adam_g> zul, oh, i see
<zul> mind is already on vacation
<adam_g> zul, everything is up to date (or soon-to-be) in raring? ill just make sure http://status.qa.ubuntu.com/reports/ubuntu-server/cloud-archive/grizzly_versions.html is all green before thurs
<zul> should be
<zul> unless something changes between now and then
<adam_g> zul, k
<adam_g> zul, is cinderclient going to get a new version to raring?
<zul> adam_g:  it should lemme poke around
<orudie> greetings. Setting up squid proxy app on my server
<orudie> I am able to connect to the proxy and browse the web with a browser
<orudie> however, using the same proxy settings in irc client, I am unable to connect
<orudie> in irc client I get error: HTTP/1.0 403 Forbidden
<orudie> and this is from squid access.log TCP_DENIED/403 3376 CONNECT irc.dal.net:6667 - NONE/- text/html
<orudie> I started a forum post about this and someone suggested adding port 6667 to acl Safe_ports list which I have tried, but still having the same exact issue
<orudie> here are the details on ubuntu forums with my post about the problem http://ubuntuforums.org/showthread.php?t=2123051&p=12546636&posted=1#post12546636
<orudie> ideas / suggestions ?
<RoyK> orudie: squid normally only accepts connections from localhost - see squid.conf
<RoyK> and btw, that's not an app, it's a service
<sarnold> squid .. to proxy _irc_??
<orudie> RoyK, I added an ip address
<sarnold> when was that added?
<RoyK> hehe
<RoyK> you can't proxy irc with squid
<RoyK> squid is an http proxy
<orudie> RoyK, why not ? I have it running and working on another host
<RoyK> well, http != irc
<RoyK> for a start
<sarnold> if it works, it's purely by accident. I'd report it as a bug :)
<orudie> hah
<orudie> so what can I use to proxy irc ?
<sarnold> orudie: an irc 'bouncer' such as bnc or znc.
<orudie> so why do I see in network setup for two different irc clients under Proxy Server settings TYPE: HTTP, SOCKS4, SOCKS5 ?
<orudie> and squid is in fact an http proxy, and it is working just fine as I said, but only on a different host
<bitshuffler> Good evening. I'm trying to set up a pxe install via preseed. It always fails since it can't (naturaly?!) find the cd. How can I force it to do a net install (preferable from a local FTP where the content of the server iso is available)?
<sarnold> orudie: you could run a socks4 or socks5 proxy if you wished; see e.g. socks4-server or dante-server
<bitshuffler> mirror/protocol is set to ftp and mirror/ftp/directory points to the directory the cd content is copied to
<bitshuffler> or do I need to use the netboot cd instead of the server one?
<orudie> sarnold, i don't have any experience with either. What is easy to install and configure ?
<sarnold> orudie: sorry, I haven't installed a socks proxy myself.
<sarnold> orudie: an irc bouncer would be online all the time, whether or not you've connected an irc client
<sarnold> orudie: so it is a very different thing than a socks proxy. but a socks proxy is useful for far more services...
<orudie> sarnold, yeah makes sense, what is the difference between the socks4-server and dante-server apps ?
<sarnold> orudie: dante-server can also do socks5
<sinus> hello. I'm using an https proxy with username and passowrd. I use proxifier in windows. But in ubuntu i see lots of articles to handle it but I failed. Do u have any suggestion ?
<jpds> sinus: Squid?
<sinus> jpds: what?
<jpds> sinus: Suggestions for what exactly, a proxy server or client?
<sinus> I don't know. I have an https address. I think it'c client than server
<jpds> sinus: Well, proxifier is a client (and this is a server channel, hence the server suggestion) - why not use the proxy settings in System Settings?
<sinus> I want to use the https proxy to access the filtered websites, I live in Iran :)
<sinus> I add this to network proxy  http://user:pass@us2-https.vpnmakers.com:443
<sinus> sorry for my wrong entrance. I'm really confused. just help me
<Daviey> adam_g: WOW, this nova has been in precise queue since mid December ?
<Daviey> adam_g: surely it's missing a few security uploads now?
<orudie> sinus, did you install the proxy server yourself ?
<adam_g> Daviey, yeah, looks like it is.
<sinus> No. I bought it. It's usual in Iran to bypass filtering. But people use it in windows. But I want it using in Ubuntu.
<Daviey> adam_g: So we probably need to do it again?
<Daviey> adam_g: Frustratingly, shall i drop all the essex uploads?
<adam_g> Daviey, might as well., there are also uploads in-queue for quantal-proposed since ~02/21 that will likely fall to the same fate if they're not accepted soonish
<Daviey> ScottK: What is the situation with your dkimpy upload, bug 1072726 - seems inconclusive what is holding up precise.
<uvirtbot> Launchpad bug 1072726 in dkimpy "Security and DKIM signature verification failure issues" [High,In progress] https://launchpad.net/bugs/1072726
<ScottK> Daviey: It needs an SRU person to acceptit.
<Daviey> adam_g: That sucks.. I hate seeing wasted effort
<ScottK> who isn't me ...
<Daviey> ScottK: It's been there since 2012-10-29.. surely there is a reason it's been ignored?
<ScottK> I don't have any definitive answer on that.  There was some concern about I accidentally dropped a debian/changelog entry, but it wasn't clear to me that was blocking.
<sinus> Nothing for me !
<Daviey> adam_g: Do we have an eta on next bundle of essex uploads?
<sinus> thank you guys
<adam_g> Daviey, i dont have an ETA. yolanda prepared the last stable/essex update. doesn't look like there is much hitting those upstream branches other than the security fixes already released
<Daviey> adam_g: ah ok
<ScottK> Daviey: I can reupload it with the fixed changelog, I'd just like someone to say definitively if I need to or not.
<ScottK> IMO it's fine as is.
<Daviey> ScottK: Considering it's been there so long.. I made a comment on the bug, Shall we wait for Monday/Tuesday to see if anyone understands why it was ignored ?
<ScottK> Daviey: OK.  It was SpamapS that reviewed it before.
<ScottK> AFAIK the changelog issue is the only reason.
<Daviey> SpamapS: can you double confirm this? ^
<SpamapS> hmm?
<Daviey> 21:28 < Daviey> ScottK: What is the situation with your dkimpy upload, bug 1072726 - seems inconclusive what is holding up precise.
<uvirtbot> Launchpad bug 1072726 in dkimpy "Security and DKIM signature verification failure issues" [High,In progress] https://launchpad.net/bugs/1072726
<ScottK> SpamapS: My dkimpu SRU
<Daviey> SpamapS: ^
<ScottK> py even
<SpamapS> Right, the deleting of the release pocket changelogs
<SpamapS> not sure how that feedback never reached anyone
<SpamapS> (and not sure why SRU team hasn't said it like 5 times)
<SpamapS> ScottK: I thought I had poked you about it a long time ago. Definitely we want to maintain all released changelog entries.
<ScottK> OK.  I'll fix.
<SpamapS> ScottK: sorry for it sitting there w/o a clear answer
<ScottK> Daviey: Please reject the current one.
<SpamapS> ScottK: you can poke me when its re-uploaded and I'll take a look
<SpamapS> ScottK: will be in a meeting for a while so don't be discouraged by my lack of response :)
<Daviey> rejected.  Super, thanks ScottK/SpamapS
<ScottK> Thanks.
<Daviey> roaksoax: You sponsored a python-django change which is now superseeded by a security update.  So i need to reject for that.  My understanding is that the change this carries you don't want in precise anymore, due to solving the issue differently ?
<Daviey> (but regardless, rejected)
<roaksoax> Daviey: which one is that?
<Daviey> roaksoax: GenericIpField
<roaksoax> Daviey: yeah, but I had made uploads to -proposed removing that patch
<roaksoax> Daviey: notified slangasek about it so he can review as per TB decision
<Daviey> roaksoax: Ah, I didn't check the diff.. just the mention in the changelog.  It's been superseeded by security so you need to rebase
<roaksoax> Daviey: ack! Will have a look
<roaksoax> Daviey: i think we need to come out with a way to not have this kinda issues
<Daviey> roaksoax: security superseeding?
<roaksoax> Daviey: as in if we have something in -proposed and something else gets uploaded to -security with the same rev, we have to rebase what was in proposed
<Daviey> roaksoax: I don't think it can be fixed.  Security should always trump bug fixes.
<roaksoax> Daviey: agreed. Though it is wasted time for us
<jdstrand> we try to notice that though, and make a note in the bug for -proposed that it happened. it doesn't always work that way though ...
<Daviey> There have been a handful of times security team have nudged when an SRU is really close to completion, to check if they should infact base their update on the -proposed contents
<Daviey> jdstrand: right.. It's a tough spot.
<roaksoax> indeed
<jdstrand> ftr, the same happens to us
<roaksoax> i think that's why we need to improve the process some how
<jdstrand> ie, we lovingly create and test our update, then we we go to publish, the one in proposed goes through, then we have to rebase to include the -proposed changes
<roaksoax> being idealistic, it would be a cool thing to have automated tests for SRU test cases (that is providing a test case for an SRU)
<roaksoax> but that's whole lot of another deal
<Daviey> roaksoax: I've always been impressed with the testing that security updates undergo.  In many cases, we could learn from their test cases.
<roaksoax> Daviey: agreed
<roaksoax> Daviey: but i'm doing a "school project" which basically tries to "improve the sru process" by reducing the time it takes for verification, wianting time, etc, by adding automated tests for the bug we are trying to fix
<roaksoax> Daviey: it is not a software project though, it is just purely theorical for the class purposes
<Daviey> roaksoax: Interesting, would like to read your findings.
<roaksoax> Daviey: will share them when I finish the project
<roaksoax> Daviey: it is a Total Quality Management class following "six sigma" so it really is out of the scope of what we do, since it is pretty hard to apply six sigma to software
<roaksoax> Daviey: and the professor agreed but still decided to do this project and see oif this would work out
<ScottK> SpamapS and Daviey: reuploaded.
<roaksoax> Daviey: ok django rebased
<ScottK> roaksoax: It looks, at a glance, like the 1.3.1-4ubuntu1.5 changelog entry vanished from your python-django upload.
<roaksoax> ScottK: yeah so the ubunt1.5 got removed from the archives, so I had to upload a ubuntu1.6, that was in -proposed. But since the security update was uploaded with ubuntu1.6 I'm thinking that that's where it disappeared
<ScottK> Hmm.
<ScottK> So are all the changes from 1.5 in the current upload?
<roaksoax> ScottK: 2 out of 3 changes from 1.5 are in the ubuntu1.7 that I just uploaded. As per the TB decision, one change got implemented in MAAS
<ScottK> OK.
<ScottK> That's THAT upload.  Got it.
<roaksoax> ScottK: yeah :).
<ScottK> Accepted.
<ScottK> Daviey: ^^^ your turn to accept mine ...
<roaksoax> ScottK: cool thanks!
<Daviey> I'm still not convinced monkey patching a database model type from upstream Django into an application is cleaner.. but OK :)
<ScottK> It's cleaner for everybody else ...
<Daviey> ScottK: Using the same namespace in Django, means it is opt-in to use that type, forward compatible and surely more supportable..
<Daviey> I still think it is a valid bug that the current IP field type didn't suport IPv6, and upstream decided to solve this by creating a new field type, called this
<Daviey> So not solving this bug in Django, is not allowing people to use ipv6 properly.
<Daviey> So not sure how it is cleaner for other users..  But anyway, Done now.
#ubuntu-server 2013-03-08
<orudie> can someone recommend socks server software that is easy to configure ?
<patdk-lap> is there really a place for socks this day in age?
<spencer> Has anyone used filethingie here?
<spencer> I am trying to hook different processes but am unsure where to look. This is a pure PHP uploader no mysql required.
<spencer> php channel?
<sarnold> yikes...
<sarnold> spencer: do not use this program over http, only over https.
<sarnold> spencer: I think you should also restrict access to this program via your webserver's ip-based access controls
<sarnold> spencer: I'd also recommend confining it with apparmor or selinux or smack or tomoyo or running it in a VM or something.
<spencer> that bad?
<sarnold> spencer: the cookie used for login looks easily replay-able, and the "blacklist" looks .. odd.
<spencer> Well I plan to change but you are making me think I need to change like yesterday!
<sarnold> code starting at line 469 is a touch cringe-worthy: https://github.com/haugstrup/filethingie/blob/master/ft2.php
<spencer> Ok first that is not something I would think looks bad. Second how did you find that so fast?
<spencer> Im kind of simple just trying to do big things
<sarnold> spencer: hehe, that long cascade of } else { .. } else { ... just sort of stands out to me..
<spencer> Well let me just come out and ask then:
<spencer> I need something that I can upload meadia to and then have the server notify the user computer that media is uploaded. I was going to try and hook the upload process of filethingie to email the user on upload.
<sarnold> spencer: can you use sftp?
<spencer> If it can be scripted for sure. If the user needs to type anything in then I dont think it will work.
<sarnold> it's a standard part of the ssh protocol, so it's pretty widespread, but not everyone is prepared to know how to use a tool such as sftp or the various gui front-ends..
<spencer> scriptable? ie could I have the client computer download from the server automatically?
<sarnold> spencer: oof if you want automatic, maybe rsync is the tool. it does nice restarts and everything :)
<spencer> that would be nice, at least I have used that before
<sarnold> s/oof/ooh/  :)
<spencer> But what CMS is going to make this easiest for me ;)
<sarnold> hehehe, well, if you have to do the uploads with a browser, perhaps this php thing is no worse than any other. Just please nail it down as far as you can. :)
<spencer> :p
<sarnold> spencer: for the notification end, look into this thing: http://inotify.aiken.cz/?section=incron&page=doc&lang=en
<spencer> wow I am impressed 2nd time that is recommended
<spencer> 2 for 2 must be good. I posted an example script on serverfault and someone recommended this!
<sarnold> :)
<spencer> thanks sarnold I think this might get me by for the time being
<sarnold> spencer: have fun :)
<spencer> sarnold: ;)
<spencer> If I want to use postfix to get mail on my system. Should my "mail name" be xxx@machine.mysite.com?
<histo> spencer: yes
<histo> spencer: where are you setting mailname?
<arrrghhh> hey all.  n00b to RAID arrays here - I am building a raid1 array to start, and just wondering how long it should take to build...?
<FATMedia> does anyone have any clue why random files with names like `???p???`???p???`???pÎ±?`???? would be getting created in the root directory of an ubuntu server?
<histo> FATMedia: No you'd have to look when they were created and try and figure out.
<histo> FATMedia: also you could search the files in /var/log/* for those names
<FATMedia> histo: alright, i will try i'm not really sure what to look for, i know when they were created
<FATMedia> lol running find var/log -name "*.log" -exec grep -H "(?-?X?-?" {} \; only returns an entry for me running the search command
<FATMedia> im having trouble running lsof... it's saying the file doesn't exist do i need to ecapsulate this differently? lsof r1 "(?-?X?-?"
<histo> FATMedia: lsof 'filename'
<histo> try that
<FATMedia> same issue... i've run into the same problem when trying to rm these files
<FATMedia> whole thing makes me freakin nervous...
<histo> FATMedia: like what is one of the filenames?
<FATMedia> (?-?X?-?
<FATMedia> another is `???p???`???p???`???pÎ±?`????
<histo> oh boy you need to escape all those
<histo> so like lsof \(<press tab key>
<histo> or rm \(<tab>  if you want to delete them. It should escape all the ? with \? for you automatically
<histo> FATMedia: any luck?
<FATMedia> nope, i suck at this...
<FATMedia> my host is saying they think the box is compromised
<FATMedia> i think i'm going to migrate to a managed hosting platform tomorrow, it's sill for me to spend time doing this when i'm not very good at it
<FATMedia> thanks for your help though histo, i appreciate it
<one> Should firefox display SSL cert as run by unknown when visiting ubuntu.com ?
<histo> one: which page @ ubuntu.com?
<histo> https://ubuntu.com doesn't respond here
<one> histo: help.ubuntu.com is actually what i was looking at but since help is a subdomain ubuntu.com should use the same SSL cert
<one> histo: were you the one that looked up that md5sum for me last?
<histo> one: yes
<histo> I don't get an ssl acceptance prompt there.
<one> click the lock on the right side of the address bar
<one> histo: there firefox usually gives the basic ssl info
<one> histo: i meant left other side of the mirror again
<histo> one: identity is verified here
<histo> one: they aren't supplying ownership information to the cert
<rbasak> adam_g: I was EOD and out, sorry. Pong?
<one> histo: oddly enough I cant even get a verified cert for google
<one> histo: not much I can do about it at the moment, moving on
<one> I am trying to invoke iptraf to run in the background but it keeps saying specified interface not supported
<one> using -i all but when running in console mode it shows all interfaces
<one> hmm, What can the problem be, any ideas, histo , anyone?
<histo> no idea
<one> histo: have you really been on freenode since 2006?
<histo> one: longer than that. I've just had my cloak since then
<one> histo: have you learned a lot?
<histo> I've been using linux for far to long. I learn something new everyday though
<acalvo> has anyone succeed with preseeding an installation?
<one> histo: learn something new or the same thing repackaged
<spencer> I am trying to setup incron from http://inotify.aiken.cz/?section=incron&page=doc&lang=en have any of you guys got this working? I have got it installed but I have no clue about using it. The docs say I need to run it from a starting script.
<spencer> Can someone tell me is curl going to be better than wget for downloading only new files on a URL?
<jacobw> spencer: Only new files?
<spencer> Only new picture files. I tried wget --no-clobber but For some reason it goes through and downloads the same files again.
<spencer> as a matter of fact I will send my other options in a second I got to open my script back up
<spencer> Sorry jcobw I actually changed it:
<spencer> wget --mirror --continue --no-host-directories http://www.myaddress.com/file/file1
<spencer> I want to get all new files inside of folder "file1" with no upper directories. I can't remember now why I took the --no-clobber out
 * xnox ponders who I can trick into verifying bug #833368 and bug #988881 =) as I now have additional SRU to push out =)
<uvirtbot> Launchpad bug 833368 in lvm2 "clustered lvm commands fail with "activation/monitoring=0 is incompatible with clustered Volume Group" error" [High,Fix committed] https://launchpad.net/bugs/833368
<uvirtbot> Launchpad bug 988881 in lvm2 "/etc/init.d/clvm status exitcode always 0" [Medium,Fix committed] https://launchpad.net/bugs/988881
<Daviey> jamespage: What is your view of adding collectd as a subordinate to each openstack component ?
<Daviey> xnox: Dimitry on foundations team will really enjoy lvm2 verification :)
<SpamapS> Daviey: /me wonders if Daviey is already into the whisky...
<xnox> Daviey: I am usually against self-verifying self-uploaded SRUs.
<Daviey> SpamapS: I never left it :)
<Daviey> xnox: Then you need to form another personality.
 * koolhead17 wonders how is SpamapS awake at this time :D
<Daviey> SpamapS has learned to live without sleep.  That is a skill that being a Ubuntu Server developer instills in you from early on.
<SpamapS> koolhead17: indeed, the question is not, how are you awake at this hour, but rather, how are you able to sleep, knowing how many bugs there are to fix?!
<koolhead17> SpamapS: //o.0\\ what package? mysql-server :D
<koolhead17> Daviey: hello there
<acalvo> preseeding needs the alternate install CD?
<jamespage> Daviey, context?
<Daviey> acalvo: There isn't an alternate server cd.
<jamespage> zul, adam_g, yolanda: review required - https://code.launchpad.net/~james-page/quantum/grizzly-metadata-agent-fixup/+merge/152373
<Daviey> jamespage: just generally, collecting data.
<jamespage> Daviey, fine then
<jamespage> same would apply to ganglia for monitoring as well - or nagios
<yolanda> jamespage, i'll take a look
<jamespage> yolanda, thanks
<xnox> acalvo: one can preseed: pxe-boot, mini.iso, server cd, desktop cd, alternate cd (no longer available in quantal and up)
<acalvo> I've tried with the desktop cd
<acalvo> but it doesn't start the installer
<xnox> acalvo: sure it does. The Desktop CD preseeding is slightly different (e.g. tasksel is not running)
<xnox> acalvo: https://wiki.ubuntu.com/UbiquityAutomation
<acalvo> oh, I've been looking at help.ubuntu.com
<acalvo> xnox, thanks for the link!
<xnox> acalvo: Here are sample preseeds for most common configurations of desktops: https://bazaar.launchpad.net/~ubuntu-test-case-dev/ubuntu-test-cases/desktop/files/head:/preseeds/
<xnox> acalvo: we use that in automatic jenkins testing of desktop cds.
<jamespage> Daviey, doh "#lock_path=/usr/lib/python/site-packages/cinder/openstack
<jamespage> "
<jamespage> that won't work to well now will it
<jamespage> yolanda, if you have time - https://code.launchpad.net/~james-page/cinder/fix-lock-path/+merge/152381
<Daviey> jamespage: heh
<jamespage> yolanda, thanks!
<yolanda> np
<zenzio> I recently had to move a website we run to a new server. After the move, customers are reporting being unable to upload files, but my own tests from work, home, various VPSes, as well as a few friends from other countries all succeed in uploading. The customer reports that the size of the files make no difference.
<zenzio> Placing some logging in the PHP code I can see that they are getting UPLOAD_ERR_NO_FILE, as if their request did not include the actual file data in the request body... I am at a loss as to where to look next. The server is running Ubuntu Server 10.04 LTS, PHP 5.3.2 and Apache 2.2.14.
<zenzio> Could there be a firewall (or something similar) enabled by default (out of the box) that that could end up blocking the customers' uploads, but not touch their normal requests? My only other guess currently is some kind of network configuration on the customers' side interfering, as we did change IP when we switched server. I would prefer not to bother their IT department before having checked the most reasonable possibilities on my end
<zenzio> (sorry for the wall of text, I couldn't find a clean way to shorten it without losing context)
<vezq> sounds like a problem at customer end if it works elsewhere
<SpamapS> zenzio: yeah sounds like an issue on their end. You should ask for remote control of a system there.
<zenzio> thanks, I'll try that then :)
<mardraum> on latest raring 'virsh migrate --live' is returning "error: operation failed: migration job: unexpectedly failed", anyone knwo about this?
<mardraum> libvirt logs have no more detail
<mariop> Hi, lets say that i am connected to a remote server via ssh, i find a file that i want to copy to my local machine, is there away to start the transfer  from the remote shell reusing the already established ssh connection?
<smoser> adam_g, jamespage 'nova' seems broken for me inraring
<smoser> $ nova list
<smoser> ERROR:
<smoser> is that known?
<jamespage> smoser, I don't think so no
 * jamespage tries to repro
<jamespage> smoser, hmm - I'm not seeing that
<smoser> jamespage, i'm hitting canonistack
<jamespage> smoser, me to
<smoser> i dist-upgraded yesterday.
<jamespage> smoser, 1:2.11.1-0ubuntu1
<jamespage> I just did the same
<jamespage> smoser, might be worth checking you are fully up-to-date
<jamespage> a few deps got updated yesterday by zul
<smoser> jamespage, http://paste.ubuntu.com/5596189/
<smoser> i dont know if it is regression or not actually.
<smoser> i might have only ever run this before when something had access to a gnome-keyring.
<jamespage> smoser, do you use nova --no-cache
<jamespage> ?
<jamespage> I'm guessing not
<Haris> Hello all
<Haris> I just setup a 12.04lts 64bit box
<smoser> jamespage, no, but i never did before
<Haris> I forgot the normal user/pass that's made through setup.
<Haris> I just setup a 12.04lts 64bit box. I forgot the normal user/pass that's made through setup. Is there a way for me to re-set that user or root's pass ? The other option would be to rebuild this box
<Haris> centos has an option to reboot the box in single user mode. The rescue mode. Where one can re-set the root pass. Do we have such an option with Ubuntu
<tedski> Haris: yes, at the grub screen, you can invoke single-user mode
<jamespage> smoser, weird - --no-cache makes no difference anymore anyway
<tedski> Haris: edit the kernel line and append the word "Single" to the end
<Haris> ok
<smb> Not sure that helps much as there is no root passw to type. Though using the install media to run the rescue mode and set the pw there should help
<tedski> heh, i need more coffee to remove my redundancy... append to the end?  derp.
<smoser> mdeslaur, https://bugs.launchpad.net/ubuntu/+source/python-keyring/+bug/1023433
<uvirtbot> Launchpad bug 1023433 in python-keyring "UncryptedFileKeyring creates ~/keyring_pass.cfg world readable, ignores keyring-path" [High,Expired]
<tedski> smb: i figured he's boot to single mode and then reset the user password
<smoser> so if i do HOME=somedir nova list
<tedski> single-user
<smoser> where somedir/keyringrc.cfg has 'default-keyring=keyring.backend.UncryptedFileKeyring' in it
<smoser> where does my sensitive data now go ?
<smb> tedski, Must admit I forgot whether single-user gives a shell without any pw
<mdeslaur> smoser: somewhere under ~/.config or ~/.local, I'd have to check
<tedski> smb: i must admit i forget, too... i use too many distros to keep track
<smb> Haris, so one or the other. ;)
<smoser> mdeslaur, http://paste.ubuntu.com/5596212/
<smoser> (HOME was set to 'creds')
<Haris> checking up on it
<mdeslaur> smoser: hrm, not quite sure where it is then
<Haris> the install media can do the rescue ?
<Haris> I'm using netboot image for 12.04lts to boot from
<Haris> booting this box via the pxe
<Haris> I have the recovery menu infront of me
<Haris> I see the option to drop to root shell. From there I can do this
<mdeslaur> smoser: what's XDG_DATA_HOME set to?
<mdeslaur> smoser: looks like it tries XDG_DATA_HOME, else it falls back to '~/.local/share'
<smoser> http://paste.ubuntu.com/5596229/
<mdeslaur> smoser: what does python -c "import os;print os.path.expanduser('~/.local/share')" give you?
<Haris> I have a problem changing password. Its the kvm. when I type something on kvm, it sometimes multiple times duplicates the character that is typed. is there another way to change the passwd
<Haris> I'v tried using , smallsimple password. it doesn't update using that
<smoser>  /home/smoser/data/canonical-stack/creds/.local/share
<Haris> its not changing the password
<Haris> it says: passwd: Authentication token manipulation error \n passwd: password unchanged
<smoser> mdeslaur, http://paste.ubuntu.com/5596245/
<Haris> do I need to remount the / partition with in rw mode (as with centos) ?
<smoser> its odd. as if its not writing anywhere.
<mdeslaur> smoser: I'm not quite sure why that's not working
<Haris> is there a tool with which I can mention the password on shell, rather than be prompted for it
<smoser> Haris, chpasswd
<smoser> echo "user:newpasswrd" | sudo chpasswd
<smoser> or, sudo chpasswd < some-file-with-that
<tedski> Haris: yes, the partition needs to be rw since it will write to the shadow file
<Daviey> smoser: surely expect is better?!
<smoser> surely you jest.
<smoser> and stop calling me Shirley!
<Daviey> smoser: http://pb.daviey.com/kjwr/
<smoser> do you want me to point out why chpasswd is better than that?
<tedski> other than simply line count :)
<smoser> a.) you are invoking that program with passwd on the command line, meaning it will be available in 'ps'
<smoser> b.) you're using TCL!
<smoser> c.) LANG
<Haris> ok, rebooting the box
<Daviey> smoser: You don't really think i was being serious?
<smoser> Daviey, its that british wit.  i just can't read it.
<smoser> http://paste.ubuntu.com/5596282/
<smoser> i'm pretty sure that allows you to:
<smoser>  PASS=foobar ./changepass user
<smoser> and nothign is really leaked into ps
<smoser> but who knows. maybe i'm wrong.
<smoser> anyway. chpasswd is nice.
<Daviey> smoser: I want my shell password to be one time password, randomly generated.
<tedski> until you need sudo
<smoser> tedski, daviey just runs as root. no need for sudo.
<smoser> http://paste.ubuntu.com/5596290/
<smoser> i'm seriously loving apt-fast.
<smoser> err... eatmydata rather.
<Daviey> tedski: I use MD5 ssh keys.
<tedski> Daviey: for sudo?
<Daviey> NOPASSWD for sudoers.
<Haris> lol @ british wt
<Haris> wit+
<tedski> Daviey: you're doing it wrongÂ®
 * Haris goes back to work
<Haris> ok
<tedski> ugh, i just realized i forgot to switch my connection to annex m last night before the backup started
<Haris> 1x box rebuild avoided
<tedski> Haris: now, set all your root passwords to "P@ssw0rd" so you don't forget them!
<tedski> and set permitrootlogin to yes in your sshd  conf so you don't have to bother with that silly kvm
<Haris> done
<Haris> didn't do the root login part
<Haris> that's not needed
<eagles0513875_> hey guys where is perl installed by default on 12.04
<SpamapS> eagles0513875_: perl is pretty much always /usr/bin/perl on linux systems.
<SpamapS> eagles0513875_: never seen it anywhere else
<SpamapS> eagles0513875_: shouldn't need to qualify it with a path ever except in shebangs
<eagles0513875_> SpamapS: this is ubuntu they tend at times to put things rarely in non standard locations
<SpamapS> no, we don't
<SpamapS> we religiously put things in the place dictated by the FHS, just like Debian
<eagles0513875_> SpamapS: reason im askign is the autogen.sh script for libreoffice is complaining it cant find some modules is there a way i can see the dependencies in regards to perl that i needs
<eagles0513875_> nm found out whats missing
<eagles0513875_> thanks though SpamapS :)
<smoser> mdeslaur, so... you have to do this:
<smoser> OS_NO_CACHE=0 nova keypair-list
<smoser> (or pass '--os-cache')
<smoser> which previously was not the case, and is double-negative logic.
<smoser> and then data is written to /home/ubuntu/.local/share/python_keyring/keyring_pass.cfg
<smoser> er... .local/share/python_keyring/keyring_pass.cfg
<mdeslaur> smoser: hrm...what's parsing OS_NO_CACHE?
<smoser> nova
<smoser> it is chosing to use keyring or not based on those flags
<mdeslaur> oh, huh
<mdeslaur> glad you found it
<cgseller1> anyone ever used Cloudian solution with backblaze's 180TB storage pod solution with ubunut server/cloud ?
<CallingPanther> I am thinking of building an IRC server and using Dancer since it appears to be designed for FreeNode any thoughts?
<CallingPanther> Anyone know anything about Dancer-IRCd
<hallyn> heh.  oops. kvm -serial stdio <- try not to ctrl-c in that login session :)
<Daviey> hallyn: killed kvm?
<hallyn> Daviey: and i just kept typing then looked at my other window and wondered why it hung
<hallyn> then noticed 'ls' in that term was for the wrong host
<Daviey> hallyn: Recently, i accidentally reused a hostname in my naming scheme.  Turned out to be the same name as my local machine. I sh'd to a different machine, and couldn't understand why half of my files and generally wasn't responding as i expected
<Daviey> ssh'd*
<hallyn> :)  as you do lxc nested in lxc nested in qemu nested in qemu, that becomes a real danger
<Daviey> eep
<hallyn> psivaa: i still can't reprodcue your bug as is on my hardware, but i think i've verified in principle that what i think is happending is happending.  few more tests to see if my proposed fix will solve that.
<adam_g> jamespage, still around?
<capt-rogers> I would like users to SFTP and have read-write access to /var/www/.  I can do this if I use 1 SFTP account and change the group for /var/wwww to that user...However I have a number of users...So I created  a group called "website" I add the SFTP user accounts to the website group. However they cannot get access to /var/www that way..what am I missing ? TIA
<maveas> Doesn't KVM on Ubuntu support _native_ paravirt?
<maveas> I'm getting "Host does not support virtualization type 'xen'" when I'm trying to install an VM (--paravirt)
<jacobw> maveas: nope
<maveas> But it do support paravirt at some extend through virtio? Doesn't it? That's what I've understood from reading a lot lately.
<sarnold> capt-rogers: did you apply the group change to all subdirs of /var/www as well?
<sarnold> capt-rogers: is the mode on the directories 775 or 755?
<capt-rogers> permissions=775 and group="website" on /var/www and subdirs....I added the SFTP accounts to group=website
<capt-rogers> not suer why..but that does not give read-write access to /var/www
<sarnold> capt-rogers: did your users close and restart their sftp session? group membership happens only at login time and when users run 'sg' or 'newgrp' (hard to do from sftp :)
<jacobw> maveas: What do you mean by paravirt?
<jacobw> maveas: If you mean things like virtio, sure
<jacobw> maveas: Just check out the KVM docs
<Daviey> smoser: I tried to work out WHO would use this.. then thought of you. http://mmb.pcb.ub.es/~carlesfe/blog/creating-a-simple-blog-system-with-a-500-line-bash-script.html
<capt-rogers> ah, yes..that is probably it...logout and back in again...
<goddard> i have a user that cant connect to smtp even though i can
<goddard> any idea why this might be happening and where to check
<goddard> i looked in the auth.log but everything looks fine and doesn't display email/username password login attempts
<kpettit> goddard, can other users get to it ok?  I'd check firewall settings on server/client first
<goddard> kpettit: i got this amavisd
<goddard> opps
<goddard> this http://pastebin.com/i3ymiGuM
<goddard> \
<blazindrop> is there a way to get apt-mirror to mirror a cd rom? I am using MAAS and want my nodes to use my maas controller to download packages, not the internet
<tgm4883> anyone in here in charge of kondor
#ubuntu-server 2013-03-09
<CallingPanther> I installed Dancer-IRCD and am having an issue with my self getting OP
<phillw> hi good people, any one used to a 10.04 server install? I've got an issue with letting it know dns-nameservers entry
<ScottK> phillw: Why are you installing 10.04?  12.04 is generally a better bet.
<ScottK> It's pretty standard entry in /etc/network/interfaces though.
<phillw> ScottK: hello again, are you following me around? :D. Let me explain... a member of the -release team has asked that I test a 10.04 virgin install and update it all the way to 13.04. He is expecting a LOT of errors on the way.
<ScottK> I see.
<ScottK> That's a good reason to install 10.04.
<phillw> that the newer system has resolve.conf automatically built is but one of these screaming problems
<ScottK> Yes.  Personally I consider it a serious bug that it's included in the default install, but that's just me.
<ScottK> So what's your problem.
<ScottK> ?
<phillw> at present, I do not know how to tell 10.04 about resolve.conf
<phillw> as it is a static IpV4 address, I have the entry in /etc/network/interfaces
<ScottK> That would be normal for 10.04 wouldn't it?
<phillw> as I'm used to resolve.conf building itself. It seems 10.04 does not build, nor know of that file
<ScottK> So you need to know the format of the file?
<phillw> ScottK: I have never used 10.04 server,
<phillw> ScottK: it actually builds in a different problem. I've manually put it into the interfaces file so it will be picked up once the system uses it.
<phillw> but, that part of interfaces was never back ported to 10.04
<ScottK> If you manually set the IP address during install and give it the information, it should have included it.
<phillw> there is no resolve.conf file in 10.04
<ScottK> Not needed.
<phillw> I'm used to seeing it with the warning "do not update this file"
<ScottK> If you're trying to set up a 'pristine' 10.04, don't add it.
<phillw> ScottK: how do I tell a virgin 10.04 where resolve.conf entry should be?
<ScottK> You don't.
<ScottK> It doesn't care.
<ScottK> Here's my /etc/network/interfaces on a server that doesn't use it: https://paste.debian.net/240583/
<phillw> ScottK: it does, it cannot 'talk' to the world
<ScottK> What does your /etc/network/interfaces look like?
<phillw> ScottK: I'm on a slow link via ssh -X, there is a long lag!
<ScottK> OK.
<ScottK> Actually I need to run.
<phillw> ScottK: I think, from memory, you solved it!
<spacestationspaz> looking for nfs help
<spacestationspaz> if anyone cares to troubleshoot
<SpamapS> spacestationspaz: Its always better to just ask a question. Sometimes it can take hours for people to see it.
<spacestationspaz> right
<spacestationspaz> I don't think I'm ready to ask a specific question, I guess
<spacestationspaz> I think I need to nuke and start over
<SpamapS> spacestationspaz: its the only way to be sure
<spacestationspaz> nuking?
<SpamapS> yeah, preferrably from orbit
<spacestationspaz> or with an emp
<SpamapS> http://www.youtube.com/watch?v=2s1MspmfEwg
<spacestationspaz> nicely done
<eagles0513875_> hey guys what kerberos 5 package can i find krb5_sendauth
<ddsss> are there any tools that can sit on the server and monitor suspicious acktivity/attacks and then shoot you an email about them?
<ddsss> attack/intrusion detection tools?
<Myrtti> !test
<ubottu> Testing... Testing... 1. 2.. 3... ( by the way, remember that you can use /join #test )
<kondor`> Myrtti: Error: "test" is not a valid command.
<kondor> Myrtti: Error: "test" is not a valid command.
<ddsss> are there any IRC services pacjkage in ubuntu 12.04 LTS standard repos... couldn't find any...
<ddsss> ?
<Captain-n00dle> Hey all, thanks for any help in advance, I've got something giving me a load of >1 on a single cpu server and I cant figure out what it is using top and atop :-s
<patdk-lap> heh?
<RoyK> Captain-n00dle: probably some process stuck in D state
<RoyK> Captain-n00dle: load != cpu usage
<Captain-n00dle> Okay thanks
<RoyK> Captain-n00dle: pastebin ps fax
<RoyK> (or the output of that command :P)
<Captain-n00dle> Any useful tools that I could use to figure out what it is?
<Lee-C> hi guys, just chasing a couple of tips.  im thinking of setting my main PC at home up as a server.  The main reasons for wanting to do this are (1)monitor exactly what Internet traffic is going in and out (including keeping track of website and browser history of all machines o the network)  (2)network shares (which i want to access remotely) (3)media server. I'm not sure i want to go the whole hog
<Lee-C> though and use Ubuntu server though as I'm not sure I'm 100% confident in my abilities to manage everything from the CLI.  Also because as i said, this is the main PC that i use at home.
<Lee-C> anyone? :)
<SpamapS> Lee-C: don't make your primary computer a server
<SpamapS> Lee-C: You can buy little servers that can do all you want for just a few hundred dollars.
<SpamapS> Lee-C: also, check out Zentyal if you want to use a web interface to manage a server
<Lee-C> SpamapS: thanks for that.  You wouldn't be able to point me in the direction of where i could look at some information on one of these servers by any chance?
<SpamapS> Lee-C: google "HP Microserver"
<Lee-C> SpamapS: sorry, im looking at Zentyal now.
<Lee-C> SpamapS: cheers will take a look.
<Diegonat> hi guys! Ive got a problem. I have installed ubuntu server but I cannot ssh to it. When I am prompt with the password, it denys me the access. Why?? :-/
<TriJetScud> great, I'm getting a GPG error on apt-updates
<TriJetScud> more like: W: GPG error: http://archive.ubuntu.com precise Release: The following signatures were invalid: BADSIG 40976EAF437D05B5 Ubuntu Archive Automatic Signing Key <ftpmaster@ubuntu.com>
<TriJetScud> this ubuntu server install was deboostrapped from a debain 6 box
<ScottK> TriJetScud: Wait ten minutes.  Try again.  If it still happens, then you may have a real issue.
<TriJetScud> well not to mention that I'm chrooted into the ubuntu server image right now
<ScottK> Sometimes things get out of sync when an update is published.
<ScottK> Usuaaly it doesn't last long.
<TriJetScud> heh
<TriJetScud> it's the first time I've seen this problem inside ubuntu
<TriJetScud> and if you're going to ask why I refuse to install from ISO, there's a reason why
<ScottK> No. Actually I wasn't.
<aega> http://twixzo.de/spiel.php?id=22248
<Diegonat> hi guys! Do you know any software to monitor what users in the network do ? What website do they surf and for how long?
#ubuntu-server 2013-03-10
<blair> is https://wiki.ubuntu.com/UbuntuCloud/Images/Publishing still accurate on how Ubuntu Cloud Images are created?
<lifeless> blair: clearly not edited for a while, but its the sort of thing you don't need to futz with that much
<lifeless> blair: smoser: will know
<blair> lifeless, thx, i'm looking for the latest instructions since i want to build EC2 images with cloud-init but tweak some things, since the images are a good base for what i need
<lifeless> blair: you could just build on the images that smoser builds; thats what we are doing
<blair> lifeless, actually, i'm trying to get zfs as a root fs so i can snapshot, so i'm thinking i need to build the fs and then layer all packages on top of it
<lifeless> you could just use ebs snapshots, much simpler ;)
<blair> while the system is running?
<lifeless> blair: as for transforming; take the ubuntu cloud image; make a zfs fs, copy the contents over; drop in whatever modules you need.
<lifeless> blair: re live snapshots - http://serverfault.com/questions/79077/safe-to-use-an-amazon-ebs-volume-while-snapshot-in-progress
<blair> lifeless, thx, i will try the transforming approach.  i need the snapshot for getting a consistent backup between two different databases
<lifeless> you can't use point in time backups for them ?
<blair> one isn't even a real db system.  it's a third party software solution that uses a db and flat files, with no guarenteed ordering between updates to both, so i want to stop the service, do a snapshot, and start it, all very quickly
<blair> i have btrfs working on a KVM, but it looks little too risky for a SAAS with paying customers, so i'm looking at zfs and the nfs-native ppa
<lifeless> you could use lvm snapshots more easily I suspect
<blair> i've had a btrfs fs lock up on boot due to a bug in the orphan cleanup code and following the btrfs mailing list, they keep on finding stuff that looks risky
<blair> lvm with xfs?
<lifeless> use the stock image, use an EBS volume for data storage, and put lvm on that
<lifeless> lvm with anything
<blair> so umount the EBS long enough to do the snapshot?
<blair> err, i mean, unmount the volume in the LVM
<lifeless> huh, just snapshot it live
<lifeless> thats the whole point of lvm :)
<blair> don't you put a fs on top of lvm, so you would then mount the snapshot it would need to recover?
<lifeless> stop your service; sync; lvm snapshot; start your service
<lifeless> blair: the sync isn't needed with fs's that are lvm aware
<lifeless> http://tldp.org/HOWTO/LVM-HOWTO/snapshotintro.html
<lifeless> blair: I don't know exactly which ones are aware
<lifeless> blair: zfs has a raft of nice features but most of them are not unique to zfs :)
<blair> right, it's just all in one nice layer with checksums ;)
<lifeless> saves you from disk corruption but not memory faults ;) - you can checksum bad data very happily :)
<blair> the URL says that snapshot will ask the fs to be in a consistent state, need to see if ext4 supports that
<blair> lifeless, http://lwn.net/Articles/446618/ says there are ext4 patches for snapshotting that are outstanding as of June 8, 2011, i'll have to see if it made it into recent kernels
<lifeless> blair: no, thats different
<blair> lifeless, how so?
<lifeless> blair: thats in-filesystem snapshots like btrfs or zfs
<lifeless> blair: lvm aware support is -massively- simpler.
<blair> lifeless, so i'm missing something then.  this is my understanding.... lvm provides block devices and doesn't know about the fs.  you can put any fs on top of lvm
<blair> but if you snapshot at lvm level, you can have the fs be in an inconsistent state
<blair> and xfs, ext{3,4} don't support in-fs snapshots
<lifeless> right, but there is an in-kernel api to tell the fs a snapshot is happening
<blair> right, that's what i meant, and i couldn't find confirmation that it's in ext4
<lifeless> it is
<lifeless> https://lists.ubuntu.com/archives/kernel-team/2010-August/012031.html
<lifeless> shows analysis of a regression related to that code
<lifeless> can't happen if it wasn't ;)
<blair> oh, i misread the lwn article, there's a 'n' in 'next3'
<blair> :)
<xnox> blair: lvm snapshots with ext3/4 are rock solid.
<blair> xnox, thx
<lifeless> blair: http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=c4be0c1dc4cdc37b175579be1460f15ac6495e9a
<blair> lifeless: nice.  because this question doesn't give one good feelings that it's supported on all kernels: http://serverfault.com/questions/79077/safe-to-use-an-amazon-ebs-volume-while-snapshot-in-progress
<blair> that's your link, i meant this one: http://stackoverflow.com/questions/1940093/
<lifeless> the answers are fairly clear it should all work
<lifeless> the amount of ignorance out there is unbounded :)
<blair> lifeless, i've gotten a healthy skepticism for the word "should" in answers, been burned by stuff that "should" work in production
<lifeless> sure
<blair> lifeless, thanks for the suggestions, its definitely a safer solution than zfs or btrfs,
<zorky> hello, anyone who can help me. i need to setup a dhcp server using isc-dhcp-server . but i forgot how the dhcpd.conf should look like.
<zorky> whats commented in the dhcpd.conf file is no use. it dosen't state what should be uncommented, so make it work. and i can't find any guide on how to setup dhcp
<tedski> zorky: https://help.ubuntu.com/community/dhcp3-server
<zorky> please explain. why i should use dhcp3 instead of isc-dhcp-server?
<tedski> the configuration is the same
<zorky> okay. but now comes the question. where do i put all that into the dhcpd.conf file?
<tedski> what do you mean where?
<zorky> the dhcpd.conf from dhcp3 . what do i copy into the dhcpd.conf from isc-dhcp-server?
<tedski> i don't think you're understanding how it works
<zorky> i do. the only reason why im asking for help now. is because it's the first time im seing this config file without it has been edited.
<zorky> i work with linux servers at work. setting this up on a regulary basis. but i have never installed the dhcp service. because i allways roll out premade images, made by a coworker
<tedski> when you install the isc-dhcp-server package, it will create /etc/dhcp/dhcpd.conf
<tedski> open that file and read the comments
<tedski> it explains each configuration parameter
<tedski> you'll need to create a stanza for the subnet you wish to offer IPs for
<tedski> and you have the option to push some things like dns servers, routers, etc. through that stanza
<tedski> you can also do static-dhcp if you wish
<tedski> at the minimum you'd have a default-lease-time, max-lease-time, authoritative, and subnet
<tedski> does that make sense?
<zorky> tedski, default-lease-time 600;
<zorky> max-lease-time 7200;
<zorky> option subnet-mask 255.255.255.0;
<zorky> option broadcast-address 192.168.1.255;
<zorky> option routers 192.168.1.254;
<zorky> option domain-name-servers 192.168.1.1, 192.168.1.2;
<zorky> option domain-name "mydomain.example";
<zorky> subnet 192.168.1.0 netmask 255.255.255.0 {
<zorky> range 192.168.1.10 192.168.1.100;
<zorky> range 192.168.1.150 192.168.1.200;
<zorky> }
<zorky> as i recall. the dhcpd.conf look something like that. and only that from the work servers.
<tedski> okay, do you understand what each option is saying?
<zorky> somewhat. yes
<RoyK> !pastebin
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imagebin.org/?page=add | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<tedski> zorky: you'll want to put theoption statements into the subnet stanza
<tedski> since they are specific to that subnet
<tedski> zorky: also, if you don't have a need for 2 ranges,  you might as well just remove one
<zorky> it didn't work. and im getting anoyed i can't get it to work
<zorky>  can anyone send me a pastebin with a working dhcpd.conf file and your interface file?
<zorky> anyone who will be kind and help me out with this? i need a dhcpd.conf and interface pastebin.?
<zorky> anyone?
<SpamapS> ^serverguie
<uvirtbot> SpamapS: Error: "serverguie" is not a valid command.
<SpamapS> !serverguide
<ubottu> The Ubuntu server guide may be found at http://help.ubuntu.com/12.04/serverguide/C/
<SpamapS> zor^
<SpamapS> bah
<Diegonat> hi guys! Do you know any software to monitor what users in the network do ? What website do they surf and for how long?
<ogra_> Diegonat, have a look at wireshark ... though that needs some level of background knowledge how networking and all its layers work
<Diegonat> ogra_, but that is not a proper solution... is it not a workaround?
<ogra_> it is the best tool to see what packages go from where to where and which protocol they use
<ogra_> not sure how much more proper it can get :)
<ogra_> if you are not an experienced network admin the sheer amount of data it gives you might be a bit overwhelming ...
<eagles0513875_> hey guys im looking at https://help.ubuntu.com/community/PostfixAmavisNew does that setup spamassassin to use baysian filtering?
<ikonia> eagles0513875_: no
<ikonia> there is a link on that page to more detailed tuning, see if that does
<eagles0513875_> ikonia: that page does not exist yet
<ikonia> then "no" is the short answer
<eagles0513875_> ikonia: ok but at least that is a good start for spam filtering which can be tweaked to use baysian filtering at a later point in time no?
<ikonia> there is no setup defined, look at what it doesn' it just enables the default config
<eagles0513875_> ikonia: ok so i would need to read the documentation for amavis spamassassin and clamav and configure accordingly
<ikonia> eagles0513875_: do you know how to do it without reading hte documentation ?
<eagles0513875_> sadly not i can read the man pages and figure things out that way
<ikonia> ok, so there is your answer. Do you need to read the documentation, well as you don't know how to do it without reading the documentation, the answer is "yes"
<ikonia> although to be honest, I think you are making a rod for your own back
<ikonia> but that's up to you
<eagles0513875_> ikonia: seems like there is a really neat configuration tool for spamassassin cofiguration
<eagles0513875_> that will create the config
<ikonia> I'd advise against it
<ikonia> I'd advise you actually learn how to do it
<eagles0513875_> ok
<ikonia> but then again - that is your normal approach, short cut, no understanding of how it works then ask in IRC to spoonfeed when it's broken
<ikonia> totally up to you
<eagles0513875_> im actually goign to take your advice and read the documentation
<Diegonat> ogra_, thank you but it is not what im looking for
<Diegonat> Do you know any software to monitor what users in the network do ? What website do they surf and for how long?
<histo> Diegonat: wireshark?
<histo> Diegonat: there are a ton of network monitors now that I look
<RoyK> Diegonat: erm - spying on users isn't good
<RoyK> Diegonat: if you really want to, use a proxy and analyze the logs
<Diegonat> histo, RoyK, my client wants it so I need to do it. However I need something to log their activity and an easy GUI for my client to use it...
<RoyK> Diegonat: then setup transparent proxying
<Diegonat> squid?
<histo> Diegonat: nothing is jumping out at me i'm. Sure forums or askubuntu may help in your search.
<RoyK> yes, but to do it transparently, you need a router supporting that
<Diegonat> RoyK, I use an ubuntu server as router
<RoyK> that works - iptables + squid for transparent proxying is easy
<Diegonat> RoyK, but the logs will be file texts thta my client cannot see
<RoyK> yes, then you need some sort of tool to visualize those logs
<RoyK> I guess there are several out there
<RoyK> or perhaps you should ask your client if it's legal, or morally good, to spy on employees
<Diegonat> RoyK, I cannot find anything
<Diegonat> RoyK, in england 80% of companies do that
<RoyK> Diegonat: I don't know, and I don't want to help out either - it's morally low
<RoyK> Diegonat: 7 billion flies can't be wrong: Eat shit!
<Diegonat> RoyK, i agree
<histo> Diegonat: https://help.ubuntu.com/community/Servers#Monitoring
<Diegonat> histo, im not sure that is what i need
<histo> Diegonat: http://nagios.org/ this looks promissing
<Diegonat> histo, nagios is to monitor services status
<Diegonat> I need something like http://www.awarenesstechnologies.com
<Diegonat> but less intrusive
<dannyjoris> hi, I set up Ubuntu Server as a VM in virtualbox, but I can't ping the IP. THe network settings are NAT & Host-Only. It's a fresh install so I assume I need to configure it. ANy idea how?
<Diegonat> dannyjoris, if you can use bridge mode, easier
<dannyjoris> Diegonat: yeah, but isn't that less secure? All my other VM's work with NAT & Host only
<Diegonat> dannyjoris, depends on what you need
<Diegonat> however it is difficult to troubleshot like that
<Diegonat> do u have firewalls?
<dannyjoris> it's just for testing purposes. I'm at home.
<dannyjoris> so I guess I could just use bridged
<Diegonat> yes
<dannyjoris> :)
<eagles0513875_> ikonia: do you midn if i ask you a question regarding amavis and postfix
<ikonia> sure,
<ikonia> if I know it I'll answer
<ikonia> I don't really use amavis though
<histo> What do you use?
<greetasdf> hi everyone!
<ikonia> for spam filtering ?
<ikonia> or for something else ?
<histo> doesn't amavis just forward mail through spam and av filters?
<ikonia> pretty much, it's a pass through
<greetasdf> guys I really need some help, I deleted /usr/share/doc/openvpn/easy-rsa* with rm -r and can't find the package to reinstall this... what can I do?
<greetasdf> I tried google and askubuntu for some time now and Im going crazy
<ikonia> greetasdf: surly it would be part of openvpn ?
<greetasdf> well I tried apt-get install --reinstall openvpn
<greetasdf> :(
<ikonia> and it's it just some documentation ?
<greetasdf> well it contains specific files to openvpn config, which all tuts on openvpn start with
<greetasdf> I'm sorta lost without them
<ikonia> the config is held in the documentation directory ? that sounds wrong
<greetasdf> this is the tut I was following https://help.ubuntu.com/11.10/serverguide/openvpn.html
<greetasdf> although I'm on 12.04
<greetasdf> the cp command would be cp -r /usr/share/doc/openvpn/examples/easy-rsa/2.0/* /etc/openvpn/easy-rsa/
<ikonia> ah, so you're copying the examples from the doucmentation to the config directory
<greetasdf> exactly
<greetasdf> and I wanted to do a fresh reinstall and thought it's a part of the openvpn package
<greetasdf> fail :/
<ikonia> it should be part of it
<ikonia> greetasdf: try removing the package / purging it and re-adding it
<ikonia> the documentation should normally be in the base package
<greetasdf> I tried apt-get remove --purge openvpn and reinstall
<greetasdf> I only removed part of the documentation weirdly enough
<ikonia> there is a command...apt-file (I think) that can tell you what package a file belongs to
<ikonia> I don't have an ubuntu machine here to confirm the apt-file syntax
<greetasdf> that would be great, let me check
<greetasdf> ok so I thought I was being smart and apt-get removing openvpn and checking the doc files for leftovers
<greetasdf> then using apt-file to identify the package
<greetasdf> turns out the dir is empty
<greetasdf> I'm clueless
<greetasdf> can it be that hard to copy openvpn example files? I just couldn't find them anywhere online
<ikonia> greetasdf: it's not hard to copy them if you use the right command, you are the one who removed them
<greetasdf> yes I know it's my fault :)
<greetasdf> but I thought it would be easy to copy them from somewhere else?
<ikonia> such as ?
<greetasdf> well if I knew that I wouldn't be a noob in this chatroom asking around...
<greetasdf> I would get it and extract the files and copy them
<greetasdf> :(
<ikonia> greetasdf: I would concentrate on getting the package that supplies them corretly re-installed
<ikonia> that would be the simplest approach
<greetasdf> ha! see, I googled the openvpn package and found the files
<greetasdf> ok so now I'm going to transfer the missing files from my windows 7 pc to ubuntu ... that really seems stupid
<greetasdf> but thanks for the help
<ikonia> greetasdf: as long as you are sure they are the same ones included in the ubuntu package
<greetasdf> hm.
<greetasdf> it says 2.2.1 but I think it installed 2.3
<greetasdf> I'm sure of it actually
<greetasdf> thanks for the good point sir
<greetasdf> but I guess http://packages.ubuntu.com/search?keywords=openvpn will provide the newest packages no?
<ikonia> it will provide you with versions for each release.
<ikonia> I again suggest working out/fixing the broken package
<greetasdf> but I tried everything, apt-get remove --purge and --reinstall and install :(
<greetasdf> ok thanks, unfortunately I've run out of time, maybe it's because openvpn published a new version 2.3 which may be incompatible with any older tutorials...
<greetasdf> have a great day
<patdk-lap> heh?
<patdk-lap> I haven't had any issues with 2.3 at all
<mhills> join /ubuntu
<SaidKLE> Question: I have ubuntu server with ubuntu-desktop installed for gui on a laptop for testing and development purposes. How do I get wifi connections working in Network Manager?
<SaidKLE> Anyone?
<RoyK> SaidKLE: that's not a server question ;) try #ubuntu
<SaidKLE> that's what they told me over there...
<bobka> I installed ubuntu 12.04 server LTS. grub menu comes up fine. Then vertical scrolling. ATI ES1000, old VGA monitor. Rig work with Knoppix Live CD.
<bobka> Can't translate knoppix "nodrm" into grub - if that is the issue
<bobka> lol - lotsa nicks - no traffic = no help?
<ikonia> bobka: try being patient
<bobka> ok!
<xnox> bobka: nodrm is linux-kernel command line boot option....
<bobka> thx how do i tell grub that?
<bobka> I couldn't find docs or anything on nodrm. Don't know the acronym.
<bobka> I've set GRUB_GFXMODE=640X480X24 in etc/default/grub which is correct. And I've looked at headers in etc/grub.d, but I'm stuck. Don't think vsync or hsync are relevant.
<bobka> ...
<PryMar56> bobka, we do server here. Append text to kernel cmdline
<bobka> ??
<bobka> #ubuntu-kernel?
<ikonia> who said anything about #ubuntu-kernel channels ?
<bobka> <PryMar56> bobka, we do server here. Append text to kernel cmdline
<tedski> bobka: he means in the kernel cmdline in grub
<ikonia> bobka: adding a boot up option does not mean "join #ubuntu-kernel irc channel"
<bobka> tedski okay, I assume grub> is the command line. what text?
<tedski> bobka: google is your friend
<tedski> bobka: "how to enter kernel options grub" would be a good start
<bobka> brb - wait for me! :)
<bobka> tedski - no DRM related options to the command line fixed the vertical scrolling
<bobka> (DRM = Direct Rendering Management)
<bobka> I tried gamma=[HW, DRM] w/wo r128=[HW, DRM] w/wo nodrm - no luck :(
<tedski> bobka: can you explain the problem more clearly?
<bobka> my old vga crt rolls after grub menu. I know it is possible to fix because knoppix CD runs fine with a few parameters.  what else would u like 2 know?
<james2013> hello
<bobka> knoppix params: screen=640x480 depth=24 nodrm. I edited etc/default/grub > 640x480x24
<james2013> is there a better guide to follow then this ? http://www.howtoforge.com/perfect-server-ubuntu-12.04-lts-apache2-bind-dovecot-ispconfig-3 or is this considered the best setup guide
<tedski> bobka: that's a vsync issue
<tedski> bobka: at least in my opinion
 * tedski reminisces turning the vsync screws on the back of old tubes
<james2013> tedski, i remember that also. But I also used to own arcade machines and had to deal with that often
<tedski> james2013: "best" is subjective
<bobka> ok. where does vsync=60 go? BTW I didn't need it in knoppix, although i had it added originally.
<bobka> lol don't even know the hsync on this dinosaur.
<tedski> why can't you just blink your eyes 60 times per second?
<bobka> ...haven't tried that yet,...
<bobka> no, doesn't work either
<tedski> bobka: http://en.wikipedia.org/wiki/VESA_BIOS_Extensions#Linux_video_mode_numbers
 * tedski &
<bobka> NO Tedski,  789 that is for resolution - been there, done that!
<bobka> BTW, this monitor is pre VESA 2
<bobka> 1991 - Were you even born yet?
<james2013> tedski, know of a better guide ?
<bobka> james: subjective as in what do you want to do with your server.
<james2013> bobka, standard web server mainly
<bobka> ubuntu-12.04-lts-apache2 install comes with one button openssh dns lamp samba, etc..
<ikonia> one button ?
<bobka> I don't remember if Apache2 was a seperate option.
<ikonia> what the hell is ubuntu-12.040-lts-apache2 ?
<bobka> tasksel
<ikonia> why don't you just install apache....or the lamp group ?
<bobka> my bad, ubuntu-12.04-lts
<ikonia> why do you keep saying ubuntu-12.04-lts ?
<bobka> exactly my point.
<ikonia> sorry, am I missing what you're saying ?
<james2013> I was just asking because I searched google for ubuntu 12.04 server setup guide and that url was one of the first links
<ikonia> james2013: https://help.ubuntu.com - there is a server guide
<bobka> ikonia: read james previous entry
<ikonia> james2013: installing an official product, considered reading official documentation ?
<bobka> he has the howtoforge guide
<ikonia> yes, and thats rubbish
<bobka> lol
<ikonia> why would you read 3rd party stuff over the official stuff ?
<bobka> so, any help for my server install?
<ikonia> you need to explain the problem
<ikonia> rather than saying "any help" as that means nothing
<bobka> [17:51] <bobka> my old vga crt rolls after grub menu. I know it is possible to fix because knoppix CD runs fine with a few parameters.
<ikonia> "rolls"?
<histo> bobka: pass the same parameters that you use in knoppix
<bobka> yes rolls
<ikonia> bobka: what do you mean my crt rolls ?
<histo> ikonia: I think he means vsync
<histo> That would be my guess
<ikonia> histo: possibly....be nice if he could clarify
<bobka> [17:54] <bobka> knoppix params: screen=640x480 depth=24 nodrm. I edited etc/default/grub > 640x480x24
<james2013> sounds like you either have the wrong resolution set or the refresh rate
<ikonia> bobka: /etc/default/grub won't change anything
<ikonia> bobka: you need to rebuild the config
<bobka> good to know!
<histo> ikonia: edit /etc/default/grub and sudo update-grub
<ikonia> yes, I know how to do it
<bobka> I don't, please explain?
<ikonia> pretty much exactly what histo has just said
<bobka> already did that. (many times)
<ikonia> bobka: what parameters did you add to your /etc/defaut/grub
<histo> ikonia: sorry didn't mean to send it to you.
<ikonia> histo: not a problem
<histo> bobka: hvae you tried booting with nomodeset kernel option?
<bobka> the issue seems to be nodrm. i added that as a kernel option, but no luck.
<ikonia> bobka: what parameters did you add to your /etc/defaut/grub
<histo> !nomodeset | bobka
<ubottu> bobka: A common kernel (boot)parameter is nomodeset, which is needed for some graphic cards that otherwise boot into a black screen or show corrupted splash screen. See http://ubuntuforums.org/showthread.php?t=1613132 on how to use this parameter
<bobka> like GFX_mode=640x480x24
<ikonia> bobka: what parameters did you add to your /etc/defaut/grub
<bobka> I read grub & grub2 no help.
<ikonia> bobka: what parameters did you add to your /etc/defaut/grub
<ikonia> actually - I'm tired of asking
<ikonia> good luck, I'm not interested any more
<bobka> thx buddy
<dannyjoris> I'm fairly new to server configuration, but is it ok to have php5-dev installed on a production environment? There's some pecl libraries that are dependent on it.
<ikonia> dannyjoris: not something I'd recommend especially if you have compilers there too
<bobka> I had GRUB_GFXMODE=640x480x24 . But adding GRUB_CMDLINE_LINUX_DEFAULT="nomodeset" fixed the problem!!
#ubuntu-server 2014-03-03
<jak2000> hi all
<thumper> smoser: lurking on your sunday?
<thumper> smoser: I have a cloud init based question
<smoser> quick.
<thumper> smoser: :-)
<thumper> context: creating an lxc template image for faster lxc local provider
<thumper> I want the template to start up, do the package install, apt-get update/upgrade, and then shutdown
<thumper> what is the easiest way?
<thumper> I thought of adding "shutdown -h now" at the end of the scripts
<thumper> bit I thought that might not have the cloud init process finish cleanly
<thumper> maybe "shutdown -h +1m ?"
<smoser> well, 'power_state' at http://bazaar.launchpad.net/~cloud-init-dev/cloud-init/trunk/view/head:/doc/examples/cloud-config.txt is the cleanest way.
<smoser> but that wont work in 12.04,
<thumper> smoser: yeah, kinda need a precise solution
<smoser> what i think i migh do is suggest writing a upstart job that runs on 'stopped cloud-final'
<smoser> i'm pretty sure that shoudl work on all, and will guarntee that cloud-init is done.
<thumper> smoser: so "shutdown -h +1" will give cloud init time to finish?
<thumper> ah...
<smoser> well, +1 is 1 minute ?
<thumper> yeah
<thumper> it doesn't seem to support resolution shorter than that
<thumper> if I created an upstart job for the template
<smoser> that should work.
<thumper> that would be copied across to the new container
<smoser> and the upstart job can remove itself.
<smoser> after running.
<thumper> interesting
<thumper> smoser: so the upstart script would be, what, two or three lines?
<smoser> i sweare i've written this before
<thumper> :)
<thumper> probably
<thumper> haha, a google takes me to read the docs, which then has your example from above
<thumper> smoser: you didn't implement the powerdown as an upstart job did you?
<smoser> something like this:
<smoser> http://paste.ubuntu.com/7025430/
<smoser> thumper, no. it forks a process that watches its pre-forked pid for exiting.
<smoser> http://bazaar.launchpad.net/~cloud-init-dev/cloud-init/trunk/view/head:/cloudinit/config/cc_power_state_change.py
<smoser> run_after_pid_gone
<thumper> I'll try the upstart script approach I think
 * thumper goes to hack it in
<smoser> thumper, one thing you could od if you didn't trust the "remove myself"
<smoser> is put it in /etc/init as a symlink into /run
 * thumper waits
<smoser> which would mean next boot it woudl definitely not be there (possibly a dangling symlink)
<thumper> haha
<thumper> I'll be testing it, don't stress
<thumper> I'll try it and let you know
<smoser> i suspect there is some sort of race condition
<smoser> where by init could turn the system off before the job actually stopped.
<smoser> but i really doubt it.
<thumper> but we should delete the job, then restart :)
<thumper> whack an echo in there too so we can see in the logs that it ran :)
<ljv4> hello. i think someone hacked into my server box through vnc service. i'm not sure how this is possible since i had no port forwarding and i had a random password required. how can i autopsy this before reinstall?
<raj_> "kernel: Cannot read proc file system: 1 - Operation not permitted. " getting these repeated messages  million times every minute in my syslog on 12.04 ubuntu VPS based on OpenVZ, anyone has any idea please   ???
<raj_> "kernel: Cannot read proc file system: 1 - Operation not permitted. " getting these repeated messages  million times every minute in my syslog on 12.04 ubuntu VPS based on OpenVZ,
<raj_> anyone has any idea please   ???
<Pupeno_> Is there a way to construct a glob that matches all files except one?
<hackeron> hey, I currently have this in my upstart: http://pastie.org/8835007 - are there any suggestions to clean that up a bit?
<zul> Daviey:  around?
<zul> Daviey/jamespage:  fyi https://bugs.launchpad.net/ubuntu/+bug/1287173
<Daviey> zul: hey
<zul> Daviey:  can you do a quick review of python-oslo.vmware i filed a bug first #1287173
<Daviey> zul: yes (with comment)
<zul> Daviey:  thanks
<Daviey> zul: you might want to raise a MIR asap.
<Daviey> afk
<zul> Daviey:  ack
<zul> hallyn:  ill work on 1.2.2 this afternoon
<axisys_> how to change the dir mode for other to be T ?
<axisys_> like this
<axisys_> drwx-wx--T 2 root crontab 4096 Aug 30  2013 crontabs/
<soren> chmod o+s crontabs
<axisys_> soren: still showing drwxr-xr-t
<pmatulis2> anyone here authenticating to AD with sssd?
<Patrickdk> yes
<Patrickdk> actually, I don't think I am
<Patrickdk> just for user attributes and group stuff
<Patrickdk> but using radius for auth, against ad + 2factor
<stgraber> pmatulis2: I am, well, samba4 technically but same thing on the client side anyway
<pmatulis2> stgraber: do you need to install anything on the client beyond configuring sssd?
<pmatulis2> stgraber: and AD doesn't require any extra bits at all?
<Patrickdk> kerberos
<stgraber> pmatulis2: you need ssd and samba-common on the client, that'll pull all the needed bits. You then need to configure /etc/samba/smb.conf and /etc/krb5.conf, join the domain (to grab a machine ticket), then configure sssd to use the machine ticket and the AD server(s)
<stgraber> *sssd
<pmatulis2> stgraber, Patrickdk: ok, thanks
<stgraber> pmatulis2: here (domain=stgraber.net workgroup=STGRABER), http://paste.ubuntu.com/7028007/ (smb.conf), http://paste.ubuntu.com/7028009/ (krb5.conf) and http://paste.ubuntu.com/7028010/ (sssd.conf)
<pmatulis2> this is misleading:
<pmatulis2> https://wiki.ubuntu.com/Enterprise/Authentication/sssd
<stgraber> there are some bits you probably don't need in the sssd.conf. I hardcode the domain SID to guarantee a lower uid/gid range on all machines and I have custom OUs for a few things as well as ssh and sudo support (extended schema is needed for those two)
<pmatulis2> stgraber: that stuff will help.  thanks
<Patrickdk> hmm, I don't remember configuring smb.conf at all
<stgraber> pmatulis2: yeah, that documentation seems to refer to a rather old sssd, newer sssd has the ad provider which does it all for you
<stgraber> Patrickdk: it's only really needed if you don't put a password in sssd.conf (which is usually recommended)
<pmatulis2> stgraber: yeah, i figured id_provider should be 'ad'
<stgraber> Patrickdk: the smb.conf is only used for the domain join (net join -U username domainname) which then generates /etc/krb5.keytab that sssd will use to authenticate
<Patrickdk> I did do a domain join
<Patrickdk> maybe I did, have to look it up, been a year since I setup that cluster
<StathisA> hello,
<stgraber> could be that the right parameters to net join also let you specify all the bits from smb.conf and not require it at all
<StathisA> anyone know where ubuntu server has logs for the cifs & smb services?
<stgraber> StathisA: /var/log/samba/*
<StathisA> i just noticed in the console the following message: CIFS VFS: Send error in Close = -9
<Patrickdk> I should continue my, trusty testing and upgrading today
<Patrickdk> I'm sure I have many more bugs to report :)
<stgraber> StathisA: that's a kernel message, more likely to be related to something using the cifs filesystem on the box
<stgraber> pmatulis2: oh yeah, the config I gave you is for current sssd in trusty (which I backport for my precise boxes)
<StathisA> but how can i find what that is?
<StathisA> afaik smb/cifs works without any problems
<markthomas> pmatulis2: That sssd wiki entry is incomplete.  You need to enable unix attributes in AD for it to work.
<markthomas> At least, I had to on Friday.
<stgraber> StathisA: well, that error just means there was some kind of bad communication with the server when disconnecting from it. Could be some network glitch, ... it can probably be ignored.
<pmatulis2> markthomas: but you didn't put the provider as 'ad'
<stgraber> markthomas: no you don't
<StathisA> ok thanks stgraber
<pmatulis2> StathisA: you can also enable a kernel-level cifs filesystem debugging ( echo 1 | sudo tee /proc/fs/cifs/cifsFYI  )
<StathisA> hmm i now noticed that if i login to the console, it says a "system restart required"
<StathisA> but not the reason
<Patrickdk> StathisA, there is only one reason :)
<Patrickdk> pending kernel upgrade
<StathisA> so i just "sudo shutdown -r now" or do i need to initiate any updates first?
<axisys_> crontab -e
<axisys_> crontabs/ipin/: fdopen: Permission denied
<axisys_> hmm.. any idea what the issue is?
<axisys_>  ls -ld /var/spool/cron/crontabs/ipin
<axisys_> -rw------- 1 ipin crontab 23088 Feb  6 11:39 /var/spool/cron/crontabs/ipin
<axisys_> doh! crontabs dir group owner was not crontab .. fixed
<axisys_> any idea what can cause ntpq> peers shows .INIT. for refid instead of IPs ?
<fishcooker> i have login to the server box.. i want to implement those configuration to another box
<fishcooker> how to do that?
<axisys_> which pkg has snmp client?
<axisys_> got it
<jamespage> zul, the job to know about for triggering the test runs in the lab is
<jamespage> ....
<zul> are you telling me or are you quizzing me? :)
<cfhowlett> lol
<axisys> why does date for file1 shows Nov 10 and not Nov 10 2013, but date for file2 showing Aug 10 2013 ?
<axisys> $ ls -al /tmp/file?
<axisys> -rw-r--r-- 1 iqbala iqbala 0 Nov 10 10:10 /tmp/file1
<axisys> -rw-r--r-- 1 iqbala iqbala 0 Aug 10  2013 /tmp/file2
<jamespage> zul, pipeline_manual_trigger
<jamespage> sorry - it was being slow
<zul> jamespage:  cool ill take a look
<jamespage> zul, fwiw I did kickoff a run on saucy last week
<zul> how did it go?
<jamespage> zul, can't see now
<jamespage> zul, I think the three scenarios did pass for saucy
<zul> jamespage:  cool...ill kick off a new one just to make sure
<med_> zul, jamespage when will 2013.2.2 go from -proposed to -updates?  Any eta? any bug I can go verify/poke?
<med_> ^ openstack
 * med_ should have added that tiny bit of context
<jamespage> med_, this week I hope
<jamespage> needs verification still
<med_> nodz.
<med_> is verification a jenkins run on your end or users (like me) weighing in?
<adam_g> jamespage: is python-keyring functional for you on trusty? python -c 'import keyring' bails on a dbug socket error, so does anything using keystoneclient
<jamespage> adam_g, I've not had issues
<jamespage> I'm running openstack testing from a trusty client
<jamespage> adam_g, oh - one second - this rings a bell
<jamespage> smoser, ^^
<jamespage> I think you fixed me when I hit this - something in my local config
<jamespage> adam_g, ^^ but I can't remember exactly what...
<adam_g> jamespage: yeah ive seen similar reported a bunch in the past but never saw it myself.. till now
<smoser> jamespage, could you please tell adam_g that I don't talk to him any more.
<jamespage> Daviey, if you're around can you accept the openvswitch-lts-saucy binaries stuffed up in precise-proposed
<jamespage> adam_g, smoser does not talk to you any more
<smoser> let me look, though. i hit this in trusty and fixed somewhere.
<jamespage> lol
<jamespage> adam_g, hows the new desk ;-)
<adam_g> jamespage: its cool except none of my openstack clients work anymore.  i leave for two weeks....
<adam_g> :)
<smoser> https://bugs.launchpad.net/ubuntu/+source/python-keyring/+bug/1260017
<smoser> is that what you're seeing adam_g  ?
<smoser> i dont think you should hit the issue unless you have .local/share/python_keyring/
<adam_g> smoser: no different
<adam_g> er.. no, its different
<smoser> really. hm..
<smoser> adam_g, oh yeah, i read your issue now :) and yeah, that woudlnt fix it.
<adam_g> http://paste.ubuntu.com/7028925/
<smoser> adam_g, try with:
<smoser>  env -u DBUS_SESSION_BUS_ADDRESS -u XDG_DATA_HOME
<smoser> the XDG_DATA_HOME might be only a result of me using a different HOME for the way i interact with canonistack. i'm not sure.
<smoser> maybe thats not waht you wanted, adam_g . but either something died and there is no dbus server ther to talk to you dont have perms to it.
<adam_g> smoser: hmph. DBUG_SESSION_BUS address pointed to path different than what dbus-daemon was passed, but neither actually exist. unsetting DBUS_SESSION_BUS_ADDRESS fixes it
<smoser> adam_g, screen ?
<smoser> ie, i get that when i log in, start a screen (it inherits variables), and then i log out.
<adam_g> smoser: ugh yeah
<adam_g> good point
<adam_g> tmux
<smoser> its why i do the uncrypted file path. as described there.
<smoser> in https://bugs.launchpad.net/ubuntu/+source/python-keyring/+bug/1260017
<Daviey> jamespage: already done by someone?
<Daviey> Oh, sru done?
<jamespage> Daviey, no - "Binary packages awaiting approval in NEW queue:"
<med_> jamespage, fyi, some typoes in your blogpost (opening paragraph for sure)
<jamespage> I just need the built binaries in -proposed so we can test them
<jamespage> med_, oh great
<Daviey> jamespage: Oh.. NEW
<Daviey> jamespage: done
<jamespage> Daviey, ta
<med_> but EXCELLENT TOPIC
<jamespage> med_, thanks
<jamespage> med_, I've been negligent on blogging
<med_> I've been trying to tell folks for a while they need to be using newer tools than plain ol' precise.
<jamespage> med_, can't wait for " Ubuntu 14.04/Linux 3.13: N/A"
<med_> is there something like a libvirt-saucy?
<med_> for precise?
<zul> hallyn/jamespage: i think libvirt 1.2.2 should be our final unless there is a compelling reason
<hallyn> zul: i'm still hoping i'll have time to address some of the apparmor issues, but soudns good to me
<hallyn> and maybe bug 1279176
<med_> nevermind, that's just the cloud archive for libvirt.
<jamespage> med_, yup
<zul> hallyn:  arrg http://pastebin.ubuntu.com/7029163/
<hallyn> looks like just a conflict with ./dnsmasq-as-priv-user
<hallyn> zul	^
<zul> yeah fixing it now
<zul> just needed to vent my spleen
<zul> hallyn:  libvirt building now
<zul> hallyn:  its available here when it builds: https://launchpad.net/~zulcss/+archive/libvirt
<hallyn> zul: i'll set up tests tonight (when my box isn't busy)
<zul> k
<rharper> smoser: what would you think about including virtio-scsi in the cloud-image so we could use fstrim to keep the sparse images from growing over time?  in qemu1.5, discard works against raw files, in 1.6+ works in qcow2 images.
<smoser> rharper, how is it not there now ?
<smoser> ie, whwat do we hae to do?
<rharper> smoser: we use virtio-blk
<smoser> ?
<smoser> wouldn't that be a host level thing? how should the guest knwo which driver it should use ?
<rharper> it';s two things
<smoser> its not something i'd recommend we change in a released ubuntu, but in trusty, i'd push for it if its fairly well known stable.
<rharper> the host backing device needs to support discard (ext4 fs has file punch through) or lvm which can issue discard, or host ssd.
<rharper> yeah; I want to test the newer qemu in trusty to check out the qcow2 trim support since that's the "normal" use-case, like uvtool creating backing images etc.
<smoser> rharper, so would there be changes to the images ?
<rharper> only including virtio-scsi module
<smoser> i'm confused.
<rharper> change to the guest XML when deployed to enable virtio-scsi bus and discard support in the qemu block device
<smoser> right. ok.
<rharper> change in the guest OS to load up the viriio-scsi module
<rharper> guest OS already has ext4 which can do discard
<rharper> or fstrim
<rharper> might need to patch up fstrim-all to make sure it things it can run against the virtio-scsi devices (it checks via hdparm and sees if it's Intel or Samsung)
<rharper> but I know I would be really happy to not have ever growing qcow2 images for my long running virtual maas instances
<smoser> rharper, please open a bug against linux
<smoser> and say:
<smoser> please include virtio-scsi in linux-virtual
<sarnold> ooh that'd be nice, shrinking qcow2s is hassle enough I just don't do it, it'd be nice if they just did the right thing :)
<rharper> exactly
<smoser> sarnold, you'll have to change the way you launch vms to present that driver though
<smoser> and you have to know if your guest supports that driver ...
<sarnold> smoser: likely that's a one-time change, right?
<smoser> but sometime in 16.04 you'll be able to just assume.
<sarnold> smoser: well, I guess I'm just thinking about -my- use cases, hehe
<sarnold> you've got a different set of cares :)
<rharper> smoser: https://bugs.launchpad.net/ubuntu/+source/linux ?
<smoser> rharper, i suppose if we're already building the module for older releases and we just needed to move it, and it was know stable, we could even do it on 12.04.
<smoser> rharper, thats right
<smoser> but i would just use 'ubuntu-bug /boot/vmlinuz-$(uname -r)'
<rharper> smoser: cool; I can file that from my trusty beta1 vm image
<smoser> yeah. just run that
<rharper> smoser: let me see what we package in 12.04
<smoser> then follow the link
<smoser> and fill out the data.
<smoser> i hae to run.
<rharper> np
<smoser> have to run
<rharper> thanks
<smoser> later.
<rharper> smoser: done: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1287401
<kaffien> ubuntu server seems to have an issue with iscsitarget  either that or something is gummed up on this mostly fresh install.   can someone point me in the right direction?   http://pastebin.com/Zp2Sb62R
<sarnold> kaffien: looks like the iscsitarget kernel module folks need to update their source
<sarnold> kaffien: the first warning is just a warning -- it -might- lead to kernel memory corruption but probably not. the second, the error, must be fixed by updating the source code.
<kaffien> so i need to go back to an earlier kernel?
<sarnold> kaffien: that's likely the easiest course of action, but it might be nice to file a bug report all the same, so the need to update doesn't get lost
<kaffien> there are reports filed hehe
<sarnold> good good
<kaffien> they haven't updated since may of last year
<kaffien> unless it moved
<kaffien> althought this is an svc perhaps i should try from sourch on sourceforge .....
<kaffien> bah either way  its not working with that one either
<kaffien> how far back do i need to go do you think?
<sarnold> kaffien: hrm, that might be hard to guess without looking into the code
<sarnold> kaffien: I'd try the different 'stable' branches listed here, starting with newest, just because I'm optimistic :)  https://www.kernel.org/
<kaffien> I do have a server running  3.11.0-14-generic  that is working fine with iscsitarget
<sarnold> cool
<kaffien> how can i tell the current server currently running trusty to go back to that kernel?
<sarnold> kaffien: if you have an exact version number handy (dpkg -l 'linux*' | cat    on the other machine) then you can use apt-get install linux =<versionnumber>
<kaffien> i'll give it a try
<m1sf1t> hi, i have a problem connecting to the net in ubuntu server. apache, ssh and samba are still working fine, but apt-get doesnt work etc.
<m1sf1t> i think it may have something to do with when i installed virtualbox, and set up windows xp
<kaffien> that is not working  apt-get install linux-image-3.11.0-14-generic  doesn't seem to work
<kaffien> probably becaue im on trusty now and not percise?
<sarnold> kaffien: drat. you can find specific versions here: http://archive.ubuntu.com/ubuntu/pool/main/l/linux/
<sarnold> m1sf1t: you need to make sure your virtualbox thing is configured correctly, whether it is NATting your guests or whether the guests have their interfaces bridged with the local area network vs a complete isolation bridge which is sometimes set up to prevent the guests from being a security problem
<kaffien> i should just nuke it from orbit lol
<kaffien> grub.cfg changed a bunch to eh?
<kaffien> thats odd i tried pasting to my server and it says this.     unable to resolve host address Ã¢archive.ubuntu.comÃ¢
<kaffien> whats up with the special characters?
<kaffien> keep in mind searching in command history does not show the special characters
<m1sf1t> sarnold: i've just apt-get purged virtualbox... lol didnt work
<sarnold> m1sf1t: oh, I thought your ubuntu was running in virtual box under windows :) sorry...
<m1sf1t> sarnold: nope, it's installed on a hdd. i installed virtualbox just messing around. it was around that time that it stopped connecting to the web.
<m1sf1t> sarnold: everything else is working fine though
#ubuntu-server 2014-03-04
<sarnold> m1sf1t: do you have any error messages from apt-get?
<m1sf1t> sarnold: one sec...
<m1sf1t> sarnold: just done apt-get update and it's downloading all the packages fine :S
<m1sf1t> sarnold: but nslookup isn't working
<m1sf1t> sarnold: a few have failed to fetch, but they mostly downloaded
<m1sf1t> sarnold: it all seems to be working again now, ping ok, apt-get working. i think it might have been because i purged virtualbox
<sarnold> m1sf1t: check /etc/nsswitch.conf and /etc/resolv.conf files to make sure they look sane..
<m1sf1t> sarnold: i looked in those while googling, they all seemed fine :S
<sarnold> m1sf1t: could be, if you want to re-install and re-configure it, you could check route -n output before and after and see what changes..
<m1sf1t> sarnold: thanks :) i think i'll just install it on my laptop instead haha, maybe i'll think twice before messing about with my server unnecessarily
<sarnold> m1sf1t: haha :) not a bad idea, though it can be tempting to use a big pile of iron to solve problems
<m1sf1t> sarnold: thanks for the advice :) appreciated
<m1sf1t> sarnold: haha yeah, a swift kick sometimes helps
<sarnold> m1sf1t: have fun :)
<m1sf1t> sarnold: right i'm off now that i've sorted that issue. it's gone midnight over here. thanks again, bye :)
<m1sf1t> vnc4server
<adam_g> d
<hallyn> zul: no new failures from the new libvirt
<huttan> ls
<ScottK> rm
<hallyn> zul: smb: bug 1248025 is xen, i assume one of your worthy selves will be taking a look? :)
<elezium> hi ppl, I'm currently installing a home server.  I did not play with Samba since like 10 years ago.  Did it mature?  Is there any alternative as a file server?
<sarnold> elezium: hrm, that sounds like a difficult question to answer; samba was already very mature ten years ago, it's the basis for many (most? nearly all?) NAS systems that have to serve windows users
<sarnold> elezium: so I'm curious where you felt it lacking a decade ago..
<sarnold> they have added more features to allow running it as an AD master.. see e.g. http://wiki.samba.org/index.php/Samba_%26_Active_Directory
<elezium> sarnold, the configuration was messy, performance was not great... strange behavior... well, this is the result I got ... but I'm willing to try again.  (Thx for the link, but I don't need a AD... (not yet))
<sarnold> elezium: hehe, I was afraid it was going to be configuration. still messy. it's probably worse even, since windows has gone through more iterations and more features ...
<elezium> sarnold, I believe I can make it work ... only have 2 computer that will used it ...
<sarnold> elezium: "strange behaviour" .. I'm not sure I ever got a network of windows 95 -and- win2k machines to have passwordless access to some shares. I suspect it'll be far easier now that the horrid old windows for workgroups codebase is dead :)
<elezium> sarnold, haha.. yeah.. indeed, it was a win nt / 2000 / xp network mostly... but since my 2 computers are running win7.  I guess I can figure out how to make a single share (or two) to dump my files back and forth
<sarnold> elezium: that ought to be doable :)
<elezium> sarnold, if not, I ask my boss to fire me!
<sarnold> elezium: haha, good plan. :)
<elezium> sarnold, while you are there, do you know any streaming server software?  I'd like to drop music / video on that server, so I can stream them to my tab/cell/tv using UPnP (I think this is what they call it)
<elezium> (frak.. I realise that always working with the same software, OS, I get numb with the rest)
<sarnold> elezium: I found minidlna to be pretty good; I found that my hardware device was picky about file formats (boo) so it didn't work as well as I would have liked..
<elezium> sarnold, humm... not sure if it will like hardware under ESX...
<sarnold> elezium: minidnla probably will do fine if it can get a multicast socket on an interface
<sarnold> elezium: in my case the problem was the ps3. heh.
<sarnold> elezium: time for me to bail, have fun :)
<elezium> sarnold, I see... I don't care 'bout my ps3 since my TV is a start thing that can stream (did not try it yet!)
<sarnold> elezium: nice :) it might also be picky about formats..
<sarnold> good luck
<elezium> minidlna is now calledMedia Ready
<elezium> probably, having one size fit all is hard...
<DefunctProcess> ok I have a very noob question, but its late and i'm afraid i just need a second look
<DefunctProcess> I used unetbootin to put the iso on my usb stick and chose the usb stick to boot from
<DefunctProcess> but it just boots windows instead of ubuntu
<DefunctProcess> I formatted the stick to fat before i used netbootin
<cfhowlett> DefunctProcess, edit your bios to boot the USB
<DefunctProcess> I tried and still got nothin
<DefunctProcess> Is there anything I need to do ala setting some bootable flag or something?
<cfhowlett> DefunctProcess, unetbootin should have done all of that for you.
<cfhowlett> DefunctProcess, for more eyes on this problem, ask in the main #ubuntu channel
<Settite> Hello. Can someone assist me with removing a package that failed to install properly?
<MavKen> apt-get autoremove ?
<Settite> Fails
<DefunctProcess> force
<Settite> Force?
<Settite> i didn't think apt-get had a force command
<Settite> well force option
<DefunctProcess> maybe it doesn't i havent used ubuntu in 3 years
<genii> Settite: Find it's stanza in /var/lib/dpkg/status and remove the entire reference. It will be as if it was never installed
<Settite> What will happen when I go to reinstall it?
<genii> Settite: It will try to do it as if it has never been on the system previously.
<Settite> So any remnants of it including databases will just be overwritten?
<freeflying> genii: dpkg -P
<genii> Settite: So it will overwrite any config files it had for instance. If it failed to install the first time, maybe delete also in /var/cache/apt/archives any file which begins with the packages name
<genii> ( in case the download was corrupt)
<genii> freeflying: I think there's also something about reinst-required or similar....
<freeflying> genii: Apt does, but you're running into issues, so before reinstall it, you better figure it out what's wrong
<genii> Settite: Could you pastebin the exact messages from apt when you try to install/deinstall?
 * genii goes and makes more coffee
<wizard_A> i tried installing ubuntu-desktop on ubuntu-server but the ggui does not show up??
<smb> hallyn, Not yet, maybe now. But wondering whether libvirt is supposed to work inside a PV guest (which I would tend to deny)
<hxm> hi, I have the /homes in a different partition and /var/www in the system partition, is safe or good practice to store the /var/www in a /home?
<ikonia> hxm: /var/www is on "/var" - so you can't put /var on /home
<hxm> with ln -s
<hxm> i just wonder if moving all the http virtual hosts to other place is ok
<ikonia> why would you want to do that ? what benifit are you trying to get / problem are you trying to fix
<hxm> 36% used for rootfs and 0% used for /home
<hxm> and it will increase
<ikonia> are you at risk of running out of space ?
<hxm> it could happen in the future
<ikonia> if so change the doucmentroot settings of your apache hosts rather than use symlinks
<ikonia> hxm: you'd probably be better served putting /var on it's own partition and/or changing the documentroot to somewhere with more space
<hxm> aha
<hxm> the server dedicated admin did this by default so I want to think create a different partition for the /home is a good idea
<ikonia> again - not sure why you are talking about /home
<ikonia> from what you have said /home is already on it's own partition
<hxm> http://pastebin.com/raw.php?i=KX1d09LF
<ikonia>  /home is already on it's own partition
<hxm> yes and it has more free space than rootfs
<ikonia> hxm: yes, we already know this, you said earlier
<hxm> sorry
<ikonia> apologies, I don't understand what you're asking
<hxm> i just don't want to fill the system partition with data stored in the wrong place
<ikonia> ok, so I've given you two options to resolve that
<ikonia> you can do either/both
<hxm> yes, thanks
<setra> hello, I like to change the default location of .Xauthority file which is normally in $HOME/.Xauthority for a specific user group. how can this be achieved
<setra> I tried already a lot but at time of login via ssh -X the location stays always at $HOME/.Xauthority, after login via ssh only the location is changed to what I want, but then it is to late.
<cocoa117> the iptables MASQUERADE is only apply to private IP address range right? when I want to route IP traffic from internal network with computers on non-private IP range I don't have to use it, do i?
<tomixxx3> hi i get "unable to install GRUB in /dev/sda": executing 'grub-install /dev/sda' failed. This is a fatal error" while iam installing ubuntu server 12.04.4 lts
<beisner> tomixxx3, may be of help:  http://askubuntu.com/questions/143678/i-receive-the-error-grub-install-dev-sda-failed-while-attempting-to-install-u     also you might check out boot-repair:  https://help.ubuntu.com/community/Boot-Repair
<tomixxx3> beisner: ty
<jamespage> Daviey, could you put the normal SRU magic into https://bugs.launchpad.net/ubuntu/+source/openvswitch/+bug/1262225
<jamespage> I guess cause its a new package tools got confused
<tomixxx3> do i need the grub boot loader? i only have ubuntu on my computer
<tomixxx3> so, it should start automatically?
<tomixxx3> beisner: that boot repari tool worked, ty :-)
<beisner> tomixxx3, np.  glad you're up & running.  there are shorter/quicker/more direct ways of diagnosing and resolving, but that thing is pretty handy as an automagical 'big hammer' tool. ;)
<kaffien> is unebootin the most reliable way to create a bootable usb stick?
<kaffien> for linux that is.
<cfhowlett> !best|kaffien,
<ubottu> kaffien,: Usually, there is no single "best" application to perform a given task. It's up to you to choose, depending on your preferences, features you require, and other factors. Do NOT take polls in the channel.
<cfhowlett> kaffien, if you prefer it, use it.  or use the alternatives.  your free choice.
<kaffien> ok then i'd like an option that will work.  Must i first format fat32 and then run unebootin?
<andol> cfhowlett: Well, assuming a task is well defined enough, surely there is a best application then?
<cfhowlett> andol, we have a poll channel for such discussions.
<kaffien> ok then to be specific when i am creating a bootable usb stick  within windows. Do I have to format this stick as fat32 in order for unebootin to create a proper, bootable image?
<andol> cfhowlett: Yeah, I can easily agree that such a discussion is off topic here. Mostly reacted against the statement of there not being a best application for a given task.
<zul> jamespage:  do you remember the sane concurrency default?
<jamespage> zul, 4
<zul> thanks
<smb> zul, I have been looking a bit at bug 1248025. Weirdly I cannot reproduce this locally (neither HVM nor PV guest). Somehow my Saucy libvirt seems not to try doing MakeCapabilities. Should be the same versions though (if cloud0 means what I think it means (iow just a rebuild))
<zul> smb:  which version of xen?
<smb> zul, Appears to me rackspace is running 4.1 outside, though since they try to install libvirt inside the guest I am not sure it matters
<zul> smb: *sigh*
<smb> I would just expect the guest side to fail getting the control handle as it does for me
<zul> can we get a guest on their system to try it ou?
<smb> Maybe (I have not asked, yet)
<zul> i would ask
<zul> jamespage:  FFE for libvirt and libvirt-python filed
<zul> stgraber: can you have a look at the FFE for libvirt and libvirt-python please
<mjohnson15_2>  /msg nickserv ghost mjohnson15 JoSe4men
<kezu> hello I have ubuntu 12.04 I have reinstalled apache and i get a page saing index of
<kezu> the www folder isnt recognised and php pages dont load the browser just attempts to download them
<kezu> i think alot has been changed not sure how to get the site back up
<kezu> maybe the www directory is different
<kezu> and php has tobe reenabled?
<usr13> kezu: You might also ask on #apache
<kezu> no help there
<kezu> asked hour ago
<kezu> i  guess they dont support ubuntu maybe
<usr13> Oh ok.
<usr13> Well, I could get it going, but would have to tinker a bit. YOu get used to the old ways and kinda get lost in the new ones sometimes, that's my problem anyway.
<kezu> usr13, thanks
<kezu> ill get some sleep and try again when i wake up thanks alot
<usr13> still there?
<usr13> /etc/apache2/mods-available/dir.conf
<usr13> kezu  is gone... oh well
<MavKen> I have postfix installed and have php scripts that will send out mail... other than coding the from address into my script, is there a central location to change the default from address?
<MavKen> http://stackoverflow.com/questions/14370224/change-outgoing-mail-address-from-rootservername-rackspace-sendgrid-postfix
<Patrickdk> where can I locate the ocfs2 kernel modules?
<tom[]> where's a good place to set UMASK and UMASK_DIR for the mysql service (12.04)? /etc/default ?
<thumper> hi folks
<thumper> when I installed my laptop, I did the "hey just give everything to the root partition:
<thumper> now I want to hack some bits off to test some btrfs bits
<thumper> what is the safest way to do this?
<thumper> /dev/sda1      ext4      426G  240G  164G  60% /
<thumper> I'd like to grab about 60G off that
<thumper> without losing any data obviously
<maxb> thumper: Probably make a bootable Ubuntu USB stick, boot it, and use gparted
<thumper> hmm...
<thumper> last time I tried a bootable usb stick it didn't work
<thumper> probably me though
<thumper> any way to resize the filesystem while mounted safely?
 * thumper believes we have smart system people who may have written this
<sarnold> thumper: don't use the gtk tool to make your usb stick; just dd the image onto the stick
<maxb> You can enlarge ext3/4 online, but not shrink
<sarnold> thumper: you can online grow ext3/ext4 with resize2fs, but shrinking requires umounting the filesystem.
 * thumper nods
<thumper> ok
<thumper> need to reboot for kernel updates anyway
<maxb> Also you can't have the kernel re-read the partition table of a device with mounted partitions
<sarnold> maxb: oh, thanks, I hadn't heard that before
<maxb> Neither had I until I tried to partition some unpartitioned space left unused on a semi-production system for future allocation :-/
<sarnold> I could see myself doing something similar
<prgCoder> just rolled out my first production server with ubuntu - HAD A BALL - ALL WORKING GREAT - I love you ubuntu
<sarnold> prgCoder: excellent :) glad to hear it, thanks :)
#ubuntu-server 2014-03-05
<ankraft> I am unfamiliar with the process, how is Canonical able to provide timely security patches to all the packages in the system (tens of thousands)?
<sarnold> ankraft: canonical provides security updates for packages that are located in the 'main' pocket of the archive; we rely upon community members to prepare and test patches for packages in the 'universe' pocket: https://wiki.ubuntu.com/SecurityTeam/FAQ
<sarnold> ankraft: every weekly security team meeting we highlight several packages in universe that need attention, e.g. https://wiki.ubuntu.com/MeetingLogs/Security/20140303
<sarnold> ankraft: sometimes we can simply roll forward an update from debian, those show up as 'sync match' on this chart: http://people.canonical.com/~ubuntu-security/d2u/
<ankraft> thanks! I can't seem to find the list of packages in a release's main (my google skills appear to be broken atm). Where is the list located?
<sarnold> hrm, good question.
<sarnold> (in general if it is on a disc it should be in main. i'll go hunting around to see if I can find a full list.. we use a tool that's not packaged and not really convenient for users when determining if a package is in main or universe)
<sarnold> ankraft: aha! found it. try: apt-cache madison apt
<sarnold> ankraft: compare against apt-cache madison rxvt-unicode
<sarnold> it's not exactly a list, but it is convenient enough, and can be scripted around dpkg -l or apt-cache pkgnames
<ankraft> perfect!
<ankraft> there appears to be quite a few packages in main. Still seems like a massive effort to keep them in check. How large is Canonical's team to maintain all the packages?
<axisys> tftp Transfer timeout .. tcpdump does not show any reply on udp port 69 .. tftpd-hpa server not seeing any log.. no firewall on
<axisys> nc -u -l 69 and from client tftp; get foo shows logs.. so networ is OK
<axisys> tcpdump on the server only pkts coming in.. nothing going out
<sarnold> ankraft: there are seven of us on the security team; one handles web browser things nearly full time, three handle apparmor things nearly full time, the rest handle updates, auditing, other platform security improvements, etc
<ankraft> sarnold: interesting. Do you know if Debian has a full time security team or do they strictly rely on community support?
<sarnold> ankraft: good question, I've never asked. those guys are productive enough I suspect that at least one or two of them must do some of their duties at an employer
<ankraft> sarnold: so it is pretty silo'd then between debian and ubuntu teams for security patches (other than the sync match you pointed out earlier). Or is there a lot of overlap and working together on issues?
<sarnold> ankraft: if debian has prepared a patch before we have, we can often use their work for our packages; likewise, if we prepare a patch before they do, they can often use our patches. And we double-check each other's triaging efforts, which is very convenient because the archives are -huge- and sometimes a package that contains duplicated code is overlooked in one or the other place
<jjohansen> sarnold, ankraft: that is selling short the kernel side. We have three members of the kernel team dedicated to doing stable kernel updates, and since most stable kernel updates involve security fixes we get a lot of work from them
<sarnold> jjohansen: oh! yes, indeed I had overloooked the kernel more or less completely.
<densin> I would like to ask . I add secound interface eth1  which not same network and gateway with eth0.
<densin> add in /etc/network/interfaces .
<densin> interface up .  ping gateway2 is ok ... but route not show
<densin> anyway to check ?
<PryMar56> densin, port_forwarding enabled?
<PryMar56> sysctl -p
<densin> no ,I not mean to do fw or proxy ..   I have separate service bind diffrent  interface
<densin> do I need to route add gw manualy with diffent metric  ?
<densin> amm not work
<moparisthebest> hi, I'm trying to implement pam_google_authenticator into my server, but i'm not sure the *correct* pam configuration file to place it in
<moparisthebest> I think it'd be either common-auth or common-account, though both seem included everywhere one is included
<moparisthebest> so maybe it doesn't matter?
<moparisthebest> anyhow, I'd like it to be used everywhere a normal password would be otherwise, at the console, ssh, sudo, su, and with it in common-auth it is
<moparisthebest> I just don't want it to block non-interactive things, cron, I see one for dovecot, etc etc, any ideas?
<jamescarr> is the GNUTILS bug patched in ubuntu 12.10?
<Patrickdk> yes
<Patrickdk> or well, is 12.10 even supported?
<Patrickdk> april 2014, so yes, you just bearly made it
<jamescarr> lol
<jamescarr> how ironic. I am doing distro upgrades this week
<jamescarr> and GNUTLS bug comes along
<Patrickdk> well, your still kindof out of luck
<Patrickdk> it was 13.04 they made the change in
<Patrickdk> and 13.04 is eol, so no fix there
<jamescarr> 13.10 still uses the 2.12?
<Patrickdk> hmm?
<jamescarr> Î» ~ â dpkg -s libgnutls-openssl27
<jamescarr> Version: 2.12.23-1ubuntu4
<jamescarr> http://gnutls.org/security.html
<Patrickdk> you really don't understand distros do you
<jamescarr> I do... 2.12 is considered stable ain't it
<Patrickdk> what does the version have to do with anything?
<jamescarr> 2.12.x has a nasty certificate exploit
<Patrickdk> says who?
<Patrickdk> lets see here
<Patrickdk> http://www.ubuntu.com/usn/usn-2127-1/
<Patrickdk> according to that,      libgnutls26 2.12.23-1ubuntu4.2 doesn't
<Patrickdk> please do note
<Patrickdk> these are UBUNTU versions, not gnutls versions
<Patrickdk> so using gnutls documentation about exploits is pointless
<jamescarr> ha thank you ;)
<jamescarr> and our nodes already have that version to
<GeekDude> I'm thinking of getting a graphical environment for my home server. I want something lightweight, so I was thinking lxde, especially because I have experience with it on my raspberry pi. Would you recommend something else? Or something more server-oriented?
<cfhowlett> GeekDude, lxde or xfce are the ones I have experience with.  both lightweights
<GeekDude> would you recommend one over the other?
<cfhowlett> GeekDude, pretty much the same look/feel as far as I'm concerned.  Note: xfce is the basis for xubuntu AND ubuntustudio FWIIW
<GeekDude> cfhowlett: From what I've read, xfce is only slightly heavier, but with greatly increased configurability/useability
<genii> GeekDude: Did you need a full suite of apps or are you just going to be using 2-3 things all the time?
<genii> ( because even lighter is something more basic like twm then you run your app from an xterm)
<GeekDude> genii: Probably just a web browser, maybe MC if I can get it to install (My box has an agp port, and I just found an agp gfx card, wanna test it)
<GeekDude> I need to be able to test the webserver(s) locally, and lynx just won't cut it
<genii> GeekDude: Alternately, install xvfb and then run X over ssh to your regular box.
<GeekDude> Wouldn't just installing XAuth work?
<genii> GeekDude: xvfb is good for testing because it installs minimal X, also you can tell it to use different resolutions and grab a screenshot, etc
<GeekDude> I think I'm gonna try out xfce
<jamescarr> can someone clear up for me the gnutls bug? Does it effect my servers that serve up ssl certs or client apps that connect over ssl?
<jamescarr> all the articles on it basically just say "your gonna die if you don't patch it!"
<spidernik84> hi there! Question about the new dns configuration in 12.04: I know we're supposed to specify the dns servers in the interfaces file, but what if we have multiple bridges (on a kvm host in this case). Do we need to put the dns-nameservers line in each interface stanza?
<spidernik84> stgraber, I'm sure you're the most suitable person to answer this :)
<mardraum> your host doesn't need to lookup dns on the bridge
<spidernik84> thanks. So the bond would be enough
<mardraum> if that's your default gateway for the host, yes
<spidernik84> it is. I thought the dns was setup systemwide
<jrwren> it is.
<jrwren> all that happens is ifup eventually calls resolfconf <interfacename> and passes the nameserver config to it.
<jrwren> assuming you are using resolvconf
<spidernik84> yes, resolvconf. Thanks
<Delemas> I'm trying to get an enterprise to support running their products on Ubuntu. Do we have any good sourced data on enterprise server use of Ubuntu vs other distributions (RHEL for example)? I'm looking for percentages or a graph etc.
<GeekDude> :D Just got ICS working between my server and my laptop, with the Win7 laptop as the host
<GeekDude> hmm. Trying to set the DNS server, and resolv.conf says not to edit it by hand
<spidernik84> GeekDude, https://help.ubuntu.com/12.04/serverguide/network-configuration.html#name-resolution
<JanC> Delemas: there used to be something like that
<GeekDude> ah, thanks
<Delemas> I just found this which might be good enough: http://w3techs.com/technologies/details/os-linux/all/all
<Delemas> It is all web servers vs. enterprise use though...
<GeekDude> spidernik84: Thanks. DNS is working now
<spidernik84> np!
<GeekDude> P=!NP
<GeekDude> Uuh, am I missing something, or can I not just do apt-get install xfce
<GeekDude> apt-get install xfce4?
<GeekDude> Why is my terminal only 36 lines tall, when the current screen resolution is 1600x1200? It only takes up 1/4 of the space in the top left corner
<genii> GeekDude: Yes, xfce4 for just the desktop
<GeekDude> oh, nvm. I'm an idiot.
<GeekDude> It's only taking up that much space because I have an s-video cable plugged into my graphics card
<GeekDude> It's showing hi-res in a small area of the screen, as opposed to low res
<densin> hi all.
<densin> how to enable ubuntu (ipv4) can communicate with ipv6 .   I seem my ubuntu can't ping  ipv6.google.com.
<densin> or event lookup IP
<paco11> hi folks
<paco11> I'm running 12.04.4 x64. i'm testing the openldap server with JMeter. i added "session required        pam_limits.so" in /etc/pam.d/common-session. i added "* hard  nofile  65000 | root  hard  nofile  65000 | openldap  hard  nofile  65000" in /etc/security/limits.conf. i added "fs.file-max = 65536" in /etc/sysctl.conf. With all these configurations, i follow to have "Too Many Open files" with cat /proc/sys/fs/file-nr > 1696	0	65536
<metasansana> so what's the future of upstart?
<ogra> metasansana, whatever you make of it :)
<_root_> hello guys
 * _root_ asks for help on the subject http://askubuntu.com/questions/429743/setting-max-connections-in-mysql-server-globally
<Pici> !ask
<ubottu> Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<RoyK> _root_: isn't that just setting max_connections?
<_root_> RoyK, I don't know nothing about this; If you know plz explain m8.
<RoyK> just set max_connections in my.cnf to whatever max you want
<RoyK> _root_: mysql> show variables like 'max_connections';
<RoyK> that'll show the current
<_root_> RoyK, How to force mysql to create only 3 process for example
<avid_fan> Question: Anyone know how to choose a different typeface for the console?
<RoyK> _root_: why?
<_root_> RoyK, Look at the Q? my sql on the new Server install creates 20 processes and eats 50% of memory
<RoyK> _root_: innodb and myisam have different tuning parameters for the number of threads to be started
<RoyK> _root_: google a bit about mysql tuning. btw - how much memory is in this machine?
<_root_> RoyK, innodb myisam?
<_root_> RoyK, 1GB
<RoyK> _root_: not a whole lot
<RoyK> _root_: better tune down memory use for mysql
<_root_> RoyK, It is a VPS not a DS
<RoyK> understood
<RoyK> (but what's DS?)
<_root_> RoyK, that's what I am asking. HOW to tell mysql to create for example 5 processes instead of 20. (DS = dedicated Server)
<RoyK> it doesn't matter how many processess it starts
<_root_> RoyK, nd this is the first time II have this problem.
<RoyK> it matters how much memory it uses
<RoyK> _root_: how big is the database?
<_root_> RoyK, yes; I agree with you.
<_root_> RoyK, it is not big at all. it is a fresh install. I don't even have a database in my sql right now
<GeekDude> Does ubuntu server come with sound drivers? Or do I need to install alsa or someting
<RoyK> _root_: pastebin "ps axfv" output
<RoyK> !pastebin | _root_
<ubottu> _root_: For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imagebin.org/?page=add | !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<_root_> GeekDude, I install 12.04.4 LTS yesterday and I was installed by default
<_root_> maybe install an alsamixer?
<GeekDude> hmm
<GeekDude> alsamixer fails unless run as root?
<GeekDude> hmm... xfce added a neat background to grub it seems
<GeekDude> ah. Sounds only work as root
<GeekDude> do I need to add myself to some user group or something?
<qman__> GeekDude: audio
<GeekDude> sudo adduser me audio
<GeekDude> Yes?
<qman__> yes
<qman__> then log out and back in
<GeekDude> Great, it works. Thanks!
 * GeekDude watches youtube 
<RoyK> _root_: did you pastebin that?
<_root_> RoyK, it is something wrong. I can't even VNC to it now? I am trying wait
<RoyK> k
<_root_> RoyK, 76% memory; No wonder I can't Vnc
<RoyK> _root_: ps axfv|pastebinit
<_root_> RoyK, http://paste.ubuntu.com/7039765/
<RoyK> _root_: and free?
<RoyK> _root_: not a whole lot of real memory used there
<_root_> RoyK,
<_root_> RoyK, What o you mean; So why 75% memory?
<_root_> RoyK, http://paste.ubuntu.com/7039792/   it is after a reboot
<RoyK> _root_: did you pastebin output of 'free'?
<_root_> RoyK, http://paste.ubuntu.com/7039840/
<RoyK> _root_: that tells you you're using about 100MB of RAM
<RoyK> the rest is buffers/cache
<RoyK> the first row of "used" will climb
<RoyK> because that includes what's used for buffers/cache
<RoyK> that memory will be released if needed
<_root_> RoyK, So did i go under attack of some kind? it was 75% about a minute ago
<RoyK> doubt it
<RoyK> did you check the -/+ buffers/cache: row?
<RoyK> _root_: also, if you're afraid of being attacked, make sure to enable ufw. "ufw allow ssh && ufw enable"
<RoyK> perhaps "ufw status" first to check if it's enabled already
<_root_> RoyK, inactive
<RoyK> then enable it
<RoyK> it's easy and secure
<RoyK> just make sure to open for stuff you need from the outside, like http
<RoyK> and make sure you allow ssh before you enable it
<_root_> RoyK, Thank m8; really Helped
 * _root_ gives RoyK +1
<RoyK> _root_: now, by default, your vm will only be accessible by ssh, ufw allow http etc will open up
<RoyK> man ufw for more info
<_root_> RoyK, T H A N K Y o U man
<_root_> really
<RoyK> np :)
<RoyK> _root_: run som tests with mysql/apache and check "free" output again, and you'll see that the amount of "free" memory drastically decreases, which is fine, since it's used for caching ;)
<_root_> RoyK, So what you are saying ; Is that the web server and mysql claim the memory but not use it. and if the load added to them they use what they graped before
<RoyK> no, I'm saying they don't, but that linux probably uses the memory for caching
<RoyK> _root_: let it run for some time, do some tests, don't reboot, and post ps axfv; free etc
<jamespage> smb, ping me tomorrow and well sort iscsitarget once and for all :-)
<iTrace> I own this server and I have two apps in two seperate directories on the server. Can i have the apps accessible via a single domain?
<zenadm1n> Has anyone here done a Ubuntu install from HP ILO?
<bekks> zenadm1n: Why?
<bekks> !anyone | zenadm1n
<ubottu> zenadm1n: A high percentage of the first questions asked in this channel start with "Does anyone/anybody..." Why not ask your next question (the real one) and find out? See also !details, !gq, and !poll.
<zenadm1n> HP ILO gives me the option of RHEL or SUSE. Ubuntu isn't an option although HP says it's supported.
<DeltaHeavy> Hey, I'm wondering what's the reasoning for not including MariaDB in the Ubuntu repos. Can anybody help me understand?
<bekks> zenadm1n: HP ILO doesnt have such a menu at all. HP SmartStart does.
<bekks> zenadm1n: ILO is the management web interface.
<henkjan_> DeltaHeavy: http://packages.ubuntu.com/trusty/database/
<henkjan_> DeltaHeavy: mariadb is in the repo's for trusty
<DeltaHeavy> henkjan_: They're not in 12.04 though >:
<henkjan_> 12.04. almost 2 years ago no distro had mariadb in the repo's
<DeltaHeavy> henkjan_: I thought they might add it in thogh.
<henkjan_> DeltaHeavy: no. only existing software is updated. no new software is being added once a release is done
<DeltaHeavy> Ok, got it.
<DeltaHeavy> Thanks!
<jamespage> zul, ceilometer -> python-croniter
<thumper> hmm...
<thumper> why would upstart say a job is unknown?
<thumper> when I can see it in /etc/init
<thumper> it did seem that udev wasn't started due to too many open files when I started the container
<thumper> btw, this is inside an lxc container
<thumper> I started about 50 at once
<thumper> load testing to see if it died....
<thumper> lxc tells me all the machines are running
<thumper> I can ssh into it
<thumper> but juju failed to start the machine agent
<thumper> and when I try to start it manually, it fails
<thumper> saying "unknown job"
<zul> jamespage:  seriously?!
<m1sf1t> hi, does anyone know of a program that can do a similar thing to system restore in windows? i need to make a lot of changes to my server, and would like to be able to restore it if it all goes to hell. any suggestions?
<m1sf1t> i've considered using dd, but i'm not sure if it'd be safe or reliable to use dd if=/ of /path/to/backup.img
<m1sf1t> ...while the system is running
<sarnold> m1sf1t: nothing exactly like windows's system restore.. a few ideas, you can use e.g. btrfs or zfs snapshotting at the filesystem level, or use lvm snapshots at the block level, or you can use dd to generate a disk image that you could use to overwrite the server ..
<sarnold> you shouldn't use dd if=/dev/blah if /dev/blah is mounted read-write. if it is mounted read-only it ought to function.
<m1sf1t> sarnold: do you know if dd would be safe or reliable to use while running? or should i boot a live cd and do it that way?
<sarnold> m1sf1t: live cd would be easiest
<sarnold> m1sf1t: ooh, I'm proud of this one :) you could use qemu-img to convert the disk image into a qcow2 image, snapsoht, do the work in a vm, and either re-export it or rollback
<m1sf1t> sarnold: hmm... downtime :/ i think i'll have to do that. also, if i were to dd the whole filesystem (80GB) do you know if it's possible to reduce that size? or is that restricted by the filesystem?
<sarnold> m1sf1t: you'll have to read all 80 gigs, but you might not have to write all 80 gigs, if you use the conv=sparse option and your 'empty space' has been zeroed already...
<m1sf1t> sarnold: just saw what you said about qemu-img, that sounds interesting :) a bit confused haha but i see what you're getting at
<m1sf1t> sarnold: i think i'll keep it at 80GB. although i would have to do it now lol as it's the least busy time
<m1sf1t> sarnold: i'll be replacing my file server hdd with a 2TB soon so i can make do with a little less storage for now ;)
<sarnold> m1sf1t: woo :)
<m1sf1t> sarnold: haha :) thanks for the advice, i'm gonna boot into a cd now then, so gotta go. bye :)
<sarnold> m1sf1t: have fun!
<m1sf1t> sarnold: will do! staring at a terminal with no idea how long dd has left lol :D
<m1sf1t> sarnold: cya
<genii> dd could really use some kind of prgress indicator
<genii> ( when source or dest ore finite)
<genii> *are
<sarnold> definitely. I wish linux supported siginfo
<zul> jamespage:  i have it packaged locally with tests running so ill upload it tomorrow
<m1sf1t> sarnold: back, i forgot... ubuntu server is installed on a raid1 software array (the default one in the ubuntu server setup). the live cd hasn't recognised it :( do you know how to mount md0, when it doesn't even show under /dev/ ?
<m1sf1t> sarnold: well, not mount. i just need to get an ubuntu live cd to recognise it
<sarnold> m1sf1t: yikes, that's not good. sorry, I don't know anything about mdadm stuff :(
<m1sf1t> sarnold: haha me neither :( this is the first time i've even used raid, had to google the numbers lol
#ubuntu-server 2014-03-06
<thumper> stgraber, hallyn: if I create a "template" container that doesn't autostart, is it possible to change a clone of that machine to autostart?
<thumper> also, is the lxc.conf file from the original template copied anywhere where I can poke it?
<hallyn> thumper: sure, just edit its config file.
<hallyn> i.e. if you did sudo lxc-clone -s -o u1 -n u2, edit /var/lib/lxc/u2/config.
<GeekDude> New install of server, with xfce as a desktop environment. I can't mount drives through it, but I hear I need something called a polkit. Can anyone point me in the right direction to get a polkit (such as lxpolkit) isntalled and set to start with xfce?
<darthanubis> GeekDude, why did you not just install xubuntu?
<GeekDude> darthanubis: Uuuuh
<GeekDude> *best answer*
<GeekDude> Because I'm inexperienced with this as a whole, and am lucky to even have gotten as far along as I have
<darthanubis> ok
<darthanubis> just was wondering, because it would have been easier for you
<GeekDude> I don't necessarily want it to be easy. I'm building good experiences for future reference
<GeekDude> That, and I'm out of CDs to burn
<GeekDude> It can't boot from usb either :/
<darthanubis> understood
<GeekDude> Should I just grab https://www.archlinux.org/packages/?name=lxpolkit ? It downloads as an xz archive
<GeekDude> then set it up to autostart as per https://wiki.archlinux.org/index.php/Autostarting
<darthanubis> don't think that is the way you want to go
<darthanubis> just grab it from the ubuntu repos?
<GeekDude> lxpolkit isn't in the repos
<GeekDude> from what I can tell
<thumper> hallyn: edit before start and all is good?
<thumper> if so, awesome
<darthanubis> http://packages.ubuntu.com/raring/x11/lxpolkit
<thumper> hallyn: is it ok to stop a container, edit the config to add a mount, and restart, and the mount will work?
<thumper> if the mount is an external user directory
<thumper> hallyn: when I cloned and started 50 lxc containers, I ended up hitting the "too many open files", is this likely to be for the root user on the host?
<hallyn> thumper: for autostart?  you dont' have to editbefore you start;  just before you run lxc-autostart or shut down
<hallyn> thumper: on restart and mount: yes
<GeekDude> darthanubis: sudo apt-get install gksu-polkit would be what I'm looking for, if I want to install lxpolkit?
<thumper> hallyn: ok, but editing for new mounts is fine if stopped, and when started all is good?
<hallyn> thumper: as for 'too many open files' - hm.  i'm not sure.
<thumper> yeah, load testing FTW
<thumper> "juju add-unit -n 50 ubuntu" with the local provider :)
<hallyn> these are root started containers?
<thumper> I'm making juju btrfs aware for fast snapshotting
<thumper> hallyn: yes
<thumper> well, jujud started containers, and jujud is running as root
<GeekDude> darthanubis: or at least close enough
<hallyn> is this the /proc/sys/fs/file-nr limit, or ulimit, i wonder?
<darthanubis> sounds right
<darthanubis> which comes with the desktop install
<thumper> hallyn: ulimit -n for root is still 1024
<hallyn> you really shouldn't be restricted to 50 continers...
<thumper> lxc said they were all started
<thumper> however the cloud init logs were full of inotify problems
<thumper> with too many open files
<thumper> and upstart failed to recognize new jobs
<GeekDude> darthanubis: the package lxpolkit doesn't show up until you get to quantal, and I'm on pangolin
<thumper> probably due to inotify issue
<hallyn> ok, so you can up the limit :)
<GeekDude> darthanubis: I think that gksu-polkit would be the proper alternative, though
<GeekDude> I'm unsure, but trying things is part of learning
<thumper> hallyn: the jujud upstart jobs sets to 20000
<thumper> since it is calling the lxc commands
<thumper> is it likely that limit is inherited?
<thumper> or something else?
<thumper> this is well outside my area of expertise
<hallyn> i suspect every caller of lxc-start needs to set it
<thumper> in this case, there is exactly one caller of lxc-start
<thumper> and that is the jujud process
<thumper> hallyn: was very impressed though, that with 50 containers on btrfs loopback device mounted to /var/lib/lxc, it was only taking 2.5GiB
<thumper> although really, just the ubuntu charm
<thumper> which doesn't to a lot :)
<thumper> s/to/do/
<hallyn> thumper: yeah but a full ubuntu release in each :)
<thumper> sure, cloud image, but yeah
<thumper> pretty cool
<hallyn> thumper: yeah, playing around with 'sleep 200 & cat /proc/$!/limits | grep file' suggests you should be fine with jujud
<hallyn> cloud images is bigger than the base ubuntu image
<thumper> about 900M for my template image
<thumper> much better than 50G :-)
<thumper> which I would have without the snapshots
<GeekDude> darthanubis: That didn't seem to help. I'm trying apt-get install xfce4-mount-plugin now
<GeekDude> Hmm. Didn't seem to help either
<darthanubis> try apt-get install xubuntu-desktop
<GeekDude> right now I'm trying xfce-goodies
<darthanubis> has nothing to do with it
<GeekDude> no?
<darthanubis> are you researching what you are doing or just install stuff?
<GeekDude> uuh
<GeekDude> I'm researching a bit, then installing anything tangentially related until it works
<GeekDude> I'm a terrible admin
<GeekDude> darthanubis: If I install xubuntu-desktop, will it just completely redo my desktop?
<GeekDude> Well, I've gotta go :/
<GeekDude> See you all later
<jak2013> how to  open a port? on ubuntu 12.04
<usr13_> jak2013: It would have had to have neen previously closed in order to open it.  So, how did you close it, with netfilter?
<usr13_> jak2013: ... or did you just kill the service?
<usr13_> jak2013: What port are you wanting to use?  And for what servcie to you want to use it?
<jak2013> mysql port: 3306
<usr13_> jak2013: By default, they are all open.
<usr13_> jak2013: you might want to /join #netfilter
<jak2013> usr, uwf is the firewall right?
<sarnold> jak2013: ufw is a frontend to the iptables firewall framework
<jak2013> mmmmm cant connect 3306 arent opened :(
<jak2013> thanks
<sarnold> jak2013: is something listening on 3306? check netstat -nlp | grep 3306
<jak2013> sarnold:
<jak2013> tcp        0      0 127.0.0.1:3306          0.0.0.0:*               LISTEN      18205/mysqld
<sheptard> so it's just listening on localhost
<sheptard> which is why you can't connect to it remotely
<sarnold> jak2013: good. and what happens when you run the mysql client command to connect to it?
<jak2013> canc onnect
<jak2013> but locally
<jak2013> and remotelly? how to open the port?
<sheptard> edit your my.cnf
<jak2013> or for access not only locally
<jak2013> sheptard and?
<sarnold> tell mysql to listen on an external interface
<sheptard> http://www.cyberciti.biz/tips/how-do-i-enable-remote-access-to-mysql-database-server.html
<sarnold> I strongly recommend using a firewall of some sort to restrict who can connect to your mysql server
<sarnold> you don't want it sitting on the public internet waiting for someone to either brute-force guess passwords or worse smack it with an exploit.. there've been more than one remote unauthenticated mysqld vulnerability in the psat
<jak2013> then how to connecto to my db?
<sarnold> jak2013: this is a good tool for testing: http://manpages.ubuntu.com/manpages/precise/en/man1/mysql.1.html
<jak2013> ok, thanks
<wkmanire> Hello, I'm having trouble installing 12 LTS on an older 32 bit machine (built in 2000). I want to use it as a DNS server.
<wkmanire> GRUB loads, but then all I get is a flashing underscore.
<wkmanire> Nothing changes even after 10 minutes of waiting
<wkmanire> I'm installing from a live USB device.
<wkmanire> Which I formatted from the 32 bit ISO using dd.
<sheptard> I'd try burning a CD if you can
<cfhowlett> wkmanire, did you md5sum the .iso?
<cfhowlett> sheptard, usb may not be supported on a 2000 machine
<wkmanire> cfhowlett: I didn't see an MD5 checksum on the download page so I did not
<cfhowlett> !md5sum
<ubottu> To verify your Ubuntu ISO image (or other files for which an MD5 checksum is provided), see http://help.ubuntu.com/community/HowToMD5SUM or http://www.linuxquestions.org/linux/answers/LQ_ISO/Checking_the_md5sum_in_Windows
<wkmanire> No CD drive available, and the BIOS list USB-HDD as a boot option.
<sarnold> if it made it to grub, I'd hope that would be enough..
<cfhowlett> sarnold, 60 seconds to verify integrity isn't too much to ask
<wkmanire> I was reading in the official ubuntu server book that sometimes you have to change some boot args in GRUB to get things to load
<sarnold> cfhowlett: no, indeed, that's a good idea; I was sresponding to the "usb may not be supported"
<wkmanire> I'll go verify the MD5 checksum. I hope that is what's wrong.
<cfhowlett> sarnold, :)
<sarnold> wkmanire: if you hit shift of whatever it is to force grub to prompt, can you edit the kernel command line?
<wkmanire> sarnold: One moment
<sarnold> wkmanire: if so my first attempt would be adding something like vga=ask to the command line. that helped me back in the day on odd equipment
<wkmanire> I calculated the checksum but I can't find the checksum on the ubuntu website for the iso I downloaded.
<wkmanire> 2a846f77b21bddd732d75f7f574c3045
<wkmanire> sarnold: I'm going to try getting into the boot options now
<wkmanire> I have 6 more identical machines to do after this.
<cfhowlett> wkmanire, wait one
<wkmanire> cfhowlett: Ok
<sarnold> sigh all I can find are the md5sums for the 12.04.4 release http://cdimage.ubuntu.com/releases/12.04.4/release/MD5SUMS
<wkmanire> sarnold:  I'm using the 32bit LTS "server" release.
<cfhowlett> wkmanire, 12.04.4 version?
<cfhowlett> wkmanire, 12.04.4 ????
<wkmanire> cfhowlett: Just a sec please
<sarnold> wkmanire: every few months we press a new iso with updated kernel and so forth, 12.04, 12.04.1, 12.04.2, 12.04.3, 12.04.4, soon will come 12.04.5, and last will be 12.04.6 if I'm not mistaken...
<wkmanire> cfhowlett: http://www.ubuntu.com/download/server/thank-you?distro=server&bits=32&release=lts
<wkmanire> this one
<wkmanire> I just downloaded it 20 minutes ago
<sarnold> oh good :)
<wkmanire> sarnold: I'm in the GRUB editor.
<wkmanire> What did you suggest adding?
<sarnold> wkmanire: vga=ask was the first thing that came to mind
<wkmanire> What does that do?
<cfhowlett> wkmanire, 12.04.4 386 server iso 14ad92270218a8925d802b3d3b6e140f
<wkmanire> cfhowlett: Thank you, will confirm
<sarnold> if I'm not mistaken it'll ask the kernel to promt you with a list of vga video modes, hopefully that'll show how much the kernel is alive or dead..
<cfhowlett> wkmanire, http://releases.ubuntu.com/12.04.4/MD5SUMS
<wkmanire> That's what i needed
<cfhowlett> wkmanire, DOH!  bad info!  here's 32 bit server 0081e57fb8c7e4094fb9767384f087c6
<wkmanire> I used md5sum to produce the value, but it looks like my checksum is different than your substantially
<wkmanire> I'll redownload the ISO
<wkmanire> yours*
<cfhowlett> wkmanire, don't.  use torrents instead.  integrity checking is better
<sarnold> I wish the silly download page made it easy to grab the SHA256SUMS and SHA256SUMS.gpg files from the same directory
<wkmanire> Ok, I'm downloading the torrent
<wkmanire> Holy crap, that downloaded in 10 seconds
<sarnold> just the .torrent file? or the whole thing?
<wkmanire> The whole thing!
<wkmanire> At least one of the peers seems to be connected to a fire hose
<sarnold> wow. what a connection. :)
<cfhowlett> wkmanire, run the md5sum again
<wkmanire> cfhowlett: https://www.refheap.com/52889
<wkmanire> Why is my number different again?
<wkmanire> sarnold: That option you suggested did not help.
<cfhowlett> wkmanire, try direct download
<sarnold> wkmanire: did you just get the blinking cursor again?
<wkmanire> sarnold: Yes.
<wkmanire> cfhowlett: It's going to be 5 to 10 minutes for the direct download
<cfhowlett> wkmanire, do it.  check it.  I'm curious to know results so I'll be around
<wkmanire> Ok
<sarnold> wkmanire: okay, a few more ideas. (I'm running low.) you could also try removing the "splash" argument from the kernel command line; the 'splash' asks plymouth to start, it's the graphical thing that 'owns' the console. I dunno if its even on the server disks, but it might be worth a shot: https://wiki.ubuntu.com/Plymouth
<sarnold> wkmanire: another thing I remember from machines of that era is turning off acpi or apic; I had one machine that I had to boot with apic=off
<wkmanire> I'll do both and see what it does
<wkmanire> This is a shining example of why you don't let developers do sys admin work :P
<cfhowlett> LOL.
<sarnold> lol
<wkmanire> There is no splash argument to be found
<sarnold> well, okay, that's at least one fewer thing to try :) hehe
<wkmanire> sarnold:  Should I be adding these options anywhere in the boot script?
<wkmanire> Or is there a particular line they should be on?
<sarnold> wkmanire: hrm, i'd put them at the end of the kernel command line..
<wkmanire> What does the kernel command line look like?
<wkmanire> linux /boot/........
<wkmanire> that line?
<wkmanire> Or is it after the call to initrd?
<wkmanire> cfhowlett: My checksum is correct now.
<wkmanire> sarnold: I'm going to reimage this USB device and try again
<sarnold> wkmanire: on my machine, near 'ro' and 'quiet' ...
<jpds> wkmanire: The linux one.
<sarnold> wkmanire: cool
<cfhowlett> wkmanire, try installation
<wkmanire> It's actually an SD card in a USB SD card reader
<wkmanire> It's all I had on hand.
<sarnold> oof :)
<wkmanire> What an adventure. And I thought setting up netboot would be more work.
<sarnold> wkmanire: oh. uh.
<sarnold> wkmanire: does this CPU do PAE?
<wkmanire> PAE?
<sarnold> wkmanire: somewhere along the way we stopped supporting kernels without PAE, and I do'nt know when that was.
<sarnold> wkmanire: extended page tables
<wkmanire> I don't know
<wkmanire> The image completed transfer so I'm going to try to boot again
 * sarnold crosses his fingers
<wkmanire> sarnold:  Legacy `ask' parameter no longer supported
<sarnold> wkmanire: oh, pae was introduced in 95. wow: http://en.wikipedia.org/wiki/Physical_Address_Extension
<sarnold> wkmanire: oh so now I'm legacy! lol
<wkmanire> Whelp, I'm back in the same boat again.
<wkmanire> I'm going to have to go dig up a CDROM drive
<wkmanire> And then crack all of these boxes open :(
<sarnold> wkmanire: try adding 'nomodeset'?
<wkmanire> sarnold: Should I put that together with apic=off?
<sarnold> wkmanire: you could, but it'd be nice to know if one specific thing is sufficient
<wkmanire> Absolutely
<sarnold> wkmanire: even though that's the most annoying and slowest way to get there :) heh
<wkmanire> I wish I could get into a terminal so I could see the log output
<sarnold> yes
<wkmanire> trouble-guessing sucks
<sarnold> i like that, i'll have to remember it :) thanks
<sarnold> wkmanire: bed time for me, good luck, and if you sort it out, i'd like to find out what it was..
<wkmanire> sarnold: I just tried the last possible combination of arguments and it also failed.
<wkmanire> I *MIGHT* have a CDROM in a dead PC in the garage. So I'm going to go on a scavenger hunt
<wkmanire> sarnold: I'll come back to the channel after I get this working
<sarnold> wkmanire: good luck! thanks :)
<wkmanire> sarnold: Thank you for the help. Good night.
<wkmanire> In the grub terminal, lscpi brngs up one device as "Unkown Bridge"
<wkmanire> Unknown*
<wkmanire> Could that cause the installer to fail to load?
<wkmanire> I think I found what the hold up is.
<wkmanire> ACPI Warning: Detected an unsupported executable opcode at module-level: [0x007B]
<wkmanire> There's two messages like that in GRUB recovery mode.
<wkmanire> Yep.
<wkmanire> Got it.
<wkmanire> Did you know that a CD won't load if the CD tray is not 100% closed?
<wkmanire> Who would have guess that it doesn't operate while open?
<cfhowlett> wkmanire, yeah, they're funny that way ...
<alimj> Hi everyone. I am looking for advises on recommended average e-mail box size.  I have to setup 100+ user e-mails for a client.
<AtuM> alimj, I usually give users 1GB/mailbox
<alimj> AtuM: Thanks
<AtuM> alimj, that's to give admins time to react when some users go over limit - if users use imap
<ikonia> alimj: you can't take a "recommendation" it depends on the spec/needs of the mail users and host much storage/backup you have available to you
<alimj> I am going to forbid IMAP. Only POP3
<AtuM> alimj, if users use pop3 and download mail to their desktops, then you can give much less space per mailbox
<AtuM> alimj, I'd recommend setting 100-200MB/mailbox so that mailboxes don't get full when ppl go to vacation.. are you about to use quotas or just limit the space for all mailboxes?
<alimj> AtuM: A combination of both. For different users, VIPs, etc
<alimj> I am also looking into fetchmail and getmail daemons. For a local storage solution
<alimj> ikonia: Thanks for suggestion. I am looking for a starting point
<AtuM> alimj, what are users using as a client software?
<alimj> AtuM: Will be outlook, thunderbird or mobile devices.
<AtuM> alimj, how come you're not setting up a service like zimbra/zarafa?
<alimj> AtuM: I am not familiar with those. I will look to them.
<alimj> For VIPs, I was planning to setup POP on clients to leave mails on server for one week. So they can use IMAP on their mobiles to check their mails while traveling.
<AtuM> alimj, is there not enough resources on server side? I use zimbra since all mailboxes get stored on a single server and it's then easy to backup, no worries about desktop mailbox when computers crash, and you get webclient acces from anywhere ;)
<ikonia> alimj: you can't have a "starting point" with no requirements
<spidernik84> hi! how am I supposed to update an interface ip address after changing it in the interfaces file? Ifup says the interface is already configured. If I append --force it will add a secondary address! And service networking restart is deprecated :(
<alimj> AtuM, ikonia: Thanks for your time and answers. I have a visitor. I will be back. Thanks again.
<spidernik84> ifdown first and ifup?
<AtuM> but zimbra needs quite a lot of resources for 100+ users.. at least 16GB RAM + SSD disks on a single server (capacity requirements depend on user quotas)
<AtuM> spidernik84, use ifconfig to reconfigure manually..
<AtuM> spidernik84, the interfaces file will be used at the next boot..  you could also reboot the machine, but that's a bit of a waste of time imho
<spidernik84> AtuM, thanks. We use a puppet module to modify the networking file but we designed it to trigger an /etc/init.d/networking restart after the change. I realized it's dangerous
<spidernik84> it will take down the network for a fraction of time
<AtuM> alimj, the approximation is difficult without any real requirements, as ikonia pointed out. it's best if you set up LVM2 and then leave some space in reserve.. mailboxes can get huge very fast - it all depends on what users are doing with it
<spidernik84> so I was looking for a way to "refresh" the interfaces file (i need to add the dns records to it as suggested starting from ubuntu 12.04)
<AtuM> spidernik84, aren't you changing ip ?
<spidernik84> that's also a scenario, but less used
<spidernik84> I'm mixing up things, apologies.
<AtuM> spidernik84, oh.. dns records..  perhaps resolvconf might help
<spidernik84> the ifup script is supposed to parse the dns-nameservers line in the interfaces file and tell resolvconf to use them
<spidernik84> I'll do some tests. Thanks
<AtuM> spidernik84, that's true. even if you restart network for that fraction of time it should not have any side-effects.. tcp/ip can handle it if the interruption is not too long
<spidernik84> I agree. It's just that they say it's deprecated :(
<AtuM> i've run ifdown && ifup within ssh session and I didn't get disconnected :)
<spidernik84> lol nice :D
<spidernik84> I'll try a bit
<stetho_> Obscure question. My company purchased an HP StoreEasy 1630. It's a nice bit of kit with a built in 3Par array. However, it came with Windows Storage Server 2012. The overhead of setting up an Active Directory server with UNIX support, migrating existing users and their UIDs/GIDs and maintaining everything in two places has become an absolute pain. The HP website lists "Linux" as a supported operating system. Does anyone know if I'm going to hit
<stetho_>  any problems (in terms of drivers etc) if I flatten the box and install 12.04 on it?
<mardraum> I'd say it depends on storage server to work
<mardraum> but hopefully HP do actually have a solution. You are going to need to raise a ticket with them and try escalate until you get someone who knows. They do have some talented storage peeps.
<rbasak> hallyn: FYI, bug 1287140 - when I fix it, we'll need to modify your auto-package-testing MP a little bit, to add a --ssh-private-key-file option to when you call "uvt-kvm wait"
<AtuM> stetho_, why don't you ask HP? it's a new machine and they should have a great customer service support..  will it be used as a CIFS, NFS or ISCSI ?
<stetho_> mardraum: Thanks - I just had a lightbulb moment and checked the HP site for Linux drivers and couldn't find any. :-(
<AtuM> stetho_, with windows storage server it's all "point-and-click". when u use linux as a storage os, you really have to dive into each technology.. there's no "point-and-click" configuration.
<stetho_> AtuM: That was my next port of call. Google didn't show anything so I thought I'd ask in here. Usually full of knowledgeable people. The answer is "All 3" - I just want to remove the AD part from my mainly Ubuntu and a bit of OS X network.
<stetho_> The only option the device gives in its current setup to get round AD is to create NFS shares and mount them as root.
<AtuM> stetho_, community can help, but you should not use any step-by-step advice - you should dive into each of those services and understand the inner workings.. linux does not complain when you mess up your config - it will try to make it work as you set it up.. even if all data goes away.. you should know what you're doing.
<AtuM> stetho_, our company also makes iscsi/infiniband storage devices.. but we've never made "step-by-step" documentation because of those facts. if you're willing to take the time and learn, then I say go for it. it's all pretty simple and straightforward, but it takes some skill to manage
<stetho_> Atum: I've got no problem with doing it unless I fall at the first hurdle - not being able to recognise the RAID controller.
<AtuM> stetho_, if you can see the disks as JBOD devices, you can use software raid.. if anything, you can boot some "server/enterprise" distro to see if linux sees the raid devices
<AtuM> stetho_, I can't really tell you more, since I have no idea where the HP stores the OS on this model.. it could be a CF card, and internal HDD... who knows
<AtuM> stetho_, usualy the disks that are hot-pluggable do not store the OS (firmware).. so there must be some other media to install to
<stetho_> AtuM: If I have to put a disk in to install the OS that's fine - I can live with that. I've just found something on the HP site that says the P822 (which is what's in this machine) is supported by RHEL and SLES so it's not a total non-starter.
<jamespage> Daviey, did you have a chance to review the pxc packages in NEW yet?
<AtuM> stetho_, the latest devices are more quickly supported by linux then by windows.. i see that a lot these days
<AtuM> stetho_, HP usually uses somewhat trusted and well supported components.
<AtuM> stetho_, you know that installing linux on this machine will brick its warranty
<AtuM> stetho_, the part where the documentation says "compatible with windows, linux.." is for the client part, not for the machine itself
<stetho_> Yes - I realised that (the client part) which is why I went of looking for drivers.
<AtuM> stetho_, iscsi, nfs, cifs don't need drivers
<stetho_> I know - this is just one of those "it should work" things. Like you say, if I do it I brick the warranty and if it fails it's an expensive failure.
<stetho_> Maybe I need to investigate a better way of integrating AD in to my network. If AD had been here first it would have been much easier. Adding Linux to AD is a lot easier than adding AD to Linux.
<AtuM> stetho_, linux includes drivers for the most hw.. they come as modules.. it's rare that you need special drivers from vendors.. it can happen, but it's rare
<AtuM> stetho_, integrating AD into linux environment is pain.. how come the company bought this box?
<wmp> hello, i have problem with MdRaid
<wmp> on normal ubuntu boot, i have error with degradated raid
<wmp> on resovery all works good
<AtuM> stetho_, as you pointed out.. setting up AD, unix support, user mapping.. i am playing with this too these days :)
<AtuM> wmp, does mdraid get degraded after each reboot?
<wmp> AtuM: yes
<AtuM> wmp, it's a bug.. what ubuntu version do you use?
<wmp> always on normal boot i have degrated raid, always on recovery raid os good
<wmp> 12.04
<wmp> updated
<AtuM> can you check this: http://www.fractalizer.ru/frpost_350/warning-mismatch_cnt-is-not-0-on-devmd0/
<AtuM> if mismatch_cnt is not 0, then you might have a disk failure
<stetho_> In short, we were a small company, we were going to move to AD, then everything went mad because someone had a good idea, we quadrupled in size in 6 months and then got acquired. Now things have settled down again I have the opportunity to do things "properly" (Puppet, monitoring etc) and I wanted to remove (or improve) this administrative overhead/pain it the butt.
<wmp> AtuM: i have 0
<wmp> AtuM: this is my grub.cfg config: http://wklej.org/id/1291241/
<wmp> AtuM: and this is screenshots from KVM: http://wstaw.org/m/2014/03/06/makeconfig6.png http://wstaw.org/m/2014/03/06/makeconfig7.png
<wmp> AtuM: ok, my server has efi...
<wmp> AtuM: maybe bug is in kernel, becouse on old kernel all works good
<wmp> 3.11.0-17 dont works
<wmp> 3.11.0-15 works
<AtuM> wmp, I'd say it's a bug.. I've hit this one on fedora a year ago.. when they've merged dmraid and mdraid with dm-mapper.. the problem apparently lies with the upstart/systemd shutdown/reboot procedure, where the dm-mapped doens't flag the mdraid as "clean".. therefore it goes into resync each time the system boots up
<wmp> AtuM: no, this is bug on kernel, on older version all works good
<AtuM> wmp, then it might have something to do with its module for dm-mapper.. it's part of the kernel
<wmp> AtuM: i dont know, now i reporting this bug on launchpad
<AtuM> anyway I haven't found the solution for it and got tired of waiting for a fix.. this bug ate my nerves across two fedora releases.. when i got tired of it i switched distros ;)
<wmp> AtuM: https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1288703
<AtuM> I must say that I haven't had these issues on ubuntu yet..  if old kernel works for you, I'd suggest u use the old version until the fix comes along.. 14.04 will come soon enough ;)
<wmp> yes, of course ;)
<AtuM> wmp, great.. however I do believe that 12.04 might become obsolete before they fix it.. so my hopes are on 14.04
<Daviey> jak2013: pxc = percona?
<Daviey> err, jamespage
<Daviey> jamespage: I assume it does... What is the status of it getting in Debian?
<jamespage> Daviey, its in the NEW queue in Debian as well
<jamespage> the packages in the Ubuntu NEW queue are the Debian packages with a 0ubuntu1 version number
<zul> Daviey:  pingaroo
<zul> Daviey:  so ceilometer added a new dependency yesterday (right before a release yay) called python-croniter, i packaged it last night, can you review it for me?
<zul> Daviey:  https://bugs.launchpad.net/ubuntu/+bug/1288761
<hallyn> rbasak - i'm giving up on the idea of ditching vmbuilder before trusty
<hallyn> taking too long, not gonna happen.  resigned to spending some time maintaining it.
<rbasak> hallyn: ok. Though I hope it's not because of the uvtool bug. I can rush a fix if that will help you.
<hallyn> so the adt conversino should still happen, as it takes a lot of fragile code out, but i don't want to rush it
<hallyn> (and if someone else does, they can take my MP and run with it)
<hallyn> rbasak: no, it's not just that bug.  if you l ook at the pace of the open bug for that MP, you'll see it lives on a slower timeline :)
<rbasak> OK. If anything changes and you need a fix quickly, let me know. Your specific use case is a small part of the general problem but easy to fix permanently, but I would prefer to sort out the other aspects of it while I'm there otherwise.
<Daviey> zul: hey
<zul> Daviey:  heylo
<hallyn> rbasak: ok.  would prefer a proper fix, which is exactly why i don't want to push the mp :)
<hallyn> Daviey: zul: hey!  (can anyone join this party?)
<zul> hallyn:  no you arent invited :)
<hallyn> <pout>
<hallyn> oh wait, if forgot i'm a loner :)
<Daviey> It's the no hallyn's party... Which on this occasion means we are allowed one.
<hallyn> that's confusing
<Daviey> (simpsons joke)
<hallyn> oh.  one day i'll sit down and start watching that at season 1
<Daviey> I wouldn't bother. :)
<smoser> hallyn, hey.
<smoser> um. is there a way to lx-attach without the thing running ?
<smoser> i just want to do this:
<smoser> $ sudo lxc-attach -n test1 /bin/bash  < myscript
<zul> brb need to reboot
<smoser> and have it basically chroot me into that thing so that myscript can run and do something to that root
<hallyn> smoser: no
<hallyn> attach means attach to a running container
<hallyn> now, you could perhaps do 'lxc-execute -n container -- sleep 1200'
<hallyn> but generally lxc-start -n container -d goes fast enough
<smoser> hm..
<smoser> ah.
<smoser> but i guess i could just lxc-start
<smoser> with a command of /bin/bash ?
<smoser> hallyn, the goal would be to do something like this:
<smoser>  lxc-create -n original-trusty
<rbasak> hallyn: the fix for you *would be* a proper, permanent fix; it's just that it's a subset of a bigger issue. I can do the subset first if need be, that's all.
<smoser>  lxc-clone -o original-trusty -n trusty-test
<smoser>  lxc-<something> -n trusty-test < my-update-script
<hallyn> smoser: yeah that should be fine
<hallyn> smoser: you just need the namespaces to exist
<smoser> i'm confused.
<smoser> on a clone of overlayfs (or anything) i want it to do all the mounts and such.
<smb> jamespage, ping, nearly forgot you wanted to finish up iscsitarget.
<jamespage> smb, yeah - so I think it generally all looks OK for  straight backport
<jamespage> smb, I think we need todo it for all releases prior to trusty right?
<hallyn> rbasak: oh, in that case, i guess please make your best judgement based on how long you think it'll take.
<smb> jamespage, Not, sure. isn't the userspace side part only required for precise
<smb> I mean the main reason for the backport is to allow HWE kernels which are newer to work with the dkms coming from the user-space package. All the releases in between on their own do not get newer kernels
<rbasak> kirkland: see ubuntu-devel for someone in need of some entropy :)
<rbasak> (I hear you have a supply?)
<jamespage> smb, agreed - but I'm not sure exactly how the versioning would work
<jamespage> if a 12.04 user with the newer iscsitarget upgraded to quantal say
<jamespage> they would stick with the package from precise
<jamespage> as its a newer version than the one in quantal
<smb> jamespage, Hm yeah that is true. But on the other hand the dkms build has multiple patch stages by kernel version. So the new version should work with anything in between. But there is the risk of it being confusing
<jamespage> smb, that was why I was proposing backporting everywhere if that makes sense
<kirkland> rbanffy: :-)
<kirkland> rbasak: :-)
<smb> jamespage, Yeah. Though if we drag our feet a little bit more, there isn't much left in between :)
<kirkland> rbasak: looks like a fair request, to me
<smb> jamespage, Right now it would only be Quantal if I am not wrong. ITs backported from Saucy and Raring is already out of support
<rbasak> kirkland: sure. I know little about ubiquity. For d-i, I'd suggest preseeding (and enhancing the cryptsetup udeb) for some of his needs, and a pollinate udeb
<xnox> you want to polinate ubiquity?
<kirkland> rbasak: the pollinate prng seeding is currently ubuntu cloud (server) images only
<rbasak> Though, other, hardware sources may be better, for someone who really cares about this.
<kirkland> rbasak: yeah, I don't see any point, really, in bringing that up on his thread
<kirkland> rbasak: it's pretty clear to me that he wants more than just an improved prng seed
<jamespage> smb, ah - yes - I forgot
<jamespage> I was thing we where backporting from trusty
<smb> jamespage, I was doing that so long ago (at least feels that way) that now we could go there. Though I am hoping that the user-space changes between S and T are not having effects on the dkms part. So hopefully to allow the T kernel in P we only have to pick some patches there.
<gQuigs> could I get my blueprint accepted by one of the server track leads: https://blueprints.launchpad.net/ubuntu/+spec/servercloud-1403-networking ?
<rbasak> gQuigs: could you start a mailing list thread on that, maybe? I have no objection to having a vUDS session, but I have immediate "why not just ..." responses to much of what you've said. Perhaps a ML thread could cover the basics, so as not to waste a session doing that?
<rbasak> (BTW, I can't approve blueprints myself)
<gQuigs> rbasak: there have been several internal Canonical discussions..
<gQuigs> rbasak: it was last discussed at a team sprint (that I wasn't a part of) and the next step was to do a public discussion
<rbasak> gQuigs: sure, OK. I'm proposing that a public discussion start on a mailing list in advance of a UDS session, because that makes a session more useful.
<gQuigs> rbasak: recommend ubuntu-devel or ubuntu-server?
<rbasak> gQuigs: up to you - I'm not sure of the context yet! If it's a server blueprint, then ubuntu-server makes sense. If it's a wider thing, then ubuntu-devel, but then maybe it should be a foundations blueprint?
<jamespage> rbasak, gQuigs: if its networking post ubuntu-devel
<gQuigs> jamespage: will do
<zul> Daviey:  thanks
<zul> jamespage:  https://code.launchpad.net/~zulcss/neutron/new-plugins/+merge/209722
<jamespage> zul, missing new files
<zul> jamespage:  there now
<jamespage> zul, neutron update needs some work still
<zul> jamespage:  ok ill have a look at it after lunch
<jamespage> zul, doing horizon now
<jamespage> coreycb, use this channel for co-ordination pls
<coreycb> jamespage, ok
<jamespage> zul, coreycb: horizon done
<jamespage> zul, coreycb: doing keystone
<zul> jamespage:  ack
<jamespage> zul, as most of these are fairly trivial, going straight for push and upload rather than review first
<zul> jamespage:  ditto
<zul> nova is done
<jamespage> anything non-trivial I'll MP
<jamespage> coreycb, obviously you'll still need to raise a MP
<jamespage> zul, I pointed coreycb at cinder to start with
<zul> jamespage:  ack...can you both update the list as you as well?
<jamespage> zul, will do
 * jamespage twiddles his fingers while keystone tests itself
<zul> jamespage:  building swift
<Repox> Hello. I have an executable which relies on me typing in my choices in steps. Is it possible to pipe these choices? Like 'echo "1" | echo "myemail@example.com" | etc | ./create_user.sh' ? (Already tried that, didn't work).
<smoser> rbasak, https://bugs.launchpad.net/ubuntu/+source/cloud-init/+bug/1235231 is going to be fixed!
<tych0> hi hallyn, i'm getting: http://paste.ubuntu.com/7045342/
<tych0> any ideas?
<tych0> just from doing an lxc-start
<hallyn> tych0: ?  no...  so you start the contaienr, and it immediately shuts down?
<tych0> yeah
<hallyn> look through syslog.  oom maybe?
<hallyn> things being indiscriminately TERMed says oom to me
 * tych0 looks
<tych0> hallyn: http://paste.ubuntu.com/7045385/ so it looks like it gets an IP
<tych0> then the bridge device it is on does something weird
<rbasak> smoser: \o/
<coreycb> jamespage, zul: cinder started
<hallyn> tych0: but anything in syslog or kern.log?
<zul> coreycb:  awesome
<tych0> hallyn: that was syslog, trying to recreate and will check kern.log
<jamespage> zul, coreycb: keystone uploading
<jamespage> zul, found one bug in horizon
<zul> jamespage:  heh
<jamespage> well two actually
<zul> jamespage:  ok..working on ironic
<jamespage> https://bugs.launchpad.net/ubuntu/+source/horizon/+bug/1288904
<jamespage> zul, and the ubuntu theme is really stuffed due to new theme from upstream
<zul> ack
<jamespage> zul, I'll see if I can wrangle some design team for that
<zul> jamespage:  that would be great...since the quality of my css skills is umm...crappy :)
<jamespage> ditto
<jamespage> gaughen, ^^ fyi
<rostam> hi I am using ubuntu 12.04 update 4. The output of ifconfig displays an interface which I am not sure what it is:   ax0  192.168.4.1   what is ax0 interface? thx
<coreycb> jamespage, zul: cinder started for real this time
<coreycb> :)
<zul> sweet
<coreycb> zul, jamespage: cinder pushed and merge requested
<jamespage> coreycb, just leave the reviewer blank in future - it will default to the team
<jamespage> zul, you ok to land that?
<zul> jamespage:  yeah i can
<gQuigs> rbasak: jamespage, can either of you let my message in to ubuntu-devel :)
<coreycb> jamespage, ok
<coreycb> zul, jamespage: starting python-swiftclient
<coreycb>  zul, jamespage: python-swiftclient pushed and merge proposed
<zul> coreycb: cool ill have a look
<coreycb> zul,  thanks!
<zul> cinder uploaded
<MavKen> can someone recommend a tutorial for getting mail server and a web interface up and running on a vps that has several virtual hosts?
<jamespage> zul, https://launchpadlibrarian.net/168544611/buildlog_ubuntu-trusty-i386.keystone_1%3A2014.1~b3-0ubuntu1_FAILEDTOBUILD.txt.gz
<jamespage> gah
<zul> jamespage:  gah...
<zul> swine testr
<jamespage> zul, its the inactivity caused kill thing
<jamespage> zul, maybe run_test is noisier
 * jamespage looks
<zul> jamespage:  yeah we need to make it more verbose
<zul> jamespage:  coreycb found a bug in the python-heatclient package
<zul> jamespage:  we'll keep him ;)
<coreycb> zul, lol
<DeltaHeavy> Hey, so I'm trying to configure netfilter with iptables and I'm wondering how I can insert a rule, between two othe rules. As far as I can tell this is impossible?
<sarnold> DeltaHeavy: try the iptables -I with the optional [rulenum] parameter
<zul> jamespage:  ceilometer needs python-pysnmp4 now :(
<coreycb> zul, fix pushed
<zul> cool
<zul> coreycb: heatclient needs fixing
<gQuigs> rbasak: posted https://lists.ubuntu.com/archives/ubuntu-devel-discuss/2014-March/014877.html
<DeltaHeavy> sarnold: Awesome, thanks!
<sarnold> DeltaHeavy: you're welcome :) have fun!
<coreycb> zul, ok I can do that.  I was going to do 2 different commits.
<zul> coreycb: nah just quash them
<coreycb> zul, gotcha, will do
<wmp> zul: you are from Poland?
<zul> wmp: no im in canada
<wmp> zul in poland mean a habitual drunkard, an alcoholic
<wmp> zul: http://tiny.pl/qlfr4 :D
<zul> oh
<shredding> Hello all.
<shredding> I'm writing my first shell script.
<shredding> I'm trying to hook into the cd-function in order to activate a ruby gemset on specific directory or activate venv for python.
<shredding> this is what i got: http://pastebin.com/dJqXaqVk
<shredding> It works, in terms of it tells me that it activates the gemset and that it activates venv on the correct directories ...
<shredding> ... but they are not really applied.
<shredding> I have to add gemsets / venv again.
<shredding> What may be the reason?
<shredding> Do i have to delay or so?
<rostam> hi I am using ubuntu 12.04 update 4. The output of ifconfig displays an interface which I am not sure what it is:   ax0  192.168.4.1   what is ax0 interface? thx
<patdk-wk> ax.25
<rostam> patdk-wk,  how that could be plumbed on my system?
<patdk-wk> how should I know? I didn't configure your system
<rostam> The output of the "axi-cache depends libssl1.0.0" has some lines starting with "Breaks:"  what that means? thx
<patdk-wk> rostam, ask any webpage about how debian packaging works
<patdk-wk> what it isn't compatable with
<rostam> patdk-wk, thx
<sarnold> rostam: https://www.debian.org/doc/debian-policy/ch-relationships.html
<justizin> is it just me, or is it awkward that the docker package has been renamed from lxc-docker (upstream) to docker.io (ubuntu maintained) in trusty?
<rostam> sarnold, thx
<med_> smoser, is it safe to say that cirros-0.3.1 isn't built with the virtio driver (and thus can't respond to pings if libvirt/kvm are using virtio)
 * med_ is pretty sure that's the case
<med_> or rather that the cirros KERNEL isn't built with it
<med_> hmmm, looks like it is being built and tested with virtio
<med_> (yet it doesn't have the side effect of actually working.)
<apb1963> I want to take system (ubuntu 12.04) generated mail and be able to read it with thunderbird.  So I'm trying to use my (residential roadrunner) ISP as a relay to send it to my normal user account.  Since I'm on a dynamic IP, I fall under RR spamhaus policy and it (refused to talk to me: 554 5.7.1 - ERROR: Mail refused).  RR used to have a writeup on how to get around this, but they moved the page and of course didn't leave a pointer.
<apb1963> I seem to recall it may have had something to do with SMTP auth, but I don't remember for sure.  I'm using postfix & dovecot
<apb1963> to be honest, I didn't want this to be a major fuss... I just wanted to be able to read mail in the manner described.
<sarnold> apb1963: they may also support pop-before-smtp or imap-before-smtp, maybe that will help you find their documentation?
<apb1963> sarnold: Thank you.  The only thing I can find is something about entering the username properly.  Perhaps I'm asking the wrong question.  The mail is destined for a user (me) at that domain.  The fact that it's my account I don't believe to be relevant.  I just want to send mail to one of their users.
<sarnold> apb1963: yeah, sometimes the ability to send mail from a specific account is dependant upon loging in as that account from the same IP address a few seconds earlier
<sarnold> (logging in over pop3 or imap4)
<apb1963> sarnold: I can pickup and send mail through thunderbird just fine... it's only when I try to send system mail by way of postfix that it fails.  I suspect it may have to do with the fact that I'm sending mail as another domain name.  i.e. My dynamic host is registered with freedns to be another domain... at the RR supplied ip address.
<apb1963> pop3
<apb1963> but that's just a wild guess.
<apb1963> sarnold: ok lets look at this from a different angle... how does a normal everyday system send mail to a RR user?
<sarnold> apb1963: ah, I hadn't realized that the From: or From_ address didn't match the account in question..
<sarnold> apb1963: by having a mail server not on a dial-up line or modern equivalent..
#ubuntu-server 2014-03-07
<apb1963> sarnold: so if I were sending mail from another ISP say.... aol... then I wouldn't have this issue?
<sarnold> apb1963: if the mail is From: or From_ an aol address it would be more likely to work, Ithink..
<apb1963> sarnold: so.... if I were to have a From: line that matched their domain... that would resolve it?
<sarnold> apb1963: it'd probably help, especially if you could pop3 or imap4 to that account from the same ip address shortly before..
<apb1963> i'm reasonably sure I send before receiving on the normal use account which works.
<apb1963> I'm pretty sure it goes out instantly too.
<apb1963> i.e. not just when I poll for POP
<sarnold> last time I looked into this the usual timings were e.g. five or ten minutes
<sarnold> they could make it a few hours or so..
<apb1963> Yeah, I poll every 5 or 10 minutes... but outgoing goes as soon as I send.
<sarnold> (and at this point, it's all speculation on my part that they'd use it :)
<apb1963> Right... so assuming they don't... then what would I need to change... my /etc/mailname?
<apb1963> somehow this doesn't make sense... surely other people using freedns send their email out without having to compromise their domain name and rely on the name of their ISP.
<apb1963> I think this might be where SMTP auth comes in perhaps.
<apb1963> !welcome
<sarnold> apb1963: antispam mechansisms have seriously degraded the ease of setting up mail servers these days :(
<sarnold> apb1963: you could investigate using e.g. sendgrid as a way to get your mail onto the internet
<apb1963> sarnold: ok so since my use case is limited... lets try this a different way.  Lets say I want thunderbird to poll for system mail the same way it polls RR.
<apb1963> sarnold: It would what... connect to dovecot somehow?
<apb1963> so just add another account to thunderbird?
<apb1963> yeah... that sounds good
<apb1963> :)
<sarnold> apb1963: I think there's a few approaches; running dovecot locally is one that many of my friends have used for various reasons I never understood :)
<apb1963> I'm going to try it
<apb1963> that's the simple solution
<apb1963> since i'm already running dovecot I think
<sarnold> apb1963: this post suggests that you could also use /var/spool/mail/ directly with thunderbird, in case you've got local delivery already working: http://askubuntu.com/a/199453/33812
<apb1963> sarnold: Thank you!  I suspect that's what I'm looking for.  I was unaware of the need for a .forward file and is probably the reason why my aliases never worked.  That had me puzzled for like a  year now.
<apb1963> I still don't understand the need for a .forward file... seems like an alias should be enough... but hopefully that's one additional mystery solved.
<apb1963> In fact... i would think one or the other is all that's needed... not both.  Seems odd to me.  Oh well, that's a different conversation.
<sarnold> it's been ages since I've hosted my own email, such a pain.. I don't recall that constraint before, but I'm not sure I'd used aliases extensively back then
<apb1963> sarnold: Well, thunderbird won't let me choose that directory.... "The Local Directory path "/var/mail" is invalid. Please pick a different directory."  Unfortunately I need to deal with something else so I'll have to come back later.  Thanks for the help!
<apb1963> Could be permissions.  :(
<sarnold> apb1963: good luck!
<apb1963> Anyway.  Thanks!
 * apb1963 leaves
<strlng> I'm trying to figure out bouncing mail for a specific account with postfix. I have an email address, jim@blah.com that receives lots of spam. So jim now has an address he is using instead, jim2@blah.com. Problem is jim has an account on the server. So I need to have outside mail addressed to jim@blah.com to bounce, but mail to jim2@blah.com to go to user jim. Is there any way to do this?
<smoser> med_, tht would most certainly be wrong :)
<smoser> cirros most certainly works on virtio:
<smoser> wget http://download.cirros-cloud.net/0.3.1/cirros-0.3.1-x86_64-disk.img -O cirros-disk.img
<smoser> kvm -device virtio-net-pci,netdev=net00,mac=52:54:00:12:34:00 -netdev type=user,id=net00 -drive if=virtio,file=cirros-disk.img
<smoser> that will work fine.
<smoser> i suspect your issue is that its looking for an ec2 metadata service, which its not goign to find.
<rostam> Hi I use preseed file to automate installtion of my system. I want to boot into EFI mode, do I have to do anything special in my preseed file with regard to booting in EFI mode? Thx
<basil> Hi I have a fresh install of Ubuntu 12.04. Yesterday, when I rebooted, it showed 2 fails - Starting configure network drive and Starting configure virtual network drive. Can anyone shed some light please?
<Repox> Hi. reverse dns / ptr records. Is this something I need to setup on the server?
<marcus_> Hi! I'm having trouble getting my SAS-controllers working under 13.10 server, something seems to hang during startup -> http://paste.ubuntu.com/7048825/
<marcus_> any suggestions on how to proceed?
<basil_> Hi my new installation of Ubuntu 12.04 won't connect to the Internet using FF - error is "unabale to connect". But I can ping www.google.com, ping 8.8.8.8 and ping my gateaway. My webserver is also working. How can I connect to the Interne tfrom my server?
<cfhowlett> basil_, try a different browser: chromium?
<basil_> had thought of that....but I get an error of "failed to download package files" when I try to install chrome
<marcus_> Hi! I'm having trouble getting my SAS-controllers working under 13.10 server, something seems to hang during startup. How should I proceed? -> http://paste.ubuntu.com/7048825/
<jamespage> zul, I recut your MP with some extra stuff - https://code.launchpad.net/~james-page/neutron/icehouse-b3/+merge/209870
<jamespage> zul, not sure how you come back from that comment late yesterday
<jamespage> :-)
<jamespage> sarnold, hey - I know you are busy but when do you think you will get to the juju MIR?
<marcus_> Hi! I'm having trouble getting my SAS-controllers working under 13.10 server, something seems to hang during startup. How should I proceed? -> http://paste.ubuntu.com/7048825/
<ikonia> marcus_: what make/brand is the sas controller
<marcus_> ibm serveraid
<marcus_> let me find the model number
<marcus_> IBM Express ServeRAID M1015
<ikonia> whats the actual problem with it ?
<marcus_> ikonia: only 8 of 24 drives are detected
<marcus_> there are 3 of those controllers, and their combined bios detects them all
<ikonia> there are 3 controllers, with how many disks on each
<marcus_> 8
<ikonia> so that suggests only one controller is being detected/loaded at boot time
<marcus_> all 3 boot up properly before the OS boots
<marcus_> and dmesg throws errors on them
<ikonia> does it throw an error on all of them, or just one of them
<ikonia> (or two)
<marcus_> not quite sure
<marcus_> I'm sort of new to troubleshooting with dmesg
<marcus_> on hardware
<ikonia> well, dmesg isn't the only tool here
<ikonia> what does the syslog say ?
<ikonia> what kernel module does it use ? how many instances of that are loaded ?
<Repox> Hi. I have an issue with an executable. When trying to execute supervisorctl I get an error telling me that "bash: /usr/local/bin/supervisorctl: No such file or directory" . But the file is actually located in /usr/bin, not /usr/local/bin. How can I fix this?
<marcus_> ikonia: I'm not sure what to look for... should I paste it to a pastebin?
<ikonia> Repox: looks like it's hardcoded to look there
<ikonia> marcus_: well, look for it starting to bring the disk system up
<ikonia> marcus_: look for it making references to the controllers
<ikonia> look at the kernel module - look how many times it tries/succeeds in loading it
<marcus_> ikonia: kernel: [  191.668158] megasas: [ 0]waiting for 1 commands to complete <- like this?
<ikonia> no, but that is useful, so it's still waiting for something, although that may not be a bad thing
<marcus_> kernel: [  191.668155] scsi 2:0:0:0: megasas: RESET cmd=12 retries=0
<rahuldroy> Hi Guys, Can someone help me with with server question. Apache on my EC2 micro instance is using a really really high. It ideals at around 40% but also sometimes maxes the cpu completely
<rahuldroy> any ideas on how I can debug it?
<ikonia> marcus_: issuing a reset......interesting
<marcus_> [    2.777725] megasas_init_mfi: fw_support_ieee=67108864
<marcus_> this is the first reference I can find in the syslog
<marcus_> [    2.777726] megasas: INIT adapter done
<ikonia> don't know what that means, looks like its an init and loading of firmware (at a guess)
<marcus_> grepping mega from the syslog gave me a nice view
<marcus_> but then there are call traces in the logs, that means something crashed..right?
<ikonia> not always
<marcus_>  [  367.079111] megasas: [175]waiting for 1 commands to complete
<marcus_> guessing this isn't a good sign
<makara> any idea what's wrong here? http://postimg.org/image/7yns6gdnv/
<jamespage> rbasak, are you intending on pushing any more debian-ubuntu mysql resync this cycle?
<rbasak> jamespage: I was thinking about just doing a merge against the latest release to make future merges easier, but that would probably actually be no code changes in the end, just a version bump.
<rbasak> jamespage: I don't have anything else to send to Debian, I don't think.
<rbasak> There's an upstream microrelease update needed, too.
<jamespage> rbasak, not worth the churn - lets pick this up again next cycle
<jamespage> rbasak, is that granted yet?
<rbasak> jamespage: yes, it's granted. I haven't worried about it too much though, since we can do that at any time and more will surely come along.
<rbasak> (so I don't see it as critical for release, but a nice-to-have that we release with the current, which may not be today's current)
<jamespage> rbasak, I wonder if I can piggy back on that for mysql-5.6
<rbasak> jamespage: I expect so. The 5.5 TB decision was not controversial. I'm sure that the 5.6 one will be considered to be the same if we just ask them. I'd also agree that techncially it's the same decision, but since it's a different source package it seems polite to ask.
<rbasak> jamespage: have you seen bug https://bugs.launchpad.net/bugs/1284376? Looks like it just needs a merge.
<jamespage> rbasak, doko already did it
<rbasak> Ah!
<jamespage> marking it so
<rbasak> You beat me to it :)
<zul> jamespage:  +1
<zul> jamespage:  i just merged it as well
<jamespage> zul, my neutron changes?
<zul> jamespage:  yep
<jamespage> zul, I need to upload still - doing that now then
<zul> jamespage:  ok
<zul> jamespage:  im going to play around with the cloud archive havanna stuff this morning
<zul> jamespage: right after breakfast and wakeupage
<jamespage> zul, good-oh
<jamespage> zul, oh - btw the hplefthandclient MIR was subscribed to the sru team, not the mir team - fixed that
<zul> doh
<jamespage> zul, now if we can fix beautiful soup for django compressor
<jamespage> we'll be clear on http://people.canonical.com/~ubuntu-archive/component-mismatches-proposed.svg
<zul> jamespage:  ill take a look at it today
<jamespage> zul, great
<zul> but i could have sworn i did that :)
<jamespage> zul, this was the thing that was muddled with lxml I think
<zul> yeah
<jamespage> zul, I think we can just drop the BD - beautiful soup is only required for testing and is an alternative implementation
<zul> jamespage:  looking
<jamespage> zul, I got it
 * jamespage is going to nail this
<jamespage> zul, /usr/share/pyshared has gone btw
<jamespage> I keep hitting packages that assume that will be present
<zul> like what?
<zul> jamespage:  yeah doko was rebuilding some packagages since pyshared has gone
<jamespage> zul, the d/rules in that package uses it to locate django-admin to run the tests
<jamespage> and then ignores the results anyway
<zul> jamespage:  when i was looking at this bs4 was being used for python3 compat and beautifulsoup was being used for python2 compat
<jamespage> in django-compressor?
<zul> yeah
<zul> too bad i dont have the patch anymore
<zul> the /usr/share/pyshared stuff is just a no change rebuild fyi
<zul> https://lists.ubuntu.com/archives/trusty-changes/2014-February/010799.html
<jamespage> zul, uploaded - less than ideal but as its not the default parser I'm failing to care this late in release
<zul> ditto
<jamespage> gonna raise a bug against this and lxml to say they have optional dependencies on beautifulsoup
<gnuoy`> I'm trying to port trusty squid3 to our internal suite (mainly to enable ssl support). But our dak doesn't support xz compression. Previously I've twiddled dh_builddeb -- -Z to gzip and profited but the packaging for squid3 is more complex. As far as I can see the Makefile.am already have "AUTOMAKE_OPTIONS = dist-bzip2 ..." which I'd have thought was dictating bzip rather than xz
<gnuoy`> The message from dak is:
<gnuoy`>  squid_3.3.8-1ubuntu6~0.14.04.IS.PATCHED_i386.deb: third chunk is 'data.tar.xz', expected 'data.tar.gz', 'data.tar.bz2', or 'data.tar.lzma'.
<gnuoy`> If anyone has a tick could they point me in the right direction pls ?
<rbasak> gnuoy`: without looking, I would guess that your AUTOMAKE_OPTIONS line is entirely unrelated to your debian packaging ending up xz compressed.
<cfhowlett> !trusty|gnuoy`,
<ubottu> gnuoy`,: Ubuntu 14.04 (Trusty Tahr) will be the 20th release of Ubuntu.  See the announcement at http://www.markshuttleworth.com/archives/1295 for more info. support in #ubuntu+1
<gnuoy`> rbasak, ah, a red herring
<rbasak> That line sounds more related to upstreams making a release tarball.
<miceiken> hi guys
<miceiken> im trying to set up dovecot
<miceiken> https://help.ubuntu.com/community/Dovecot
<miceiken> and all the stuff they refer to into config
<miceiken> i cant find it
<mardraum> all the stuff?
<miceiken> marcoceppi_, like the ssl part, I added that by hand. but the protocol imap, pop3 etc
<miceiken> *err mardraum
<rbasak> mdeslaur_, lamont: I'd appreciate your thoughts on bug 1288823 please.
<rbasak> https://bugs.launchpad.net/ubuntu/+source/bind9/+bug/1288823
<rbasak> (it's a request for --enable-rrl configuration option, rate-limit stanza to mitigate DNS amplication attacks)
<lamont> rbasak: doh.  Given that we took the patch before it came into upstream, yeah.  we want that.
<lamont> that is, 9.9.5 may have dropped it because of the merge upstream did....  if  you prep the patch, I'd be happy to stuff it into debian
<rbasak> lamont: so we actually have a regression here?
<mdeslaur_> I just added a comment to the bug
<lamont> maybe.  that would be something to confirm
<mdeslaur_> yes, we should add --enable-rrl
<mdeslaur_> I'm not keen on limiting it by default in the config though, that's for a site admin to do
<rbasak> OK, thanks. Do you want to take it, or shall I leave it open for the server team?
<rbasak> (to: lamont I think)
<lamont> I can make time to do it on the weekend, but it'll be sunday afternoon
<rbasak> That sounds fine to me - thanks.
<rbasak> Do we need an FFe for this?
<lamont> enabled, absolutely.  rate limit by default? hell no
<lamont> the only change will be this bug
<lamont> and any other crits that are trivial that I can find in a few minutes of looking, to be fair
<rbasak> OK. Thank you!
<jamespage> rbasak, I sent you an email re some thinking I did about virtual-mysql-*
<jamespage> zul, noddy fix - https://code.launchpad.net/~james-page/cinder/fixup-getent/+merge/209951
<jamespage> zul, I should probably know but whats python-openstackclient ?
<zul> jamespage:  its like the accumulation of all the clients
<zul> jamespage:  one client to rule them all
<zul> jamespage:  its probably a good idea to have it
<jamespage> zul, maybe
<jamespage> zul, so
<jamespage> we have some inconsistency about when xxxx-manage db sync or whatever happens in maintainer scripts
<zul> jamespage:  yep
<jamespage> zul, glance does not do it if its sqllite
<jamespage> if ! grep sql_connection /etc/glance/glance-registry.conf | grep -qv "sql_connection = sqlite:////var/lib/glance/glance.sqlite"
<jamespage> zul, keystone always does it
<jamespage> if ! grep -q sql_connection /etc/keystone/keystone.conf
<jamespage> (as the string is 'connection' not sql_connection)
<jamespage> zul, I like glances approach I think
<zul> jamespage:  i agree
<rbasak> jamespage: please could you subscribe ~ubuntu-server to nginx?
<jamespage> rbasak, oh - go on then :-)
<rbasak> Thank you!
<jamespage> rbasak, done
<jamespage> zul, which oauth is keystone using now?
<jamespage> context
<jamespage> https://bugs.launchpad.net/ubuntu/+source/keystone/+bug/1223010
<zul> jamespage:  oauthlib
<zul> marked it fix release
<jamespage> done
<zul> jamespage:  if you are on a bug warpath today i think there are some bugs assigned to the cloud-archive project
<jamespage> zul, looking there next
<zul> coolio
<miceiken> Okay, so I'm trying to set up Dovecot following the ubuntu wiki tutorial. And one of the first thing it says is to amend the line with 'protocols =' but there is no such line
<jamespage> zul, gonna kick of the testing in the lab as well
<zul> jamespage:  okies
<jamespage> zul, I was able to repro on saucy
<zul> yay! :)
<jamespage> zul, something for next week - nested kvm with 3.11 ontop of 3.8 kernel on precise
<jamespage> not so great
<zul> jamespage:  i thought that got fixed
<zul> smb: ?
<jamespage> top to bottomw
<jamespage> 3.2 3.11 3.8
<rostam> HI does anyone has any experience with Lupin ?
<bekks> !anyone | rostam
<ubottu> rostam: A high percentage of the first questions asked in this channel start with "Does anyone/anybody..." Why not ask your next question (the real one) and find out? See also !details, !gq, and !poll.
<rostam> !lupin
<sarnold> jamespage: I am anticipating doing the juju mir mid next-week
<jamespage> sarnold, great
<stgraber> sarnold: speaking of MIR, what about cgmanager?
<sarnold> stgraber: sorry, still not yet started
<sarnold> stgraber: also hopefully next week (i'm hoping it'll be quick, since I've already read much of an earlier version of the code)
<phillw> Hi good people, I have a question as to how you specify which kernel is used in the server ISO (I need this for alternate community edition)
<miceiken> Is there some way to move all the mail from /var/mail/* to /home/*/Maildir after changing the delivery folder?
<sarnold> miceiken: look into formail and procmail; formail can do operations on every mail in an mbox, procmail can do delivery
<miceiken> formail -ds old>new?
<patdk-wk> sarnold, that is way too hard
<patdk-wk> miceiken, just do a mbox2maildir conversion on the files in /var/mail
<patdk-wk> then put the resulting cur/* new/* files into the Maildir folder for that user
<patdk-wk> mb2md would be a program to do it
<miceiken> Do I need to do this for all users?
<miceiken> or does it automaticly do it
<sarnold> patdk-wk: oh much better
<patdk-wk> per file in /var/mail
<patdk-wk> or, if you are using dovecot
<patdk-wk> you can make dsync do it for you
<patdk-wk> all users at once
<patdk-wk> instructions will be on the dovecot wiki, it's a bit more tricky, but not too hard
<miceiken> nah mb2md is great thanks patdk-wk
<miceiken> last question, is /etc/aliases used to anything other than mail aliases?
<patdk-wk> that depends on if your email program even bothers to use it
<miceiken> using postfix and it does
<miceiken> like, if I have users running services (i.e. git) but I want the mail to git@example.com to go to my user instead
<patdk-wk> if you use default config, yes, postfix will use it
<miceiken> would I come in trouble with making an alias?
<patdk-wk> nothing else uses it
<miceiken> k thanks
<miceiken> should I use .forward file over it though?
<miceiken> which would you prefer?
<patdk-wk> heh?
<patdk-wk> does your delivery system (mda) even support .forward?
<miceiken> I see you can create a .forward file in the user's directory to have all messages automaticly forwarded through another user
<patdk-wk> .forward is almost dead
<miceiken> According to the postfix guide I'm using it is
<miceiken> https://help.ubuntu.com/community/PostfixBasicSetupHowto#Per_User_.forward_Files
<patdk-wk> if you use the postfix mda (local) probably
<patdk-wk> what imap/pop program are you using?
<RoyK> hm... bowmore 15
<miceiken> courier, patdk-wk
<tych0> hi hallyn, getting lxc-create: Permission denied - failed to create directory '//.local/'
<tych0> i am probably being evil and running this in a way it isn't supposed to be run
<tych0> is there a nice way that i can run it in a way that it should work?
<tych0> (i'm running it as the maas user, which doesn't have a home dir or anything)
<hallyn> feh, this is probably XDG crap.
<hallyn> stgraber: ^
<hallyn> so if you dont' have an XDG_RUNDIR, it falls back to homedir...
<tych0> ah
<hallyn> tych0: setting XDG_RUNTIME_DIR might help
<tych0> ok, to something in /tmp should be ok?
<stgraber> so it can be two things, either it's the local path trying a fallback because of missing XDG_RUNTIME_DIR
<stgraber> or it's because HOME isn't set
<tych0> HOME probably isn't set
<stgraber> since it's lxc-create, the latter seems more liekly
<stgraber> *likely
<hallyn> tmp is ok if you don't mind the container living in tmp...
<tych0> ah
<tych0> oh
<tych0> ok, let me try something
<hallyn> eh?
<tych0> thanks
<hallyn> ok :)
<stgraber> tych0: you may be able to workaround this by setting -P, though the same issue will then hit you for the cache and runtime dir
<stgraber> may be easier to just set a homedir somewhere in /var/lib for that system user :)
<hallyn> yeah
<hallyn> even libvirt-qemu has a homedir there :)
<tych0> ha, ok :-)
#ubuntu-server 2014-03-08
<basil> is anyone able to suggest a way to preventUbuntu 12.04 overriding my /etc/resolv.conf file? I have access to the internet now, but I'll lose it if I have to reboot.
<sarnold> basil: uninstall the resolvconf package? why do you have to reboot if you lose internet access....? I feel like there's a much larger, much more significant problem that you're -not- asking about :)
<basil> <sarnold>I don't have to reboot when I lose access - I'm doing a range of things. I guess I was saying if I do reboot, Ubuntu reverts.
<sarnold> basil: oh! that makes so much more sense. :) okay. thanks
<basil> <sarnold> I used sudo rm /etc/resolv.conf this morning - does that remove the package?
<sarnold> basil: no that only deletes your file. when your nics change state, probably the resolvconf package will write you a new one.
<basil> <sarnold>What's the command to remove the whole package?  Can I then just use sudo nano /etc/resolv.conf to build a new file?
<mardraum> basil: you should consider just fixing your /etc/network/interfaces with the correct dns servers etc.
<basil> <mardraum> I had tried that without luck...the only success I've had in the last few days was to rebilid the resolv.conf
<basil> rebuild
<sarnold> basil: you probably forgot the 's' at the end of 'dns-nameservers' -- see the resolvconf(8) manpage for a better example of the interfaces file than the interfaces(5) manpage
<sarnold> basil: if you really want to be in complete control of your resolv.conf, apt-get purge resolvconf. if you find you need it back, there is probably a backup in /var/cache/apt/archives/
<basil> <sarnold> so once i purg it, use the interface file?
<sarnold> basil: you'll still need to configure much of your networking in the interfaces file; but you'll be responsible for the dns settings in /etc/resolv.conf
<basil> sarnold> my resolv.conf has been simply nameserver  8.8.8.8, will that suffice. It was working with that previously
<sarnold> basil: depends upon what you do with your system and how you want to use either local networks or virtual machines / lxc instances etc..
<sarnold> basil: using a public server means you won't be able to look up machines that have names only in your local network, nor will any vms you run via libvirt be resolvable. that might be good or bad, because the automatic stuff doesn't always work, but you'll have to manage your /etc/hosts for those machines as necessary..
<basil> <sarnold>I've made that change. Purged resolv.conf...restarted, but no Internet access. I'm content with public dns for now. I'd really just like to get stable interent conncetion
<basil> <sarnold>I can ping 8.8.8.8, www.google.com and my gateway. All work, but no internet access again on FF.
<sarnold> basil: restart firefox? it may still have its own resolver implementation
<basil> <sarnold>no..it still shows "unable to connect"
<sarnold> basil: try the IP address of your gateway?
<basil> <sarnold>A few days ago I edited /etc/resolvconf/resolv.cof.d/original - I couldn't remember the setting so it now has as nameserver 127.0.0.1. Would that affect the system? I can ping my gateway.
<sarnold> basil: if you use nameserver 127.0.0.1 you will need to run a local dns resolver, either a forwarding resolver like dnscache or a recursive resolver like pdns-recursor
<basil> <sarnold>I don't want to do that...I could remember the original setting. I think I tried 8.8.8.8 and things stopped working
<sarnold> basil: was the original setting your gateway's IP address? that's common..
<basil> <sarnold>All I could recall was that it 192.x Wasn't sure if it was machine IP or gateway?
<sarnold> basil: probably the gateway.
<basil> <sarnold>changed it to gateway, restarted networking, restarted FF; unable to connect
<sarnold> basil: to where are you trying to connect?
<basil> <sarnold>When I open FF, type in www.Google.com; unable to connect
<sarnold> basil: telnet www.google.com 80  -- then hit ^D
<basil> <sarnold> does that mean "enter"?
<basil> <sarnold>trying 203.8.182.170...
<sarnold> basil: no, ^D is often used as an end-of-file kind of signal, it's some special handling the shell offers
<sarnold> basil: when you hit ^D the telnet should quit and you should see a load of error message from the remote web server
<basil> <sarnold>^ = ctrl????
<sarnold> basil: yes
<basil> <sarnold>It's just hanging at the moment.....trying 203.8.182.152
<basil> <sarnold> now it's trying 203.8.182.166
<basil> <sarnold> now it's trying 203.8.182.1177
<basil> 177
<basil> <sarnold> now it's trying 203.8.182.185
<sarnold> basil: heh, sounds like telnet can't connect to google's webservers either
<sarnold> basil: so now you get to figure that out -- is it something on your gateway? or a local firewall? or something your ISP has put in place?
<basil> <sarnold>I connected this morning for short period - until I rebooted. After I purged my resolv.conf file and then rewrote it!
<basil> <sarnold> my webserver appears to get through OK.
<basil> <sarnold>I can ping www.google.com
<sarnold> basil: your DNS appears to be working fine, though, you got four different IPs for your dns lookup..
<basil> <sarnold>I can ping 8.8.8.8
<sarnold> basil: so it appears to be a problem with tcp, which is usually indicative of firewalling errors somewhere
<basil> <sarnold> canyouseeme.org shows port 80 is open for 124.254.81.40
<basil> <sarnold> my static IP
<basil> <sarnold>port forwarding is setup on my router
<basil> <sarnold>ubuntu firewall has ports 80,22 open
<sarnold> basil: sure enough, I get http and ssh banners on both those ports
<sarnold> basil: I wonder why you can't do any tcp egress though. that seems odd.
<basil> <sarnold>i have another NIC - how do I go about switching to it, to test if it's actually hardware
<sarnold> basil: the easiest is to edit the /etc/network/interfaces to select the different NIC, swap the cable, and reboot
<sarnold> basil: but I don't think that will help
<sarnold> basil: your NIC properly talks ICMP with hosts on the other side of the planet, and I can connect to your services just fine
<basil> <sarnold>just trying to think of solutions
<sarnold> basil: I'd look at your gateway. I wonder if it is forbidding outgoing connections from machines in a 'dmz' zone or something similar
<basil> <sarnold>I'm port forwarding using my router for ports 80, 22 to my server IP (192.168.1.101)
<sarnold> basil: ah, so not using a goofy 'dmz' service. ok. hrm.
<basil> <sarnold>don't think so...static ip
<basil> <sarnold> what switching off my firewall for testing?
<basil> about
<basil> <sarnold>wala...it worked with FW turned off
<sarnold> basil: that makes sense :)
<basil> <sarnold> so, what does that mean? In practical tersm for me...???????
<sarnold> basil: it means you need to fix your firewall rules.
<sarnold> basil: you need to allow tcp packets out of your machine / network, and you need to allow the reply packets back in
<basil> <sarnold>Ok...I'll trash it and start over. I did have rules setup for both inbound and outbound. I used Firestarter to assist me graphically.
<basil> <sarnold>Hey thanks for all your help...and infinite patience
<sarnold> basil: what did you think of firestarter? i've never tried it..
<sarnold> .. and I've never learned iptables well enough by hand :)
<basil> <sarnold>its graphical...and I'm not very good with CLI. I've used it for a few years...usually happily
<sarnold> basil: cool, thanks. I've been content with ufw, it normally does what I want :) but it's all CLI
<basil> <sarnold>thanks again...so much
<sarnold> basil: have fun!
<basil> <sarnold>ciao
<Noah_AT> Hello, I need support installing Ubuntu 12.04.4-server. Please message me if you can help. I'm having issues at partition time.
<sheptard> Noah_AT: why not just ask your question in the channel and give everyone a chance to help you
<Noah_AT> sheptard: thanks for the advice. Do you mean the #ubuntu channel?
<sarnold> Noah_AT: or this channel
<sheptard> evening sarnold
<sarnold> hey sheptard :)
<Noah_AT> sarnold: thanks guys, here goes: I had Ubuntu 11.04 Natty. I was upgrading to Oneiric, but I realized I'd rather just do a 12.04.4 LTS clean install. So I force shut down 5hrs into the upgrade and tried to wipe the hard drive using gparted and then install the clean Ubuntu. I've gotten stuck at the partition phase every time
<Noah_AT> sheptard: I'm referring to ubuntu servers. there was a bit of confusion about that on #ubuntu, so I wanted to specify
<sarnold> Noah_AT: did you get stuck in partitioning durin the installer? or during your manual gparted wiping?
<Noah_AT> sarnold: installer. Can't remember the exact error though, so I am going to try and make the error happen again
<sarnold> Noah_AT: ooh, good, an exact error message is always welcome :)
<Noah_AT> sarnold: for sure, I'm on it. If its okay with you, I'll post my step by step here so that we know exactly what I might have done to trigger the error
<Noah_AT> sarnold: I'll be concise so as to not bloat the channel though
<sarnold> Noah_AT: hehe, okay
<semiosis> Noah_AT: just a wild idea, but if you want to wipe the *entire* disk, you could dd if=/dev/zero of=/dev/sd? -- that would nuke anything left by parted/fdisk
<semiosis> sarnold: would you agree?
<sarnold> semiosis: yeah, that's a good way of getting back to a clean slate, but it can take a while on a larger drive
<Noah_AT> sarnold: we are working on about 111GB
<semiosis> well, only need to nuke the beginning of the disk, where the mbr is.  doesn't matter what's after that
<sarnold> I'm hoping to avoid a long zeroing if we can nuance the partitioning somehow else..
<Noah_AT> sarnold: might as well see the error first though, no?
<sarnold> semiosis: hah, true
<sarnold> Noah_AT: if it's easy to get to
<Noah_AT> sarnold: yeah.. t-10min I'd say
<sarnold> semiosis: (funny thing, zfs stores four copies of its per-disk uberblock on a disk, two copies near the beginnin and two copies near the end; advice there often is "zero the first and last ten megabytes" :)
<semiosis> hah, good to know, next time i'm knee deep in zfs
<sarnold> :)
 * semiosis wonders if btrfs does similar
<Noah_AT> sarnold: Configured language, keyboard, hostname, full name, username, should I choose to encrypt my home directory?
<sarnold> Noah_AT: probably not; if you're asking, you probably don't need it :)
<semiosis> Noah_AT: it'll slow everything down a lot
<Noah_AT> semiosis: haha great thanks!
<semiosis> but maybe protect from prying eyes
<sarnold> (it's a neat feature, but it comes with its own caveats for use. skipping it is a lot easier.)
<Noah_AT> sarnold: for now, lets definitely keep it simple
<Noah_AT> sarnold: Timezone done
<sarnold> Noah_AT: .. I'm off to pick up pizza :) I should be back in a bit.. hopefully semiosis and sheptard will get you squared away :)
<Noah_AT> sarnold: alright enjoy!
<sarnold> danke :)
<Noah_AT> sarnold: thanks for your help. hopefully I'll have some good news when you get back
<semiosis> sarnold: enjoy your pie
<semiosis> Noah_AT: feel free to ask me whatever about your install.  happy to help
<Noah_AT> semiosis: cool I'm at the partition disks screen with these options: "Guided Partitioning, Configure software RAID, Configure the Logical Volume Manager, Configure encrypted volumes, Configure iSCSI volumes, Undo changed to partitions, and Finish partitioning and write changes to disk" with a little section showing "SCST1 (0,0,0) (sea) - 120.0 GB ATA ST9120822A #1 Primary 120.0 GB ext2
<semiosis> Noah_AT: can we wipe this drive completely?  confirm you dont care about any data on it please
<Noah_AT> semiosis: Yup. Confirmed.
<semiosis> then just do guided partitioning
<semiosis> that should be mostly automatic
<Noah_AT> semiosis: I've selected "Guided Partitioning" and am now selecting "Guided - Resize SCSI1 (0,0,0), partition #1 (sea) and use freed space" Ok?
<semiosis> hmm, is there a "use whole disk" option or something like that?
<Noah_AT> semiosis: Options: G is for "guided". "G - resize SCSI1 (0,0,0), partition #1 (sea) and use freed space, G - use entire disk, G - use entire disk and set up LVM, G - use entire disk and set up encrypted LVM, Manual"
<Noah_AT> sea not sea
<Noah_AT> sda**
<semiosis> "use entire disk" is the one (no LVM, no encrypted LVM, ...)
<Noah_AT> semiosis: would you join a private chat with another nice guy who is helping me out?
<semiosis> prefer to keep it in channel
<Noah_AT> semiosis: he had responded in the ubuntu channel
<Noah_AT> gotcha kk
<Noah_AT> i selected "use entire disk" and the plan has updated to "#1 primary 117.9GB f ext4 /" and "#5 logical 2.1 GB f swap  swap"
<semiosis> looks good to me
<Noah_AT> semiosis: "Finish partitioning and write changes to disk" ?
<semiosis> if you are sure you want to wipe the whole disk drive and install ubuntu on it, then yes
<Noah_AT> semiosis: Alonsi! then
<semiosis> Noah_AT: congrats! you're (almost) the owner of a new ubuntu system!
 * sarnold returns
<sarnold> Noah_AT: good news? :)
<Noah_AT> semiosis: haha I hope you're right! I'll hold you to it :P
<Noah_AT> semiosis: alright! Warning screen. "If you continue, changes will be written...This will destroy all data...The partition tables on the following devices are changed: SCSI1 (0,0,0) (sea) and then the plan again
<semiosis> Noah_AT: you know what to do
<Noah_AT> semiosis: its going... .... ....
<Noah_AT> Oh! Installing base system!
<sarnold> nice :)
<Noah_AT> sarnold: hahaha just in time!
 * semiosis bed time
<sarnold> Noah_AT: yeah no kidding, pizza in the oven, VM upgrading, and your system installing :)
<Noah_AT> semiosis: so, this is farther than I've gotten
<sarnold> semiosis: 'night :)
<Noah_AT> semiosis: Night! Thanks so much
<semiosis> Noah_AT: enjoy your new ubuntu
<semiosis> sarnold: laters
 * semiosis afk
<wkmanire> Hello.
<wkmanire> I'm not that familiar with LVM. I know it's supposed to be flexible in that you can increase partition sizes but how does that work with additional disks?
<wkmanire> Can I add an extra disk and grow an existing partition to include that disk?
<bekks> LVM does not need partitions. If you want to extend your volume group, add your new disk as physical volume to the volume group, then you can extend your logical volumes. And after that, you need to expand the filesystems contained in the logical volumes.
<wkmanire> bekks: I see.
<wkmanire> bekks: So it will appear as one contiguous filesystem
<wkmanire> Comprised of 3 drives
<bekks> yeah, it is pretty unsafe, but it is possible.
<wkmanire> Unsafe in what sense?
<wkmanire> If I have a drive failure do I lose the whole volume?
<bekks> If one drive gets corrupted, data on the whole volume will be lost.
<wkmanire> That makes sense.
<wkmanire> bekks: Thank you for answering my questions.
<eagles0513875> hey guys
<eagles0513875> hey lordievader :D here is teh pastebin of the log http://paste.ubuntu.com/7055081/
<lordievader> eagles0513875: Hmm, does syslog contain something usefull?
<lordievader> Also what happens when you manually run dpkg -i on the package?
<eagles0513875> lordievader: all im seeing in syslog is emails coming in etc
<eagles0513875> let me try the dpkg -i
<eagles0513875> root@ha1:/var/log# dpkg --install runit dpkg: error processing runit (--install):  cannot access archive: No such file or directory Errors were encountered while processing:  runit
<eagles0513875> !runit
<eagles0513875> !info runit
<ubottu> runit (source: runit): system-wide service supervision. In component universe, is optional. Version 2.1.1-6.2ubuntu3 (saucy), package size 108 kB, installed size 415 kB
<lordievader> eagles0513875: Try redownloading the .deb.
<eagles0513875> lordievader: i downloaded it from the repo
<eagles0513875> ok seems like none of my other servers have it
<eagles0513875> how can i see a list of dependencies that rely on the package giving the issue
<lordievader> apt-cache rdepends
<eagles0513875> lordievader: how will i know what i have on my system is using it as im seeing two things with | next to them
<lordievader> eagles0513875: Write a script ;)
<eagles0513875> lordievader: is there a way i can force it to be removed and reinstalled?
<lordievader> Err not really sure what you mean? Purge and install?
<eagles0513875> lordievader: basically how can i have the system reinstall the package with the issue
<lordievader> eagles0513875: Remove, clean, and install. (check that step one doesn't tear down something important)
<eagles0513875> lordievader: removing it and reinstalling it solved the problem
<eagles0513875> it removed something git related which i reinstalled along side it
<freenide> which ubuntu server i need to install that will help me setup dhcp ????? thanks
<cfhowlett> !dhcp
<ubottu> dhcp is Dynamic Host Configuration Protocol, a protocol for automatic IP assignment from a router. Ubuntu uses dhclient as a DHCP client but other ones (and DHCP servers too) can be obtained from the !repos. More info at http://en.wikipedia.org/wiki/DHCP
<irv> can someone assist me with installing a low-latency kernel on ubuntu server 13.10?
<qman> apt-get install linux-rt ?
<irv> i'll give that a shot, thx :)
<qman> i think its still in default sources
<qman> if not i'm sure there's a ppa
<irv> perfect, i'm just installing the OS now
#ubuntu-server 2014-03-09
<MavKen> I have installed phpmyadmin on my vps.  Is it possible so that phpmyadmin can only be accessed via the primary domain?
<PryMar56> MavKen, in Apache2 config:order Deny,Allow; Deny from All; Allow from xx:yy:zz:255/24
<PryMar56> 255->0
<lvmer> How do I view the channel list? or where would be a good place to ask about web hosting options? thanks o.O
<MavKen> lvmer, check out www.digitalocean.com
<MavKen> lvmer, I have been running an ubuntu server there for about a year with all of my hosting clients on it
<lvmer> mavken, thanks checking it out now
<MavKen> if you check their twitter, you can find promo codes to get started
<basil> I have a Billion Bipac 73000 router. I'm trying to setup an Ubuntu server behind the router.
<basil> I have a static IP at home, and I've assigned the MAC address on the router to 192.168.1.101 (my server address).
<basil> If I go into my DHCP table today, I can't see the server IP and MAC address. I've turned off the router, and tried again â still not there. Yesterday, I had 3 instance of the server in the DHCP (each with a different IP).
<basil> I've searched for DHCP renew lease and other commands, but had no luck.
<basil> My server now accesses the web, but my webserver isn't available to the outside world. I have setup port forwarding.
<basil> I'd appreciate any advice
<NewNick> I have a Billion Bipac 73000 router. I'm trying to setup an Ubuntu server behind the router.
<NewNick> I have a static IP at home, and I've assigned the MAC address on the router to 192.168.1.101 (my server address).
<NewNick> If I go into my DHCP table today, I can't see the server IP and MAC address. I've turned off the router, and tried again â still not there. Yesterday, I had 3 instance of the server in the DHCP (each with a different IP).
<NewNick> I've searched for DHCP renew lease and other commands, but had no luck.
<NewNick> My server now accesses the web, but my webserver isn't available to the outside world. I have setup port forwarding.
<NewNick> I'd appreciate any advice
<ruben231> hi guys i have two local ubuntu server how do i trasnfer huge file from server A to Server B they are on same network...any idea guys..?
<irv> turns out it changed name from linux-rt to linux-lowlatency :D
<irv> so, i tried installing linux-lowlatency but it won't boot due to an error something with hv_vmbus. i'm thinking the lowlatency kernel wasn't compiled with hv_vmbus?  do i need to compile my own rt kernel with hyperv support?
<irv> realistically i will prob just install it baremetal eventually, but i wanted to see if the RT kernel will work virtualized
<irv> i tried adding the hv modules to /etc/initramfs-tools/modules and updating initramfs, gonna reboot :)
<wkmanire> Can someone recommend a guide for setting up email service with postfix and dovecot? Ideally I want to set up virtual users, have encrypted transfer and a web interface like roundcube.
<wkmanire> I never realized how complicated email is.
<wkmanire> I found this: http://ubuntuguide.org/wiki/Mail_Server_setup#Mail_Server_setup
<wkmanire> Seems to be targeted at complete beginners so it should be fine
<v1ckyz> anyone do you have free vps
<shredding> I have a command like this:
<shredding> kill `ps aux | grep evolution | grep âv grep | awk '{ print
<shredding> $2 }'`
<shredding> sorry
<shredding> kill `ps aux | grep evolution | grep âv grep | awk '{ print $2 }'`
<shredding> I understand what it does.
<shredding> But why $2?
<shredding> What's this $2?
<highvoltage> it prints the second column
<highvoltage> from the output of ps aux
<lordievader> shredding: awk '{print $2}' prints the second column.
<highvoltage> so the process number for evolution
<shredding> column?
<shredding> How does it know the column? I did not specify a delimiter.
<highvoltage> it uses spaces by default
<lordievader> Might be nicer to use pgrep there, also gets the pid.
<shredding> thank you both!
<shredding> nice thing, this awk.
<GeekDude> Corey: Are you darthanubis from the other day, when I was trying to get flash drive mounting in xfce to work?
<GeekDude> Corey: you there?
<Logan_> GeekDude: why do you think Corey is darthanubis? :P
<GeekDude> Logan_: extensive whois
<GeekDude> ./msg nickserv who darthanubis
<GeekDude> er, info
<Logan_> [14:05:25]  -NickServ- Last addr  : ~anubis@unaffiliated/darthanubis
<GeekDude> ~anubis
<GeekDude> and if you do a info on anubis
<GeekDude> am I just going about this wrong?
<Logan_> yeah :P
<Logan_> they would be part of the same account if they were the same person, generally
<GeekDude> Hrm. I thought I was being clever, but as usual just being an idiot
<Logan_> s'okay :P
<Logan_> you could email him through Launchpad: https://launchpad.net/~darthanubis
<GeekDude> I probably shouldve done a whois on corey too
<GeekDude> Now I really feel like an idiot
<GeekDude> still, would've been nice if he responded to enlighten my idiocracy.
<Logan_> haha, Corey is a busy freenode staffer
<GeekDude> yeaaah. /whois on him showed that. Seemingly the only link I didn't misunderstand, as I didn't check
#ubuntu-server 2015-03-02
<Spyidonas> Hey guys, after following this guide " http://www.krizna.com/ubuntu/setup-mail-server-ubuntu-14-04/ " my server can't send emails externaly (for example Outlook.com, Gmail , etc...) The odd thing is that if i send from the external server to my own and reply to that email, the server does send it successfully.
<Patrickdk> and the logs are where?
<Spyidonas> i tail -f syslog
<Patrickdk> that is nice
<Patrickdk> but I can't tail it
<Patrickdk> so if you want people here to help you :)
<Spyidonas> oh you mean to paste the logs. w8.
<Spyidonas> That's when i send from my server to external (and i never recieve it)
<Spyidonas> http://pastebin.com/wcJ9c0YW
<Patrickdk> heh?
<Patrickdk> there are lines missing
<Spyidonas> And that's when i reply and i recieve it.
<Patrickdk> did you get that from /var/log/mail.log ?
<Spyidonas> http://pastebin.com/ZTnppVwc
<Spyidonas> no i got them from syslog
<Patrickdk> to=<spyridonas@live.com>, relay=mx4.hotmail.com[65.54.188.72]:25, delay=2.4, delays=0.29/0.02/1.4/0.76, dsn=2.0.0, status=sent (250  <54F3B259.6030208@buzztera.gr> Queued mail for delivery)
<Patrickdk> the email was delievered to hotmail
<Patrickdk> using that live.com account
<Patrickdk> is that intended?
<Spyidonas> Yes but the inbox of the live.com account never recieves it.
<Spyidonas> its not on spam etc
<Patrickdk> not your problem
<Patrickdk> you can see it says
<Patrickdk> status=sent
<Patrickdk> the hotmail.com server ACCEPTED the email
<Patrickdk> what hotmail does to it after that, you will have to ask them
<Spyidonas> Then why i recieve the reply and not the send ?
<Patrickdk> likely, you just followed that howto guide, and your mailserver isn't setup correctly, dns entries setup ptr, ...
<Spyidonas> Same thing on gmail etc.
<Patrickdk> are you claiming that hotmail treats all email the same?
<Patrickdk> surely not
<Patrickdk> they do use spam filters
<Spyidonas> I don't think hotmail, tempemails, gmail, yahoo treat their emails all the same way
<Patrickdk> the reply email LOOKS completely different
<Spyidonas> and i can't send to nobody
<Patrickdk> it has a valid hotmail id that references a hotmail email
<Patrickdk> what is your servers ip?
<Spyidonas> It's a digital ocean server , 178.62.222.144 that's the ip.
<Patrickdk> why does it not have a ptr entry?
<Patrickdk> mailservers are required to have a ptr
<Spyidonas> its a temporary server. Does it need the ptr entry ?
<Spyidonas> I thought it can work without it.
<Patrickdk> you want to send mail?
<Patrickdk> you need a working server
<Patrickdk> no ptr == not a working server, for email
<Patrickdk> hopefully, you also set a proper helo name, and that works in dns, and matchs your non-existing ptr entry
<Patrickdk> and you setup spf and dkim and dmarc entries
<Patrickdk> and you do dkim sign every email
<Patrickdk> no one has to accept your email
<Patrickdk> it's about trust
<Patrickdk> hotmail and gmail clearly are seeing all this stuff done wrong, and doesn't trust you
<Spyidonas> I was going to do these stuff on the actuall server. Meh i guess i need to set them up again.
<Patrickdk> but they are making an exception for replies, cause then the hotmail/gmail user initiated that email
<Patrickdk> not you
<Spyidonas> Ok i will setup everything then
<lordievader> Good morning,
<SysTom> Is anyone aware of a working fix for the isc-dhcp-server bug/issue with the permissions of the lease files?
<SysTom> https://bugs.launchpad.net/ubuntu/+source/isc-dhcp/+bug/1186662
<Emmanuel_Chanel> Hello!
<Emmanuel_Chanel> Someone knows dovecot on Ubuntu well? I want to use both system accounts and virtual mail box on my mail server although I won't use any on the global net.
<Emmanuel_Chanel> dovecot dies when I uncommented #!include auth-sql.conf.ext ...
<germanstudent> My (IPv6) config file @ /etc/sysctl.d/ won't persist after reboot. The config works on a running system with "sysctl --system" though. Is there some kind of race condition that overwrites /etc/sysctl.d network setting while booting?
<germanstudent> correction: the file persists, but not the settings
<jamespage> Madkiss, around? wanted to checkin with you re pacemaker corosync stack for vivid (and Debian?)
<jpds> germanstudent: Pastebin your sysctl file.
<germanstudent> jpds, http://pastebin.com/fUbkuw70 <- saved as 60-ipv6-disable.conf in /etc/sysctl.d
<jpds> germanstudent: It's 2015, why are you disabling IPv6?
<germanstudent> jpds, because openvpn will only route my IPv4 address and my IPv6 is still public. I can't find a workaround without disabling IPv6 altogether
<jpds> germanstudent: 'is still public?'
<jpds> germanstudent: Can't you just use ip6tables to block off the ports?
<germanstudent> jpds, still public means some services (like netflix e.g.) will see my provider assigned IPv6 and geo locate to Germany, though I'm connected through an US OpenVPN server.
<germanstudent> jpds, this is all so complicated. :/ Why doesn't openvpn route all traffic through the desired server by default *sigh* But I might have to visit another channel for this :)
<patdk-wk> if your vpn service doesn't offer ipv6, that is fail
<patdk-wk> openvpn routes whatever you configure it to route
<patdk-wk> oviously since your vpn provider doesn't support ipv6, they don't *request* ipv6 is routed over it
<patdk-wk> it would be the same doing anything else, like ipsec, anyconnect, ...
<RoyK> germanstudent: is this an old version of openvpn? I beleive I've seen openvpn work well with 14.04
<germanstudent> patdk-wk, it is a rented VPN with IPv6 support (with root access). But why isn't it a default behaviour to hide local IPv6 address to the public, even if you specify an IPv4 to connect to?
<germanstudent> RoyK it's the current one I guess 2.3.2
<patdk-wk> germanstudent, heh? openvpn isn't suppose to default that
<RoyK> germanstudent: which ubuntu version?
<patdk-wk> that is a misconfigure of your vpn service
<germanstudent> 14.04
<patdk-wk> or if your side openvpn config
<germanstudent> patdk-wk, a VPN service I use has the same misconfiguration them Maybe my dual stack internet access is a factor in this too
<patdk-wk> I have been using openvpn with ipv4 and ipv6 over an ipv4 ip for the last 5 years without any problems
<RoyK> germanstudent: is this native IPv6?
<patdk-wk> but openvpn was not made to *hide my ip*
<germanstudent> RoyK, yes. But carrier grade NAT for IPv4
<patdk-wk> it was made to do a vpn, so attempting to hide your ip, is out of scope, and needs additional work, exepcially when you have several ip's
<patdk-wk> if this vpn service supports ipv6, I would wonder why your not using it
<germanstudent> patdk-wk, well, but it was made to connect to a network and communicate to that network solely, right? :/
<patdk-wk> no
<patdk-wk> it was made to protect data from point A to B
<patdk-wk> communicate solely or not, is optional
<patdk-wk> normally defined as, split horizon
<germanstudent> patdk-wk, hm. thanks for your help. I guess I have to write a forum post or something. No IPv6 setting I tried seem to work
<germanstudent> What's weird is that this doesn't happen with Mac or Windows.
<RoyK> germanstudent: that's strange indeed
<patdk-wk> is it a dns issue?
<patdk-wk> maybe the dns server over the vpn doesn't do ipv6? possible maybe
<patdk-wk> and ubuntu keeps falling back to the local dns
<germanstudent> patdk-wk, I have to do some more tests, before I can say more. But I entered googles dns in the openvpn config
<RoyK> germanstudent: do you have ipv6 dns servers in resolv.conf?
<germanstudent> RoyK, no, IPv4
<RoyK> germanstudent: add v6 servers, then
<germanstudent> Okay, thank you
<RoyK> 2001:4860:4860::8888 and 2001:4860:4860::8844 if you're using the standard google dns servers
<germanstudent> Will try
<sarthor> Hi, I have problem of language right to left, here is link which show some help, but as a newbie I am not able to understand, If someone can help where to write that coding which link shows. here is link http://mpcabd.igeex.biz/python-arabic-text-reshaper/
<sarthor> Hi, I have problem of language right to left on ubtuntu-server , here is link which show some help, but as a newbie I am not able to understand, If someone can help where to write that code or how to follow, the link shows. link http://mpcabd.igeex.biz/python-arabic-text-reshaper/
<Emmanuel_Chanel> Someone can help me? I tried to install a mail server based on this page: https://www.exratione.com/2012/05/a-mailserver-on-ubuntu-1204-postfix-dovecot-mysql/ I want to use both my system account, different from that. And I got this result: http://pastebin.ca/2947074
<Emmanuel_Chanel> What can I do for solving it?
<sarnold> Emmanuel_Chanel: check demsg for more segvs; you may have bad memory
<bekks> Emmanuel_Chanel: So you are using 12.04?
<Emmanuel_Chanel> No... 14.04 now...
<Emmanuel_Chanel> But not understanding the mail server well, I feel that tutorial very good when I installed it on Ubuntu 12.04.
<bekks> Emmanuel_Chanel: Which doesnt mean it works on 14.04.
<Emmanuel_Chanel> Right...
<bekks> Emmanuel_Chanel: Try this one first: https://www.exratione.com/2014/05/a-mailserver-on-ubuntu-1404-postfix-dovecot-mysql/
<Emmanuel_Chanel> Oh, nice! I didn't know that. I try.
<Emmanuel_Chanel> Thank you very much authough I haven't got a result yet.
<mgagne> hallyn_: ping
<xibalba> Hey folks, I'm seeing this in my `dmesg` `[233478.288816] TCP: TCP: Possible SYN flooding on port 8080. Dropping request.  Check SNMP counters.`; Can I disable the check for SYN Flooding on port 8080?
<xibalba> hmm i dont see syn_flood in my iptables --list
<patdk-wk> why would there be?
<xibalba> i thought iptables would be handling the above message regarding syn flooding
<patdk-wk> why?
<patdk-wk> don't see anything in that message that talks about iptables
<xibalba> ok it's a kernel option then?
<patdk-wk> the question is, why do you ahve a synflood?
<patdk-wk> are you getting dos?
<xibalba> no
<patdk-wk> do you just have a crapload of ligit traffic
<patdk-wk> or is your application gone completely nuts
<xibalba> it's just a bad client side app i need to get fixed, but i need to disable that synflooding check for the time being
<xibalba> ^^ complete nuts
<xibalba> a javascript websocket client connecting to the websocket server
<patdk-wk> use sysctl and disable it though
<patdk-wk> but that is likely to have all kinds of fun issues
<xibalba> do youknow which options?  i just did syctl-a |grep syn to gleam the list
<xibalba> oh i know, it's temporary
<patdk-wk> net.ipv4.tcp_syncookies likely is what you want
<patdk-wk> but this doesn't *fix* anything
<xibalba> 10-4
<patdk-wk> it just means the kernel won't start attempting to figure out ligit from non-ligit requests
<patdk-wk> the problem is, your app isn't accepting connections fast enough
<patdk-wk> overflowing the syn_backlog
<xibalba> right, we're trying to diagnose that now :)
<xibalba> yeah, all my received queues in netstat are 503 too
<patdk-wk> therefor making the kernel not know what to do, except drop connections
<xibalba> w/120+ connections from 1 client for a websocket javascript client
<xibalba> so we know it's borked
<patdk-wk> increasing your backlog would help, kindof :)
<xibalba> i dont think it's being hit yet, it's 512
<xibalba> netstat -an |grep -iest |wc -l , is less than 200
<patdk-wk> well, the kernel settings ONLY set the max
<patdk-wk> the application sets what it wants
<xibalba> ah
<patdk-wk> normally they are around like 10/50/80/...
<patdk-wk> not normally very large unless you override
<xibalba> let me see., this is a puma app
<hallyn_> mgagne: hi
<mgagne> hallyn_: hi
<mgagne> hallyn_: I got the patches, can you guide me into proposing them?
<mgagne> hallyn_: https://gist.github.com/mgagne/95046681c59e4e20989c
<hallyn_> mgagne: now this is for in cloud archive right?
<RoyK> mgagne: download the source code for the package, patch the code, build it and reinstall the package from the one you built. it's not really as straight forward as downloading a patched windows driver :P
<Madkiss> hello jamespage
<mgagne> hallyn_: UCA is sub-product of Ubuntu itself, the packages themselves come from Ubuntu release like 13.10, 14.04, etc.
<Madkiss> jamespage: how can I help?
<mgagne> hallyn_: they might have UCA specific fixes but IMO, this one isn't specific to UCA
<hallyn_> mgagne: right, but we are being very strict about what upgrades we support (bc otherwise it becomes crazy-fragile), so i'm wondering whether this change should be specific to cloud archive
<hallyn_> zul: jamespage: ^ around?
<hallyn_> mgagne: th equestion is do we support upgrading from UCA to standard ubuntu archive of newer release
<zul> hallyn_:  yeah
<mgagne> hallyn_: right, I don't know the specific of the policies
<hallyn_> mgagne: anyway, thank you for the patch;  we definately will fix it somehow that fixes it for UCA,
<hallyn_> i'm only trying to find the right place
<hallyn_> mgagne: there's a bug# for this right?
<mgagne> hallyn_: 1425619
<mgagne> hallyn_: AFAIK, there is no UCA for juno/icehouse
<mgagne> hallyn_: because trusty ships with icehouse already
<hallyn_> mgagne: so what are you trying to upgrade from/to?  (release+archive)
<hallyn_> this is all greek to me so getting my bearings and hoping zul is watching
<zul> mgagne: https://wiki.ubuntu.com/ServerTeam/CloudArchive
<mgagne> hallyn_: I'm running uca/precise/icehouse. We have nodes running QEMU 1.5 from uca/precise/havana (for various reasons).
<hallyn_> sand you're upgrading between those two?
<mgagne> hallyn_: UCA is just a backport of packages from a Ubuntu release supporting a specific OpenStack version.
<mgagne> hallyn_: so for Havava, packages were backported from 13.10 to 12.04 into UCA
<hallyn_> right, 13.10 is no longer supported ,and migration in archive was only ever supported from p->q, q->r, r->s, not from p->s
<mgagne> hallyn_: to make the migration work, the patch needs to go in QEMU 2.0 (destination), you don't need to patch the source of the migration
<hallyn_> so i think we want the fix straight into the uca
<hallyn_> right, but it's hard to SRU something for something that is not supported in archive, given the strict SRU restrictions.
<hallyn_> i'll talk to jamespage when he's around, and handle it somehow
<mgagne> QEMU 2.0 is part of 14.04. someone running saucy cannot upgrade to trusty unless trusty is patched
<hallyn_> (notes taken)
<jamespage> hallyn_, mgagne is correct - for icehouse everything is just in trusty
<hallyn_> jamespage: yeah but you can add a delta
<jamespage> hallyn_, where?
<hallyn_> in icehouse
<jamespage> but that's just 14.04
<jamespage> no where else to make a delta
<hallyn_> jamespage: ok, do you mind filling in SRU justfication for bug 1425619 ?
<hallyn_> jamespage: thing is when we discussed the p->t migration (with infinity and others) it was almost decided it shoudn't be supported at all;  it was then decided we would do very lmited support
<hallyn_> but really the patch looks good,
<jamespage> hallyn_, well officially we support precise+icehouse cloud archive to trusty migration
<mgagne> hallyn_: p->t support was already added with a very similar patch
<mgagne> hallyn_: see related bug https://bugs.launchpad.net/bugs/1291321
<hallyn_> no wait,
<jamespage> I'll be around in about 1.5 hrs
<hallyn_> i'm aware, i pulled that patch :)
<mgagne> hallyn_: thanks for that work bth =)
<mgagne> btw*
<hallyn_> oh i didn't do the patch myself :)  ok, i think your patch looks good;  i'll try to sru it
<hallyn_> thanks mgagne
<mgagne> thanks!
<mgagne> I guess I don't need to mention that I tested it and it works =)
<hallyn_> :)  but i'm glad you did
 * hallyn_ out a bit, biab
<Emmanuel_Chanel> bekks: Same error occurred again...
<bekks> Emmanuel_Chanel: So take a look at the dovecot logs and config, for investigating its crashes.
<jamespage> Madkiss, hey - thanks for the pointer to your HA ppa - most useful
<roaksoax> it would have been nice to grab those from debian too :)
<Madkiss> jamespage: yw
<jamespage> Madkiss, are you still maintaining corosync/pacemaker in Debian?
<Madkiss> jamespage: well. sort of.
<jamespage> zul, are you still ontop of that eventlet version bump?
<zul> yeah im on it
#ubuntu-server 2015-03-03
<sudormrf> hey guys
<sudormrf> anyone around for a very quick question?
<sudormrf> not asking to ask, just checking to see if anyone is around :D
<sarnold> sudormrf: 420 people in the channel. surely one or two are bots..
<sudormrf> heh
<sudormrf> ok, so here it goes.  I think I know the answer already, but I just want to verify.  I would like to mount all the shares from one of my servers on another server.  But instead of mounting each share individually, I would like to mount it at the top level, so I can just rsync all of the subdirectories rather than doing it share by share.  Is this possible?
<sarnold> sudormrf: I don't think it's possible with NFS / SMB / CIFS
<sarnold> sudormrf: no idea about afs or other network filesystems..
<wiredfool> just upgraded a server from lucid -> precise -> trusty. Somewhere in that, one of the kvm guests is now failing to boot because app armor is denying it access to its disks
<wiredfool> It looks like the profile_load operation is happening after the operation open in the logs
<wiredfool> I've checked the /etc/apparmor/libvirt-[uuid].files  and it appears correct
<wiredfool> other kvm guests on the same machine are working properly.
<sudormrf> sarnold, didn't think so.  I suppose instead of doing a pull I could do a push
<sudormrf> that would have probably been the smarter thing to do
<wiredfool> ideas?
<sarnold> wiredfool: can you pastebin your DENIED messages?
<wiredfool> http://pastebin.com/qEY8ni6U
<sudormrf> sarnold, question: it "appears" possible when using a GUI.  meaning, in a gui you will see the network object under "network" and clicking on that brings you to the top level.  not sure how that is actually working.
<sudormrf> notice the quotes around appears.  all of my experience has been that it isn't possible.
<sarnold> wiredfool: try adding "/var/lib/vm/** r," to your /etc/apparmor.d/usr.lib.libvirt.virt-aa-helper
<sarnold> sudormrf: I presume those gui things aren't actually making mounts so much as using gvfs or kdeioslaves to do the networking
<sudormrf> sarnold, ah! now that makes sense.  I figured it wasn't acutally making the mount (and that is backed up by when you actually open one of the shares it then mounts that share).  interesting to know that is how it is working :D
<wiredfool> sarnold: I bet it's actually the final lines that are the difference, where there's an enumeration of extensions for disks, and .raw isn't one of them.
<sarnold> wiredfool: oh! I just assumed it didn't have the storage that you were using. heh. :)
<wiredfool> well, the other siblings are working, but they'er all qcow2, since they're not high IO images
<wiredfool> hmm. it's failing differently now. progress I guess
<dtscodefish> hey guys... how would i fix the perl encoding stuff? https://bpaste.net/show/c81da4763b47
<dtscodefish> hey guys... how would i fix the perl encoding stuff? https://bpaste.net/show/c81da4763b47
<Seveas> dtscodefish: set LANG to a locale you installed, or install the missing locale :)
<dtscodefish> how would i do that?
<Seveas> for the first: unset LANG
<dtscodefish> k
<Seveas> for the second: add en_US.UTF-8 to /var/lib/locales/supported.l/local and run sudo locale-gen
<Seveas> the text to add is: en_US.UTF-8 UTF-8
<dtscodefish> would it matter if its .d instead of .l?
<dtscodefish> thanks Seveas :D
<Seveas> dtscodefish: .l was a typo, .d is the right path :)
<dtscodefish> oh well. assumed it was. errors went away. thanks man :D
<lordievader> Good morning.
<dtscodefish> morning to you as well
<lordievader> o/
<DonRichie2> When I install postfix on ubuntu some ncurses Menu wants to know if I want to install a "internet site" or only "local"..etc... Where do I find these sample config files to understand the mail system better?
<peetaur> Hello, can someone help me with an 'apt-get update' performance issue? I am using apt-cacher-ng, and it takes over 5 minutes to "apt-get update" if I use localhost as the proxy. If I have no proxy, it takes under one minute. In sources.list, changing the us.archive.ubuntu.com stuff to de.* made it faster I think, and then the security.ubuntu.com ones don't have a us. so I don't know what to change them to; I tries setting them to de.
<peetaur> archive instead of security, and now it takes only 48s to "apt-get update" but have I broken something? what is the difference between the *.archive.* and security.* sources?
<peetaur> (and debian with apt-cacher-ng takes only 14s to update... I don't know why Ubuntu is so slow)
<peetaur> based on results this thing generates, I guess de.archive.* is fine to replace security.*  http://repogen.simplylinux.ch/generate.php
<peetaur> should it really take over 5 min? what is it hanging on? :/  https://bpaste.net/show/540e0985d260
<peetaur> and without apt-cacher-ng, it takes 8s... https://bpaste.net/show/412d6d57d9ef
<lordievader> peetaur: Perhaps using strace you can figure out what it is doing.
<peetaur> how should I use it? does this tell me anything relevant? https://bpaste.net/show/27144b6fd814
<lordievader> Select operations that timeout... Suppose it is related.
<lordievader> Have to say that I am not sure.
<lordievader> But I am not sure if the trace you pasted is of the getting/hitting the repo's.
<lordievader> peetaur: Could you run 'strace -o apt.trace apt-get update' (or whatever apt-get command you use) and pastebin the apt.trace file once it is done?
<peetaur> here is some in between timeouts ... but also I found that apt-cacher-ng has crashed and isn't running during this output I think https://bpaste.net/show/cbc3cfe84775
<peetaur> once it's done...? it might never finish ;)
<peetaur> but sure, it's running now... we'll see how long it takes
<lordievader> That "No such file or directory" messages aren't nice.
<peetaur> oh one thing I see in there that is very wrong:  accept(5, {sa_family=AF_INET, sin_port=htons(60651), sin_addr=inet_addr("10.2.0.87")}, [16]) = 18
<peetaur> that .87 ip is like a year out of date
<peetaur> oh but that Ip is not in a paste I sent you... I also ran strace on apt-cacher-ng itself
<peetaur> https://bpaste.net/show/80e1919c2ef9
<peetaur> so I'll go find the nth idiotic place the ip is duplicated and see if that fixes things
 * peetaur hates duplicated useless redundant config
<lordievader> peetaur: So your sources are mucked up?
<peetaur> no, some other config has that IP
<peetaur> sources.list is basically vanilla
<peetaur> I have a puppet.list in sources.list.d/, and the proxy in apt.conf.d/
<lordievader> Where is that non-existant(?) IP coming from?
<peetaur> apparently it was in /etc/hosts, but that is one of the two places I should have looked long ago.
<peetaur> so I don't know what happened... but it made not sense to look there, since to reach the proxy server (which it did) it would be using that ip, which it could not have since it was wrong
<peetaur> and the best part is the machine worked fine for a year or however long it has been running with the new IP until today :D
<peetaur> (and I doubt someone modified the hosts file since then)
<peetaur> and now apt-get update takes 1m23 which is slower than without apt-cacher-ng, but it is perfectly reasonable
<lordievader> peetaur: My machines are set to auto update at night, I rarely see the update process.
<peetaur> apt-get update used the proxy which was set to "aptproxy" which in hosts pointed to 10.2.0.87 which doesn't exist... but it reached apt-cacher-ng anyway, and that's where the confusion happened I guess
<peetaur> well when something is hung up you notice ;)
<lordievader> Or it needed to timeout on the 10.2 first.
<peetaur> why would it try the correct ip 10.2.0.8 or localhost at all though? how would it know what the right ip is?
<lordievader> Depends on how things are set up I suppose. If there are multiple proxies set up, I think it will try them sequentially.
<lordievader> Anyhow, this is just me rambling. Never used apt with a proxy or cacher.
<peetaur> there was just the one I believe https://bpaste.net/show/7bda71d94909
<peetaur> normally I find apt-cacher-ng so easy to set up, that you can use it with even 2 clients... it makes things very efficient
<peetaur> it takes basically no config... just that Acquire line and the daemon running and it works already
<peetaur> and today the problem was not apt-cacher-ng's fault ;)  (and btw apt-cacher works the same but crashes 50x per day, so use the -ng one)
<peetaur> and last week I used apt-cacher-ng to install 28 machines in 1h using a slow ~500 kB/s link ;)
<peetaur> netinstall
<peetaur> lordievader: thx for the help by the way
<bOynOiz> Hello, have somebody know about setup and configuration Ubuntu Server in VM before clone or export to real server machine? anywhere I can read about this?
<peetaur> bOynOiz: any Linux should work simply by copying it to totally different hardware, with only a few exceptions...  like the r8168 network device, or some graphics and X
<peetaur> and fakeraid or other rare stuff, wifi, etc.
<peetaur> (desktop stuff mostly)
<bOynOiz> Ah I see,
<peetaur> and if you use the same kernel, etc. the r8168 issue won't happen
<peetaur> er I mean if r8168/r8169 was already set up and confiured before
<bOynOiz> I thinking to make virtual map drive in VMware Workstation and then rsync from map drive to real hdd before put them into real server.
<peetaur> that should work fine, but don't forget the bootloader
<peetaur> rsync copies the files but not the bootcode outside the filesystems
<peetaur> here's my fully manual linux migration procedure http://pastebin.com/4NLFkdzQ
<bOynOiz> Thank you so much :)
<peetaur> is it a desktop or server install?
<bOynOiz> it's server
<peetaur> okay then I think the procedure is all you need (assuming no exceptional issues)
<bOynOiz> yeah, my goal I don't want to close my web server for long times to setup and configuration.
<zul> jamespage:  yeah so eventlet i dont see what you are seeing
<zertyui> hi
<zertyui> anyone experience with openssl ?
<peetaur> zertyui: you should ask a real question and if someone knows the answer they'll say something
<zertyui> ok
<zertyui> i would like to know
<peetaur> maybe everyone has experience with openssl, but there are so many things you can be thinking of, that nobody knows what you need to know if they know enough about it to say their the guy to ask for your problem
<peetaur> s/their/they're/
<lordievader> peetaur: No problem ;)
<zul> jamespage:  lemme know when you are around
<jamespage> zul, otp for 30 mins and then back
<zul> jamespage:  ack
<spidernik> hello. Anyone who uses the pam-auth-update utility? It's kinda cool but I have an issue running it in the debian-installer inside a late-script. It essentially hangs. Any similar experience? Ubuntu 14.04
<Walex> spidernik: I would be surprised if it worked in all situations inside the installer.
<Walex> spidernik: perhaps you may want to run it in some post-basic-install step
<spidernik> Walex: the odd thing is: if a switch tty, chroot and run it it will work fine... it hangs just when called via the late bash-script as a late command
<Walex> spidernik: surprising indeed.
<Walex> spidernik: maybe it is not being run inside the '/target' chroot.
<jamespage> rbasak: fyi that ceph point release will hold in proposed a little longer - performance regression which upstream are dealing with
<jamespage> zul, around
<peetaur> if you want to run in target, you use "in-target", eg.    d-i preseed/late_command string in-target apt-get install blah
<zul> jamespage:  so 3 things: (1) im going to be updating dependencies today (2) im going to be making sure everything is green for kilo (3) i dont see the failures you have for eventlet
<spidernik> I should probably try to run the utility with the in-target as suggested, instead of running it in the late bash script. Maybe some variable does not get set properly and makes the pam-auth-config fail
<spidernik> thanks everyone
<jamespage> zul, lemme recheck on eventlet
<jamespage> I'm missing something
<zul> jamespage:  okie dokie
<jamespage> 1 & 2 ++ thanks
<jamespage> zul, pull on corey a bit as well
<zul> jamespage: i dont think corey would like that, hes got other stuff hes behind in
<jamespage> zul, hmm ok
<jamespage> better catchup with him soon ten
<jamespage> zul, so what's the six PY3 failure about?
<zul> im not 100%
<zul> sure
<jamespage> zul, you know I don't like "|| true"
<zul> im pretty sure im not the one who put it there
<zul> but yeah lemme have another look
<Walex> spidernik: 'pam-auth-config' is not an installer command, it is a here-on-this-system command.
<zul> jamespage:  trying with eventlet 0.17.1
<jamespage> zul, oh ok
<zul> jamespage:  *groan*
<jamespage> zul, oh
<zul> jamespage:  we are running python3 tests for eventlet when we arent building eventlet for python3 (yet) so thats why the asertion is being thrown
<jamespage> hrm
<jamespage> zul, ahyes!
<zul> jamespage:  ok builds fine now
<jamespage> zul, sameplace?
<zul> jamespage:  eventlet builds fine when you build only for python2 since we arent using python3
<smoser> https://bugs.launchpad.net/ubuntu/+source/qemu/+bug/1427829
<smoser> hallyn_, ^ is that just me?
<smoser> anyone else able to reproduce that ?
<dtscodefish> https://letsencrypt.org/howitworks/
<dtscodefish> oops wrong channel
<setuid> How does one get invited to #ubuntu-cloud?
<setuid> Looking for some dev-side help getting the cluster up and operational
<cyphermox> smoser: I could try in a bit, but can I ask why you remove "--" ?
<cyphermox> (wondering if there's something else than "because otherwise console= won't get applied")
<smoser> doens't really matter, but bug 1402042 is why.
<smoser> the kernel very helpfully changed behavior, and doesn't pay attention to things after '--' any more.
<smoser> (note sarcasm in word 'helpfully')
<cyphermox> right, I was fixing that this morning
<cyphermox> tomorrow's image might work
<cyphermox> that's why I was wondering if there was another reason too
<cyphermox> instead of --, you'll have ---, and won't need to move things around or remove the separator; that should fix OEM mode and accessiblity and such too
<smoser> cyphermox, oh?
<smoser> ah. you'll chnage hte isos
<cyphermox> well, yes, the isos should be fixed tomorrow, I think
<cyphermox> anything that uses d-i directly (mini.iso) should already be fine, unless I missed some
<smoser> so willthat change d-i to copy after '---' ?
<cyphermox> d-i will continue to pass what's after --- to the installed system
<smoser> as previously it (and curtin as a follow-on) would copy anything after '--' over to the installed system.
<smoser> was that previous behavior ?
<cyphermox> yes
<smoser> really. hm..
<cyphermox> it's meant so that you can pass, well, console= to an installed system and not have to blindly try to reapply it after installation
<cyphermox> for example
<cyphermox> I don't know about curtin though
<cyphermox> is that good or bad?
<cyphermox> hmm, perhaps curtin needs its fix too unless it uses some of the d-i bits
<mfisch> zul: do you have an approx ETA on Juno.2 landing in updates?
<zul> mfisch:  not yet
<hallyn_> smoser: well, it's just you in that noone else would do that
<hallyn_> smoser: does ctrl-m or ctrl-j work?
<jamespage> coreycb, did that eventlet update get out of the door for utopic?
<jamespage> mfisch, will look tomorrow - should have been today but had some other plates spinning - sorry
<coreycb> jamespage, not yet, bug 1423675
<coreycb> https://bugs.launchpad.net/ubuntu/+source/python-eventlet/+bug/1423675
<coreycb> I'll check with Brian
<jamespage> coreycb, ack - thanks
<jamespage> coreycb, everything is in juno proposed for the CA - have we run the testing yet?
<jamespage> if not I can trigger tomorrow
<coreycb> jamespage, I've not yet run against the ca
<jamespage> coreycb, ok leave it for me tomorrow
<coreycb> jamespage, alright, thanks
<jamespage> its been in proposd for a while - we can push to updates if it tests ok
<hallyn_> smoser: seems most likely to be a seabios/vgabios/whatever bug...  do you know whether it used to work in trusty or precise?
<mfisch> jamespage: thanks, been reloading the /Packages file every morning! ;)
<jamespage> mfisch, http://reqorts.qa.ubuntu.com/reports/ubuntu-server/cloud-archive/juno_versions.html
<mfisch> jamespage: that shows 2.2 is out?
<jamespage> mfisch, almost - 2.2 is in proposed finishing testing - when the column on the rhs goes green we're all done
<jamespage> mfisch, you can always test from proposed - its exactly the same binaries as will end up in updates
<mfisch> yeah the testing looked ok
<beisner> jamespage, coreycb, i can kick of trusty & utopic juno-proposed deploys.  just say when.
<junix> hello, would like to know if someone can help me if i can get help with a problem that i have with a ubuntu server
<bekks> junix: Just ask your actual question. If someone is able to help you. ,you will get a response.
<junix> ok
<multiverse> Hello, how do I load the NFS module into the 14.10 kernel?
<bekks> multiverse: More likely, you start the NFS client/Server, depending on what you need.
<multiverse> I wish
<multiverse> I am unable to start an ordinary nfs server on 14.10, and it tells me I need to install the NFS kernel module.
<bekks> multiverse: So try this: https://help.ubuntu.com/14.04/serverguide/network-file-system.html
<multiverse> That has not resulted in the error going away.  Itâs the first thing I read.
<junix> i have a virtual server that was powered off wrong and i have a problem rebooting, and a message as follows: "Kernel panic - not syncing: Attempted to kill init!"
<bekks> multiverse: And did you install the nfs kernel server module?
<multiverse> The question remains:  âHow do I install the nfs kernel module when the apt-get install nfs-etcâ¦ are already installed, but the service one start.
<multiverse> Thatâs what I am asking
<multiverse> Howdo I do that?
<nuno> Hello. I've just installed ubuntu 12.04 server, however i cannot install packages using apt-get
<rww> nuno: do "sudo apt-get update" if you haven't already
<bekks> multiverse: Like this: https://help.ubuntu.com/14.04/serverguide/network-file-system.html#nfs-installation
<multiverse> That doesnât work
<nuno> rww: i did, and resulted in error at end : : Failed to fetch bzip2:/var/lib/apt/lists/partial/us.archive.ubuntu.com_ubuntu_dists_precise_main_source_Sources  Hash Sum mismatch
<bekks> multiverse: Why not?
<multiverse> thanks for the help.
<rww> nuno: hrm, there's your problem. if you repeat the command, does it still happen?
<rww> (sometimes that's a one-off blip)
<nuno> rww: checkin atm
<nuno> rww: yes it does
<rww> hrm. do other WWW connections work (e.g. through w3m, wget)
<nuno> rww: yes i have connectivity to the internet
<nuno> rww: I guess i found it. at least I can now install git. other packages I'm not sure. I followed this http://askubuntu.com/questions/41605/trouble-downloading-packages-list-due-to-a-hash-sum-mismatch-error
<nuno> rww: thanks for the help though =)
<bdmurray> Is there anybody who could give me a hand with haproxy logging?
#ubuntu-server 2015-03-04
<sudormrf> question about mdadm.conf.  If I modify the current create statement from: "CREATE owner=root group=disk mode=0660 auto=yes" to "CREATE owner=MYUSER group=users mode=0660 auto=yes" and restart the computer, will it break anything?  I believe the answer is no, I just want to be sure.  I will then chown the current folder/array
<sudormrf> or should I just leave that alone and chown it
<sudormrf> anyone around?
<lordievader> Good morning.
<ProbsNotCheraphy> hey guys... ive got an apache virtual host... and was wondering if there was anyway to specify in the conf file that i want apache to serve the index.html file when i go to the site (ie instead of site/index.html)
<lordievader> ProbsNotCheraphy: It should automatically check the dir for an index file.
<ProbsNotCheraphy> hmmm its not for some reason
<lordievader> You get a directory listing?
<ProbsNotCheraphy> no it goes to some cgi thing
<ProbsNotCheraphy> you can see it at omega.dtscode.io
<lordievader> ProbsNotCheraphy: I get an 'Hello, World!
<ProbsNotCheraphy> what browser?
<lordievader> Firefox.
<ProbsNotCheraphy> thats weird
<lordievader> On Chromium too.
<lordievader> ProbsNotCheraphy: Caching?
<ProbsNotCheraphy> thats what im thinking now
<ProbsNotCheraphy> yeah that was the issue
<ProbsNotCheraphy> thanks lordievader
<ProbsNotCheraphy> idk why it happened in the first place
<lordievader> ProbsNotCheraphy: ;)
<yossarianuk> Hi - is this 'freak' SSL bug anything to worry about in terms of servers or is it a client only issue ?
<yossarianuk> ie - http://it.slashdot.org/story/15/03/03/2036241/freak-attack-threatens-ssl-clients
<hxm> hello
<hxm> i have a dedicated server with mail and http services, i make backups often but i want to professionalize this service in some way, i wonder what is the standard to do this, -- rent an other server and use it as backup server when the main server fails? if so, how to make the on-the-fly copy data
<Reddy>  Hello experts, Installed Ubuntu 12.04.5 LTS on a SAS drive.	NVMe drivers are detected with unknown model.Drives are not not showing using fdisk command .please advise
<Reddy>  Hello experts, sorry to repost. Installed Ubuntu 12.04.5 LTS on a SAS drive.	NVMe drivers are detected with unknown model.Drives are not not showing using fdisk command .please advise
<lordievader> Reddy: Anything in dmesg about the drives or the SAS controller?
<Reddy> lordievader: Parted âl  result   Model: DELL PERC H310 (scsi) Disk /dev/sda: 199GB Sector size (logical/physical): 512B/512B Partition Table: msdos
<Reddy> Model: Unknown (unknown) Disk /dev/nvme0n1: 1600GB Sector size (logical/physical): 512B/512B Partition Table: loop
<Reddy> Model: Unknown (unknown) Disk /dev/nvme1n1: 1600GB Sector size (logical/physical): 512B/512B Partition Table: loop
<Reddy> checking dmesg
<lordievader> I have no experience with SAS, but I'd say they are recognized. Should there be data on there?
<Reddy> installed OS on SAS drives, I want data to be placed on PCIe SSD for performance
<adac> Guys, is there a way/a  tool that  can port my linux system (ubuntu 12.04) from one server to another. I'm currently on digitalocean which has this 'droplet' containers and I wanted to move from (move the droplets) there to my own root server
<quantumfoam> hi there, anyone itc who can comment on Advantage (if you have it, do you feel like it's worth the price, etc)?
<quantumfoam> my company is thinking about purchasing it
<RoyK> adac: rsync?
<adac> RoyK, do you probably know a good howto on how to port  linux with rsync?
<RoyK> adac: "port" usually refers to moving a system from one architecture to another. If you want to copy an entire installation, you can use rsync -avPHXA --delete / target:/ and then run grub-install on the target. If you haven't done this before, then it may be less hassle to just install a new system and setup the services again there
<adac> RoyK, ok I see
<adac> thank you very much
<adac> RoyK, does --delete really delete / ?
<RoyK> it deletes whatever file on the *target* that isn't present on the *source* (from where you run it) and thus creates a copy of it all
<RoyK> see man rsync
<OpenTokix> holy crap that will break stuff =)
<OpenTokix> good luck =)
<RoyK> OpenTokix: what? I've cloned systems that way several times...
<OpenTokix> ok - with configured services?
<RoyK> say you want to move system A to system B and don't want anything left of what's configured on system B (which can be any distro), yes, that works.
<OpenTokix> ok
<RoyK> it probably doesn't work too well if you're running selinux, but that's not common on debian/ubuntu, though
<OpenTokix> no, it runs the even more useless apparmor
<RoyK> I don't think apparmor will stop this. anyway - it doesn't touch the source system, so it can't do much harm
<RoyK> and again - I've used this to virtualise (p2v) systems several times
<patdk-wk> apparmor is nice, works great for me
<patdk-wk> you just run rsync unrestricted by apparmor, pretty simple
<patdk-wk> personally though, I'll normally just lvm snapshot, and dd the disk
<OpenTokix> Personally I am using a modern approach to my sysadmin and use configuration management
<patdk-wk> that actually helps you migrate the data?
<patdk-wk> if this was only about migrating the config, that is simple
<caribou> Where should I go to get a hold of the openstack charms for Havana ?
<caribou> need it to diagnose some issue
<caribou> is 'old-stable' a correct pick ?
<spidernik> hello there! any report of a libc recent update that breaks kerberos SSO in firefox/chromium? Namely, trying to sso on a webpage crashes the browsers.
<yossarianuk> spidernik: had you rebooted the machine after libc update ?
<yossarianuk> (you may also find it apparmor related?_
<spidernik> yossarianuk: yes, freshly rebooted. I'll look at apparmor, thanks for the suggestion.
<dalurka> if we strace firefox we get:
<dalurka> writev(2, [{"/usr/lib/firefox/firefox", 24}, {": ", 2}, {"relocation error", 16}, {": ", 2}, {"/usr/lib/x86_64-linux-gnu/libgss"..., 45}, {": ", 2}, {"symbol krb5_cc_select, version k"..., 99}, {"", 0}, {"", 0}, {"\n", 1}], 10/usr/lib/firefox/firefox: relocation error: /usr/lib/x86_64-linux-gnu/libgssapi_krb5.so.2: symbol krb5_cc_select, version krb5_3_MIT not defined in file libkrb5.so.3 with link time reference
<yossarianuk> spidernik: you should possibly be able to see app armor messages in dmesg ot syslog
<dalurka> regarding spiderniks issue
<caribou>  /13
<Emmanuel_Chanel> Hello!
<Emmanuel_Chanel> I'm trying to install the sql virtual user function of the mail server by seeing https://www.exratione.com/2014/05/a-mailserver-on-ubuntu-1404-postfix-dovecot-mysql/
<Emmanuel_Chanel> I want to keep my system account, too. But when I uncomment #!include auth-sql.conf.ext of /etc/dovecot/conf.d/10-auth.conf
<Emmanuel_Chanel> ,
<Emmanuel_Chanel> >Mar  4 23:23:08 gateway dovecot: auth-worker: Fatal: master: service(auth-worker): child 14791 killed with signal 11 (core dumped)
<Emmanuel_Chanel> >Mar  4 23:23:08 gateway dovecot: auth: Error: auth worker: Aborted request: Worker process died unexpectedly
<Emmanuel_Chanel> happens...
<arcsky> Is there any good mangment tool for make daily mangment work with my ubuntu servers ~10-15 servers ?
<Sling> arcsky: what kind of work? examples?
<Sling> I would suggest puppet for changes to configuration/packages/etc
<caribou> nevermind my silly question; I used a config file :-/
<arcsky> Sling: config/packages/Security updates i want a simple mgmt system i have look for Landscape, ist bad? Puppet seems advance ?
<MalMen> hello, im here trying to make one pppd connection.. this is the thing.. i already made the connection, now i need to route the adress's 10.12.12.x for that pppd (ppp0) hwo can i do that ?
<MalMen> i dont understund well the foruns
<Sling> arcsky: puppet is the future, landscape isn't ;)
<Sling> so if you care about being relevant in IT in the future, I strongly suggest learning about puppet
<Sling> even though it's a new way of thinking about server management
<Sling> as for security updates: unattended-upgrades
<OpenTokix> Sling: wrong, - Config managment is the future. - puppet is a tool among many. - puppet dont scale well
<ogra_> lol
<OpenTokix> Learn about config managment, and use whatever tool
<ogra_> puppet is nearly a decade old ... i wonder whats "new" about it
<OpenTokix> landscape is very basic
<Sling> OpenTokix: sure but if you can use puppet, you can use most other tools like it
<Sling> anyway I don't want to turn this into the puppet vs chef vs <rest> discussion :)
<Sling> use whatever you feel comfortable using, as long as its not manually logging into servers anymore
<ogra_> if you want to be relevant for the future you better look into cloud mgmt tools like juju ... :)
<OpenTokix> And version control
<arcsky> OpenTokix: what config mangment tool do you recommend? i looking for a simple
<OpenTokix> arcsky: the learning curve for it, is quite high  - but it will make youre life so much easier in the long run.
<arcsky> I work with network and security dont wanna be a server guy ;)
<OpenTokix> arcsky: I would check out puppet, chef, cfengine, saltstack, ansible today. - I personally use cfengine3 since it suits me perfectly.
<OpenTokix> arcsky: I work with everything.
<arcsky> OpenTokix: ok thanks i will check them out
<OpenTokix> arcsky: puppet is the one with the most online resouces, and copy/paste-able stuff.
<arcsky> coolers
<OpenTokix> arcsky: however, it does not scale past 5000 hosts. - But if that isnt an issue you can ignore the "scaling issues"
<arcsky> not an issue
<frobware> Is it realistic for me to boot the vivid 3.19 kernel on trusty ARM 64?
<strikov> frobware: you may want to ask this question at #hyperscale
<genii> Or possibly #ubuntu-arm, if anyone's currently awake in there
<frobware> strikov, genii: ok & thx.
<strikov> frobware: genii is right, #ubuntu-arm is the best place
<frobware> strikov, heading there now. :)
<sarthor> HI,using ubuntu-server,  according to this link " http://mpcabd.igeex.biz/python-arabic-text-reshaper/ " When I try to instal " l pip install https://github.com/mpcabd/python-arabic-reshaper/archive/master.zip " so it give this error http://pastebin.com/H1KtwfaY HELP please.
<JanC> sarthor: as the error message says, there is no setup.py in that zip file; just unpack the zip in the directory you want it to be
<samba35> i am uisn gubuntu 14.04.2 as host and i have 2 guest ,i am using openvswitch with bridge mode but many time openvswitch/brctl doesnt startup  then i have to add eth1 to bridge and after that it work but not always
<sarthor> JanC, I unpacked and there is setup.py file.
<thor77> hey, i want to use one package from debian-experimental. whats the best way to do this?
<sarnold> thor77: read about pinning, in apt_preferences(5)
<genii> thor77: What package?
<thor77> genii: munin
<sarnold> thor77: I'd be tempted to just wget + dpkg -i the thing, but that would make future updates more difficult than it should be. might as well do it right...
<thor77> genii: i want to use version 2.1
<thor77> genii: but ubuntu provides only 2.0
<pmatulis> thor77: a PPA maybe - https://launchpad.net/ubuntu/+ppas?name_filter=munin
<pmatulis> but careful, anyone can bake one
<thor77> pmatulis: cant find munin 2.1 there, only 2.0 or older :/
<pmatulis> thor77: bummer.  you can make one yourself i suppose.  it's not too hard.  makes it complicated if the package has a lot of dependencies
<thor77> http://packages.ubuntu.com/vivid/munin looks like it has a lot of dependencies
<genii> Yup. So that's why using a Debian repo to get it is probably asking for dependency hell
<RoyK> thor77: better compile munin .1 from scratch
<RoyK> thor77: better compile munin 2.1 from scratch
<RoyK> thor77: munin 2.1 is a development track
<thor77> RoyK: munin-dev said to me i should use deb-repo because its a pain^^
<RoyK> thor77: the do that in a vm
<RoyK> thor77: don't use deb-testing repos on a prod box
<RoyK> or deb-unstable - it breaks things
<genii> Interestingly 2.1.6 released March 9 2014, 2.0.25 released November 24 2014 ...so 2.025 is actually a later release
<RoyK> not very interesting - 2.0 is the stable track - 2.1 is the development track
<sarnold> but if their newest 'dev' is nearly a year old..
<RoyK> sarnold: then it's probably better to use the code from git ;)
<RoyK> doesn't look like the munin guys are releasing much devel versions
<sarnold> RoyK: yeah, if it's any newer..
<thor77> http://demo.munin-monitoring.org/ <- 2.1 2.0 -> http://munin.crapwa.re
<thor77> i like the new design
<sarnold> crapwa.re, hehe
<thor77> i like my domain ;)
<sarnold> thor77: oh, heh, i missed that :) nice
<RoyK> sarnold: there are daily patches submitted to git
<genii> thor77: You might try apt-get build-dep munin for the version that's currently in Ubuntu, then wget the debian package and attempt dpkg -i on it and see if it groans
<RoyK> thor77: doesn't look like you've configured fastcgi correctly ;)
<thor77> RoyK: yes, its a pain with nginx and i dont need it
<RoyK> http://munin.crapwa.re/static/dynazoom.html?cgiurl_graph=/munin-cgi/munin-cgi-graph&plugin_name=crapwa.re/fire.crapwa.re/diskstats_iops/xvda&size_x=800&size_y=400&start_epoch=1424808308&stop_epoch=1425499508
<RoyK> zooming doesn't work without it
<thor77> i know
<thor77> but i dont need zooming
<RoyK> I use that regularly
<thor77> or better: i tried to configure it a few times with no success and no i gave up because i dont really need this
<thor77> but if you have a working configuration with nginx, i would be happy if you would send it to me :)
 * RoyK has 100+ machines in munin and tend to need it some times
<thor77> do you have one with nginx? :P
<RoyK> just using apache for this - it's dead easy to configure and with 100+ machines monitored, it won't make a difference performance wise
<RoyK> nope - I rarely use nginx - just for small things - better try to ask on #munin @OFTC
<RoyK> thor77: why do you need 2.1?
<thor77> RoyK: new beautiful design
<RoyK> a little more flashy design isn't really a lot compared to the dependency hell you might be having by adding experimental repos
<thor77> RoyK: maybe you're right. i think i will wait until the update is available in the official repos :)
<thor77> and maybe i will setup apache, php is much less pain with it
<RoyK> last time I tested php with nginx, it was rather easy
<RoyK> used it with wordpress
<RoyK> but ditched nginx because of some modules I use with apache
<thor77> until know i found nothing that doesnt work with nginx but does with apache and i like the configuration from nginx
 * RoyK sets up nginx vm for testing on 1404
<sudormrf> hey all, does anyone in here happen to know if there exists an nrpe plugin to monitor hdd temperatures?
<ikonia> sudormrf: there is an lmsensors nrpe module
<sudormrf> ikonia, can lmsensors read hdd temps?  I installed lmsensors and it was only looking at stuff on the mobo
<ikonia> the hd temps are fed to the system over the motherboard
<sudormrf> hmm.  when I run "sensors" and do the initial setup, then run the command again the individual drive temps are not returned
<ikonia> not all motherboards monitor hd temps
<ikonia> depends on the controller chipset if the hard disk can report back
<sudormrf> gotcha
<sudormrf> well it looks like mine doesn't.
<sudormrf> hddtemp returns the data (as does smartmontools), would prefer the data from smartmontool
<sudormrf> trying to install this one: https://github.com/vint21h/nagios-check-hddtemp#installation but the installation instructions are lacking.  I ran the steps listed, but am not seeing what I think should be right
<sudormrf> ok, next question.  smartctl works locally on the machine, however nagios is saying this" CRITICAL - SMART_ENABLE: Inappropriate ioctl for device "
<sudormrf> this drive IS part of an mdadm array.
<sudormrf> however it is also saying that for a drive that is not part of that array
<bekks> sudormrf: smartctl does not work on mdadm devices.
<bekks> It works on physical devices only.
<sudormrf> bekks, the command is checking /dev/sda
<sudormrf> instead of /dev/md0
<sudormrf> running smartctl -a /dev/sda on the device it works
<bekks> And is that exactly the command which is run by nagios?
<sudormrf> good question
<sudormrf> let me check
<sudormrf> hmm.  looks slightly different.
<sudormrf> maybe? not sure
<sudormrf> running the plugin against the drive manually, not with nrpe, it returns reslts
<sudormrf> results
<sudormrf> odd
<teward> is there a way to set up a mailing list / alias feature in Postfix, or do i have to set up mailman and dovecot and postfix
<sarnold> teward: http://www.postfix.org/aliases.5.html
<teward> sarnold: any other setup needed, such as DNS changes?
 * teward is not sure what else he needs :/
<sarnold> teward: depends, this is very primitive, but doesn't require much.
<teward> mmm
<sarnold> mail to foo@example gets exp0loded... that's it.
<teward> oh, dear...
<teward> welp, that explains that...
<teward> "Network is unreachable"
<teward> i wonder if my rules are too restrictive
<teward> ooo also timeout
<teward> s
<teward> no wonder its not working
#ubuntu-server 2015-03-05
<teward> well... i'm getting a nice little NOQUEUE:REJECT from that :/
<lordievader> Good morning.
<FrEaKmAn_> is it normal that my main partition is called dev/mapper/ubuntu2--vg-root?
<lordievader> FrEaKmAn_: If you've let the installer do lvm and your hostname at that time was ubuntu2, then yes.
<sudormrf> hey guys
<sudormrf> back
<sudormrf> done a lot of searching and am not coming up with anything, hoping someone can help
<sudormrf> getting this error for check_ide_smart: CRITICAL - SMART_ENABLE: Inappropriate ioctl for device. drive supports smart, 1 drive is not part of an mdadm array, others are.  smartctl can check the disks manually.  running the plugin against one of the disks manually returns results
<sudormrf> for nagios
<sudormrf> oh wait
<sudormrf> nope
<sudormrf> hunch wrong
<sudormrf> odd thing about this is, I have another system running these same checks and I don't get any errors.  commands were copied and modified where necessary.
<ppetraki> sudormrf, so can you find out what check_ide_smart is running on your behalf?
<maddawg2> hey all... can someone tell me how to prevent the kernel from upgrading in ubuntu server
<maddawg2> i.e. "pin" it
<bekks> Pin it.
<maddawg2> i've found instructions to do it in the gui but not via CLI
<maddawg2> how would i properly pin it
<maddawg2> can i just do sudo aptitude hold <the installed kernel package>
<bekks> apt-mark hold packagename
<bekks> But why do you want to not get kernel updates?
<maddawg2> ah ok... is the output of uname -r the kernel package name?
<maddawg2> it's for testing purposes bekks
<maddawg2> not a production machine
<maddawg2> we're trying to test something
<maddawg2> on an older kernel
<maddawg2> but it eventually upgrades so it makes the test pointless
<maddawg2> lol
<maddawg2> i assume the output of uname -r is the name of the kernel package
<bekks> No.
<sarnold> you could also uninstall the metapackage that depends on the newest5 version
<maddawg2> 2.6.32-71-generic-pae
<bekks> Thats a version, not a package name.
<maddawg2> ah
<maddawg2> how do i find out the package name?
<sarnold> dpkg -i '*linux*' | grep '^ii'
<maddawg2> huh?
<sarnold> sigh,
<sarnold> not -i but -l
<maddawg2> dpkg: error processing *linux* (--install):
<maddawg2>  cannot access archive: No such file or directory
<maddawg2> Errors were encountered while processing:
<maddawg2>  *linux*
<maddawg2> oh -l
<sudormrf> possible error in installer for server (not sure if it has been corrected yet): installing from USB, when it gets to the GRUB install it fails.  It looks like it is trying to install GRUB to the USB instead of the main drive of the system.  Finishing the install without grub, then using boot-repair fixes the issue.
<arcsky> hello guys, how can i found out if my VPS provider did shutdown my server today or does my ubuntu reboot automatticaly?
<bekks> arcsky: It does not reboot automatically.
<arcsky> bekks: possible to see what could cause the reboot?
<arcsky> dont see anything intresting in syslog
<Emmanuel_Chanel> Hello! I want to install the lastest version of dovecot. Which PPA is the best?
<jrwren> Emmanuel_Chanel: I don't think there is one. utopic comes with 2.2.9 which is reasonably current (imo)
<jrwren> Emmanuel_Chanel: if you really want 2.2.15, might be easiest to get 2.2.9 package source and update it to 2.2.15 and put to PPA yourself?
<Emmanuel_Chanel> Thx... I found https://launchpad.net/~malte.swart/+archive/ubuntu/dovecot-2.2 now.
<jrwren> Emmanuel_Chanel: oh cool! Thanks!
#ubuntu-server 2015-03-06
<mrdot> Hello
<mrdot> Is there a way to assign different static IPs to different users ?
<LeMike> hello. I often see bigger companies closing sites due to hacks. how do they find those? is there some kind of hack-scanner or framework for it?
<LeMike> bigger companies = hosting services etc.
<jrwren> LeMike: yes, botnets which scan for vulnerabilities and root systems. entirely automated.
<jrwren> LeMike: http://arxiv.org/pdf/1105.1720.pdf  background reading
<mnaser> am i imagining things or if I am not wrong, recent kernels allow the partition table to be re-loaded without reboot..?
<patdk-wk> has always been the case *sometimes*
<patdk-wk> if the disk is not in use, it's always allowed it
<patdk-wk> if it is in use, partprobe will update it *sometimes*
<dannyxyz> hi
#ubuntu-server 2015-03-07
<rsully> Any reason `hdparm` shows my drives as only 2TB instead of 3 and 4?
<rsully> er. sorry not hdparm, lshw
<apeskalle> Hello. I have a problem with my NFS server, that I hope you can help me with. I've added a new raidstripe to the nfs server, tar'ed all the data over to it. Deleted the old symlinks in /export, and linked them to the new stipe. But now when I try to mount the exports on the nfsclients, it times out. When I check tcpdump on the nfsserver, it complains about stale filehandles. I've tried rebooting, deleting rmtab, xtab, sm, s
<apeskalle> uninstalling nfs server and client with purge and autoremove. Then ran out of ideas
<lordievader> Good morning.
<hadifarnoud> on nginx, what should I set for client_body_buffer_size? the guides I found are confusing. Should it be a large number and then set body size also on a large number?
<blanoz> What would you consider to be more appropiate for PHP shared hosting between 3 friends (each with its own /home and www folder under /home): apache & mod_php + nginx for static content OR apache mpm event (static files only) + php-fpm, each user with its own fpm pool?
<kevinde> Are there any good paid ebooks around to learn more about linux server security?
<ivoks> i learned a lot from 'hacking linux'
<ivoks> hacking exposed linux
<ivoks> http://www.amazon.com/Hacking-Exposed-Linux-3rd-Edition/dp/0072262575
<ivoks> it's a bit outdated thou
<ivoks> still, a good read
<ivoks> i had this one - http://www.amazon.com/Linux-Hacking-Exposed-Brian-Hatch/dp/0072127732/ref=pd_sim_b_5
<kevinde> thanks
<kevinde> will check that out
<apeskalle> Only took most of the day, but I've figured out the NFS problem (posted earlier today)
<bekks> And what was the problem? :)
<apeskalle> nfs has 32bit inodes, and i used xfs on the new stipe, which has 64bit inodes (old stipe had ext3). So I added fsid to /etc/exports , and that solved the problem
<bekks> So actually you are using NFSv4 now, and I guess you actually had this issue, which is not a "nfs inode size" issue: http://www.tcm.phy.cam.ac.uk/sw/inodes64.html - correct?
<apeskalle> Yes. nfsv4
<apeskalle> Never got so far to try any programs or ls like in the link. I couldnt even mount the filesystem on the clients. nfsv3 and 4 just timed out. Tcpdump and -v showed stale nfs handle errors
<bekks> apeskalle: Which sounds like nfs misconfiguration, not like an inode issue.
<ilken> do i need network manager on ubuntu server? its using 2% of my ram
<ilken> can i remove it?
<bekks> If you configure networking without it, yes.
<pmatulis> ilken: how did it get installed on your server?
<ilken> its an old box, it had KDE on it before, but i needed a stick of RAM so i stole one out
<ilken> i removed all the WM's
<soahccc> Why does a default crtmpserver installation (via apt-get) does not require any authentication at all? I read a lot and the only thing I could find is a bug (which broke authentication) but it's from 2011 and >300 revisions in the past. Would such a bug be in an official package still without anyone noticing? I know that crtmpserver is very complicated and the documentation / howto's / etc. are rare and often outdated
<ilken> its been messed with for over a year i may need to re-install a minimal iso
<pmatulis> ilken: that's what i would do, reinstall 14.04 LTS
<pmatulis> (server edition)
#ubuntu-server 2015-03-08
<jrwren> ilken: i never reinstall. no need. You can remove network manager and configure networking without it.
<RudeViper> I am setting up a HOME file/media server which will also host a small private minecraft server. I have the OS drive set up as an ext4 file system and now need to add the other small drives. What would be the "safest" file system for this - zfs - btrfs - ext4 or ntsf? I'll need Windows to be able to read it
<cryptodan> RudeViper: then NTFS it is
<RudeViper> ok thanks
<JanC> RudeViper: Windows needs to read it over the network or locally?
<RudeViper> over the network
<RudeViper> JanC, - sorry was AFK for a few
<lordievader> Good morning.
<Voyage> Hi
<Voyage> site.com/about-us is not redirecting to site.com/about-us.php  via config: RewriteCond %{DOCUMENT_ROOT}/$1.php -f  RewriteCond %{REQUEST_FILENAME} !-d  RewriteRule ^(.*)$ $1.php [L]  What can be wrong?
<JanC> RudeViper|ZZZzzz: if you use Samba then you don't need/want NTFS on the server
<apeskalle> Bekks: http://xfs.org/index.php/XFS_FAQ#Q:_Why_doesn.27t_NFS-exporting_subdirectories_of_inode64-mounted_filesystem_work.3F
<Emmanuel_Chanel> Hello!
<Emmanuel_Chanel> How can I get core dump?
<jrwren> ulimit -c unlimited
<ReScO> hey people, i'm having a lot of trouble with setting up postfix and dovecot
<ReScO> i have my config here: http://pastie.org/private/lx80yeyj5dxgwddwdxipcg
<ReScO> currently having trouble with setting up SSL, and making postfix and dovecot receive mail for both dead-pixel.nl and api1.nl as domains
<ReScO> what is going wrong?
<bekks> Error messages would be handy :)
<ObrienDave> error messages? we don't need no stinking error messages ;p
<bekks> Just get you glass orbs working, guys ;)
<bekks> *your
<ReScO> got none
<bekks> Then how do you know something is not working as expected?
<ReScO> http://pastie.org/private/tyeneorcgov73fb2jxalsg
<bekks> And where is that from?
<ReScO> because at first i had trouble with SSL, now i don't anymore, SASL, still clueless about that and finally, i have no clue on how to set up v.domain and v.users
<ReScO> bekks: mail.err
<bekks> I am heavily wondering why your log has time glitches.
<ReScO> and mail.log: http://pastie.org/private/jn5mtv8gzf7nrurc1vmftq
<ReScO> bekks: "mail.err"
<bekks> Is that just an excerpt from mail.err?
<ReScO> only errors
<ReScO> excerpts with info that is related to my issue
<bekks> So that excerpt is totally useless.
<ReScO> you mean the mail.err log? no shit, you wanted it.
<ReScO> i told you it was useless/ got none
<ReScO> unable to send you complete logs tho
<bekks> Why?
<ReScO> because i can only copy over so many lines in nano?
<bekks> !pastebin
<ubottu> For posting multi-line texts into the channel, please use http://paste.ubuntu.com | To post !screenshots use http://imgur.com/ !pastebinit to paste directly from command line | Make sure you give us the URL for your paste - see also the channel topic.
<bekks> And take a look at this post: http://askubuntu.com/questions/532405/fatal-no-sasl-authentication-mechanism
<ReScO> why would i want to share private email adresses and such?
<bekks> BEcause you can anonymize them before pasting.
<ReScO> yeah totes
<ReScO> you're making it pretty hard, aren't ya? :P
<ReScO> "use pastebinit" k. "anonymize dem emails" sed s/"blah"/"" right??
<bekks> Yeah, because I am asking for complete logs. Anyways, it is your mailserver, not mine. Maybe someone else make it less hard for you.
<ReScO> (afayk, i completely have no clue on how to "anonymize" my logs -before- pasting.)
<Emmanuel_Chanel> Hello! When the bug of libpam-smbpass will be fixed?
<teward> Emmanuel_Chanel: that's oddly nonspecific - what bug
<Emmanuel_Chanel> Maybe, my commented on this https://bugs.launchpad.net/ubuntu/+source/samba/+bug/1257186 is out of topics,
<Emmanuel_Chanel> it disable my mail server to use both auth-system.conf.ext and another.
<Emmanuel_Chanel> My problem's solution is http://ubuntuforums.org/showthread.php?t=2246951&highlight=dovecot+auth+worker
<teward> Emmanuel_Chanel: well, that bug will detail the 'fix status' - it looks like upstream may have it but Debian doesn't even yet
<teward> but the only thing I can say is perhaps patience is needed?
<Emmanuel_Chanel> teward: ok...
<jirido> Hi i have some troubles to start up vsftp on 14.04 and wonder if there is some procedur to folow to get info on what fails when starting service. One config works one don't
<jirido> And is it possible to switch to systemd somewhat easy?
<Emmanuel_Chanel> teward: I took your comment for meaning libpam-smbpass is originally a Debian package. But looks I'm wrong...
<teward> Emmanuel_Chanel: no, I didn't mean that, my point is that not even Debian has grabbed the fix for it yet
<teward> Emmanuel_Chanel: it'll probably get done eventually, but you need to have patience either way
#ubuntu-server 2016-03-07
<ko2> hi
<ko2> Who are there?
<pmatulis> what?
<lordievader> Good afternoon.
<Razva> good afternoon
<lordievader> o/
<shredding> Where can i learn about the stuff in ifconfig?
<shredding> E.g. what is utun, what is ethernet etc.
<ikonia> different device file types, you may want to look at the bridge-utils documentation
<shredding> ikonia: Is there a place that generally gives an introduction in terms and concepts?
<shredding> sth like https://www.digitalocean.com/community/tutorials/an-introduction-to-dns-terminology-components-and-concepts for dns
<ikonia> shredding: no idea
<shredding> ok
<jayjo> How can I list all processes that are running? when I run top some PIDs come in an out of the list, but they aren't there constantly
<Pici> ps aux
<jayjo> for example mysqld will show up running over 3 GB but then dissapear
<hateball> "ps auxww" shows you even more info, if that is desired
<Pici> jayjo: you can also scroll in top, but I find htop much easier to use.
<jayjo> ps aux and top seem to be showing me different things. top says I have 8GB memory (and I actually don't know how much I have, can I find tha from the command line... I dont have access to the AWS dashboard) but in ps aux it says the same memory is being consumed but it is 10% of memory
<jayjo> under %MEM
<Pici> See free -m
<jayjo> Pici: these are MBs?
<Pici> Yes.
<Pici> The -m means MB
<jayjo> ah OK, so the %MEM is not accurate I think in ps aux
<jamespage> ddellav, coreycb: any reason where holding back on the swift 2.6.0 upload?
<coreycb> jamespage, nope not that I know of
<jamespage> coreycb, let me take a look - I'll sponsor it...
<coreycb> jamespage, thanks
<jamespage> coreycb, I'll try to unpick the python-django-compressor merge I've had on my list for a while now today as well but might be tomorrow
<coreycb> jamespage, ok
<coreycb> jamespage, I've started on the b3 core packages, and so far just blocked on the new paramiko release
<jamespage> coreycb, urgh
<coreycb> jamespage, which seems fairly important: https://review.openstack.org/#/c/268197/
<ws2k3> im trying to install ubuntu 12.04 but at downloading installer component i just get a purple screen and then nothing happens what could this be
<jamespage> coreycb, ~ well yes it important but generally rather than openstack specifically
<ws2k3> im trying to install ubuntu 12.04 but at downloading installer component i just get a purple screen and then nothing happens what could this be
<ws2k3> i also tryed other mirrors but all mirrors seems to have this issue
<xnox> rbasak, hello =) would you like to be on the Developer Membership Board?
<xnox> jamespage, hello =) would you like to be on the Developer Membership Board?
<jamespage> xnox, +1 on rbasak on the DMB
<xnox> Daviey, hello =) would you like to be on the Developer Membership Board?
<jamespage> xnox, lol
<xnox> jamespage, excellent. Do you have rbasak's gpg key to sign and send in nomination? =)
<jamespage> xnox, yes
<jamespage> coreycb, hey - looking a python-django-compressor - will need a MIR for three new packages to go to 2.0
<jamespage> two are pull-outs of existing vendored code in 1.6
<jamespage> and the other is new
<coreycb> ddellav, take a look at python-pika-pool for an example of running tests as autopkgtests
<Logos01> Howdy, folks. So I have a bit of a confusion that maybe someone here could help me work out...  why is it that there is so little interest in pulp in the .deb world?
<coreycb> jamespage, need a hand with those MIRs?
<Logos01> I mean, it's been over two years since the basic framework for .deb support was published to the pulp github, and it's *still* nonfunctional.
<jamespage> coreycb, I'll need a ffe first - you focus on the rest of the stuff...
<coreycb> jamespage, ok
<rbasak> What's pulp?
<Logos01> Pulp is a repository synchronization/publication engine
<rbasak> Why does the .deb world need this?
<Logos01> http://www.pulpproject.org/
<Logos01> rbasak: Well for one it would enable the use of products like Katello
<rbasak> What's Katello? Why does the .deb world need that?
<Logos01> It is a significant gain over apt-mirror in that it enables administrators to create repositories interanally and associate them with specific servers in order to more readily manage what packages are accessible to what servers (up to and including recency of mirror, to enable package lifecycles for promotion paths from nonprod to prod, etc., etc..)
<Logos01> Katello is the opensource upstream of the Red Hat Network Satellite (version 6.x)  ( http://www.katello.org/ )
<Logos01> It ... does a great deal of things, including bundling foreman, puppet, pulp, and candlepin
<Logos01> Gives you recency, inventorying, ownership tracking, config management, etc., in a bundled manner.
<rbasak> I don't see a benefit here. You need to frame this in terms of the benefits it brings, not in terms of other things whose benefit you have also not explained.
<Logos01> O_o
<rbasak> IM(personal)HO, apt repositories outside the distro are fundamentally broken anyway. PPAs are about as far as they'll stretch.
<rbasak> apt wasn't designed for this, and it shows.
<rbasak> I suspect RPMs are the same.
<Logos01> rbasak: You can do PPAs as well with this, but it's primary function is in handling the core distro channels.
<Logos01> It's a repository mirroring engine.
<jamespage> coreycb, for reference:
<jamespage> https://bugs.launchpad.net/ubuntu/+source/python-django-compressor/+bug/1554134
<ubottu> Launchpad bug 1554134 in python-django-compressor (Ubuntu) "[FFe] python-django-compressor 2.0" [High,New]
<Logos01> It lets you do things like expose the current packageset to your dev environment, a week old version of that to your acceptance/staging/testing environments, and a month old to your production
<rbasak> That sounds handy.
<Logos01> So you can just let packages autoupgrade and still have that assurance of burn-in on all packages.
<Logos01> This is what I mean by "recency"
<rbasak> Make it do that easily for Ubuntu users and perhaps they'll take it up.
<Logos01> It *ALSO* lets you do things like track which DSAs (or the Ubuntu equivalent) are applicable to which of your servers.
<Logos01> rbasak: ... That's exactly what I'm asking about.
<rbasak> Add a million layers of abstraction in the middle, and I suspect that nobody will bother.
<Logos01> Why isn't this there already? It just needs plugin development.
<Logos01> Apparently the answer is nobody in the .deb world has heard of it. Which seems surreal to me.
<rbasak> Someone needs to champion it for Ubuntu I guess.
<Logos01> You're familiar with Ubuntu Landscape?
<rbasak> Yes.
<coreycb> jamespage, thanks
<Logos01> Katello is a free and opensource "competitor" in a sense to it.
<Logos01> (You can also use pulp for pip, cpan, gems, or puppetforge)
<rbasak> So be competitive :)
<Logos01> I'm not a developer.
<rbasak> Ah.
<Logos01> I'm just trying to understand why it seems like nobody in the .deb world seems to give a crap about it.
<rbasak> What you're really asking is why nobody is spending money on developing it.
<Logos01> I've been asking this for years. I never get a good answer beyond "I've never heard of it"
<Logos01> Which is just ... bizarre.
<rbasak> There's a big difference between those questions.
<rbasak> Nobody has heard of it because nobody else is spending resources on developing it for this world.
<rbasak> Simple answer I think.
 * Logos01 shrugs
<Logos01> It's not even like it would take a great deal of manhours to do.
<Logos01> https://github.com/pulp/pulp_deb
<rbasak> Give somebody a good reason to spend those manhours, and perhaps they will.
<Logos01> That is ... a surreal answer, to me.
<rbasak> That is exactly how the Free Software ecosystem works. I don't understand why it's surreal.
<Logos01> Because the benefits of the thing are rather extensive; knowledge of the project in and of itself should comprise sufficient reason for at least *someone* to want to make that development.
<Logos01> Especially considering it is developing a plugin, not overhauling the engine itself, that is all that's called for.
<rbasak> That's not how it works.
<Logos01> And yet no matter how many times I've brought this up over the years nobody has ever seemed to ever say anything other than "Why should we care?"
<Logos01> And I can explain and reexplain the benefits of having repository management and all the ancillary benefits therein and it just doesn't sink in.
<rbasak> You can wish for developers to magically appear all you want. Actually everyone only does stuff because of some reason to motivate them. This applies to everything, not just this project.
<Logos01> There's a difference between wishing for something to have happened, and trying to understand why there seems to be significant resistance to something that has obvious and imminent gains for the community.
<Logos01> The latter is what I'm trying to figure out here.
<rbasak> I don't see any resistance.
<rbasak> You say resistance, I say lack of motivation.
<Logos01> That is; not merely, "Why hasn't someone done what *I* want" but rather "Why has no one done this despite how painfully obvious the benefits of it are?"
<Logos01> And to be clear; they *are*
<Logos01> Which is why I find answers like yours surreal.
<Logos01> Because this is far from the first time I've brough this topic up.
<rbasak> I suspect most people in a position to need this find it easier to just pay for Landscape.
<Logos01> Yet that is *always* the answer: "Why should we care?" "Do it yourself", etc..
<rbasak> s/need/develop/ maybe.
<rbasak> Again, that's how the ecosystem works.
<Logos01> Or, more commonly, as you did, "Never heard of it"
<Logos01> And it's that last part that is the most perplexing.
<Logos01> Oh well.
<Logos01> It seems the answer hasn't changed from the last dozen times I've asked this question (in here, no less)
<Logos01> Thanks for your time.
 * Logos01 walks away in utter astonishment
<rbasak> That's because the motivation for the existence of the Free Software ecosystem hasn't changed, either.
<rbasak> How can you still be astonished, if others have given you the same answer previously?
<nacc> well, it seems like pulp explicitly lists only RH-family distros, no? and the diagram is all yum ... http://www.pulpproject.org/
<jamespage> matsubara, rbasak: did you guys make progress on the dlm merge from debian?
<nacc> or is that the point of this discussion?
<rbasak> jamespage: I don't recall any movement on that.
<rbasak> jgrimm: do you know the status of the dlm merge?
<nacc> "There is also a community-contributed plugin for Debian packages."
<nacc> Logos01: --^ ?
<nacc> Logos01: why isn't that "good enough"?
<Logos01> nacc: It's a skeleton that is non-functional and has been in that state since it was first created over two years ago.
<Logos01> It wouldn't take much work to finalize but nobody in the .deb world ever seems to care.
<rbasak> It sounds to me that it's a RH world product that claims to be "cross platform" in order to make it more appealing to users to lock themselves in, because in reality they're only paying lip service to that claimed portability.
<nacc> Logos01: i have to agree with rbasak; what you've described above is a generic argument for why pulp is good. But not why I should care to contribute. And tbh, it doesn't solve a gap for me, as a user. The gap seems to be deploying pulp in a place that wants to host Debian
<nacc> or Ubuntu
<Logos01> nacc: I'm not agitating for it to be done.
<Logos01> I'm not *asking* for it to be done.
<Logos01> I'm trying to understand why nobody in the .deb world already *wants* it to be done.
<nacc> Logos01: why would anyone in the .deb world particularly care to make a RH/rpm-based product integrate with deb-based? why is it so much better than what already exists? (and if it is, i think it would naturally be supplanting it in the ecosystem ... the best tools, ime, exist & thrive in FOSS)
<jamespage> rbasak, I'll deal with it - clearing my merge backlog...
<Logos01> nacc: The closest analogue to it is apt-mirror, and pulp is a significant gain over that in terms of the raw functionality it provides, to the point where I don't even know where to begin to describe how much so this is true.
<Logos01> And you're asking exactly the question I'm asking with the latter parts there. Which is why I am constantly amazed by the lack of penetration or care/concern it has here.
<rbasak> The people who might want that functionality probably use Landscape. So you need to be comparing against Landscape, not apt-mirror.
<Logos01> rbasak: Pulp is best compared against apt-mirror.
<Logos01> Katello, which uses pulp as a component, is what is best compared against Landscape.
<rbasak> If you say so. I doubt users care.
<Logos01> You can use Pulp without anything else. Many do.
<Logos01> Also, and this is a major consideration point; Individuals who want to learn how to manage the closed-source product from Red Hat (RHN Satellite) can deploy their own Katello instances in the lab, and take exactly those skills across without having to license anything.
<Logos01> Makes for a much easier entry path into competence.
<rattking> I use aptly snapshots to do what sounds like the same things
<rattking> same things being alpha/beta/prod snapshots on a local mirror plus personal repos
<Logos01> rattking: From the description (on the page as well) it seems very similar, yes.
<nacc> jamespage: i just noticed something else about commons-vfs that I missed before, I apologize! there's a bindep from libcommons-vfs-java-doc -> libcommons-net-java-doc but the latter is in universe. It looks like historically (it hasn't been packaged in ubuntu since oneiric?) it was in main. Should it be MIR'd? the package does build & test successfully without either of libjackrabbit or
<nacc> libcommons-net-java-doc, but i'm guessing maybe some documentation linking won't work?
<jancoow> Hi. Does someone know a tutorial (that works) for running at least 1 application over a vpn, but the rest of the server over the normal ethernet connection
<lordievader> jancoow: VPN's usually work on a basis of routes, not applications.
<bekks> jancoow: lordievader: https://schnouki.net//schnouki.net/posts/2014/12/12/openvpn-for-a-single-application-on-linux/
<lordievader> bekks: 'That page doesn't exist!'?
<lordievader> Ah, double schnouki.net
<bekks> indeed - no clue how I copied that :D
<lordievader> This forces a program to use a different default gateway?
<bekks> Yes. Which basically what a VPN does, as well.
<jancoow> well i tried that
<jancoow> the virtual interface is kinda working but it lost connection after x seconds
<jancoow> like i could ping , but when i try 10 seconds later: nope no connection
<lordievader> Nice though.
<jancoow> (and that's without vpn running)
<lordievader> jancoow: So, the underlying network connection has problems?
<bekks> jancoow: that solution requires a vpn.
<jancoow> bekks: i also tried a vpn. If i do it in "the first 10 seconds" the vpn could communicate with the vpn server. But this also timed out after 15 seconds or so
<jancoow> lordievader: i do think so!
<jancoow> i simply runned this https://gist.github.com/Schnouki/fd171bcb2d8c556e8fdf with ""up"
<jancoow> and changed the fping to ping (because i doesn't have fping installed) :)
<jancoow> and eventually started openvpn (with another config, ofcourse)
<lordievader> jancoow: So fix your network first ;)
<jancoow> lordievader: well the normal ethernet connection is just fine (the one on eth0)
<lordievader> < jancoow> lordievader: i do think so! <- /me is confused
<jancoow> wut ;p
<lordievader> I asked if the underlaying network connection has problems, you said yes. And later you said it didn't.
<jancoow> lordievader: oh wel. The "Yes" was more on the underlaying network connections UNDER the vpn :). So actually the bridge between the virtual interface and the realinterface
<lordievader> Ah, the regular network is fine?
<jancoow> yes!
<jancoow> server is already up for 200 days and never had problems :)
<lordievader> Ah, I misunderstood. So after some time the vpn connection, and only the vpn connection, dies?
<jancoow> not only the vpn connection. Even when i doesn't start the vpn on it, and i'm trying to use ping it doesnt work
<lordievader> jancoow: Was the "ip netns exec frootvpn ping www.google.com" from the guide set?
<jancoow> yes
<jancoow> this is for example the output after i imdetialy run the script: https://jancokock.me/f/b566a
<lordievader> Does ping work after removing that setting?
<jancoow> how can i test that without running that command?
<bekks> You cant. :)
<lordievader> You cant remove those settings?
<jancoow> well it isn't a setting, right? It exec's a program, and that programm is ping
<bekks> No. The exec program is frootvpn
<bekks> and that executes ping.
<jancoow> ah!
 * lordievader fears his understanding of the Linux network stack is too little
<bekks> actually that frootvpn is a network namespace which you execute ping in.
<bekks> So it is vital to use "ip netns frootvpn ..."
<jancoow> but why does it stops working after some seconds :/
<jancoow> that's the question ;
<jancoow> ;p
<jancoow> do you know if there are somewhere logs ??
<bekks> Look at the logs? :)
<jancoow> ?*
<bekks> Logs are in /var/log/ e.g.
<jancoow> yeah
<jancoow> there are a lot of logs there :D
<bekks> Thats why the directory is names /var/log :P
<jancoow> the only thing i can see in dmesg is [16873278.337995] IPv6: ADDRCONF(NETDEV_UP): vpn0: link is not ready
<jancoow> [16873278.360117] IPv6: ADDRCONF(NETDEV_CHANGE): vpn0: link becomes ready
<jancoow> bekks: any idea? :D
<jancoow> btw
<jancoow> is it bad that i didn't rebooted my server for already 200 days
<genii> If you did security updates in that time and didn't reboot yet, then yes
<jancoow> just regual updates in apt update/upgrade
<tomreyn> during the past 200 days there was the glic patch, which suggests you should reboot
<tomreyn> (not all ubuntu versions / platforms were affected by it, though). while i have not checked, it is somewhat likely that kernel security patches were also made available during this time. which, unless you use live kerbel patching, would also requiore a reboot to apply.
<tomreyn> s/ kerbal / kernel /
<jancoow> ubuntu doesn't have the ability for live kernal patching right?
<jancoow> only redhat right?
<tomreyn> linux has the ability
<tomreyn> in some versions or other
<genii> Ubuntu does, but it gets convoluted
<genii> !info ksplice
<ubottu> ksplice (source: ksplice): Patching live kernel without having to reboot. In component universe, is optional. Version 0.9.9-5 (wily), package size 527 kB, installed size 3525 kB (Only available for i386; amd64; arm; armel; armhf)
<jancoow> and how safe is it to do?
<jancoow> or is it stable
<genii> ksplice itself is stable, but the updates then work differently than normal
<coreycb> ddellav, can you update the (build-)dependencies for heat?
<coreycb> ddellav, looks ok other than that
<ddellav> coreycb ok
<Logos01> jancoow: If you're worried about live kernel patching then you might want to look into LXD
<Logos01> And then containerize all of your services.
<Logos01> Probably a safer/easier path
<jancoow> i'm not woried
<jancoow> just asking :)
<jancoow> still didn't fix my vpn
<ChibaPet> Hey all. If this is not yet on-topic I'll go elsewhere, but Xenial installs with the server ISO that set up LUKS root seem to all time out on shutdown, as systemd can't dispense with the LUKS container or the MD-RAID (in some cases) underneath it. Is there a known workaround
<ChibaPet> ?
<Jukse> Hello! i have a question!
<ChibaPet> !ask
<ubottu> Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<sarnold> ChibaPet: probably best to file a bug against systemd, sounds like something that might require attention from someone in foundations
<ChibaPet> sarnold: Yeah, I suspect that's the thing to do. I'll also read a bit about this shutdown-initrd concept.
<ChibaPet> I wish I'd noticed this sooner, as we're somewhat close to release.
<ChibaPet> Anyway, commuting, and I'll file a bug report when I am connected via wires again.
<sarnold> yeah, I'm surprised just how soon we are..
<sarnold> mm wires
#ubuntu-server 2016-03-08
<lordievader> Good morning.
<rbasak> kickinz1_: were you going to be testing squid3 for me? It's still stuck in xenial-proposed :-/
<kickinz1_> rbasak, yes, I'm, there are some squid.conf stuff to address, and also some upgrade path things to check.
<rbasak> OK, thanks. Just wanted to make sure the TODO wasn't lost.
<_ruben> ok, this is weird/annoying .. seems the postfix postinst script has some "advanced" logic which makes it ignore my preseeded settings, or actually, some of them
<rbasak> _ruben: does that seem like reasonable behaviour to you, or something that should be changed in the packaging?
<_ruben> rbasak: i'm trying to "decipher" the actual logic. because right now I don't see why preseeded settings would be overruled. kinda defeats the purpose of preseeding :)
<rbasak> Sounds like a bug.
<_ruben> rbasak: starting to think the same. though my sh/perl knowledge seems to be lacking a bit to fully comprehend what's going
<_ruben> on
<Emru> Hello
<Emru> I have a problem, I can't tester by USB from my android device to ubuntu server
<Emru> Phone doesn't see computer
<Emru> tether*
<Emru> Ubuntu Server 14.04
<rbasak> It won't by default because there's nothing installed by default that'll handle tetethering.
<rbasak> On the desktop Network Manager will do it and I think support is there by default.
<Emru> So what to do? Guys from #Ubuntu send me there
<rbasak> Really the question you're asking is "How do I set up USB tethering from my phone on Ubuntu Server?"
<rbasak> That's a perfectly valid question for this channel, but it's a pretty rare use case so people here may not know.
<rbasak> You might try askubuntu.com. Maybe they have an answer already, or if not, ask one, and more people will see the question over time.
<jamespage> zul, tidied your backlog of merges - most where syncs...
<jamespage> testresources was the only one I skipped - looking now
<jamespage> coreycb, http://linux.softpedia.com/blog/ubuntu-16-04-lts-xenial-xerus-to-get-the-openstack-mitaka-treatment-500677.shtml?mkt_tok=3RkMMJWWfF9wsRokua7IZKXonjHpfsX84uUsXLHr08Yy0EZ5VunJEUWy2oUESNQ%2FcOedCQkZHblFnVgNS62nXrkNq60I
<jamespage> I missed that :-)
<coreycb> jamespage, lol it was just an email to the release team about feature freeze!
<zul> jamespage: ack
<zul> coreycb,  no pressure
<jamespage> zul, going to sync testresources as well - 0.2.7 -> 1.0.0 is only a single rev and is mainly moving tests around...
<zul> jamespage: ack
<jamespage> zul, ok - I think that's your list clean...
<zul> jamespage: yippe skippe thanks
<jancoow> Hi. I used https://schnouki.net/posts/2014/12/12/openvpn-for-a-single-application-on-linux/ this tutorial for running a specific application through a vpn. But for some reason the virtual interface doesn't have a connection anymore after 10-20 seconds. I can ping google, for example, for 15 seconds and then "destination host unreachable". I didn't setup the vpn yet.
<jamespage> ddellav, coreycb: bit of a sphinx installability issue in the UCA - resolved with a delta
<ddellav> jamespage dropping python-sphinxcontrib-httpdomain from designate would be awesome
<ddellav> also designate ships a sudoers file which is why it triggered a security review.
<coreycb> ddellav, jamespage: we dropped it from ceilometer
<jamespage> coreycb, ddellav: this is the type of dep that the archive re-org will really help with - build-time only, does not need full security support ec...
<jamespage> but for now - patch it out...
<coreycb> ddellav, if you want a hand with barbican let me know, we  can work through it after b3
<ddellav> coreycb ok thanks
<jamespage> b-o-m is backed up on sphinx installability - should clear once the latest upload completed build....
<coreycb> jamespage, archive re-org?
<coreycb> jamespage, neutron b3 has 2 new agents, neutron-bgp-dragent and neutron-macvtap-agent.  I'm looking at adding new binary packages for them.
<jamespage> coreycb, okies
<jancoow> yay, it works
<jancoow> only running transmission deamon over vpn :)
<kaffien> how can i make a partition with no FS on a disk using GPT?
<pmatulis> parted tool?
<kaffien> every time i mkpart with parted it puts in a filesystem option
<kaffien> as if i did mkpartfs
<kaffien> never mind.  I need to specify the options rather than just using mkpart.
<kaffien> however mkpart shouldn't have the option of the filesystem type should it?
<mybalzitch> just use parted ?
<ddellav> coreycb horizon: d/p/fix-horizon-test-settings.patch adds a sys.path.append line to the test/settings.py but that file no longer imports sys, what do?
<ddellav> remove patch and see if tests fail?
<ddellav> add import sys to patch?
<ddellav> jamespage coreycb can one of you gents review my fix to this bug? https://bugs.launchpad.net/ubuntu/+source/manila/+bug/1546116
<ubottu> Launchpad bug 1546116 in Manila "manila share process init script is missing" [Undecided,New]
<coreycb> ddellav, yep I'll take a look
<ddellav> ok, also coreycb fyi, heat has a dep wait on paramiko and saharaclient
<ddellav> not sure why it's stuck on saharaclient, the proper version is in proposed but my ppa isn't picking it up for some reason :/
<ddellav> (this happens often)
<coreycb> ok, for now can you leave paramiko at the old level, we'll get the new paramiko once the 0.16.0 version is fixed in debian/ubuntu (it's blocked)
<coreycb> we'l pick that up post b3
<ddellav> ok
<coreycb> ddellav, saharaclient is stuck in proposed, I need to look into why, but you should be able to build in a ppa
<ddellav> yea, i should, i dont know why my ppa is annoying about using proposed.
<ddellav> i've checked the settings a dozen times, its set to use proposed
<coreycb> ddellav, it's because it hasn't built successfully yet for xenial-proposed, it has a depwait: https://launchpad.net/ubuntu/+source/python-saharaclient
<ddellav> coreycb weird, rmadison says it's in xenial-proposed
<coreycb> ddellav, yeah that is a little confusing
<ddellav> coreycb what about my horizon issue?
<coreycb> ddellav, look at the column on the right though, it only says the source package is in proposed
<coreycb> ddellav, what issue was that?
<ddellav> [12:49:01]  ddellav:	coreycb horizon: d/p/fix-horizon-test-settings.patch adds a sys.path.append line to the test/settings.py but that file no longer imports sys, what do?
<ddellav> [12:49:17]  ddellav:	remove patch and see if tests fail?
<ddellav> [12:49:22]  ddellav:	add import sys to patch?
<ddellav> coreycb ahhh yea, i see that, only source is available
<coreycb> ddellav, sorry I missed that, let me look
<ddellav> coreycb no problem
<coreycb> ddellav, as more info on saharaclient, it has a depwait on the new openstackclient, and openstackclient has a depwait on python3-mistralclient: https://launchpad.net/ubuntu/+source/python-openstackclient/2.1.0-0ubuntu2/+build/9299572
<coreycb> ddellav, since python-mistralclient is in main already, I'll just ask the release team to promote python3-mistralclient (in #ubuntu-release).  it should be straight forward.
<ddellav> coreycb ok, sounds good
<sceiron> Hello, i have bought a domain, and setup a ubuntu server. In order for the server to be registered to my domain, do i need to "Create a URL forwarding adress" ?
<ddellav> sceiron the recommended way is to create an A record pointing to the ip address of your ubuntu server
<ddellav> but that requires you have a dns server setup to handle dns requests for your domain, some registrars provide this free of charge, others done
<ddellav> *dont
<ddellav> you can also use the url forwarding address and just put in the ip address of your server, but that will look kind of ugly, people will type in the url and then it will switch to an ip address in the address bar
<sceiron> Ok, thanks. I think i am using the the registrars DNS.
<sceiron> I'll research around the "create an A reocord" stuff.
<ddellav> sceiron ok, so then yea, you'd want to create a root A record pointing to the ip address of the server, then when you type in the website address it will go to your server
<ddellav> now you'll need a webserver running for anything to show up
<ddellav> but you can find all that on google
<ddellav> sceiron good luck!
<Zulu_Too> Greetings folks. I am going to set up a mail server on my Ubuntu Box. The box is headless. What daemon would be good to interface with it for email? Postfix or any other daemon.
<Zulu_Too> Lots of people most likely will be sending email with Windows GUI.
<coreycb> ddellav, you should be able to update that patch to import sys
<sarnold> there's a lot of moving pieces to email -- local to local, local to the world, the world to local, relaying from world to internal, relaying from internal to world, then allowing clients to imap4 or pop3 in, etc.. figure out first what exactly it is you want this mail server to -do-
<Zulu_Too> I hate the thought of having gmail or any other main server sending email to my Ubuntu box. Perhaps a local host email page client may be best.
<sarnold> you'll also need to deal with modern anti-spam tools and that's a huge pain in the ass. be sure you're up for it.
<Zulu_Too> Good point.
<Zulu_Too> I don't mind the hard work in installing something like postfix. But to me I would rather listen to those who have installed mail servers.
<Zulu_Too> For example Comcast has changed their SMTP channel port to another port number.
<Zulu_Too> Their SMTP port is now 587
<Zulu_Too> Reason is because of spam.
<Zulu_Too> I don't plan on having people having accounts on my server. Sorry door bell.
<sarnold> Zulu_Too: here's a quick history of the port 587 http://blog.mailgun.com/25-465-587-what-port-should-i-use/
<thurloat> Does anyone know how to fix a multipath path in 'orphan' state?
<ddellav> coreycb ok, will do
<linux> hello
<linux> my friend needs to connect to my server he says his connection close after welcoming message what is problem ?
<nacc> linux: does that user have permission to ssh in? /var/log/auth.log might have some hints
<linux> nacc, how can i grant this permission to him?
<mybalzitch> depends on what the error is
<linux> mybalzitch, Welcome to Ubuntu 14.04.4 LTS (GNU/Linux 4.2.0-30-generic x86_64)
<linux>  * Documentation:  https://help.ubuntu.com/
<nacc> linux: that's not the 'error'. As suggested, please look in the logs
<linux> nacc, it solved thanks
<linux> nacc, he was logged in
<linux> nacc, but he was not focus on his terminal
<nacc> ...
<nacc> i would not give this person access to your computer, but that's just me
<linux> how can i determine limitation for commands that he runs
<linux> he is not in sudoers file npw
<linux> now
<patdk-lap> sarnold, heh
<sarnold> hey patdk-lap :)
<patdk-lap> took me a long time to remember this problem I had :)
<patdk-lap> but I do remeber talking to you about it
<patdk-lap> a custom compiled closed source program
<patdk-lap> that was unable to exec sendmail, on 12.04 using > 12.04 kernel
<patdk-lap> just retested it on trusty, and it works fine
<sarnold> haha
<patdk-lap> stupid kernel/libc
<sarnold> how old is that application? 15 years? longer? I only vaguely recall that conversation..
<patdk-lap> sarnold, you really want to know?
<sarnold> I recall thinking that it was -strange-, whatever it was..
<patdk-lap> 2005
<sarnold> oh that's not -so- bad
<patdk-lap> well, that is the last *released* version of it
<sarnold> i've got a mathematica around here somewhere from 1999 or 2000 that would be fun to try again
<sarnold> but I recall having to mail them to ask for a license change when I moved from k6-2 to dual celerons. or something similar.
<patdk-lap> hmm, dual celerons was never a supported config :)
<sarnold> iirc it had to boot with noapic or noioapic or something similar strange
<patdk-lap> ok, so my only pain to upgrading is damned php
<patdk-lap> on those specific servers
<sarnold> php4-rubbsh?
<patdk-lap> no
<patdk-lap> compiled php 5.3 stuff
<patdk-lap> only works upto php 5.4
<patdk-lap> everything must be recompiled to work on php 5.5 and 5.6, php 7 isn't even supported yet
<patdk-lap> ya, no ioncube support, and zend will probably take 3years to support it
<urthmover> If I install 16.04 beta 1...as long as I apt -y [update,upgrade] regularly...will there be anything that I need to do upon official release?
<Seveas> urthmover: yes, celebrate! (And do an apt-get upgrade for good measure)
 * urthmover hums
<urthmover> Seveas: thank you :)
<coreycb> ddellav, b3 heat uploaded, thanks
<Deeps> so i'm attempting to install and configure a bunch of ubuntu severs, need to add custom repos, add a bunch of custom configuration. i'm writing a text file that i can use to just copy and paste a bunch of commands to them all, when i realise i'm probably doing this wrong
<Deeps> should i be using something like puppet or ansible? or is there something more ubuntu that i should be using?
<bekks> "more ubuntu?"
<urthmover> Deeps: people typically use puppet or cfengine
<bekks> or ansible, chef or one of the other tools.
<urthmover> I guess ansible too
<urthmover> ah and chef
<urthmover> lol  the list goes on
<tarpman> "more ubuntu" - juju? ;)
<bekks> It just strongly depends on the end goal and the overall environment.
<Deeps> overall environment - this is my home lab / vm cluster, this is not enterprise. my background is networks rather than systems, although i've been a debian user since ~2003
<coreycb> ddellav, cI see an "xhorizon" in debian/patches/embedded-xstatic.patch?
<Deeps> end goal is minimizing the amount of effort for myself
<coreycb> ddellav, I see
<axisys> how do I know if my server has conntrack module enabled and running with iptable?
<axisys> iptables*
<bekks> Deeps: So do you want to focus on configuration management, or rapid deployment?
<ddellav> coreycb ok, i fix
<Deeps> bekks: can i have both, or are they mutually exclusive?
<sdeziel> axisys: lsmod| grep table
<coreycb> ddellav, I can get it, just making sure it's not supposed to be there
<bekks> Deeps: you can have both, you can use vagrant and puppet e.g.
<sdeziel> axisys: and "lsmod| grep conntrack" of course
<axisys> sdeziel: http://dpaste.com/35TDVR2.txt does not look like it
<bekks> Deeps: In either case (whichever tools you want to use), it will still be quite a lot of work.
<ddellav> coreycb yea, no, a paste error
<coreycb> ddellav, ok
<axisys> sdeziel: i see it now.. http://dpaste.com/2QWX0V8 .. is there one for udp conntrack ?
<sdeziel> axisys: no
<sdeziel> axisys: UDP state tracking will be done as long as you have the various conntrack modules loaded (like you have)
<axisys> http://dpaste.com/2KEFMS7.txt shows udp .. not sure if it same thing
<sdeziel> xt_tcpudp is for rules using "-p udp" or "-p tcp"
<axisys> sdeziel: if it is loaded anyway to verify it is running?
<sdeziel> axisys: you probably wanna take a look at the iptables ruleset: "iptables-save" and "ip6tables-save"
<sdeziel> axisys: you can also look at the rules in place and their hit count with "iptables -nvL" and "ip6tables -nvL"
<axisys> sdeziel: iptables-save | grep -i conn gets nothing..
<axisys> sdeziel: I know I am using it.. cuz I have LIMIT in ufw status for ssh
<axisys> sdeziel: but I need to show it in iptables syntax for this team
<sdeziel> axisys: you should give them the full output of "iptables-save"
<sdeziel> this is what describes your current ruleset
<halvors> Hi! I'm setting this option "net.ipv6.conf.enp0s25.accept_ra = 2" in /etc/sysctl.conf
<halvors> But when rebooting ubuntu ignores it.
<halvors> It remembers the forwarding line but not this one. Any ideas?
<axisys> sdeziel: it shows state .. but not conntrack
<axisys> sdeziel: -A ufw-user-input -p tcp -m tcp --dport 22 -m state --state NEW -m recent --update --seconds 30 --hitcount 6 --name DEFAULT --rsource -j ufw-user-limit
<sdeziel> axisys: IIRC, state is considered legacy and implemented by conntrack
<sdeziel> axisys: man iptables-extensions: The "state" extension is a subset of the "conntrack" module.
<sdeziel> halvors: there are races during boot. It's possible that sysctl are processed before your NIC is up. My workaround is to put that in my /etc/network/interfaces: "post-up /sbin/start procps || true"
<sdeziel> halvors: the systemd equivalent of the workaround: "post-up systemctl restart systemd-sysctl || true"
<halvors> Thanks :)
<halvors> sdeziel: :)
<sdeziel> halvors: you are welcome
<halvors> What does "|| true" do?
<bekks> halvors: Depends on the context.
<sdeziel> halvors: this will make sure the post-up line will never return an error
<sdeziel> even if the command before did fail
 * jdstrand notes that ufw is using conntrack as of 0.34
<coreycb> ddellav, horizon b3 uploaded
<patdk-lap> that can lead to fun memory issues
<sarnold> Deeps: also look into cloud-init
<halvors> sdeziel: Thx :)
<hallyn> arges: smb: all right, I want svn back for libvirt.  does one of you know offhand how to get git://lp.net/libvirt to be our current package?  If not I'll look into it and do it
<hallyn> actually lemme start with debian's tree...
<hallyn> hm, no such thing?
<hallyn> oh, there it is
<ChibaPet> sarnold: So, I opened my bug report. I'll be curious to see how it's handled. It seems like it shouldn't be that much more infrastructure to accomodate shutdown-initrd.
<sarnold> ChibaPet: sweet, what bug number?
<ChibaPet> sent under separate cover :P
#ubuntu-server 2016-03-09
<arooni> if i have ubuntu-server (14.04) set up to automatically install security updates; how come when i login sometimes i see "system restart required".  will this never be done automatically as part of security updates?
<ChibaPet> arooni: Live patching of kernels is still in its infancy.
<arooni> so i have to restart my servers every now and then as a workaround?
<ChibaPet> arooni: It should tell you. But in general, spontaneous reboots are a bug.
<arooni> so theres no best practice, 'set up a cron job to restart server every now and then ' ?
<ChibaPet> The best practise would be, "schedule a downtime window and restart within it".
<arooni> but this is done as a one off ?
<ChibaPet> Ah, there is a way: https://help.ubuntu.com/community/AutomaticSecurityUpdates
<arooni> i already have security updates set up (at least i thought i did)
<ChibaPet> From that: "If you want the script to automatically reboot when needed, you not only need to set Unattended-Upgrade::Automatic-Reboot "true", but you also need to have the "update-notifier-common" package installed."
<arooni> ahhh
<ChibaPet> Seems questionable, but there's the rope. :P
<arooni> thanks for tracking that down ChibaPet ; looks like i need to jump into that
<arooni> well once i have monitoring uptime set up after i will this evening; ill let that notify me if theres a problem
<ChibaPet> Good luck with it, whichever way you decide to do it.
<arooni> thanks for your help ChibaPet
<ChibaPet> arooni: My pleasure.
<arooni> now trying to fix a different problem on a different server;  it looks like when i ssh i'm successful but i'm immediately logged out;  exit status = 0.  what should i check?
<ChibaPet> arooni: Look at /var/log/auth.log on the server.
<arooni> fixed it thanks ChibaPet !
<arooni> apparently if login can't load your default shell; you're done; there's no failover
<arooni> or login shell rather
<FarhaadN> hi every one, i have a question, i have a linux server 12.04 ,my ping to 8.8.8.8 is ok ,but when i ping google.com ,reply is very slow, my dns is set to 8.8.8.8 in resolve.conf file,
<FarhaadN> why this happend?
<FarhaadN> anyone know about this?
<FarhaadN> 480 people and anyonee responce?????
<andol> FarhaadN: 1) When you say very slow, can you transate that into number? 2) Given anycast, it's expected that 8.8.8.8 will be closer than whatever result you get for google.com
<FarhaadN>  andol: i ping yahoo.com and this is result , icmp_req and time for each request is ok .but see time for all packets > http://pastebin.com/spntXvUu
<cpaelzer> FarhaadN: so your issue is that the sum for all packets is so much more than summing up the individual times?
<FarhaadN> cpaelzer: i think my problem is for DNS ,i ping ubuntu.com and don't reply ,but ping ip ,is ok,check this > http://pastebin.com/ww6FJP0y
<cpaelzer> FarhaadN: ok, that looks much like mine http://paste.ubuntu.com/15333468/
<cpaelzer> FarhaadN: let us trace it down a bit
 * cpaelzer is crafting a commandline ...
<FarhaadN>  cpaelzer: noo, for you sum time is 6000 ,but for mine is 60,000
<cpaelzer> yes, but when you use IP and nos dns name your sum is similar
<cpaelzer> I agree that it might be dns related
<cpaelzer> but I want to see where time is lost, that is what I'm constructing atm
<cpaelzer> could you create something like this http://paste.ubuntu.com/15333479/ ?
<cpaelzer> Comparing that could give us a start where to look into
<cpaelzer> FarhaadN: ^^
<FarhaadN> yes ,see this please, when ping google.com 2 start reply from and tooo slow ,then reply from dns and ok  > http://pastebin.com/ve6JFt5J
<FarhaadN> cpaelzer: yes i create that thing
<FarhaadN> sry for my bad language
<cpaelzer> never mind, people are important not their language
<FarhaadN> cpaelzer: thx u
<FarhaadN> http://paste.ubuntu.com/15333503/
<smb> hallyn, what exactly are you trying to get to...?
<cpaelzer> FarhaadN: yeah, that looks suspicious towards dns resolve "45.53   70.073280    10010468         7 gethostbyaddr"
<cpaelzer> it is called per ping (see count 7), so it scales and it no flat extra time
<cpaelzer> also your SYS_poll is huge
<cpaelzer> FarhaadN: with that in mind try something more simple - what does this give you "time dig yahoo.com > /dev/null" ?
<cpaelzer> hmm, even setting my dns to 8.8.8.8 as well doesn't make it as bad as yours ...
<FarhaadN> cpaelzer: yes my any server s dns is set to 8.8.8.8
<FarhaadN> but only this one have a problem
<FarhaadN> real    0m15.033s
<FarhaadN> user    0m0.001s
<FarhaadN> sys     0m0.001s
<cpaelzer> uh that is actually great
<cpaelzer> that mans we can debug just with name resolition
<cpaelzer> FarhaadN: I have "real    0m0.017s"
<FarhaadN> oh
<FarhaadN> now what can i do ?
<cpaelzer> I'm creating another command to give us more insight, give me a sec
<FarhaadN> ok
<cpaelzer> ... still working ...
<cpaelzer> so far it doesn't give me what I want and I don't want to just dump you with a zillion of commands
<cpaelzer> FarhaadN: nut 100% sure, but a pastebinit of "dig  +trace +recurse +all +qr -t yahoo.com" might be nice to see if the call for the NS or later on for the details is slow
<FarhaadN> ok i check
<cpaelzer> FarhaadN: you can also add "sudo ltrace -S -rT nslookup -debug -d2 yahoo.com" to that pastebin
<FarhaadN> http://paste.ubuntu.com/15333552/
<cpaelzer> umm, timeout isn't good :-)
<FarhaadN> http://paste.ubuntu.com/15333555/
<FarhaadN> cpaelzer: even when i was apt-get update ,i can't and error accourd
<cpaelzer> well both last pastebins run into a dns timeout, ... hmm
<cpaelzer> you said all the other servers from the same network are ok, and go for the same dns @ 8.8.8.8 ?
<cpaelzer> but before you had slow but at least working resoliton didn't you ...
<FarhaadN> noo my others servers is not in this network,but dns is 8.8.8.8 and ok
<cpaelzer> FarhaadN: hmm - my expectation is routing out/back-to of your current network might be your issue then
<cpaelzer> FarhaadN: you surely could try other free DNS servers, but that would only be a workaround not a solution
<cpaelzer> like: for DNS in 209.244.0.3 209.244.0.4 64.6.64.6 64.6.65.6 8.8.8.8 8.8.4.4 84.200.69.80 84.200.70.40 8.26.56.26 8.20.247.20 208.67.222.222 208.67.220.220 156.154.70.1 156.154.71.1 199.85.126.10 199.85.127.10 81.218.119.11 209.88.198.133 195.46.39.39 195.46.39.40 50.116.23.211 192.99.240.129 208.76.50.50 208.76.51.51 216.146.35.35 216.146.36.36 37.235.1.174 37.235.1.177 198.101.242.72 23.253.163.53 77.88.8.8 77.88.8.1 89.233.43.71 91.239.
<cpaelzer> 100.100 74.82.42.42 109.69.8.51; do nslookup  yahoo.com ${DNS}; done
<cpaelzer> if they all are slow or timeout you surely have to look at you network / routing setup
<cpaelzer> I had hoped to find a more local issue to your system to debug with you
<cpaelzer> but I think that means you have to debug your network setup
<cpaelzer> think or wireshark and such, but that leaves my comfort zone
<cpaelzer> sorry, I at least hope to brought you one step further in debuggin this
<cpaelzer> FarhaadN: ^^
<FarhaadN> cpaelzer: very thx for reply and help mee
<sceiron> Hi, I'm wondering: I bought a domain and connected it to my ip. When i now enter my domain name adress, i get to the interface of my router(log in promt), is this normal?
<lordievader> Does your domain resolve to your router?
<sceiron> well, yes i think so.
<lordievader> Check it, I'd say.
<sceiron> It resolves to my IP, which is my ISP's router...
<lordievader> sceiron: There is your problem, I suppose.
<sceiron> Ok, i just in the process of setting up a ubuntu server behind this router, but have not gotten that far yet. I was just questioning that entering my IP in any external browser would bring me to my routers log-in promt
<lordievader> sceiron: If your router is setup to show a login page to remote on port 80/443, then yes. Though I would advice you to disable remote login.
<sceiron> ok, thanks, that answers my question for now i guess. Is it default practice for ISPs to set up a router with "Remote login"?
<lordievader> No.
<lordievader> Not to my knowledge at least.
<hateball> All ISP provided routers I've had have had ISP backdoors at least
<hateball> Which is a good reason to ditch them
<hateball> Or at least ask them to set it in bridged mode and use your own router
<sceiron> Havent checked this before, but i can log in with the default username/password, in other words it seems kinda open to me, oups
<lordievader> True, but that is usually seperate from a remote login.
<hateball> Well, yes
<huwjr> hi all - i have one ubuntu 14.04 server which has an ethernet alias set in /etc/network/interfaces - itâs set to auto but it NEVER comes up at reboot? i have about 10 other trusty hosts with the same config, and they all work flawlessly? any ideas.
<[1]Az> hello
<[1]Az> i am getting this error:
<[1]Az> https://gist.github.com/benjfield/09763033aa97c04caa74
<[1]Az> on 4 of my servers
<mybalzitch> looks ot me like an issue with the elasticsearch.org repo
<mybalzitch> have you tried removing it from your sources and trying again?
<[1]Az> yes
<[1]Az> its not
<[1]Az> its an issue with apt
<[1]Az> hang on
<[1]Az> https://gist.github.com/benjfield/09763033aa97c04caa74
<mybalzitch>  hmm
<[1]Az> weird right?
<mybalzitch> have you tried blowing away apt's cache folder?
<mybalzitch> it's odd that 4 servers broke at once though
<mybalzitch> and I can't find any google search results
<[1]Az> this is my issue
<[1]Az> i actually rebuild the servers
<[1]Az> and then it started happening again
<[1]Az> all 4 servers have the same config
<mybalzitch> is the server setup exotic at all? nfs root or anything silly?
<[1]Az> nope
<[1]Az> pretty standard
<[1]Az> i dont know what else i can do to debug it
<sysadmin> hello
<pmatulis> hello
<sysadmin> how can i get a log files from people that i have logged in my server and commands that they have ran
<mybalzitch> [1]Az: you don't have anything locking the apt directory do you? anything in lsof ?
<sysadmin> and their ips
<[1]Az> root@dev-php-app01:/home/concrete# lsof | grep apt
<[1]Az> munin-nod 19644             root  mem       REG              202,1    10336       1231 /usr/lib/perl/5.18.2/auto/Tie/Hash/NamedCapture/NamedCapture.so
<[1]Az> doesnt look like it
<mybalzitch> hmm
<mybalzitch> nope
<pmatulis> sysadmin: logged in from console?
<sysadmin> pmatulis, yes
<pmatulis> sysadmin: hmm, IPs. so wouldn't that be logged in via SSH?
<mybalzitch> [1]Az: has the server been up a really long time? when is the last time you ran fsck on the filesystem apt lives on
<sysadmin> pmatulis, yes i mean log in from ssh
<[1]Az> 40 days
<[1]Az> i can reboot it
<pmatulis> sysadmin: that should be logged in /var/log/auth.log
<mybalzitch> [1]Az: try running fsck
<[1]Az> i cant run fsck on /
<sysadmin> pmatulis, i used that but i cant see their commands
<mybalzitch> [1]Az: touch /forcefsck
<mybalzitch> [1]Az: then reboot, I think
<pmatulis> sysadmin: as for commands run, it is only recorded, also in auth.log, if they use sudo
<sysadmin> pmatulis, and commands without sudo
<pmatulis> sysadmin: you will need a special tool to track all commands issued by users
<pmatulis> https://goo.gl/qJ7NW6
<sysadmin> pmatulis, and about their ips?
<pmatulis> sysadmin: i'm pretty sure that is in auth.log for SSH connections
<sysadmin> and if just upload to one directory with rsync can i see their ip?
<[1]Az> mybaltzitch: fsck ran but the problem continues
<mybalzitch> [1]Az: grrr.
<sysadmin> pmatulis, if one user just upload file to one directory can i see his ip ?
<pmatulis> sysadmin: i don't think so but i'm not 100%. if you somehow enforce rsync-over-ssh you probably can get it. just try it
<sysadmin> pmatulis, i need to use sudo ufw allow ip port 22
<sysadmin> pmatulis, what do you mean exactly ?
<pmatulis> sysadmin: what's your full question?
<sysadmin> pmatulis, my friend last night connected to my server to upload file to my directory with rsync he doesnt know his ip i need to access just to him for port 22 i need to find his ip
<[1]Az> mybalzitch: quite
<[1]Az> sysadmin: just get him to lookup his ip
<sysadmin> okay
<sysadmin> i ask him to find it
<mybalzitch> [1]Az: I'd take it to the forums
<pmatulis> sysadmin: you can allow SSH connections based on username. disallow all connections except for certain users. in 'man sshd_config' see 'Match AllowUsers'
<pmatulis> sysadmin: not sure if you absolutely need to do the firewall stuff but it might help
<mybalzitch> [1]Az: http://ubuntuforums.org/showthread.php?t=1827960&p=11164176#post11164176
<sysadmin> pmatulis, i have another question i have ran netbeans when i browse   localhost:8383 i see my index.html file but when i browse mydomain:8383 i dont see any thing i have activated sudo ufw allow what is problem? 8383  when i
<sysadmin> pmatulis, i have another question i have ran netbeans when i browse   localhost:8383 i see my index.html file but when i browse mydomain:8383 i dont see any thing i have activated sudo ufw allow 8383 what is problem?
<pmatulis> sysadmin: i'm sorry i have a meeting now. make sure DNS is working properly and that your application is configured to respond on "mydomain"
<sysadmin> pmatulis, first time it answered but for second time when i ran mydomain:8383 i didnt see anything my domain is activated i can see when i browse it but in port 8383 i cant see anything
<sysadmin> while it answers in localhost:8383
<sysadmin> http://localhost:8383/w3schools/index.html
<sysadmin> oh
<sysadmin> problem was from router
<popey> hello!
<popey> https://launchpad.net/~deepika-chauhan is this person on the server team in some way?
<popey> They requested access to the wiki/etherpad, and I believe they may actually be a spammer, and not a real person wanting to do legitimate work.
<nacc> that's gotta be a fake e-mail, right?
<cryptomonk> hello
<cryptomonk> How do you use CORS in a LAMP environment? Particular allow all access
<cryptomonk> trying to write a mobile app and keep getting javascript errors due to CORS and cross-site
<rbasak> popey: I don't recognise that name.
<rbasak> https://launchpad.net/~deepika-chauhan/+archive/ubuntu/ppa is spam.
<popey> good spot!
<ogra_> rbasak, nah, its canoni printer support obviously :P
<ogra_> *canon
<sceiron> hi, i have just set up a irc server on my ubuntu server, can someone help me verify that is works from www, it works from local machines...
<sarnold> sceiron: sure, which ip/port?
<sceiron> tnx :)
<smoser> nacc, https://code.launchpad.net/~ubuntu-server-dev/ubuntu/+source/checksecurity/+git/checksecurity
<nacc> smoser: thanks!
<nacc> smoser: and you can not do sg3-utils  :)
<nacc> if you didnt' see the chatter in #ubuntu-devel
<smoser> i didnt
<smoser> id idt see it
<smoser> is it because there is no changelog entry for 1.40-0
<smoser> ?
<nacc> smoser: sort of, we're just going to sync with 1.41-2 when it comes out
<nacc> as of right now, we're basically in sync iwth debian due to the backports, just at an unreleased version
<smoser> nacc, ok.
<smoser> nacc, http://paste.ubuntu.com/15337649/
<smoser> that is 'go-import.py'' which just prints out ordered commands to run
<smoser> and assumes you have the right debian and ubuntu versions
<smoser> see http://paste.ubuntu.com/15337646/ for example output
<Zulu_Too> Hello. Would someone who has installed Postfix, MySql and Dovecot server share what the relationship between the three in simple terms as I do my homework on knowing what to install. I have found Ubuntu website installation procedures, however, I would like to hear from someone's personal experience. I know it is involved, but a fireside chat would help me to prepare my mind.
<Zulu_Too> I have downloaded example config files as examples.
<patdk-lap> zulu, that is a huge intertaking
<patdk-lap> setting up a mailserver is by far no simple task
<Zulu_Too> I realize that.
<patdk-lap> but dunno what you mean by relationship between them
<patdk-lap> mysql is a database
<Zulu_Too> Yes.
<patdk-lap> dovecot is an auth/imap server
<patdk-lap> postfix is an mta
<patdk-lap> there is no relationships
<Zulu_Too> So these three just work together then?
<patdk-lap> they all do their own tasks
<Zulu_Too> I see.
<patdk-lap> and produce a final result of imap + smtp server, though the mysql part is not needed at all
<Zulu_Too> Thanks for that mysql point.
<patdk-lap> you don't have to have imap and smtp on the same server
<patdk-lap> personally I run an 2 imap servers, and 16 smtp servers, and then 4 mysql servers for them
<Zulu_Too> It is a headless wireless server. It is experimental right now.
<Zulu_Too> Apache2
<patdk-lap> and then as soon as you get that all setup, you will learn, you will want to add clamav, amavisd-new, spamassassin, .... to the mix
<Zulu_Too> i386 machine..
<patdk-lap> making it more complex
<patdk-lap> then add on webmail
<patdk-lap> setup postscreen
<nacc> smoser: thanks!
<Zulu_Too> I did a little bit of homework on that. That seems like the fun part. However difficult.
<patdk-lap> mysql can be used as an authorative source of infomation for dovecot/postfix
<patdk-lap> but you could use system accounts, ldap, or any number of other things if you want
<Zulu_Too> I appreciate your input Patdk-lap. Thanks. I am not sure how complex I should get with this but you opened up a few thought in my mind on this.
<Zulu_Too> I am getting more to appreciate using ssh terminal to the ubuntu box and it has been quite the learning curve here. I have been using Windows for years and know how to navigate with it but it is a totally different story not using a GUI with me.
<Zulu_Too> It really makes me appreciate the hard work you folks do here.
<patdk-lap> I normally have 2 screens full of ssh connections
<Zulu_Too> Sounds like you are a busy person with 2 screens full of ssh connections. My ssh connection is always running with WinSCP from my Windows box. I have run in the past VPN to my linux box.
<Zulu_Too> I use puTTY as well. Nice piece of work.
<Zulu_Too> The real challenge is using the console commands. That is where the rubber meets the road.
<Zulu_Too> Does Spamassassin have to be updated like SuperAntiSpyWare?
<sdeziel> Zulu_Too: SA rules are updated daily by /etc/cron.daily/spamassassin
<sdeziel> Zulu_Too: you might need to set CRON=1 in /etc/default/spamassassin as I don't remember what's the default value for it
<Zulu_Too> Thanks Sdeziel. :)
<sdeziel> Zulu_Too: I also second the recommendation regarding postscreen
<Zulu_Too> I will certainly do my homework on that Sdeziel. Thanks.
<Zulu_Too> I was looking at a pastebin called Stikked. Have you used it?
<Zulu_Too> It uses XMPP.   Another interesting thing is called: Jabbered.
<Zulu_Too> Also ejabbered.
<sdeziel> Zulu_Too: if you are looking for a XMPP server, prosody has always served me well
<daxcat> i like prosody personally
<Zulu_Too> I will check that out. Thanks.
<Zulu_Too> Is this the website you were referring to?   https://prosody.im/
<sdeziel> Zulu_Too: yes
<daxcat> !info prosody
<ubottu> prosody (source: prosody): Lightweight Jabber/XMPP server. In component universe, is extra. Version 0.9.8-1ubuntu0.1 (wily), package size 199 kB, installed size 1059 kB
<Zulu_Too> I was searching for an IRC like web based interface and have realtime tech conversations with my clients. There are lots of them out there. I am looking for one with the best latency issues.
<sarnold> Zulu_Too: i've heard good things about slack. it seems to be the thing all the cool kids use. nothing on irc but us old farts.
<sarnold> (those of us who have been on irc for 20-years may question the wisdom of letting any old idiot include images directly into the window.)
<shoutme> sarnold: bah!
<Zulu_Too> Sarnold, that is funny. I have been using IRC for many years. I will say that you meet a lot of intelligent people who like to share their knowledge.
<shoutme> and their flickr feeds
<shoutme> not really
<Zulu_Too> My first IRC experience was with Netscape Navigator. It had an IRC client built in. That is old.
<Zulu_Too> Years ago you would telnet to IRC.
<shoutme> telnet -> stunnel -> irc
<shoutme> yeah, obvoiusly i'm trying out the interwebz thing; as i predicted, ctrl-u and ctrl-w are sorta blockers for me
<shoutme> (with irc in a web page)
<sarnold> shoutme: try pentadactyl, it fixes ^W and ^U :)
<Zulu_Too> Years ago, I used to park on the #Linux channel on Dalnet. That was fun. Lots of nice folks there.
<sarnold> Zulu_Too: oh indeed, there's lots of great people here. but the scale goes waaaaay down :)
<Zulu_Too> I usually gravitate towards those who are humane and are considerate. Not all are.
<shoutme> sarnold: trying to make me cry?  pentadactyl is broken with new ff
<sarnold> shoutme: oh no :( thanks for the warning..
<shoutme> now with signed extensions you can't even build your own
<shoutme> i'm actually trying out some other, supported vim-like extension, but it's not good enough
<shoutme> vimfx, that's it
<shoutme> cna't even do ";y<url-txt>"
<shoutme> sarnold: which release are you on?  pentacactly is working for you?
<sarnold> shoutme: i'm on firefox 44.0.2+build1-0ubuntu0.14.04.1
<sarnold> shoutme: the :help hasn't worked in months but it's otherwise mostly working
<shoutme> yeah i'm o n45.0+build2-0ubuntu1
<shoutme> maybe i'll start running it in a trusty vm
<sarnold> shoutme: I understand the developer builds of firefox allow unsigned extensions
<shoutme> hm
<shoutme> that'd be worth it
<Zulu_Too> Has anyone here used a Windows program called:  Qedit?  Is there a similar program like gvim for the command prompt?
<sarnold> shoutme: it'll kinda suck to not get the updates the day they're released, and probably not compiled with the full range of compiler hardening that we get in the ubuntu packages.. but firefox without pentadactyl is baffling.
<sarnold> Zulu_Too: I may have used qedit on dos 5.0? try vim
<shoutme> yeah i mostly use vimprobable with with a strict apparmor profile and no js now...  keeps me more productive anyway :)
<sarnold> Zulu_Too: vim's baffling for the first month or so but then .. well, you turn into shoutme and me and try to turn your web browser into vim :)
<shoutme> speaking of which
<Zulu_Too> I have tried vim. Amd vi
<shoutme> Zulu_Too "gvim for the command prompt" - gvim is vim for the gui, so....
<sarnold> Zulu_Too: loads of folks love emacs. I never gave it more than about ten minutes..
<Zulu_Too> :)
<Zulu_Too> I have also used Nano.
<sarnold> I never gave nano more than about ten seconds
<Zulu_Too> loll
<sarnold> that's normally the first thing I take care of when I install a new ubuntu system is apt-get purge nano. it's easier than trying to figure out how to use alternatives again :)
<Zulu_Too> Sarnold that is immensly funny. apt-get purge nano      :)
<shoutme> boy do i hate nano as the default
<Zulu_Too> I cannot stop laughing.     Purge nano.        hehe
<shoutme> we're here for your amusement :)
<Zulu_Too> Does that make me a member?   :)
<shoutme> lxc launch ubuntu:xenial lv1    <- new simplestreams goodness
<Zulu_Too> Hey guys, you've been great here. Thanks for the insight about Postfix and other stuff. I will take to heart the counsel and info about it. I bid all here a great day. Thanks so much. God bless. Take care. :)
<sarnold> have fun Zulu_Too ;)
<Zulu_Too> Sarnold I am an old fart too. Welcome to the club.   hehe
<Zulu_Too> :)
<sarnold> :)
<shoutme> That's it.  My goal for the day is to pursuade everyone i'm a millenial.  I am *not* an old fart.
<shoutme> no sir
<shoutme> tych0: hey bro, did you see that new cycling app?  rad man.  <- look i'm a millenial
<shoutme> hm, nfs-common doesn't want to install in a container.  that's ungood
<tych0> shoutme: i can tell when you're faking
<tych0> shoutme: your nick isn't even right and i can tell :)
<tych0> shoutme: hello hallyn :)
<shoutme> curses!
<sarnold> shoutme: hey if makes you feel any better you had me fooled "who is this super-cool dude who I don't recall seeing before?" :)
<shoutme> <swagger>
<tych0> shoutme: you did call me bro, though. you'll definitely get some millenial points for that. bro.
<shoutme> i was gonna say brah but couldn't make my fingers do it
<sarnold> also I'm scared to find out if you were trying to mount or export an nfs filesystem, and wondering which one to be more scared about..
<shoutme> just apt-get build-dep libvirt
<sarnold> oh :/
<shoutme> works fine in trusty - must be a systemd thing
#ubuntu-server 2016-03-10
<hallyn> grr, smb, my libvirt pkg is already out of date.  when did you push -1ubuntu5!
<hallyn> s'ok i've got plenty of time while these tests run to rebase :)
<hallyn> smb: do you have a github account?
<designbybeck> I have a 14.04 server, without FTP or SMB installed. Is there another way to get a file up to it from my desktop?
<sarnold> scp
<patdk-lap> sftp/scp/rsync/nc/zm/...
<patdk-lap> xmodem/zmodem used to be a standard way back in the day :)
<sarnold> :D
<designbybeck> ok sarnold let me try that
<designbybeck> and that would be going from one Ubuntu desktop to the server sarnold ?
<sarnold> designbybeck: from anything that can do scp to anything that can do scp :)
<designbybeck> sarnold, Ok, I'm looking at a tut rightnow...seems easy enough! ;) thanks
<sarnold> designbybeck: it's about a thousand times better than ftp
<designbybeck> ok so sarnold .. on my local machine 14.04, I type: scp filename.mp3 username@domain
<designbybeck> ?
<designbybeck> sarnold, I'm looking at this https://help.ubuntu.com/community/SSH/TransferFiles
<sarnold> designbybeck: don't forget the : on the remote host
<designbybeck> hmm, looked like it was going to work...asked for both passwords but then said permission denied
<designbybeck> sarnold, and I'm sudo/root on both
<sarnold> designbybeck: scp filename.mp3 user@host:
<designbybeck> yes I corrected that sarnold
<sarnold> "both passwords", that's.. potentially surprising. which passwords?
<sarnold> I'd expect just one, the user@remotehost -- but if you're going to scp/ssh often, it's worth setting up ssh keys
<designbybeck> sarnold, ahh.. I needed "" around it
<designbybeck> looks like it is uploading now
<designbybeck> ....never new scp was that easy! HA!
<designbybeck> I new people used it for windows to linux and such
<sarnold> :)
<designbybeck> ..knew
<designbybeck> ...I'm about 4 sheets into the wind ;) Had to make a podcast for an assignment, so I did it on Open Source
<sarnold> hah, you're doing pretty well for being four drinks in :)
<designbybeck> that's what I'm thinking sarnold!! I hate my voice, but I was on a roll, and had my headset audio sounding great (very clean) so editing in Audacity was going reat
<designbybeck> great... I just had to loosen up to talk and hear myself!
<designbybeck> sarnold, can I send you a PM link?
<sarnold> sure
<showaz> https://download.samba.org/pub/samba/rc/samba-4.4.0rc4.WHATSNEW.txt
<nezZario> Hey guys, I've had a server completely crap all over itself because the /boot partition got full and then I believe I made it worse.  I'm not sure what really happened or what led up to these events; it's sort of a neglected server that I didn't install and was forced onto me.  It's provided by a company so we can access resources from within their network
<nezZario> So anyway, check this out: http://paste.ee/p/FhFAl
<nezZario> Hmm, I found a reccomendation to just touch that file and let the package manager do whatever.  But now I'm a little concerned that I don't even have a kernel .. or rather, the kernel that it is going to try to boot is either missing or a blank file...
<smb> hallyn, I pushed just about when I realized you were starting to fiddling with it while never given any feedback about the pending change I had and had been asking about. So I decided if there is someone stepping on someone else's toe, its me this time. ;-P
<smb> hallyn, and no github accound
<smb> account even
<hallyn> are you getting snarky with me?
<hallyn> no worries, see the libvirt-maintainers email :)
<hallyn> no github account needed
<smb> hallyn, not with you in particular. That is my morning personality in general. :)
<huwjr> hia, all my latest ubuntu server builds are failing to rotate logs? has anyone else had this?
<huwjr> anyoneeeeee?
<huwjr> logrotate looks identical, as do permissions on the directories
<rbasak> We've had a newer logrotate in Xenial.
<rbasak> Is there a bug somewhere?
<huwjr> these are trusty hosts
<rbasak> Ah, OK.
<rbasak> logrotate has never been updated in Trusty since release.
<huwjr> 14.04.4 LTS (on 6 hosts) is fooked but 14.04.3 is fine (on many)
<rbasak> So if there is a regression, it must be in some other package.
<huwjr> they all are configured with ansible using the same configuration(s)
<rbasak> See cron output perhaps?
<huwjr> all say permission denied
<rbasak> Or on a test server advance the date and run the cron job manually.
<rbasak> Permission denied on what?
<huwjr> but the perms are identical and so are the configs.
<huwjr> all the lgos
<huwjr> all the logs*
<huwjr> error: failed to rename /var/log/syslog to /var/log/syslog.1: Permission denied
<huwjr> error: failed to rename /var/log/upstart/console-setup.log to /var/log/upstart/console-setup.log.1: Permission denied
<huwjr> etc
<rbasak> Check kern.log for Apparmor denials?
<rbasak> Is logrotate running as the same user?
<rbasak> Are the ownership and permissions of all the directories leading up to syslog also the same?
<huwjr> ive checked recursively from /
<huwjr> comparing hosts user,group and mod
<rbasak> How are you installing 14.04.4?
<huwjr> preseed
<huwjr> one sec - what should i be lookinâ for in terms of apparmor?
<rbasak> This sort of thing: Mar  7 09:05:50 mal kernel: [849976.818097] audit: type=1400 audit(1457341550.955:64): apparmor="DENIED" operation="open" profile="/usr/bin/evince" name="/usr/local/lib/libXrandr.so" pid=25082 comm="evince" requested_mask="r" denied_mask="r" fsuid=1000 ouid=0
<rbasak> In kern.log.
<huwjr> checkin'
<huwjr> (thanks btw)
<rbasak> Seems unlikely that logrotate would be denied by apparmor, but it's a standard thing to check for any permission denied error on a system with selinux or apparmor.
<huwjr> nothing since set up time
<huwjr> in kern.log for apparmor
<rbasak> I can't think of anything else quick to check, sorry.
<huwjr> np - if you could let me know if you think of anything itâd be appreciated
<huwjr> *sighs* :(
<rbasak> If you can reproduce it on a simple 14.04.4 installation (say without preseed, or a cloud image), then it's a regression in Ubuntu and I'd be happy to dive into it.
<rbasak> Or, you could try running the cron job by hand and figuring out what the difference is in your deployment.
<huwjr> will spend a bit more time looking into it before reproducing
<rbasak> Advancing the date on a test server would probably be useful, as would strace.
<huwjr> advance the time then run manually you mean?
<rbasak> Yes. You can use sudo to run as the user the cron job would run as.
<rbasak> Looks like root.
<rbasak> Something like "sudo -i sh /etc/cron.daily/logrotate"
<rbasak> Not exactly the same environment but close.
<huwjr> hmm
<huwjr> but i diffed logrotates and theyâre identical
<rbasak> Sure, but some underlying behaviour could be different.
<huwjr> ok
<huwjr> :)
<huwjr> i wonât actually need to advance the time/date as they havenât been rotated (ever)
<huwjr> i donât think?
<rbasak> Looks like logrotate keeps something in /var/lib/logrotate to track what it thinks it's already rotated.
<rbasak> So best to advance the date to be sure it isn't rotating because the date hasn't moved forward.
<huwjr> errrm
<huwjr> switching euid to 109 and egid to 4
<huwjr> woops
<huwjr> so upstart is trying to rotate with: switching euid to 109 and egid to 4
<huwjr> 109 doesnât exist at all
<huwjr> and group 4 (adm syslog) only has read on all files in the upstart dir
<huwjr> so whereâs it getting 109 from? lol
<coreycb> jamespage, gnuoy:  glance b3 will have the glare artficats api, I've added a init scripts for it
<coreycb> artifacts
<hariom> Hi, I want to install a python package in Ubuntu 14.04 but I want to use python3 version (python2 is default in Ubuntu 14.04 and python 3 alternate available)
<lordievader> hariom: Do you have pip installed?
<ogra_> python3 is part of ubuntu.minimal, it should efinitely be installed
<ogra_> *ubuntu-minimal
<hariom> lordievader: yea
<lordievader> Install your package through there: sudo pip3 install <pkg-name>
<Pici> don
<Pici> don't use sudo and pip.  Use a virtualenv.
<hariom> lordievader: that package is not available in pypi
<hariom> python-librdf
<RoyK> a lot of python packages are also available from apt
<hariom> RoyK: yea, and I want to ensure that apt picks up python3 instead of python2
<RoyK> hariom: apt-get install python3-pypdf2
<RoyK> (that's on debian jessie - probably the same package in recent ubuntu)
<ogra_> recent :)
<ogra_> not in 14.04
<hariom> RoyK: The problem is python3-librdf is not available. Its just python-librdf
<RoyK> guess 14.04 is too old, then
<RoyK> ;)
<RoyK> well, install from pip
<jamespage> cpaelzer, https://launchpad.net/ubuntu/+source/openvswitch/2.5.0-0ubuntu1
<RoyK> huwjr: btw, python3-pypdf2 is in 15.10, so 16.04 will be your friend ;)
<Deeps> how terrible an idea is it to run non-lts editions of ubuntu server?
<rbasak> I think it's fine providing that you have deployment tests and you're prepared to move up on a six monthly cadence, but others disagree.
<huwjr> depends if you stay on top of the updates
<huwjr> itâs not necessarily the OS that matters though, itâs more about a lack of regression testing
<huwjr> (on packages)
<Deeps> i have 0 deployment tests, this isn't enterprise prod, this is hometerprise prod
<huwjr> you wouldnât want to run a dev version of a package on a production server (would you?)
<huwjr> are you desperate for something in an alpha/beta?
<huwjr> if not, why bother
<rbasak> There is certainly a benefit of using the LTS: it's a major synchronisation point for other users, so others are more likely to have found and flushed out bugs before you do. This is a bigger deal for an LTS because it's a bigger synchronisation point.
<Deeps> well the primary motivation i had for switching to ubuntu from debian was newer package versions, i just saw an example of a package in debian stable that isn't in ubuntu lts above
<Deeps> which then made me think i should consider non-lts builds, and thus posed the question
<rbasak> That'll happen on a regular basis, since Debian and Ubuntu releases leapfrog each other.
<patdk-wk> that is, debian actually released a *stable* version after ubuntus last lts
<patdk-wk> doesn't happen often
<huwjr> you can always get solid, tested backports Deeps
<huwjr> or compile yourself if necessary
<huwjr> either way none of it is truely tested/stable.
<cpaelzer> jamespage: 2.5 final - nice; I've got an s390 intercept but I should be able to hit openvswitch-dpdk again somewhen next week
<coreycb> ddellav, jamespage: looks like we're going to need a new openstack-pkg-tools before syncing mistral
<fellayaboy> hi i installed ubuntu server 15.10 with LVM (my mistake) and cant figure out how to expend it to use up the remaining free space
<fellayaboy> i just want to resize the partition to use up all the free space thats remaining
<RoyK> the partition or the pv or the lv?
<fellayaboy> oh man i have no clue
<fellayaboy> lvm is not my thing
<RoyK> I use it all the time :)
<RoyK> pastebin lsblk and vgs output, please
<fellayaboy> im a totally new to it...it feels like a pain but i cant knock it if i havent tried it
<RoyK> and lvs
<fellayaboy> so lsblk, vgsoutput and lvs
<RoyK> lsblk, lvs, vgs and perhaps pvs
<fellayaboy> ok let me do the first 3
<RoyK> pvs too, I think, would be good
<fellayaboy> http://paste.ubuntu.com/15341671/
<fellayaboy> aw crap that didnt go well hold on
<fellayaboy> RoyK, here we are http://paste.ubuntu.com/15341690/
<stickystyle> I'm just starting to play around with lxd and I'm having issues figuring out how to add a pre-start hook to a container (namely one to inject my squid-deb-proxy config). With plain lxc there were config files to set lxc.hook.pre-start, where do I do it in lxd?
<RoyK> fellayaboy: ok - looks like your sda5 partition isn't filling up the disk - use parted (or gparted) to extend it - gparted would be easier if you're not familiar with parted, although it'll require some x11 libs (just use it with x11 forward ofver ssh)
<fellayaboy> gparted from what i read you cant use gparted, also it was locked ..the extended parttion and the lvm partition...i unlocked it but when i chose to resize it it didnt see any size larger...ive read gparted doesnt work with lvm
<fellayaboy> RoyK, yeah maybe...lets see
<RoyK> fellayaboy: first resize the partition, then run pvresize to resize the pv, then use lvextend to extend the lv, then resize2fs (if this is ext4)
<fellayaboy> it is ext4
<RoyK> should work well - you may need a reboot after resizing the partition, though
<fellayaboy> would i have to umount though.  i mean if i did that i wouldnt be able to run commands
<RoyK> resize should work without umouting it, but the result won't be useful until a reboot
<fellayaboy> okay would you happen to know a good site that explains how to perform the steps being that i dont know any of the commands
<fellayaboy> thanks for all your help RoyK
<RoyK> fellayaboy: lvm is rather neat when you get used to it
<fellayaboy> i guess so right? RoyK i want to try it out, doesnt seem so bad just have to learn it
<fellayaboy> ima see if i can use the system-config-lvm gui tool for now
<fellayaboy> is lvm used popularly with SAN/NAS?
<RoyK> or you can use the commandline and actually learn something ;)
<fellayaboy> lol i have to figure out the command
<RoyK> fellayaboy: rhel/centos always uses lvm for everything, which is good
<fellayaboy> e2fsck ? lvreduct?
<fellayaboy> oh okay cool good to know, i didnt know that
<fellayaboy> if your lvm is encrypted is it possible to do all this modifications?
<jamespage> coreycb, I'm pretty optimistic we'll get django-compressor to 2.0 either this week or early next week
<coreycb> jamespage, nice
<RoyK> well, the filesystem sits on top of a logical volume, lv, and the lv sits in a volume group, vg, and the vg sits on top of one or more physical volumes, pv, and the pv sits on top of either a disk or a partition
<fellayaboy> usually when you install ubuntu you have the option to encrypt.  if you encrypt could you modify and such?
<RoyK> I'm quite sure encryption doesn't matter in this equation
<fellayaboy> ok cool
<fellayaboy> i see so lv lives inside the vg, lg sits ontop of the phsycial volumes, and pv sits on ontop of disk / partition  cool
<fellayaboy> its likea raid
<coreycb> jamespage, ddellav: everything is uploaded for b3 except openstack-trove, swift, sahara, mistral, murano-dashboard.  I'm going to start poking at stuck in proposed and cloud archive issues.  and the horizon staging issue.
<sdeziel> fellayaboy: PVs are providing the actual storage space. VGs aggregate PVs and can be sliced up into multiple LVs that you can then use to put a fs on
<coreycb> jamespage, ddellav: note: neutron-vpnaas is deferred to rc1 due to an upstream issue with the released tar file
<jamespage> coreycb, ok
<jamespage> is neutron still stuck on -lib
<jamespage> ?
<fellayaboy> cool sounds awesome...so i guess in my scenario i would have to first increase the size of the volume group? and then increate the logical volume?
<coreycb> jamespage, looks like it, I'll see if I can move that along
<sdeziel> fellayaboy: before growing your VG, you need more PV space
<jamespage> coreycb, awesome - you might be able to such aodhclient from debian btw
<sdeziel> fellayaboy: and since your PV is taking the full partition sda5, you have to make sda5 bigger
<jamespage> if you've not done so already
<coreycb> jamespage, it's waiting in the new queue, bug 1552415 needs some action
<ubottu> bug 1552415 in Ubuntu "[FFE] Please sync python-aodhclient (0.1.0-1) from Debian (experimental)" [High,New] https://launchpad.net/bugs/1552415
<sdeziel> fellayaboy: an alternative that would be less clean would be to put another PV on a freshly created sda6. Then you could vgextent your VG to have it use the 2 PVs (the one residing on sda5 and the other on sda6)
<coreycb> jamespage, bug title updated
<fellayaboy> hmm sounds good sdeziel but i would want to just increase the sda5 if it'll be easier..if i have 2 pv then i could configure them to look like 1 LV
<fellayaboy> is that correct?
<sdeziel> fellayaboy: since your sda5 part is the last one (nothing but free space at the end), you are better off growing it then it will be a matter of pvresizing it
<coreycb> jamespage, hmm looks like it's missing from the new queue, I'll re-upload
<sdeziel> fellayaboy: a given LV can span across many PVs as long as they all belong to a single VG.
<fellayaboy> okay sdeziel  i guess im seeing the bigger picture here then
<coreycb> jamespage, neutron-lib is missing from the xenial new queue too.  they were both there the other day.
<jamespage> coreycb, try unapproved
<coreycb> jamespage, nothing there either
<RoyK> fellayaboy: when you resize the pv, the vg grows, since the vg consists of PVs
<fellayaboy> how do i increase the pv
<RoyK> pvresize
<RoyK> but first the partition needs to be resized
<fellayaboy> i went int parted and rm 5
<RoyK> and recreated it?
<fellayaboy> im in the process of that
<fellayaboy> did i lose all my data by anychance?
<RoyK> better do that before you reboot :P
<fellayaboy> so if i reboot then it'll apply and ill lose my data correct?
<RoyK> fellayaboy: before you do such things, always make sure you have a good backup - things may break
<fellayaboy> aw snaps
<fellayaboy> well its obvious
<RoyK> fellayaboy: but I've removed/recreated partitions before without issues - should work - just don't blame me if you lose your data if you don't have a backup ;)
<RoyK> come to think of it - another way would be to create a new partition, put a pv on it and add that to the vg
<RoyK> but then - if you've already removed sda5, it's a bit late for that
<fellayaboy> shoot
<RoyK> have you recreated sda5 yet? or have you saved your settings in parted?
<fellayaboy> i hope i didnt save it..i did rm 5 and i had to cancel out of parted
<fellayaboy> when i do print i dont see the 5 partition
<RoyK> ok - better recreate it, then
<RoyK> should work
<fellayaboy> how do i do that
<RoyK> create a new partition starting at the same point as the old one
<RoyK> should be default if you create a new one
<fellayaboy> when i do that it asks me what file system i want to use
<fellayaboy> should i use ext4 since thats what i used before?
<RoyK> just don't do anything stupid as in making a new filesystem
<RoyK> perhaps better use fdisk
<RoyK> if you create a new fs, you *will* lose your data
<sdeziel> mkpart asks for a FS but doesn't create one
<RoyK> ah
<RoyK> ok
<RoyK> sdeziel: just flags partition type 0x83 or something?
<sdeziel> it just sets the partition type accordingly
<sdeziel> yeah
<fellayaboy> okay so file system type? ext4 is okay...its asking me "start?"
<RoyK> should be ok, then, fellayaboy
<fellayaboy> shall i say yes
<sdeziel> "yes" isn't a good start offset ;)
<fellayaboy> lol
<fellayaboy> ok give me one second
<fellayaboy> or 2 minutes really
<RoyK> good luck :)
<fellayaboy> screw it im backing things up lol
<fellayaboy> while i have the chance
<RoyK> good
<RoyK> better use something like crashplan - keep things backed up
<fellayaboy> i got 4 gigs let that fnish il be back
<fellayaboy> crashplan?
<RoyK> dot com
<fellayaboy> let me go see
<RoyK> perhaps not now - just backup things locally for now
<fellayaboy> i am
<fellayaboy> so whhaaa... crashplan lets you back all unlimited data for free with no account?
<RoyK> nah - $5 a month or so
<RoyK> but yes, unlimited
<RoyK> and it works well - given you turn off that stupid dedup setting
<fellayaboy> lol not bad
<RoyK> I have 5,5TiB on my account there ;)
<fellayaboy> wow
<fellayaboy> lol
<fellayaboy> thats alot of data..
<fellayaboy> way better than dropbox i would say
<RoyK> well, a friend of mine has 15TiB space on her home server - she's a film nerd of sorts...
<fellayaboy> wow never even herd of one person with 15tib
<RoyK> fellayaboy: heh - I've been working with storage for a while ;)
<fellayaboy> which reminds me something.  if you try to add more physical disks to a raid would you have to recreate the whole raid thus losing all your data?
<fellayaboy> im only starting to know the importance of storage..bought myself a server just for it
<RoyK> no, you just add a disk and --grow it
<fellayaboy> a rack server
<RoyK> mdraid is *very* flexible
<fellayaboy> cool ill jump that bridge when i get to it
<fellayaboy> md?
<fellayaboy> ok perfect
<fellayaboy> i backed up my data
<RoyK> linux' software raid
<fellayaboy> cool
<RoyK> ok - did you create a new partition as well?
<fellayaboy> so now parted says "start?",
<fellayaboy> its looking for anumber i believe
<RoyK> probably the start block - I'm not quite used to parted - sdeziel? anyone?
<sdeziel> yes, outta be the start block/offset as the original partition
<fellayaboy> i didnt record that info
<sdeziel> http://pastebin.com/mgPtySMX
<fellayaboy> ha what i silly chimp i am
<fellayaboy> thank god i pastebinit!
<sdeziel> yeah, that's not the kind of info you want to lose after rm'ing a part
<RoyK> nothing there about sector numbers, though
<sdeziel> parted accepts offsets in various different units
<sdeziel> could be sectors, MB, MiB, etc
<sdeziel> or %
<RoyK> sdeziel: if you choose to create a new, say #5, would it start at the first available sector?
 * RoyK is a bit old-school and still uses fdisk for small things
<sdeziel> RoyK: in my experience, parted doesn't guess, it just asks and then will round your input
<sdeziel> RoyK: that's why I use MiB as unit because those align well
<RoyK> sdeziel: so it won't overlap?
<RoyK> I don't see the reason for even asking for a start sector unless there's default "first free"
<sdeziel> RoyK: the rounding is for performance reasons. I don't know if parted would prevent your from overlapping 2 parts (probably)
<fellayaboy> what does an extended partition do..whats it for
<sdeziel> it's a legacy from the MSDOS era
<sdeziel> it is a way to overcome the limit of 4 primary partitions
<sceiron> Can someone elaborate on what is necessary to create a channel on an irc server? I just created a ircd server that runs on us
<sdeziel> so you put an extended partition then in that extended part, you can create many logical part. This pushed the total amount of part to 26 IIRC
<sceiron> when i try to register a channel, it does not work
<fellayaboy> okay cool that makes sense sdeziel
<sdeziel> fellayaboy: and 26 happens to cover A to Z for drive mapping
<RoyK> sdeziel: ironically, since DOS/Windoze still reserves A: and B: for floppies ;)
<fellayaboy> lol.  i should've used gpt
<fellayaboy> and uefi
<RoyK> fellayaboy: did you create a new partition?
<RoyK> fellayaboy: if not, just use fdisk, it may be easier
<RoyK> fdisk - n - l - enterenterenter
<fellayaboy> well
<fellayaboy> we started back at sqaure one
<fellayaboy> square one
<fellayaboy> me and sdeziel couldnt expand it beyond..he said the extended partition was to blame
<sdeziel> RoyK: so I assisted fellayaboy to resize sda5 but forgot that sda2 had to be resized first
<sdeziel> fellayaboy: this HDD being bigger than what your partitions cover smells the VM disk resize, am I right?
<fellayaboy> im not so sure
<fellayaboy> i resized it in vmware esxi
<sdeziel> there you go
<fellayaboy> that could be the problem?
<fellayaboy> yeah its a vm living in vmware esxi
<fellayaboy> inside the datastore
<sdeziel> fellayaboy: not a problem but an explanation to why you have a 400G drive with partitions covering only ~160G
<fellayaboy> well i needed to expand my data...when i created the vm i started it with 150gb...now i wanted to increase it to 400gb..
<sdeziel> I never understood why the Ubuntu installer created an extended partition to then put "/" inside a logical partition. This makes it harder to resize the whole thing later one...
<fellayaboy> thats all i realLY KNOW
<fellayaboy> i feel like i should just blow this whole thing...i dont even remember i configured vmware esxi server as a bios or uefi
<fellayaboy> make it all uefi gpt
<RoyK> fellayaboy: got a snapshot, perhaps?
<fellayaboy> thats true
<RoyK> fellayaboy: next time you need to extend the vg/lv, just add another drive and add it to the vg - it's easier - just don't partition that drive, just add it as a pv - I always do that in vcenter
<fellayaboy> yeah i have to find me a tutorial that breaks all this down
<fellayaboy> get the whole birds eye view of lvm and then tinker with it all
<RoyK> fellayaboy: just add a disk, vgextend /dev/newdisk, lvextend ...
<RoyK> fellayaboy: it's not hard ;)
<fellayaboy> lol
<fellayaboy> i really wanna learn instead of using gparted all the time
<fellayaboy> this seems cool
<RoyK> :)
<fellayaboy> thanks for that info RoyK now i just gotta figure out how to extend this msdos partition to use up the freespace
<sdeziel> RoyK: TIL: parted "resizepart". No need to do the rm + mkpart dance :)
<ttpearso> Testing out openstack-single on 15.10, had it running, rebooted, now openstack-status errors out, any pointers, suggestions?
<sarnold> ttpearso: does it use juju to fire up everything? juju status may be a good starting point
<ttpearso> juju status was hanging
<ttpearso> I just wiped it, starting again
<ttpearso> debugging a test env just not worth the time, was hoping it was simple/common
<xmj> moin, what's the EOL for 12.04 server?
<coreycb> ddellav, swift 2.6.0 uploaded, thanks for the updates
<RoyK> xmj: 17.04
<ddellav> coreycb ack
<xmj> RoyK: 2016?
<genii> !precise
<ubottu> Ubuntu 12.04 LTS (Precise Pangolin) is a currently-supported !LTS release of Ubuntu.  Download http://releases.ubuntu.com/12.04/ - Release Info: http://www.ubuntu.com/getubuntu/releasenotes/1204
<RoyK> xmj: 5y on lts
<xmj> thanks
<ddellav> coreycb openstack-pkg-tools is ready for review: lp:~ddellav/ubuntu/+source/openstack-pkg-tools my changes are in ubuntu/mitaka
<hallyn> rharper: know anything about qemu blockcommit stuff? bug 1554031, wondering whether qemu is wrong for demanding write access to lower layers?
<ubottu> bug 1554031 in qemu (Ubuntu) "error: internal error: unable to execute QEMU command âblock-commitâ: Could not reopen file: Permission denied" [High,Triaged] https://launchpad.net/bugs/1554031
<hallyn> (easily reproduced using any uvt-kvm -created vm)
<coreycb> ddellav, just a couple of things, can you run update-maintainer and also the merge of d/changelog dropped a bunch of old entries from ubuntu
<ddellav> coreycb ok
<ddellav> coreycb fixed. reclone
<coreycb> ddellav, getting there, still missing old merge changelogs
<ddellav> coreycb hmm, the only changelogs i see are the ones from james for 37ubuntu1-3
<ddellav> coreycb oop nevermind, there they are
<ddellav> i scrolled too fast
<coreycb> ddellav, ok
<ddellav> coreycb i need to use vimdiff more often
<coreycb> ddellav, that's what i use, seems to work well
<ddellav> coreycb take 3, try now
<coreycb> ddellav, looks good, thanks
<runelind_q> I just installed a 16.04 development branch server instance, and it appears to have created lxcbr0 interface by default, is this expected behavior?  If so, how can I disable it at install time?
<nacc> runelind_q: did you happen to pick lxc or lxd to install? also, is there some issue with lxcbr0 being configured?
<runelind_q> I did not pick that, only OpenSSH server
<nacc> runelind_q: i believe ubuntu-server depends on lxd now (looking at `apt-cache` output
<nacc> not sure if it did/didn't earlier
<coreycb> jamespage, any objections to me uploading ddellav's new merge of openstack-pkg-tools?
<sarnold> nacc: iirc lxd is intalled by default, and lxd creates the bridge by default..
<coreycb> jamespage, it all looks good just want to double check that it is a sane thing to upload at this point in the cycle.  the sync of mistral needs it.
<nacc> sarnold: agreed
<runelind_q> hrm, well that's less than ideal.
<sarnold> runelind_q: please do file bugs if you dislike it; I know a goal is for things on ubuntu to Just Work so it may not get very far, but still, if no one files bugs it just won't be visible
<runelind_q> I'll probably just figure out how to disable the lxcbr0 interface.
<sarnold> runelind_q: brctl something or toerh..
<runelind_q> guessing lxd will just recreate it
<sarnold> ah, could be upgrades might..
<sdeziel> runelind_q: you can try to set USE_LXC_BRIDGE to false in /etc/default/lxc-net
<hallyn> runelind_q: soon lxd will no longer depend on lxc-net and that won't happen by default.  For now just do what sdeziel said, lxd will not recreat it.
<runelind_q> that does seem to resolve the issue.
<runelind_q> would rather have lxd be an install-time installation decision, but it is what it is I guess.
<hallyn> this was never an issue until very recently when lxd was added to the server seed (quietly), causing all sorts of hillarity
<runelind_q> is this a debian upstream thing, or a decision by Canonical?
<hallyn> there is no debian upstream for lxd, and debian and ubuntu are not in sync (yet) for lxc.
<hallyn> but again, by 16.04 release lxc-net will not be starting on your server images
<hallyn> and lxd doesn't start - it's socket-activated
<hallyn> so meh
<hallyn> i personally think it's a good thing (just would've liked time for testing :) but of course i would :)
<Froberg> in need of a lifeline.. I just set up a 6x4TB raid 5 array, installed webmin and installed transmission.. I set the server to reboot. After reboot I get login prompt, type password, and get sent back to login prompt. I can't SSH any more either.. nor is webmin interface working.
<Froberg> I've never seen this before
<Froberg> fortunately I still have the server connected with keyboard and monitor, so I can see that it IS there
<Froberg> I just can't login
<Froberg> ... for whatever reason
<smoser> rharper, https://code.launchpad.net/~ubuntu-server-dev/ubuntu/+source/tgt/+git/tgt
<rharper> smoser: thx!
<ddellav> Froberg it goes without saying, but you're sure you're using the right password? And logging in as root I assume?
<Froberg> yeah my during-install configured user
<Froberg> it doesn't reject the password, just sends me back to the username prompt
<Froberg> doesn't even display the "packages that can be updated" stuff
<ddellav> are you talking a bout logging into webmin or loging into the server via the terminal?
<ddellav> or ssh?
<Froberg> terminal direct access
<Froberg> ssh is fucked
<Froberg> webmin too
<Froberg> I only just installed this server yesterday
<ddellav> ok, so when you type in your username and hit enter, it gives you a password prompt, if you type in the wrong password and hit enter it dumps you to the username prompt again without any messages
<ddellav> i.e. wrong password
<Froberg> I type username, password, get "welcome to ubuntu", see the link for documentation.. it pauses.. and clears terminal and shows me username prompt again
<ddellav> ahhh ok, thats new information
<Froberg> Apologies if I was unclear about that
<ddellav> sounds like your pseudo terminal process is crashing
<Froberg> is this a start over scenario?
<Froberg> brb sorry
<ddellav> Froberg it might not help, i did some quick googling and there are a few different possibilities. I would check here: http://lmgtfy.com/?q=terminal+process+crashing+after+login
<ddellav> it depends a lot on what kind of hardware you have and if you installed the desktop software
<ddellav> also, you may want to include webmin in that search since it only started happening after using webmin
<ddellav> i dont personally use webmin so i don't know much about it
<ddellav> but hopefully that has helped narrow down your issue.
<ddellav> if i had to guess i'd say its a misconfiguration in your bashrc thats causing the terminal process to crash, unless you've installed unity or the other desktop software in which case it could be trying to start it and crashing.
<Froberg> back, sorry, parental duties
<ddellav> most of those solutions involve rebooting into recovery mode and/or passing kernel args during boot
<ddellav> np
<Froberg> I actually never even started webmin up
<Froberg> I just apt-get installed it
<Froberg> as I've used it before to manage samba shares, since it makes it a bit easier
<ddellav> yea just the install process may install directives into the global bashrc that gets included everywhere
<Froberg> no desktop installed
<ddellav> or, to be more correct, the global bashrc is run first then your local one is included
<Froberg> it's meant to be a headless server with no keyboard or monitor connected
<ddellav> ok, that rules out the desktop stuff then
<Aleksandar86> i have new Ubuntu 14.04 with apache, and want give all privilege on /var/www/  what is best chmod for this?
<ddellav> i've definitely had bad bashrcs make it difficult or impossible to login
<Froberg> It's run for half a year or so with no problems, only had to restart because I was unaware of the 16TB raid5 limit
<ddellav> Aleksandar86 All privileges is 777 but thats not usually best practice for a publicly accessible webroot.
<Froberg> hm, guess if I restart I can just remount the array, it did finish syncing, right?
<Aleksandar86> i have problem with prestashop and 775
<Froberg> not like I set up anything too grand, might be simpler to just start over
<Aleksandar86> ddellav what chmod you using?
<ddellav> you can try starting over but it sounds like it might happen again
<Froberg> bar the webin then ;)
<Froberg> *webmin
<ddellav> Aleksandar86 644 is usually a good starting place.
<Froberg> It's not like I *need* to have it
<ddellav> Froberg yea, i find those control panels to be more a crutch, i prefer to do most things on my own
<Froberg> it was running headless for half a year running multiple kvm's with no issues
<Aleksandar86> ddellav if I give chom 644 on /var/www/ all inside folder will have this privilege?
<Froberg> I refuse to believe that there should suddenly be any hardware compatibility issues
<ddellav> Aleksandar86 no, you have to pass -R to chmod to make it recursive
<ddellav> Froberg yea, unlikely, issues like that have to do with sudden changes, since you just installed webmin, i would point to that
<Froberg> ddellav the transmission documentation on ubuntu help did say to enter in some bash aliases, could that be the problem?
<tarpman> 644 is fine for files, but not for a directory, users need execute permission to traverse into it
<ddellav> Froberg it's possible
<Froberg> gravy
<tarpman> symbolic permissions are usually more understandable: u=rwX,g=rX,o=rX
<Froberg> well ddellav, thanks, don't think it's worth the time to begin troubleshooting on so fresh an install
<Froberg> was hoping for a 'quick-fix for a known rare issue'
<tarpman> the capital X makes chmod mostly do the right thing with files and directories
<tarpman> ddellav: Aleksandar86: ^
<Froberg> google only mentioned various GUI related issues with similar effects
<ddellav> tarpman yes, usually for apache i make the directories 750 and the files inside 644 while owned by root.www-data
<Froberg> https://help.ubuntu.com/community/TransmissionHowTo < here's the documentation I followed, wanted to try transmission instead of deluge for a change
<ddellav> Froberg those aliases are not likely to be an issue, they are just shortcuts for starting the service
<ddellav> s/starting/managing/
<Froberg> I was pretty sure of that, too :)
<Froberg> still, doesn't hurt to ask
<Froberg> now I'm worried about trying for webmin AND transmission :p
<Froberg> ain't paranoia lovely
<ddellav> if i were you, and since you're doing a fresh install anyway, i would install webmin right away and make sure that works
<ddellav> get a solid base then add on top of that
<Froberg> good point
<Froberg> not doing kvm's again though
<Froberg> too much micro-management
<Froberg> even if one-box-with-all-the-stuff-that-will-ruin-my-day-when-it-breaks is riskier :p
<ddellav> you might want to check out containers instead
<ddellav> lxd and/or docker containers make things much easier imo
<Froberg> yeah I've heard mention of docker
<ddellav> also take a look at juju for deploying things, it's one of the canonical products: jujucharms.com
<sdeziel> Froberg: any idea why nano is invoked via sudo to edit the ~/.bash_aliases file?
<ddellav> yea, thats weird
<Froberg> sdeziel I've no clue, I just assumed ubuntu documentation would be accurate
<ddellav> probably just an oversight
<Froberg> I will admit to some blind-sheeping there
<sdeziel> if nano gets to create a new file it would be root owned
<ddellav> unless they are expecting you to edit another users file
<ddellav> sdeziel would a root owned .bash_aliases cause the terminal to crash?
<sdeziel> ddellav: doubt it, would be a terrible failure mode but I never tested it :P
<tarpman> sounds possible
<tarpman> try it ;)
<ddellav> i was just about to lol
<Froberg> I did try executing the command example just prior to things becoming.. odd
<Froberg> remove raid array physically from hot-swap slots before re-install or not?
<sdeziel> nope, doesn't cause any problem on 14.04
<Froberg> .. might as well
<ddellav> hmm, well it didnt crash
<ddellav> also, it read the file without issue on login
<ddellav> which i guess is kinda expected since the login process runs as root i think
<ddellav> but im also on 16.04
<Froberg> gonna switch screen input and start the installation, back soon :)
<sdeziel> ddellav: I sure hope that ~/.bash* is ran as your user, not root
<sdeziel> otherwise priv escalations would be too easy to be fun :)
<ddellav> sdeziel yea, you're right, it was 644, i changed it to 640 and i got an error on login
<sdeziel> that said, by default the root owned file is still world readable
<sdeziel> that confirms that bash does the right thing and fails gracefully
<sdeziel> I wonder if a motd script could be at fault
<Froberg> 'aight setup started, waiting for IPMI is a bitch
<Froberg> ironically this is my sixth install in one day
<Froberg> it failed horribly a few times yesterday due to UEFI issues
<Froberg> weird considering I had no issues when briefly trying Open Media Vault.. or even when installing the old ubuntu server
<Froberg> then again, I used the LTS last time..
<Froberg> dumb of me going for the latest?
<sdeziel> practice makes perfect
<Froberg> there, nothing but openssh selected
<Froberg> so, finish install, ssh, assemble raid, reboot, test
<Froberg> not too promising
<Froberg> server booted up, no ssh
<Froberg> ..
<hallyn> rharper: i'll just go make a fool of myself on #virt
<Froberg> lol, nvm, user error
<Froberg> seems odd that there's package updates post install
<patdk-lap> why?
<patdk-lap> security updates should be applied, but non-security shouldn't be
<Froberg> maybe.. I just figure it's a live install with network access.. and I'm not installing an LTS version
<Froberg> might as well grab all packages
<rharper> hallyn: sorry, blockcommit most certainly will need write access;  the general idea is that the backing layers are rw; qcow2 handles diverging writes to the base; but in the case you want to commit changes from the current level to parent (aka backing dev) then it expects to squash the delta in the top level into the backing device
<hallyn> jdstrand: hi.  if i were to say that when libvirt apparmor driver's load_profile is called to update a profile to add rw access to a block device, it adds a 'rw' rule but leaves a prexisting 'deny device w' rule, would that ring a bell?
<rharper> hallyn: if you do qemu-img create -f qcow2 -b my-base-image  top-layer 2G;  no writes will happen to my-base-image; it's effectively RO even though it may be opened in 'rw' mode to support a blockcommit which would push changes from 'top-layer' into the base of the qcow2 file (my-base-layer)
<hallyn> rharper: yeah, most of the libvirt code is doing the right thing to update the security profile to allow write access, virt-aa-helper is just screwing up i think
<hallyn> rharper: yeah, the whole 'blockcommit' thing and its directionality constantly confuse me
<rharper> hallyn: ok;  it may be a profile oversight
<hallyn> so i create a base  layer, run qemu with a layer over that, and then do 'blockcommit' the intent is to merge my changes back into the base layer?
<rharper> basically if you 'RO' a layer, it wil prevent any rebasing (block commit)
<hallyn> like a git rebase squash?
<rharper> yes
<rharper> exactly
<hallyn> kthx
<hallyn> back to the code
<rharper> you can specify the number of layers;  ie, if you'bve done incremental snapshots (internal qcow snapshots) if you commit the upper most to the bottom, then you can delete all of the intermediate snapshots
<hallyn> so i guess virt-aa-helper needs a new hook that says 'if adding rw permissoin remove any preeixsting deny w rules'
<hallyn> yuck
<hallyn> (in update mode)
<rharper> https://kashyapc.fedorapeople.org/virt/lc-2012/snapshots-handout.html
<hallyn> heh i think i was at that talk
<hallyn> but time heals all groks
<rharper> hehe
<hallyn> re-added to my readitlater list
<hallyn> jdstrand: if you know of a clean way i can say "remove a deny write rule for this policy' in virt-aa-helper's vah_add_path() that'd be great
<hallyn> as opposed to having to mmap the file and walk it
<rharper> hallyn: if we 're using qcow files, the qemu-img info --backing chain will show the files involved;  shouldn't we always allow rw on any of the backing devices ?  or rather, ensure each of the backing files are in an acceptable location for rw; if so, then there's no need for ro policy on any the elements in a qcow file ?
 * hallyn confused.  where do we read the existing profile
<hallyn> rharper: I dunno.  the libvirt domain description marks those files as readonly, so virt-aa-helper marks htem ro
<hallyn> which seems fine to me
<hallyn> it gets called to update it when write access is needed
<rharper> but libvirt will change on a blockcommit ?
<hallyn> it's just effing up when asked to do that
<rharper> huh
<hallyn> yes, it calls the security module to update
<rharper> interesting
<hallyn> and a rw rule *is* added :)  but the deny w rule is kept
<rharper> it seems redundant , either qcow2 works or it doesn't
<rharper> ah
<rharper> I see
<hallyn> well, this should protect the base of shared images from hypervisor bugs, i guess
<sdeziel> hallyn: any reason why the write is explicitly denied instead of just relying on the default deny?
<jdstrand> hallyn: this sounds related to the recent patch for readonly files and updating vah_add_file to add 'R' for readonly without a corresponding deny rule
<jdstrand> hallyn: perhaps something similar needs to be done here-- but for something to be read/write and get a deny w is definitely a bug
<hallyn> jdstrand: I don't think it "gets" it, I think it just doesn't remove the old one on update
<hallyn> sdeziel: nope
<jdstrand> seems like the file should be regenerated then instead of appended to
<Froberg> sdeziel all working fine now.. it seems, rebooting after webmin install now. Oddly webmin reports 600GB used of my empty array.. even assuming it's including the 128 gig system drive, that's just odd :p df -h has the proper figures though (24k/16T)
<Froberg> Intel(R) Atom(TM) CPU C2750 @ 2.40GHz, 8 cores << loving this CPU if anyone's been considering it
<sdeziel> Froberg: nice
<Froberg> login works after reboot
<Froberg> now I truly wonder what fucked up
<hallyn> jdstrand: well the context code is calling domainSetSecurityLabel...
<hallyn> so i suppose this is a bug in AppArmorSetSecurityLabel
<hallyn> what is this java code? :)
<hallyn> (annoying since my mouse isn't working, no cut-paste :)
<Froberg> sdeziel appreciate the help.. even if I'm at a loss as to what may have happened
<hallyn> AppArmorSetSecurityImageLabel, that is
<Froberg> Thank you, Sir! :)
<sdeziel> Froberg: you are welcome
<hallyn> seems like load_profile() should see append=false and then decide to regenerate?
<hallyn> it claims to do that...
<hallyn> btw i think if we fix this we fix a large set of the open libvirt bugs
<hardwire> aloha.  anybody up to snuff with 16.04?  I'm used to doing minimal server installs without any added packages.  Seems like LXC wedges itself in (I like LXC, just not on these servers).
<hardwire> The other option for minimal is to use the mini.iso
<hardwire> Wondering if I'm missing something on install using the ubuntu server isos that will further reduce the installed package requirements.
<nacc> hardwire: right, lxd is part of the base server now (aiui)
<hardwire> ah.. part of the ubuntu-server metapackage
<nacc> hardwire: yep
 * hardwire makes a face
<hardwire> thanks nacc
 * hardwire attempts to dig up why harden-* disappeared as well.
<hardwire> I might just be losing my buntu mojo!
<nacc> hardwire: what packages, e.g.?
<hallyn> oh i see
<hardwire> in debianland there's some metapackages that explicitely require some tools and conflict with lots of packages that are considered insecure
<hallyn> hm, no.
<nacc> hardwire: oh i see them, i think
<nacc> hardwire: e.g.,  harden-clients?
<nacc> hardwire: possibly harden itself
<hardwire> and harden-servers
<hardwire> and harden-*
<hardwire> heh
<hardwire> no worries.  I'll just miss them
<nacc> hardwire: https://launchpad.net/ubuntu/+source/harden/+publishinghistory
<hardwire> oh!
<hardwire> I'm so used to reading debian bug reports for that info
<hardwire> thanks nacc
<nacc> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=782978
<ubottu> Debian bug 782978 in ftp.debian.org "RM: harden -- RoQA; no longer useful" [Normal,Open]
<nacc> hardwire: so no longer in debian either :)
<hardwire> lol
<hardwire> it's pretty useful :)
<nacc> https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=760449
<ubottu> Debian bug 760449 in harden "harden: outdated info" [Serious,Fixed]
<nacc> not according to the maintainer, it's not :)
<hardwire> yehhh.. that makes it less useful
<hardwire> it was a large undertaking.
<hardwire> ok.. so I'm guessing the ubuntu-server isos even with no packages selected in tasksel makes sure ubuntu-server metapackage is installed.
<hardwire> I'll just have a lot of lxc bridges laying around :)
<hallyn> jdstrand: so i think libvirt is not updating the actual vm config, just asking for a new rw rule for the backing element... not sure though
<hallyn> jdstrand: so is the 'deny' rule really needed?
<hallyn> if we didn't have that, then this would "just work".
<jdstrand> I'd have to see the policy
<Zulu_Too> Sarnold are you there?
<jdstrand> apparmor_parser -p /etc/apparmor.d/libvirt/<something>
<hallyn> i pasted the bits in the bug, but virt-aa-helper explicitly adds a deny rule any time it sees a readonly element
<hallyn> line 835
<jdstrand> ok, that is what I was referring to before
<jdstrand> it sounds like the call to vah_add_file for this type of file should pass 'R' instead of 'r' with the recent patch that is on the list and that smb pulled in
<jdstrand> 'R' won't add the deny rule
<hallyn> jdstrand: paste.ubuntu.com/15344294 fwiw
<hallyn> jdstrand: hm, i'm on the verison before that, so maybe it's already fixed
<jdstrand> I find it exceedingly curious that libvirt marks it readonly only to later not honor the flag
<hallyn> jdstrand: it only temporarily marks it rw,
<hallyn> for the duration of blockcommit
<hallyn> i would've thought you'd appreciate that
<hallyn> i'll update and re-try, but am on slow link...  actually, rharper, coudl you test it out, od you have a xenial host?
<rharper> I have
<hardwire> okokok last one.  Why is bootp not bound to 10.0.3.1 via dnsmasq?
 * jdstrand notes he is about to head out
<rharper> hallyn: if you've some debs for me to test, I can do that
<hallyn> rharper: no, just the current uptodate libvirt in xenial
<rharper> sure
<hallyn> i'm on -1ubuntu4, -1ubuntu5 has smb's fix
<rharper> I've not updated in a while, on 1ubuntu2
<rharper> hallyn: what do you need test-wise ?
<rharper> pull latest and ?
 * rharper has been dorking with multipathd, sd_notify and systemd services (*shakes fist*) 
<hallyn> oh but it probably wil fail, because indeed it is using -r not -R
<hallyn> rharper: the blockcommit command from bug 1554031
<ubottu> bug 1554031 in qemu (Ubuntu) "error: internal error: unable to execute QEMU command âblock-commitâ: Could not reopen file: Permission denied" [High,Triaged] https://launchpad.net/bugs/1554031
<rharper> hallyn: ok, run that on my current out-of-date package ?
<hallyn> oh, no.
<hallyn> i missed that comment.  no, need -1ubuntu5
<rharper> there's a 1ubuntu6 too;
<hallyn> well, i should be ready to test it in an hour or two :)
<hallyn> yeah that woudl be fine
<hallyn> 5 has the smb fix
<hallyn> anyway may as well look more closely at that fix while i wait for downloads
<rharper> % virsh blockcommit x1 vda --active --pivot --verbose
<rharper> error: internal error: unable to execute QEMU command 'block-commit': Could not reopen file: Permission denied
<rharper> ii  libvirt-bin                          1.3.1-1ubuntu6
<rharper> let me destroy and recreate a new one
<rharper> not sure when I created that VM
<hallyn> ok, yeah, we'd need one more little patch, which jdstrand might object to but i dont' think so:
<rharper> nope, freshly created, still fails
<rharper> hallyn: ok
<hallyn> add_file_path should use R not r when it sees disk->src->readonly
<hallyn> jdstrand: is tha tok with you?
<hallyn> rharper: I'll push a new package t oserge-hallyn/virt in a bit
<hallyn> with that attempted fix
<hallyn> rharper: btw did i add you to the libvirt-maintainers team?
<rharper> hallyn: sure; just poke me here, I'll check back in a bit
<rharper> hallyn: probably not
<hallyn> drat.  it's for access to a libvirt tree which i'd like to be the staging tree to archive packages
<hallyn> all right thanks will ping you in a bit
<rharper> cool
<hallyn> jdstrand: http://paste.ubuntu.com/15344361 <- i'm going to try that
<jdstrand> hallyn: I'm ok with that assuming that vah_add_file in the version you are patching supports 'R' :)
 * jdstrand wonders if there will be noisy denials now-- the explicit deny rule was for iso images iirc
<jdstrand> I guess we'll see
<hallyn> jdstrand bleh yeah that rings a bell
<hallyn> we may then end up needing a more baroque fix, but let's see whether this even works
<hallyn> besides isos are so 2013
<hallyn> jdstrand: ok, pushed to ppa:serge-hallyn/virt;  will take 20 mins to build (if it doesn't fail)
<Zulu_Too> Has anyone here seen this web chat?   http://frug.github.io/AJAX-Chat/screenshots.html        Is it safe secure and has anyone used it?
<hallyn> rharper: grr, virt aa helper test fails now;  i'll have to build locally so i can get details :(
<hallyn> i'm going to drop off irc a bit while i switch clients
#ubuntu-server 2016-03-11
<hallyn> uh, that patch is bogus though.  it takes a const char *perms and then updates it
<hallyn> ok, another try
<hallyn> rharper: ppa:serge-hallyn/virt package built
<rharper> k
<hallyn> though the ppa view is still confused
<hallyn> make sure to get 1.3.1-1ubuntu7~ppa6, not 5.  (5 failed to build so shouldn't e available, but...   this is confused)
<hallyn> oh there, finally updated
<hallyn> oh screw libvirt.  now i get 'domain not running'  no idea what that's about
<hallyn> oh, heh, wrong domain name
<hallyn> didn't fix the problem for me :(
<hallyn> still might push the pkg i have bc it has several important fixes
<hallyn> oh, blah.  do i have to use 'R' also when depth == 0?
<hallyn> ungh, i see
<hallyn> rharper: yeah if you haven't yet don't waste your time, one more update to my patch
<rharper> I've not yet
<rharper> so I shall wait some more
<hallyn> actually, maybe i can avoid doing the change when depth == 0.
<hallyn> if i have a qcow2 stack and the top part of the layer is reasonly, *then* maybe i really want to deny writes ?
<hallyn> don't think so though, just unhappy with needing this relaxation
<hallyn> ^ do you get the feeling we should have someone who knows what they're doing taking over libvirt? :-)
<hallyn> ok another 25 mins hopefully
<rharper> heh
<rharper> ok
<hallyn> yay, success
<hallyn> and all without having a working mouse today :)
<hallyn> of course i don't actually *want* my uvt-kvm base image updated
<hallyn> rharper: ok it's working for me so i'm going to push the pkg to xenial, no need for you to test unless you wnat to
<hallyn> thx
<hardwire> ahha.. you can select an ubuntu-server-minimal preseed
<hardwire> that's handy.
<hallyn> rharper: so regarding bug 1393842 I'm trying to find where qemu, for q guest agent, ever does an mknod, and not finding it.  Thinking I may have to undo that part of the fix in comment #40.
<ubottu> bug 1393842 in libvirt (Ubuntu Trusty) "libvirt does not grant qemu-guest-agent channel perms" [High,Confirmed] https://launchpad.net/bugs/1393842
<hallyn> though the error msg incomment 14 seems pretty clear....  but i'm not getting it
<hallyn> (my concern is, if it's not supposed to mknod, then i'd rather not grant it that capability in apparmor profile for no good reason)
<zetheroo> using Ubuntu 14.04 here. In a user's home directory there is a file which has user and group ownership by root. It's also read-only to any user that is not the owner. If I login as a user (not root) and open the file with vim I can then edit and save the file without using sudo. When I do this the file is saved and it's ownership changed to the user I am logged in as (not root).
<zetheroo> This seems like a security vulnerability. How to stop this?
<jushur> zetheroo: encryption file?
<zetheroo> jushur: I found a solution - using chattr
<zetheroo> its a very specific case and I was not aware that whoever owns the directory can do whatever they want with the files inside, even if the files are owned by root and only owner has write perms to the file.
<zetheroo> Now I know ...
<lordievader> zetheroo: That shouldn't be possible. It shouldn't matter who owns the dir. If you have write acces to a file you can write to it. If you don't you cannot write to it.
<zetheroo> lordievader: apparently this is not how linux perms work
<jushur> actually it is, tho you can technicaly as your user change the permission and owner/group on a file so only root can access it.
<lordievader> zetheroo: It is, I just tested it. Vim is not able to edit a file owned by root.
<jushur> and in that moment your user loses the rights
<zetheroo> lordievader: is the file in a users home directory?
<lordievader> Oeh, interesting when using the overwrite (:w!) it is able to write it...
<zetheroo> yep
<Deeps> http://paste.ubuntu.com/15346744/
<zetheroo> like I said, the only solution I found was to use chattr +i on the file (done as root)
<Deeps> 1119.11 < lordievader> Oeh, interesting when using the overwrite (:w!) it is able to write it...
<Deeps> it deletes the file
<Deeps> and recreates it
<Deeps> notice the perms have changed to be owned by your user
<zetheroo> yep ^
<Deeps> because your user owns the dir, it can create/delete files
<jushur> rofl
<zetheroo> this really stumped me, and nearly everyone else I talked about it with :D
<Deeps> vim override: http://paste.ubuntu.com/15346753/
<Deeps> general file operations: http://paste.ubuntu.com/15346744/
<lordievader> Deeps: It doesn't it points to the same block. And besides why can I remove a file owned by root.
<Deeps> lordievader: because you own the dir, so you can do whatever you want to anything inside that dir
<Deeps> i can't speak for whether or not this is by design, but it certainly looks like that's how it operates currently
<lordievader> Hmm, interesting.
<Deeps> but this would be why root owns / and changing the owner of / would be badnewsbear
<zetheroo> yes, and why user root can edit everything under / because it owns /
<zetheroo> if John Smith owns /home/johnsmith/ then he too can edit anything under /home/johnsmith/ regardless of who else may have gotten ownership to the file
<lordievader> That makes sense, guess I learned something today :)
<zetheroo> me too :)
<skylite> I have to clear out a folder thats full of hardlinks. I dont care which one is deleted I just want to have only one of each file without any hardlinks. Anyone has a sollution for that?
<rbasak> I don't think that's easy. You could create a file containing inode number and path, and then do some keyed sorting and uniq'ing on that.
<skylite> I think I better write a shellscript for this
<mdeslaur> rbasak: are you still working on squid3?
<rbasak> mdeslaur: yes but task switched away from it for the moment.
<rbasak> The version in xenial-proposed may be good to go, except for one bug reported by Odd_Bloke bloke I think, and needs some testing against squid-deb-proxy and squidguard.
<rbasak> kickinz1_ was going to do some testing on it for me.
<mdeslaur> rbasak: ok, good to know. Just checking up to make sure the new version is eventually going in, for security reasons.
<mdeslaur> rbasak: thanks!
<rbasak> It's still planned to go in, yes. Thanks for checking.
<pezet91> hello, anyone can install LSI MegaRAID SAS driver on ubuntu server?
<jushur> !ask pezet91
<jushur> !ask | pezet91
<ubottu> pezet91: Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<patdk-wk> sure
<pezet91> i looking for driver for LSI MegaRAID SAS controller, becauce current driven in kernel 3.8 don't see my sas disk (sorry for my english)
<pezet91> driver*
<pezet91> specification: Fujitsu Primergy TX2540 M1, MegaRAID SAS controller, Ubuntu Server 14.04 (kernel 3.8)
<patdk-wk> and lsipci shows?
<pezet91> lsipci: command not found :/
<patdk-wk> lspci
<pezet91> lspci | grep Mega : RAID bus controller: LSI Logic / Symbios Logis MegaRAID SAS-3 3008 [Fury] (rev 02)
<pezet91> i can't rewrite entire log
<rharper> hallyn: have we reproduced?  I don't see a  full guest xml or qemu command line;  qga makes a unix-socket, which I don't think needs mknod;  if they're using virtfs-9p; it could have proxied a mknod request from the guest;  other than that; I'm not currently seeing any qemu code that needs mknod
<jushur> pezet91: rewrite? you copy or pastebin if its multiline
<jushur> pezet91: Symbios Logis MegaRAID SAS-3 3008 is that truly a 3008? or is it 3080?
<pezet91> 3008
<pezet91> i can't copy, because i have ubuntu server on other machine
<pezet91> only console
<jushur> !pastbin | pezet91
<pezet91> wait
<pezet91> http://pastebin.com/EJHzH53d
<jushur> pezet91: you sure it uses the megaraid_sas driver? and not mpt3sas ?
<pezet91> i'm not sure
<jushur> pezet91: do you have physical access to the card? cna read its sticker/name on it?
<pezet91> yes i have physical access
<pezet91> wait, i need to open the case
<pezet91> http://www.fujitsu.com/fts/products/computing/servers/primergy/components/pmod-157814.html , it's my card
<jushur> PRAID CP400i (D3307) (PCIe to 8-port SAS-3.0 RAID HBA (LSI 3008)) (driver megaraid_sas)
<pezet91> yes, but if I type "modprobe megaraid_sas", it's don't work
<pezet91> i can't see my disks
<jushur> pezet91: check dmesg for info
<sdeziel> pezet91: you said you have  Ubuntu Server 14.04 and kernel 3.8. Any idea why you are not on the 3.13 kernel?
<pezet91> i can't use kernel 3.13 because i have video grabber in server (grabber works only with kernel 3.8)
<pezet91> joshur: last line on dmesg: [ 3141:670846] megasas: 06.504.01.00-rc1 Mon. Oct. 1 17:00:00 PDT 2012
<pezet91> so? anyone can help me? I struggle with this problem for a week :(
<jushur> pezet91: my tip would be turn it off, disconnect the system drive and any important data drives. so you dont destroy any data. (dcoument/tape any cables so you know what goes where.) then use a live usb install and start the system to se wht works and what does not. try the new 16.04 beta to. and se if that can handle it.
<pezet91> ok
<pezet91> thanks
<jushur> pezet91: use a seckond usb drive/stick to save logs to. from each test. so yuo can compare.
<jushur> pezet91: do the sas card show the drives connected when you boot up? like its integrated firmware does recognice thme?
<RoyK> pezet went... well - if he comes back, he may be told that this type of controller isn't an HBA, so to see the physical disks, they need to be defined in the controller somehow, either as a hwraid or in JBOD-mode (if supported) or as a single RAID-0 per drive
<jamespage> coreycb, ok 0 test failure for mitaka-staging - going to shove everything apart from the dashboard into proposed
<coreycb> jamespage, awesome.  still the horizon issue though so maybe hold off on promoting that.
<jamespage> coreycb, ack skipped horizon
<Zeljko> Any free shell access ?
<kpettit> Have a weird log issue.  I've got 2 Ubuntu 14.04 servers.  One the weblogs rotate and the other doesnt.  I have a 9GB log file for example.  Apparently it's never rotated.
<kpettit> My /etc/cron.daily/logrotate is the same as my other Ubuntu 14.04 systems that work.  And in the /etc/crontab it calls the daily crons like it's supposed to.
<kpettit> So I have no idea where to look to see why logrotate isn't running.
<kpettit> I can run the cron job "sh /etc/cron.daily/logrotate" and it works manually.  So something is messed up with cron.  But it's identical to other working Ubuntu systems.  It's tripping me out and I'm not sure how to troubleshoot.  Any ideas?
<BlackDex> Hello there, i have a lot of messages in dmesg wich look like this: [  440.753544] init: <service-name> main process (10109) killed by TERM signal
<BlackDex> where <service-name> are several services
<BlackDex> what could be the problem??
<kpettit> is it a low memory system?
<coreycb> jamespage, I wonder if this is related: https://bugs.launchpad.net/horizon/+bug/1550286
<ubottu> Launchpad bug 1550286 in Magnum UI "dynamic themes breaks compress offline" [Undecided,Fix released]
<jamespage> hmm might be
<jamespage> or its could be that our charm template for mitaka is foobar in the charm
<hallyn> rharper: yeah i think i'll drop that.  (and start upstreaming the other patches which arein xenial)
<hallyn> (that being the mknod exception)
<rharper> hallyn: and at least request the full command line
<hallyn> although yes i think i had reproduced at some point
<rharper> or how to reproduce
<hallyn> i think you just create a rhel7 vm in virt-manager
<rharper> that could be documented
<rharper> that's not good enough
<rharper> we need to qemu cmdline
<rharper> it they are adding other qemu features
<hallyn> it's good enough bc you can get your own command line and it fails to work
<rharper> those could e what's requesting the mknod
<rharper> yeah, but why should I install virt-manager
<rharper> at min, the subimitter can provide a full qemu commandline
<hallyn> bc it's something we "support"
<rharper> I'm not saying we don't support it
<rharper> it gets solved faster with the cmdline
<hallyn> rharper: http://paste.ubuntu.com/15349105/
<hallyn> so i'm dropping the mknod patch right now bc it doesn't even help. does that cmdline tell you what's going on?
<rharper> hallyn: it helps
<rharper> there's a lot of spice
<rharper> usb integration
<rharper> lemme see what else is happing in qemu
<rharper> the additional spice agent and usbredir certainly can affect what it wants on the host
<hallyn> but
<hallyn> type=AVC msg=audit(1457717513.877:6035): apparmor="DENIED" operation="mknod" profile="libvirt-ecc5a333-8d61-4225-ae13-bd365d478725" name="/var/lib/libvirt/qemu/channel/target/domain-rhel7.0/org.qemu.guest_agent.0" pid=20477 comm="qemu-system-x86" requested_mask="c" denied_mask="c" fsuid=116 ouid=116
<hallyn> oh nm.  i was misreading
<hallyn> weird line wrap, it looked like it was mknoding a diretory
<hallyn> as a chardev
<rharper> I'm really confused because there's almost zero mknod in qemu
<rharper> 9pfs has mknod (as a proxy for allowing guest to mknod on host for 9p posix compliance)
<rharper> but no where else
<rharper> chardevs use unix socket
<rharper> which I don't think are created with mknod IIUC
<rharper> I kinda feel that something else besides qemu is doing a mknod but under the qemu profile
<rharper> maybe libvirt ?
<rharper> libvirt tends to "create" resources and hand them to qemu
<rharper> but I don't know enough about the transition from the libvirt security profile to the qemu one (I guess exec boundary ) ?
<jdstrand> not libvirt
<jdstrand> if I were to guess I would say it is a supporting library of qemu
<hallyn> well how does this qemu guest agent crap work
<rharper> virtio-serial as a transport
<rharper> then using a QMP wire protocol
<hallyn> anyway, that ^ was with the patch which adds mknod if you have a qemu guest agent socket!
<rharper> jdstrand: libc and more likely glib
<jdstrand> rharper: fyi, libvirt does fork(), then aa_change_profile(), then exec()s qemu
<jdstrand> we should probably change that to fork(), aa_change_onexec(), exec()
<hallyn> lemme see if addingmknod to libvirt profile helps
<hallyn> no, it has it already
<hallyn> well i guess my patch was wrong, bc i'm on 1.3.1-1ubuntu7~zfs7 and the domain did not have mknod.
<hallyn> oh the name doesn't even match
<hallyn> so maybe it would in fact work if i did strstr() instead of STREQ
<jamespage> hallyn, hey - do you think the helper update to fix https://bugs.launchpad.net/ubuntu/+source/libvirt/+bug/1513367 will happen anytime soon?
<ubottu> Launchpad bug 1513367 in libvirt (Ubuntu) "qemu-system-x86_64/kvm-spice failed to boot a vm with appmor enabled" [High,Triaged]
<jamespage> in about ~1 week I'm going to start working on vhost-user support in the openstack charms, so I can help repro/fix/test whatever....
<hallyn> jamespage: i dunno, noone has even bothered to reply to your request for denied msgs
<rharper> ah, mkfifo does an mknod
<jamespage> yeah i get the feel its a blind 'turn off apparmor for now'
 * rharper searchs more 
<hallyn> rharper: yeah but i can do that unpriv
<hallyn> jamespage: oh hold on, this is about dpdk.  Christian is working that;  i don't think i can help...
<hallyn> or is ist just another space-in-filename-confuses-virt-aa-helper bug
<hallyn> jamespage: why are you pinging me on this?  If you're able to reproduce this to the point where you can hand me a vm where i can easily reprodue this with a custom built debugging apparmor that would be helpful.
<hallyn> if not, is htis something you see mentioned a lot?  I actuallythought this was just one site with a custom install
<hallyn> lemme try this smbios weirdness here
<hallyn> no that works fine here
<hallyn> jamespage: ok well noone has reported DENIED msgs bc there are none to report...  doesn't get that far
<hallyn> jamespage: so i hate bugs like that bc it seems to confuse different error cases:  most of the bug they talk about an apparmor profile that failed to load.  but in comment #17 you suggest we might just need to add more perms;
<hallyn> aaah, virt-aa-helper itself is not allowed to look under /var/run
<hallyn> which would xplain both
<hallyn> and adding /var/run/** to virt-aa-helper is actually ok, not the same thing as adding it to qemu
<hallyn> jamespage: any chance you can push the reporter to test quickly?
<Free99> ssl-cert setup seems to dislike that /etc/hostname is just "node-7"... is that a serious issue?
<bekks> How does it look like when ssl-cert dislikes that?
<Free99> bekks, "hostname: Name or service not known \n make-ssl-cert: Could not get FQDN, using "Node-7"."
<bekks> then you have to setup a fqdn.
<Free99> thing is, I'm using maas.. it won't let me set an FQDN :-[
<tarpman> it's just a warning though, I think? IIRC it doesn't prevent it making the cert
<bekks> Free99: So set it manually.
<Free99> sigh.. this is actually a symptom of a bigger issue. Maas has been a little rough around the edges, my guess is because of this
<Free99> this=lack of fqdn
<Free99> http://paste.linux.chat/view/d1664e87
<Free99> failing cloud-init
<bekks> And why dont you set a fqdn before invoking ssl-cert setup?
<Free99> I can't figure out why this whole process is failing
<Free99> it seems like postfix?
<bekks> Your pastebin is unavailable. But postfox needs fqdn as well.
<bekks> So set a fqdn manually.
<Free99> I'm not generating this config, Maas is... maas.io
<bekks> So where do you set the name of that thing "Node-7"?
<Free99> bekks, http://paste.ubuntu.com/15349884/
<Free99> I set it in the Maas webUI, but it won't let me type an fqdn, only hostname
<Free99> weird right?
<bekks> So you cannot type "Node-7.test.local"?
<Free99> nope
<Free99> soon as you insert a period, the save button greys out... either going to have to modify the source or just do it via cli
<Free99> but I wanted to see if anyone knew better beforehand
<coreycb> jamespage, looks like django-compressor 2.0 is the fix for the openstack-dashboard install error
<hallyn> rharper: http://paste.ubuntu.com/15350345/  when I force the permission for the channel directory
<hallyn> jdstrand: http://paste.ubuntu.com/15350357/  what's wrong in this policy?
<jdstrand> hallyn: owner "var
<jdstrand> use owner "/var
<hallyn> d'oh
<hallyn> thanks
<rharper> hallyn: I haven't dug any more; I just can't figure out where a mknod would come from (it's most likely a mkfifo for a char device) since mkfifo is a wrapper around mknod IIUC
<rharper> as jdstrand possible from a helper library of qemu but it's not easily tracked down; cursory grepping of qemu and libvirt don't show much, I checked usbredir and spice ,but neither seem to have any either.
<rharper> but clearly something at least needs to maek the unix socket for the virtio-serial connection;
<jamespage> coreycb, awesome!
<coreycb> ddellav, the global requirements list is frozen now for mitaka so we'll probably need to do one more pass through the dependencies before rc's come out
<ddellav> coreycb ok
<hallyn> rharper: jdstrand: ok, i managed to get the qemu-guest-agent thing working without mknod capability
<rharper> nice
<rharper> wth was the deal with mknod ?
<hallyn> jdstrand: do you mind if i just always add
<hallyn>   owner "/var/lib/libvirt/qemu/channel/target/domain-rhel7.0/**" rw,
<hallyn> to the files?  (domain-$name)
<hallyn> bc i don't seem to be detecting it in the nchannels loop.  i don't know where it shows up inteh xml schema
<hallyn> figure it should be private so no big loss?
<hallyn> jdstrand: ^and also do you mind if i add /var/run/** r to the virt-aa-helper profile?
<hallyn> (for openstack reasons)
<jdstrand> hallyn: that's fine, though I would use /{,var/}run/**
<jdstrand> hallyn: is domain-$name vm-specific? ie, $name is the name in the domain xml? if so, that's fine
<jdstrand> hallyn: re no mknod: nice! :)
<admin0> how do i create a virtual bridge in ubuntu  that stays after reboot
<admin0> should lo be in the bridge_port ?
<bekks> admin0: what are you trying to do, in first place?
<ChibaPet> admin0: man interfaces
<admin0> i need a few local bridges on top of which i will provide internal network to my kvm hosts
<rattking> yeah do it in /etc/network/interfaces for a server, I have had endless trouble with bridge creation in networkmanager on a laptop
<admin0> yes .. but since its virtual brige, what ports do I bind it to ?
<admin0> br-int1 br-int2 .. both to lo ?
<lordievader> rattking: What kind of troubles?
<hallyn> jdstrand: yeah, name the domain name.  ok will do - thx, ttyl
<lordievader> admin0: Whatever you want ;)
<admin0> i mean it does not have to exist ?
<lordievader> admin0: I usually have one real nic in the bridge and the rest are vm nics.
<admin0> lordievader: that i understand .. that comes after the bridge is crated .. i do using brctl but that does not stay after reboot
<lordievader> admin0: Do as people suggested, configure it in /etc/network/interfaces
<admin0> i want to premanently create say 5 bridges, but having trouble if i should just use lo as port to all
<admin0> lordievader: that i know ..  i am asking if people use lo in bridge_ports lo for all ?
<lordievader> You could also let libvirt create the bridges for you.
<admin0> or i need to create virtual lo:s ?
<admin0> lordievader:  i did not went the libvirt way .. thanks !
<admin0> will use the net-create in libvirt
<nacc> stgraber: looking at merging unbound again, as we're out of sync with debian already. You just did a merge, I've got the debdiff done and ready to go, do you have any advice on testing? I think it'll also need a FFe, as it's a new upstream version
<rattking> lordievader: my problems are probably caused by hotplugging since this is a laptop, on my servers everything works fine. but the issues are having to manually down the bridge before any network access will work after disconnecting the ethernet adapter. also I can never tell if the bridge will get a IP or not when I re-up it
<stgraber> nacc: ping sdeziel, he'll happily test it for you :)
<nacc> stgraber: ok, thanks! :)
<lordievader> rattking: Ah, that sounds familliar. Got the same issues here. But I don't really mind it.
#ubuntu-server 2016-03-12
<xnp70>  what is the default iptables's config file ?
<xnp70> ufw is disabled
<xnp70> but iptables has some stuff, so
<xnp70> thre has to be a file somewhere
<xnp70> right ?
<Bray90820_> How would I initialize an already created LVM snapshot
<ChibaPet> Bray90820_: What do you mean by initialize?
<Bray90820_> There is what I believe is one that is already created but it's not in the logical volume manager
<Bray90820_> ChibaPet:
<ChibaPet> If lvdisplay doesn't show it, it's probably not there.
<ChibaPet> Note that (at least as far as I can remember) if you overfill an LVM snapshot, it goes away spontaneously.
<Bray90820_> ChibaPet: I think I figured out my issue with your help Thanks
<Bray90820_> It wasn't there so I am gonna retreat it f I can ever figure out what size it actually was
<ChibaPet> Remember that if you create a snapshot, it will be capped by free extents in the volume group, and it will go away once it overfills. LVM snapshots aren't like ZFS snapshots. Not CoW.
<ChibaPet> ...unless something has seriously changed recently.
<Bray90820_> ChibaPet: So does that mean to be able to use and or copy files to it while it's backing up would i need to create a logical volume snapshot
<ChibaPet> Bray90820_: I'm not clear on how you'd want to usefully use the snapshot. I've only ever used LVM snapshots as backup sources.
<ChibaPet> That said...
<ChibaPet> You want to allocate sufficient extents to carry as much data as you expect to receive during the lifetime of the snapshot.
<Bray90820_> Like if i were to copy a 1GB video file to it while it was facing up I would need to have 1gb of extents
<ChibaPet> I learned about their disappearing when I had something rsyncing the the device I'd snapshotted during a back-up. I'd overfill the snapshot space and the device I was backup up would show an uncorrectable read error.
<ChibaPet> Basically, yeah.
<ChibaPet> It's always possible I'm missing some detail of how you can use LVM snapshots.
<Bray90820_> Ok that's clear but...
<ChibaPet> I'm a big fan of ZFS lately just because of the pain it avoids.
<Bray90820_> Right now unless I am already connected to my server it is unavailable while I am backing it up
<ChibaPet> Seems safe then.
<ChibaPet> Usually when I'm allocating pools I explicitly leave space for snapshots.
<Bray90820_> ChibaPet: do you have some time to help me create a backup script because I am kinda a noob when it comes to this stuff someone else created one for me back in early December but I don't seem to have a text version of it to change things
<Bray90820_> He compiled it in some weird way and I think it's easier to just create a new script
<ChibaPet> Bray90820_: Um. Half a sec.
<Bray90820_> ChibaPet: Just tell me when your back
<ChibaPet> Bray90820_: Sorry, been here, but a co-worked walked up and distracted me.
<ChibaPet> Let me grab something.
<Bray90820_> Ok
<Bray90820_> Just tell me when your back and ready to talk :P
<ChibaPet> Just finding the right version.
<ChibaPet> The thing I just found is for tape drives, but I have something that does LVM.
<Bray90820_> What did you find
<ChibaPet> This script assumes you want to dump stuff over ssh, but that's not an awful assumption nowadays.
<ChibaPet> Here's an example config: https://bpaste.net/show/dc3e07859822
<ChibaPet> that would want to live as /etc/ndump.conf
<ChibaPet> Here's a script which uses that config: https://bpaste.net/show/7eca9e0e4e83
<Bray90820_> Did you find a copy of the script I have on my computer?
<ChibaPet> What?
<ChibaPet> No.
<ChibaPet> I wrote that.
<Bray90820_> Aaahhh alright
<Bray90820_> Like I said I am a noob so I am not sure what any of that really means
<ChibaPet> So, in the config, set up an ssh private key somewhere, and point to it with a key directive. Set up the account with the public half somewhere. Test the ssh connection.
<ChibaPet> Um.
<Bray90820_> Sorry
<ChibaPet> I don't know. There's a tool that'll do LVM-aware back-ups for you, but you have to put in the time to read what it does and either use it or set up something similar.
<Bray90820_> It's ok if you don't want to but would you mind creating a script for me :P
<ChibaPet> so, for the lvm entries, vgdisplay will show you free extents in your volume group
<ChibaPet> Bray90820_: Use... that script... that I just gave you.
<ChibaPet> That's why I gave it to you, so you could use it. Set up a config file, and away you go into happy back-up land. :)
<Bray90820_> ChibaPet: I meant one specific to my system
<ChibaPet> I'm going to go home now, as it's been a long day, but the very simple config makes it utterly tuned and tailored for your very specific computer.
<Bray90820_> chi
<Bray90820_> ChibaPet: I will have a look
<ChibaPet> Alternately, you can look at things like CrashPlan if you want to set something up without effort.
<Bray90820_> I do not wanna do online bqackup
<ChibaPet> For my ndump tool, you need Perl (which you should already have) and the dump/restore commands, which are easily installed.
<Bray90820_> I'll have a look and if I have any questions can I contact you later?
<ChibaPet> If you don't want to use ssh, chop out the line with /usr/bin/ssh -i in it and change the "logname" lines.
<Bray90820_> I do wanna use SSH
<ChibaPet> kk
<ChibaPet> Yeah, I'll be back online in a couple hours, and I'll read scrollback.
<Bray90820_> Ok
<Bray90820_> Thanks
<Bray90820_> I am kinda lost already with the first line
<Bray90820_> I totally don't understand any of this
<ChibaPet> Bray90820_: Well. You have two options.
<ChibaPet> If you're interested in learning stuff, something like what I pasted in is a good start. If you just want stuff backed up, I'd look at http://www.tarsnap.com/ or http://www.code42.com/crashplan/
<ChibaPet> CrashPlan lets you host your back-ups on a local system if you don't want to go offsite.
<ChibaPet> There are likely other tools that'd work too. Amanda used to be nice.
<Bray90820_> ChibaPet: I would prefer to learn stuff
<Bray90820_> I just don't really know where to state
<ChibaPet> http://www.amanda.org/
<ChibaPet> Well. Note that if you set up any of these tools (Amanda is free) you'll learn stuff in the process.
<ChibaPet> It's entirely up to you which level of effort you want to target. :)
<Bray90820_> Like i said I'm happy with use your script but i don't know where to state with it
<ChibaPet> Um, to boil it down, my script scaffolding just wraps the process of making an LVM snapshot, using it as a target for the age-old, still-perfect dump tool, and then cleaning it up.
<ChibaPet> Here, start with this: install dump and restore, and read the man pages. That's the critical bit.
<Bray90820_> I don't even know how to edit it for my own use
<Bray90820_> I don't know perl
<ChibaPet> Hrm. So, the only thing you'd need to edit is /etc/ndump.conf, and there are editor tutorials out there.
<ChibaPet> You don't need to edit the Perl to use it, you'd edit the config. There's nothing system-specific in the code itself.
<ChibaPet> The config isn't Perl, it's just a text file with key/value pairs.
<Bray90820_> Should I edit it on the computer I want to backup or the computer I am backing up to?
<ChibaPet> For this, the config needs to be /etc/ndump.conf on the computer that you'll back up.
<Bray90820_> Alright
<Bray90820_> Thanks
<ChibaPet> The script will be on that computer too. Run it as root. The only thing that needs to be on the target (backup-holding) computer is an account to connect to and sufficient space to store the dumps.
<ChibaPet> If you save the script as "ndump" somewhere in your path, you'd run it by saying "ndump 0" to get a level 0 dump, "ndump 1" to get a level 1 dump, and so forth.
<Bray90820_> And the dumps are?
<ChibaPet> man dump
<Bray90820_> Are the sums the data that is being backed up?
<ChibaPet> sudo apt-get installd ump
<ChibaPet> sorry, sudo apt-get install dump
<ChibaPet> sums?
<Bray90820_> I meant dumps
<ChibaPet> The dumps are the data you're backing up. A level 0 dump is everything. A level 1 dump is incremental and has everything since the last level 0 dump. Level 2 has everything since the last level 1 dump. Etc.
<ChibaPet> This book used to and might still have good documentation of how to plan dump rotations, etc: http://admin.com/
<Bray90820_> Thanks
<Bray90820_> You should go home
<ChibaPet> Hi, sorry, yeah, work stuff popped up again.
<Bray90820_> Alright
<ChibaPet> Um. So, read the dump man page, and ... I'm not finding good docs for dump rotations right now, but I can look later.
<ChibaPet> You could achieve the same thing I'm doing in that Perl script with shell script, FWIW.
<ChibaPet> Anyway, I'll be back and I'll answer any questions you leave in the interim.
<Bray90820_> Yea
<Bray90820_> I need lots and lots and lots of help
<Bray90820_> Like I said I don't even know where to begin
<Bray90820_> Think of me as a grandmother who doesn't speak computer at all
<Bray90820_> Events That is not me
<Bray90820_> *Eventho
<ChibaPet> Bray90820_: I'll be a bit distracted: https://www.youtube.com/watch?v=qUAmTYHEyM8
<ChibaPet> That's happening right now. Live stream.
<Bray90820_> ChibaPet: I am actually working on my own script at the moment that doesn't have much to do with your script
<ChibaPet> Good. Best way to learn. :)
<ChibaPet> Anyway, I'll check in occasionally.
<Rlyeh> Hi
<Rlyeh> Maybe here is not a right place to ask this question, but I think youre network experts. Hope you can help me
<Rlyeh> I'm runnig debian 7 on BBB
<Rlyeh> The problem is that when I connect the lan connector to the board, the BBB detects the internet after about 1 minute
<Rlyeh> I searched and realized it's about a file, named arp
<Rlyeh> But I don't know ho to fix this problem
<Rlyeh> This is not same on my desktop debian or ubuntu!
<Rlyeh> How can I skip or reduce this time?
<bray90820> ChibaPet: You have prob gone to bed but can you help me list the amount of directories and if there are more then 30 output more then 30
<bray90820> I have something but it doesn't seem to take in account how may directories i have if I reverse the logical operator it doesn't seen to work at all
<bray90820> if ((dir > 30)); then rmdir 01; fi
<bray90820> If anyone else wants to chime is feel free
<lordievader> Good morning.
<Rlyeh_> Good morning
<Rlyeh_> Saturdays morning and everyone seems asleep
<Rlyeh_> :)
<lordievader> At this hour, yes ;)
<Guest84880> hello
<Guest84880> i am banned from ubuntu channel how can i get back
<Guest84880> i am sorry about what i did
<Guest84880> i didnt understand what one guy said clearly
<Guest84880> hello?
<Guest84880> can someone say my oplogize to that guy please?
<Guest84880> hello?
<lordievader> Wasn't there some channel in the message when you were banned?
<Guest84880> no
<Guest84880> i didnt see
<Guest84880> i think that guy that banned me was so angry
<Guest84880> he didnt offer any channel for apologize
<Guest84880> his name starts with k1 i think
<lordievader> I suppose you could go to #ubuntu-ops
<Guest84880> could you say my apologize to him or say him to open a channel to speak with him
<lordievader> I cannot do that.
<Guest84880> lordievader, no problem
<Guest84880> thanks
<KinoAA> Hello, do you know a good tool to monitor log and server access ?
<tocotron> this is better
<tocotron> hello
<lordievader> KinoAA: Read the auth log?
<KinoAA> Yeah, auth (ssh), page access, jekyll page access, all my log in a same place.
<KinoAA> (I'm looking at nagios for now)
<lordievader> KinoAA: Setup your logging system to output it to the same file?
<tocotron> my question is this: How do dhcp-server and bind9 work together? after dhcp acked an IP, can bind9 be informed about the IP, so that the hostname resolves automatically?
<KinoAA> lordievader: lol, it is going to be a mess ;)
<lordievader> KinoAA: I'm not really sure what you are after ;)
<tocotron> The thing is llike that:  isc-dhcp always assigns the same IP to the same devices without me having this configured in dhcpd.conf. So, first, I'd like to know where the MACs are cached. After that I want to make bind9 aware of these assignments
<Free99> hey everyone. I have a maas setup, where I'd like some other user SSH keys distributed to the nodes
<Free99> how would I effectively do this?
<Deeps> ansible
<Free99> deeps, I'm using juju... aren't the two pretty much the same thing?
<Free99> found this, if anyone was interested: https://insights.ubuntu.com/2015/04/21/giving-developers-production-access-without-revealing-secrets/
<TwistedFruit> tocotron: Not sure if this was answered yet, but leases are stored in /var/lib/dhcp
<Roge152> Hi, I want to suspend an install of ubuntu server 14.01 over ssh. the command pm-suspend or its cousins pm-hibernate execute but have no effect at all. Does anyone have any ideas what could be wrong ?
<Roge152> 14.04*
<ChibaPet> Roge152: Are you running them as root, and they're definitely installed? (pm-utils)
<ChibaPet> And I'm assuming you have a way to wake it up later...?
<nacc> Roge152: https://help.ubuntu.com/community/PowerManagement/Hibernate ?
<Roge152> running with sudo yes, they are installed (pm-utils) and I do have WOL working yes.
<ChibaPet> hrm
<nacc> Roge152: it mentions that pm-utils uses uswsup by default, so i'd test with that directly
<Roge152> ok I'll have a read
<nacc> iirc, there's also a debug mode for swsup, but i can't remember how to invoke it
<nacc> where it essentially does a dry run of suspend and resume
<ChibaPet> Roge152: If you could do us the favour of noting what it once when you've solved it, I'd love to know. That's not something I'd tend to expect to see fail.
<nacc> might be one of the values you can put in /sys/power/state
<ChibaPet> s/once/was/
<Roge152> Sure, if I figure out why I'll pass it along.
<Roge152> hmm. well, its clear why s2disk won't work. I have no swap setup atm. s2ram also doesn't work it says that "/sys/power/state does not exist; what kind of ninja mutant machine is this ? heh
<nacc> heh
<nacc> Roge152: i was wondering if the server kernel doesn't have suspend enabled?
<ChibaPet> That'd inhibit hibernation, but I can't see why it'd affect suspending.
<ChibaPet> nacc: I don't believe there's a distinct server kernel. I start my installs from the server ISO and suspend works here.
<nacc> ChibaPet: ah you're right
<nacc> Roge152: this might help with debugging: https://wiki.debian.org/Suspend
<nacc>  /var/log/pm-suspend.log ?
<Roge152> ok pm-hibernate works now after adding swap
<ChibaPet> But, suspend?
<Roge152> still no suspend
<Roge152> lol and while the machine woke back up, its unreachable after hibernate. *facepalm*
#ubuntu-server 2016-03-13
<LostSoul_> Hello
<bray90820> I have a small script here that looks for the oldest timestamp on a directory and removes it
<bray90820> Is there a way i could have it exclude the folder CURRENT from the rm
<bray90820> http://pastebin.com/raw/5daxVebB
<bray90820> Maybe add [[ $f != CURRENT ]] somewhere
<RoyK> yourscript /path/to/dirs/* # just remove the oldest - shouldn't be rocket science
<bray90820> RoyK: : what do you mean?
<bray90820> Do you mean do it manually?
<RoyK> what sort of dirs are these? old logs or something?
<bray90820> They are backups of my home server
<RoyK> there are things like dirvish (and possibly more updated software) that can keep a bunch of versions at the same time without much disk use, with the use of hardlinks
<RoyK> dirvish is old, but it still works very well
<RoyK> perhaps try that instead
<bray90820> RoyK: I am one step ahead of you I already have some stuff in my script to make hard links
<RoyK> why not use dirvish?
<RoyK> or fix whatever you find broken?
<RoyK> it's been around for years and I've used it for 20+TB worth of fileservers
<bray90820> Are you making system images?
<LostSoul_> I've noticed recenty problem with network on my Ubuntu 14.03
<LostSoul_> Thing is I reinstlalled system, used same config for interfaces as it had before and .. it not reachable from time to time
<LostSoul_> Like I can be connected via ssh to machine and boom it hangs
<LostSoul_> When I type ifdown + ifup console backs and machine is reachable again
<RoyK> bray90820: no - it's file backup - best way to do it imho
<LostSoul_> Most of the time (or at least when I noticed it) - machine is able to ping to outside world
<LostSoul_> Any suggestion? As I'm rather weak if it comes to networks
<RoyK> LostSoul_: I've never been comfortable with restarting ubuntu networking - I usually just reboot the PoS - that works
<bray90820> RoyK: I like to have more control of my data so I think I'll stick to the script I am currently working on
<RoyK> bray90820: well, dirvish is just perl - not too hard to read ;)
<bray90820> It is when you have never worked with perl :P
<RoyK> but reinvent the wheel - go on - it'll probably be rounder :)
<bray90820> What do you mean by rounder :P
<RoyK> I mean it's no point of reinventing the wheel
<RoyK> better take a too that works and fix whatever doesn't work for you
<RoyK> I doubt dirvish and similar software won't work for you, really
<RoyK> and perl isn't really that hard to read
<bray90820> I have tried a few thing like grsync and dejadup that don'y work
<RoyK> dirvish.pl is less than 1k lines
<bray90820> Well my script is prob gonna be less then 100 lines
<RoyK> and it works - beleive me
<RoyK> well, you're own your own
<LostSoul_> RoyK: PoS?
<RoyK> just reboot the thing, ok?
<LostSoul_> RoyK: Ok :)
<LostSoul_> Damn, I've done upgrade as I've read about fixes and now I can't boot in
<LostSoul_> I've tried to reinstall grub, but I'm getting: grub-install error cannot find efi directory
<lordievader> Good morning.
<LostSoul_> Hello
<LostSoul_> Any idea how to fix it?
<LostSoul_> http://askubuntu.com/questions/53578/can-i-install-in-uefi-mode-with-the-alternate-installer/57380#57380 - this one is not working
<tiblock> Hi. I have cluster of 10 servers and when i want update some file on all of them i need do it manually. Is there some software to synchronize files automaticaly? `rsync` is not good, he wants SSH password of master server and then if somebody get that password he can read our files or exploit system.
<bekks> Then use SSH keys for authentication, instead of passwords.
<bekks> thats the most secure approach.
<tiblock> bekks, but still, if somebody will get that key he can login into SSH and read/write sime files where chmod is 0777
<tiblock> *some files
<bekks> Then you have to take measures against that. You could even use password protected ssh keys.
#ubuntu-server 2017-03-06
<notuvo> #windows-server
<edux> Hi, I had a weird issue with a 14.04, it was not properly shutdown (server lost power) and when trying to get it back boot process was stuck with errors mount /tmp, we did boot in rescue mode to run fsck but that didn't fix the issue, we had to drop to a root shell, then exit it and 'continue boo' from friendly-rescue, it completed the boot, then a normal reboot worked fine.
<edux> I am trying to find which commands does friendly-recovery execute to clean tmp, any idea where is that?
<arooni> what is the recommended file type for 14.04 server?  ext3 or ext4 ?
<pmatulis> ext4
<edux> ?
<cpaelzer> good morning
<munsking> Hello, has anyone here ever tried http://www.cavium.com/ThunderX_ARM_Processors.html ?
<jamespage> rbasak: that's alot of CVE's - https://launchpad.net/ubuntu/+source/percona-xtradb-cluster-5.6/5.6.34-26.19-0ubuntu1
<jamespage> +1 on the suggestion to handle this as a security update...
<Thorn> hello
<Thorn> I copied files from /boot = /dev/sda1 to /boot1 = /dev/sdb1, how do I install grub on /dev/sdb so that it boots from /dev/sdb1? (existing grub on /dev/sda should boot from /dev/sda1)
<Thorn> in other words I want identical boot partitions on both drives so that the system can boot from either (this is not multiboot)
<Thorn> (root is raid1 made of /dev/sda2 and /dev/sdb2)
<frickler> zul: do you have a build of horizon 10.0.2 for Newton UCA available somewhere? I tried to build locally but failed to get the *beep* xstatic setup right
<zul> frickler: lemme check
<zul> frickler: https://launchpad.net/~zulcss/+archive/ubuntu/junko
<frickler> zul: great, thx, will check when it finishes building
<coreycb> zul, i'm working on a dep8 failure for yakkety neutron
<coreycb> zul, ah you have a new version in the queue, maybe we should get the earlier sru rejected and update your version in the queue ( i may have a fix, not sure yet )
<zul> coreycb: sure go ahead
<coreycb> zul, ok
<hhee> guys, how can i can set history from different terminals, on same server, will be written to one file?
<ikonia> hhee: that should already happen
<ikonia> .bash_history
<hhee> ikonia, got it, it wrote only when terminal exit?
<ikonia> hhee: thats a good question, I don't know off the top of my head
<hhee> ikonia, thx anyway
<hhee> ikonia, have i nice day!
<ikonia> you too
<hhee> a*
<php7oci> Hi everybody :)
<php7oci> There is somebody who know how i can install php7.0 and oci (for oracle database) on ubuntu 16.04 ?
<patdk-wk> what is oci
<php7oci> this is the library to connect to oracke with Oracle Instant Client
<patdk-wk> oci8 it looks like, not oci
<zul> jamespage: ping is there a reason why seccomp is disabled for qemu on ppc64el?
<php7oci> yes oci8
<cpaelzer> zul: it is no more in zesty
<jamespage> zul: yes it needs >= 2.3.0 and I did not really want it in the UCA
<patdk-wk> apt-get install php
<patdk-wk> then follow the instructions from the manual for oci8
<patdk-wk> perl install oci8
<jamespage> zul: so cpaelzer and I agreed to disable it for ppc64el
<cpaelzer> yeah for the backport the version dep jamespage mentioned
<jamespage> (for the UCA that is)
<zul> ok
<php7oci> It's ok i have seen my problem i have an ora-24454 error because my /etc/hosts is wrong
<php7oci> thanks for your help
<geigerCounter> Hello and I'm back.
<geigerCounter> Heh.
<geigerCounter> Just installed roundcube from source and was using it to test the SMTP.
<geigerCounter> SMTP is still broken.
<geigerCounter> I'm using exim4 as my MTA
<geigerCounter> Any suggestions?
<geigerCounter> Hello
<geigerCounter> What do I install to be able to create .zip formatted archives?
<Pici> geigerCounter: 'zip'
<geigerCounter> Hmm. Dunno why I thought it would be trickier than that.
<geigerCounter> Hey do you know anything about configuring exim4, Pici?
<Pici> geigerCounter: not off the top of my head, sorry.
<geigerCounter> Hmm. Do you know anything about OpenSSH, SMTP, or authentication methods?
<Pici> geigerCounter: Have you seen https://help.ubuntu.com/lts/serverguide/exim4.html ?
<geigerCounter> Pici: Yes, I have. I'm having trouble post-install and config with actually being able to authenticate a use over tls.
<geigerCounter> It errors and says that authetnication failed even when I use the correct password.
<rbasak> powersj: it just occurred to me that we could cron the triage bug report and send it to the correct person. Just a thought for the future - I'm not taking the effort right now but thought I'd share the thought :)
<coreycb> jamespage, can you promote all of newton-proposed (except neutron - dep8 failure, and nova-lxd - not sure) to newton-updates?
<jamespage> coreycb: ok
<powersj> rbasak: I like the idea
<muffinslinger> Hi everyone, I am trying to get Ceph working on an autopilot openstack deployment however when I try to use any ceph commands I am getting "unable to find a keyring client.admin.keyring" has anyone come across this before?
<geigerCounter> Anyone here know much about configuring exim4?
<geigerCounter> Anybody?
<nacc> geigerCounter: i would just ask and see if anyone can help
<geigerCounter> nacc: Alright, well I've followed some guides to install and configure exim4 + dovecot + roundcube with a mysql database backend and tls to secure the connections. Everything is working as it should, except for sending out mail. SMTP won't authenticate correctly and I don't know why.
<patdk-lap> why would sending out mail authenticate at all?
<geigerCounter> patdk-lap: What do you mean?
<patdk-lap> exactly what I said, you don't authenticate whe nyou send out email
<geigerCounter> Yes you do?
<patdk-lap> no, you don't
<patdk-lap> if you want to send email to gmail servers, how do you expect to do that? you don't have an account with gmail, you just want to email a user there
<geigerCounter> Are you talking about sending out mail on the command-line?
<patdk-lap> does this mean you need to create an account with every single isp in the world to send them email?
<patdk-lap> no
<patdk-lap> that isn't sending out email
<geigerCounter> Yeah, you have no idea what I'm doing apparently.
<patdk-lap> that would be submitting email
<nacc> patdk-lap: i think you and geigerCounter are talking about different things
<sarnold> geigerCounter: can you point out the rfc that you're talking about?
<patdk-lap> and if you really are talking about authentication, maybe you are talking about submission, and not sending out email
<geigerCounter> patdk-lap: I'm talking about sending mail from my server which has a fqdn to any email address out there over SMTP
<patdk-lap> ok, why would you need authentication for that?
<geigerCounter> sarnold: I don't know the relevant rfcs for that.
<nacc> geigerCounter: are you the smtp server? or are you submitting it to a smtp server remotely?
<geigerCounter> nacc: I am running the smtp server on my server, yes. Exim4 configured for doing that.
<nacc> geigerCounter: so the issue is in exim4 itself sending the e-mail out? or in submitting to exim4 from some client? how do you know it's an authentication issue?
<geigerCounter> nacc: The latter, and I know it's an authentication issue because the error tells me so. "535 Authentication Failed"
<patdk-lap> the latter is not sending out to other servers, it's accepting incoming mail from users (submission)
<nacc> right, i think it's just a terminology mismatch
<nacc> geigerCounter: so it's exim4 failing to authenticate your client's submission
<nacc> geigerCounter: um, is your client using TLS correctly?
<geigerCounter> nacc: I don't honestly know.
<geigerCounter> Also brb
<nacc> e.g., for mutt to use tls for gmail, i have to tell it to use some specific tls settings
<geigerCounter> nacc: Right, and Thunderbird is configured, but due to my isp I can't test with Thunderbird. So I tried to test with my fresh roundcube installation, but I don't know enough about roundcube to know if it's using tls correctly. Roundcube can connect to my imap server, which is configured to use tls and reject non-tls connections.
<nacc> but imap is for reading not sending
<geigerCounter> But smtp plays by its own rules
<geigerCounter> Yeah
<nacc> i would try with something not so heavy as roundcube
<nacc> e.g., mutt
<geigerCounter> And I don't know that roundcube is properly configured to use tls because I don't know as much as I probably should about roundcube
<geigerCounter> Also mutt?
<nacc> right, too many variables tehre, imo
<nacc> use seomthing you understand to send mail
<nacc> and get to the point where your smtp server is accepting requests
<nacc> and then add more cmomplicated somethings to send mail
<nacc> don't use a complicated something to send mail to verify if your server can accept requests :)
<sarnold> testing with the simplest possible tools is a good idea; openssl s_client for example..
<patdk-lap> too complex, requires users to know smtp
<patdk-lap> just test with soemthing sane, like thunderbird, android mail, ....
<geigerCounter> sarnold: Tried that before.
<geigerCounter> sarnold: It doesn't work.
<geigerCounter> patdk-lap: "requires users to know smtp" - Does smtp have more than 10 commands now?
<sarnold> geigerCounter: that's the good one to debug then :D
<patdk-lap> yes, it always has
<patdk-lap> you can convert smtp auth into the correct format in your head?
<patdk-lap> I know I can't
<geigerCounter> No.
<geigerCounter> I don't think, anyway?
<geigerCounter> I mean the process I test smtp with over s_client
<geigerCounter> "EHLO localhost" "STARTTLS" "AUTH login"
<geigerCounter> And then it usually fails at the AUTH stage.
<geigerCounter> Lemme go ahead and try again, actually.
<patdk-lap> the only thing that does auth login, is outlook
<patdk-lap> everything else does auth plain
<geigerCounter> I've tried auth plain before.
<geigerCounter> But I couldn't get results.
<geigerCounter> nacc: What's mutt again?
<nacc> geigerCounter: just another MUA
<nacc> geigerCounter: just what i locally have configured for TLS :)
<sarnold> "just another"??? /me eyes nacc
<nacc> sarnold: :)
<nacc> geigerCounter: i mean, the greatest ever MUA
<sarnold> it's the MUA with keybindings closest to elm that also supports MIME
<sarnold> there we go
<geigerCounter> Hmm.
 * nacc sends sarnold some sort of gift basket in apologies
<geigerCounter> How would I go about learning how to mentally convert my username to base64 encoding?
<nacc> ... don't
<geigerCounter> nacc: Why?
<sarnold> because there's base64(1) for that :)
<geigerCounter> Hmm...
<nacc> geigerCounter: why would you do it by hand ever? it seems incredibly error-prone
<nacc> write a script that does it, at least
<geigerCounter> nacc: Boredom?
<geigerCounter> nacc: Mental retardation?
<nacc> geigerCounter: without offense, it seems like your time would be better spent debugging exim4 than base64
<geigerCounter> I know.
<geigerCounter> But patdk laid down a challenge.
<geigerCounter> And I'm having a hard time ignoring it.
<sarnold> :)
<geigerCounter> :P
<geigerCounter> In the meantime, yeah. I'll just do the sensible thing.
<patdk-lap> most annoying is encoding base64 plus the needed nulls
<geigerCounter> Yes.
<geigerCounter> Isn't there a keyboard combination you can key to add the nulls?
<geigerCounter> Typhon: Hey! Awesome name! :D
<geigerCounter> sarnold: I just used s_client and successfully authenticated. :Y
#ubuntu-server 2017-03-07
<geigerCounter> What does this mean?
<sarnold> geigerCounter: yay :D
<geigerCounter> Yes, yay. Now how do I get roundcube to do that?
<nacc> geigerCounter: it presumably means your exim4 configuration is fine
<nacc> https://github.com/roundcube/roundcubemail/wiki/Configuration ?
<nacc> tls:// for the smtp server
<sarnold> smtp_user and smtp_pass perhaps?
<geigerCounter> Hmm
<geigerCounter> It's supposed to use the same user and pass that was used for logging into imap
<geigerCounter> And yeah, lemme go take a looksee at the roundcube wiki.
<nacc> geigerCounter: as in, you want to?
<geigerCounter> Thanks you guys.
<nacc> geigerCounter: %u
<geigerCounter> nacc: I don't know if this affects anything but to authenticate successfully, I have to use <user>@<hostname>,<password>
<geigerCounter> For both imap and smtp
<geigerCounter> Is that normal? That wouldn't confuse smtp applications, would it?
<nacc> geigerCounter: that i don't know :/
<patdk-lap> heh?
<patdk-lap> it's it just username and password
<patdk-lap> why would something matter if a username contained an @ in it or not
<geigerCounter> patdk-lap: Because that's the way my exim is configured, it's gotta match the hostname as part of the username.
<patdk-lap> "That wouldn't confuse smtp applications", why would "smtp applications" care in the first place?
<geigerCounter> I don't know.
<geigerCounter> I wouldn't think it would.
<geigerCounter> Hmm. Well roundcube still says authentication failed.
<geigerCounter> Hmm
<nacc> cpaelzer: would you be able to follow-up on LP: #1644530 ?
<ubottu> Launchpad bug 1644530 in keepalived (Ubuntu Xenial) "keepalived fails to restart cleanly due to the wrong systemd settings" [Medium,Confirmed] https://launchpad.net/bugs/1644530
<geigerCounter> nacc: Suggestions on what else to try? I'm reading the wiki still
<sarnold> what do the postfix logs say?
<sarnold> maybe they're more specific on the failure than the roundcube logs
<geigerCounter> sarnold: Not using postfix
<sarnold> sorry, force of habit, everyone else is.. hehe
<sarnold> so, what's the exim4 logs say? :)
<nacc> i assume you can get exim4 to be more verbose
<nacc> either run it in the foreground, ro configure it to be noisy
<geigerCounter> Mm
<nacc> *or
<geigerCounter> Wait wait.
<geigerCounter> I just got roundcube to be noisier.
<geigerCounter> I'm looking at the auth it's sending. It's not right.
<geigerCounter> OH.
<geigerCounter> I see now.
<geigerCounter> ...
<geigerCounter> Roundcube isn't including the nulls.
<geigerCounter> How do I get it to do that?
<nacc> geigerCounter: i believe they have an IRC channel :-P
<geigerCounter> Heh yeah.
<geigerCounter> On freenode?
<geigerCounter> That's weird. Based on my debugging, Roundcube is only sending my username and not my password
<nacc> geigerCounter: not sure, but i had to ask for some help when i was fixing it for php7
<geigerCounter> No it's fine. I just got it.
<geigerCounter> c:
<nacc> geigerCounter: cool
<geigerCounter> Yep.
<geigerCounter> I realized that it wasn't appending the password key to the auth string, so I just set the password to an empty string and added the password substitution token to the user name field, since that was actually being sent.
<geigerCounter> "\0%u\0%p"
<geigerCounter> And lo, it worked. :D
<geigerCounter> It feels kinda weird to do it this way, but it's no less secure I suppose.
<geigerCounter> And it actually works now.
 * patdk-lap wonders why it's using login though at all
 * geigerCounter shrugs
<drab> anybody knows if it's possible to force the veth hostname on the host for unprivileged containers?
<drab> wtih a lot of containers and monitoring on the host it'd be pretty useful to be able to name those something sensible
<drab> like veth_$hostname_#
<cpaelzer> nacc: I subscribed and will follow up later today
<lordievader> Good morning.
<zioproto> zul: just wanted to report that I tested again nova upgrade from Mitaka to Newton, and with the new packages everything works just fine. We are just waiting for release of the packages in SRU at this point. Thank you
<jamespage> bug 1667033
<ubottu> bug 1667033 in qemu (Ubuntu) "nova instance console log empty" [High,Fix released] https://launchpad.net/bugs/1667033
<cpaelzer> jamespage: oO not working for you ?
<jamespage> cpaelzer: just needed the link
<jamespage> :-)
<cpaelzer> puh
<ztane> is there a specific day for 1204 LTS support dropping?
<hateball> ztane: https://www.ubuntu.com/info/release-end-of-life
<hateball> oh specific *day*
<ztane> yes
<patdk-wk> early april
<frickler> zul: coreycb: I'm seeing https://bugs.launchpad.net/horizon/+bug/1643964 reappear with 3:10.0.2-0ubuntu1 proposed for yakkety/newton: http://paste.ubuntu.com/24130835/ . The bug only mentions Ocata, can you check this, please?
<ubottu> Launchpad bug 1643964 in horizon (Ubuntu) "compressing static assets fails with xstatic-bootswatch 3.3.7.0" [Undecided,Fix released]
<zul> frickler: yep will have a look today
<coreycb> zul, frickler: 10.0.2 isn't in proposed yet
<frickler> coreycb: zul: it is queued for yakkety
<coreycb> zul, frickler: if you refreshed static assets for that version, i'd recommend trying without the static assets refreshed
<zul> coreycb: yeah frickler is using a ppa version that i uploaded  for him to a ppa
<coreycb> frickler, thanks for testing that :)
<frickler> seems like 3:10.0.0-0ubuntu1~cloud0 is fine, while 3:10.0.1-0ubuntu1~cloud0 shows the same issue, but I need to retry the latter on a fresh machine
<frickler> or it may be some python dependency that got updated in the last three weeks
<coreycb> zul, s/static assets / xstatic deps/
<coreycb> frickler, ok if you see this with 10.0.1 too, let us know please
<zioproto> hello. I am trying a Trusty to Xenial upgrade for my nova compute nodes (Mitaka). My neutron agent are broken with this stacktrace: http://paste.openstack.org/show/601784/
<zioproto> does this 'sudo: policy plugin failed session initialization' ring a bell to anyone ?
<wimpog> Hello, I've got PCI compliance scan failure for CVE-2016-2183. Here is the version of my system: http://pastebin.com/DkReaJe1 What can I do to resolve this reported failure?
<rbasak> wimpog: see https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-2183.html
<rbasak> wimpog: follow the usn links for instructions.
<nacc> cpaelzer: thanks!
<wimpog> rbasak: thank you. I have looked at it. Does that mean it is fixed? I have OpenSSL 1.0.1f 6 Jan 2014
<rbasak> wimpog: fixed in which package?
<wimpog> rbasak: openssl
<rbasak> wimpog: the upstream version is not relevant for security fixes in distribution packages. You need to report the package version.
<wimpog> rbasak: the openssl version?
<wimpog> rbasak: openssl version: OpenSSL 1.0.1f 6 Jan 2014
<rbasak> The version string of the openssl package.
<rbasak> You are reporting the upstream version, not the package version.
<wimpog> rbasak: how do I get it?
<wimpog> dpkg-query -l | grep openssl
<wimpog> ii  libgnutls-openssl27:amd64            2.12.23-12ubuntu2.6                  amd64        GNU TLS library - OpenSSL wrapper
<wimpog> ii  openssl                              1.0.1f-1ubuntu2.22                   amd64        Secure Sockets Layer toolkit - cryptographic utility
<rbasak> Right, so 1.0.1f-1ubuntu2.22
<rbasak> According to the page I linked, CVE-2016-2183 was fixed in 1.0.1f-1ubuntu2.20.
<rbasak> If you have 1.0.1f-1ubuntu2.22 installed then you are not affected by CVE-2016-2183 according to the data.
<rbasak> For the openssl package.
<patdk-wk> assuming the services that use it, where restarted
<wimpog> rbasak: thank you! That's what I thought, but still don't why why this PCI scan is failing
<patdk-wk> because, PCI scanners are idiots
<patdk-wk> they only bother to check what version they detect, they do not CHECK to see if you are actually vaunerable
<patdk-wk> to them, you are vaunerable until proven not to be
<wimpog> rbasak, patdk-wk: thank you!
<wimpog> rbasak: patdk-wk I'll probably submit a dispute with them
<patdk-wk> yes, you will always have to
<patdk-wk> and include the version installed and a link to the USN above
<wimpog> patdk-wk: the link that rbasak has posted? https://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-2183.html ?
<patdk-wk> yes
<jbicha> hi, I'm pinging about bug 1667195
<ubottu> bug 1667195 in mdbtools (Ubuntu) "Drop mdbtools-gmdb from main" [Undecided,New] https://launchpad.net/bugs/1667195
<rbasak> jbicha: looks reasonable. jgrimm: ^?
<rbasak> I'm not sure I follow why we want it in supported-misc-servers at all.
<rbasak> Is it a leaf package that server users even expect?
<rbasak> jbicha: so I have no objection, but OOI, what creates your interest in this?
<rbasak> emacs25?
<jbicha> rbasak: my interest is I don't think gconf and old obsolete gnome2 libraries should be in main any more
<rbasak> Fair enough :)
<rbasak> kirkland: ^ opinion on unseeding mdbtools from supported-misc-servers please?
<rbasak> We're seeding mdbtools. I'm not sure why.
<jgrimm> rbasak, why was it in main to begin with?
<jgrimm> i just did a quick look for MIR bug, but didn't see anything
<rbasak> Looking
<jgrimm> but if it was just pulled in as a dependency seems that no longer exists, +1
<rbasak> It was seeded directly
<rbasak> I'm failing at bzr here.
<rbasak> The seeds were restructured in r1171 in 2008; the seeding of mdbtools predates this.
<rbasak> Here we are: http://bazaar.launchpad.net/~ubuntu-core-dev/ubuntu-seeds/platform.zesty/revision/400
<rbasak> Date: 2005-09-15 07:29:51 UTC
<jgrimm> rharper, smoser, caribou, rbasak: server irc mtg
<rbasak> "add mdbtools, mdbtools-gmdb. JET format supported by OOo2."
<rbasak> jgrimm: it was added to "supported", then moved to "supported-misc-servers" later. Since it mentions OOo2, I think maybe the intention is a desktop thing.
<jgrimm> rbasak, indeed, thinking the same
<rbasak> jgrimm, jbicha: we should move it to the desktop seed, or drop if they don't want it.
<frickler> zul: coreycb: o.k., so the 10.0.1 package by itself is fine. upgrading to 10.0.2 or installing 10.0.2 directly fails. after upgrading also downgrading again is broken: http://paste.ubuntu.com/24131501/ so I guess the xstatic refresh within the ppa build broke things
<jbicha> some sort of support for using LO Base to work with Microsoft Access files or something but I don't know anyone that does that
<rbasak> Yeah
<jbicha> mdbtools isn't installed by desktop either
<rbasak> I think it doesn't make sense for Ubuntu to be seeding it now, but that's a question for ~ubuntu-desktop.
<rbasak> mdbtools-gmdb is also seeded in supported-sysadmin-desktop
<jgrimm> agreed, agruably it is a servery thing, but doesn't seem to really need to be seeded for its original reason, but yes, please check
<jbicha> rbasak: could you or someone comment from server's side on the bug then?
<rbasak> Sure I'll comment.
<jbicha> and I'll try to get desktop to comment then we just need to someone to adjust the seeds based on that
<jgrimm> rbasak, jbicha: thank you
<rbasak> jbicha: if ~ubuntu-desktop agree I'd be happy to unseed it.
<coreycb> frickler, ok that's good that 10.0.1 works.  I think zul is uploading a new 10.0.2 without refreshing xstatic files.
<nacc> rbasak: are you seeing a git-commit-tree failure with tftp-hpa?
<rbasak> nacc: yes
<rbasak> 03/07/2017 16:24:31 - DEBUG:stderr: fatal: invalid date format: None
<nacc> bah
<rbasak> nacc: is this due to the refactoring for the devel pointers?
<nacc> rbasak: possibly, let me debug locally
<nacc> rbasak: could you undo that change locally and --no-push --no-clean to see?
<rbasak> Yeah
<nacc> i'm adding some debugging locally to see if i can figure it out
<rbasak> nacc: yeah it works with 1aa0f46
<nacc> rbasak: ok, i'll work on a fix, if you want to just import with that version for now
<rbasak> nacc: thanks. Happy for me to push that to lpusdi?
<rbasak> Or I can keep it local if you prefer.
<nacc> rbasak: yeah that's fine
<rbasak> ack
<rbasak> Pushed.
<nacc> rbasak: thanks -- i think i have the fix as well
<hhee> after update from 14 to 16, apt-get update, got " Ignoring file '50unattended-upgrades.ucf-dist' in directory '/etc/apt/apt.conf.d/' as it has an invalid filename extension"
<hhee> what is going wrong?
<patdk-wk> nothing
<hhee> how to fix it?
<patdk-wk> you don't
<patdk-wk> when you upgraded, it asked if you wanted to update that file, and you said no
<patdk-wk> so it created that file with the new changes in it
<patdk-wk> you either merge those changes into your existing file, don't merge those changes
<patdk-wk> then when you happy, delete that file
<hhee> patdk-wk, got it. thx!
<zul> coreycb: cloud-archive should be good again
<coreycb> zul, ack
<quadHelix> Ubuntu 14.04LTS Server.  I am trying to disable the arcfour cipher in ssh for PCI Compliance.  I have googled and gone through many articles, both ssh_config and sshd_config do not reference "arcfour".  Could anybody point me in the right direction?  Do I have to compile from source or something?
<patdk-wk> https://wiki.mozilla.org/Security/Guidelines/OpenSSH
<quadHelix> thank you sir, I will read this article forth-with ;)
<quadHelix> Actually, I had been through that article once.  When I run ssh -Q cipher <ip addr> it was still showing me arcfour
<patdk-wk> yes
<patdk-wk> and why would you expect it not to?
<quadHelix> ignorance perhaps?  I am new to this realm.  I didnt even know that arcfour is RC4 ;)
<patdk-wk> "The various algorithms supported by a particular OpenSSH version can be listed with the following commands: "
<patdk-wk> supported!=enabled
<quadHelix> understood.  thank you.
<sarnold> quadHelix: it's a bit of a joke. RSA didn't patent RC4; when other people started using it, they tried to claim it as a 'trade secret' in court to stifle people from using it; so some people took to calling it 'arcfour' as in, "apparently rc4", so they could say it's apparently rc4 but not necessarily the thing rsa was using.
<drab> lol, didn't know that one, thanks for sharing :)
<quadHelix> ty sarnold, I like to know the back story.
<jancoow> Hi. My ubuntu server installation hangs on a purple screen everytime
<jancoow> It says detection hardware.. or something
<jancoow> and then something with copying cdrom
<jancoow> and then only purple screen with white bar underneath
<patdk-wk> is it a dell?
<patdk-wk> oh he left
<Doow> What is it that's supposed to trigger starting apache on boot? Since yesterday it
<Doow> 's not starting anymore for me, no errors in logs or anything, and starting the service manually works fine
<sarnold> what release?
<Doow> 16.10
<Doow> sudo systemctl enable apache2.service just says that it's not configured to be enabled/disabled but started some other way
<Doow> I added a service of my own making yesterday and I wonder if that might have blocked it somehow?
<Doow> I looked in apaches own logs, syslog and journalctl
<sarnold> systemd requires a service to be wanted by multiuser.boot or something like that
<Doow> I'm still trying to figure out if apache is even trying to start at boot, I can't find anything in the logs, but it's enabled in /etc/rc2-5.d
<Doow> any ideas?
<Doow> I haven't done anything to try and turn it off, but it's just not starting anymore
<Doow> I'm suspecting a collision with mysql (i.e. maybe mysql hasn't started before apache) but that's just a guess
<Doow> this is what systemctl tells me http://pasteall.org/284600/text
<quadHelix> Doow have you tried netstat -tnlp and looked for your listening port?
#ubuntu-server 2017-03-08
<drab> mmmh is there a way to reset a container to its original image? kinda like restoring froma  snap, except that its the original image
<drab> I don't wanna destroy the container because it has a whole bunch of configs I wanna preserve, altho I could sae those and reapply them if there's no other way
<drab> with LXD I mean
<sarnold> how would you pick which bits to save and which to roll back?
<drab> I was thinking more along the lines of automating what I'd do manually, save config, destroy, relaunch, reapply config
<sarnold> ah
<sarnold> sort of like juju or ansible or salt or puppet or chef or whatever's hot -this- week? :)
<drab> not like a real snap/restore operation, but make it transparent as if it was
<drab> yeah, that's acually what I was about to do... with ansible
<drab> all my other hosts are on that, so just getting the hang of it to manage containers too
<drab> but I've yet to crack that nut so I was looking for shortcuts while experimenting
<drab> but it's a good time as any I guess to figure it out
<st3fann> Hi there, I am making an OpenVZ template from a debian minimal install, and I noticed that all of the packages I installed are stored in .deb files at /var/cache/apt, and I wanted to know if these are safe to delete
<st3fann> I did run apt-get clean and apt-get autoclean, but this did not seem to remove the files.
<sarnold> st3fann: yes, those are safe to delete
<sarnold> I'm surprised apt-get clean didn't do the trick
<sarnold> but feel free to delete them all
<st3fann> me too
<st3fann> went to separate threads, and some said if one didnt clear it the other should
<st3fann> do I just remove the entire directory sarnold?
<sarnold> st3fann: I'd recommend just deleting the files
<sarnold> probably the directory would be recreated with proper permissions if needed but I never like finding out the hard way when things don't work as expected :(
<st3fann> Sounds good - any way to restart apt after to see if it's okay? I might just move a file to see if it causes any issues
<st3fann> yep was just thinking the same thing :)
<sarnold> apt isn't a long-running service; just apt-get update && apt-get -u dist-upgrade or whatever your favorite finger-macros are :)
<drab> ok, that wasn't so bad, automation done, pretty sweet actually
<st3fann> sarnold: awesome, thank you so much! Ill try it out right now
<drab> and half of the hr was waiting for images to redownload since I managed to wipe my local test repo...
<sarnold> drab: d'oh :/
<sarnold> st3fann: excellent :) have fun
<sarnold> drab: https://xkcd.com/303/ (not the same, but close)
<drab> lol, I thought of that actually, and it actually did provide me with an excuse for a break to practice writing characters
<sarnold> not bad :)
<drab> mmmh
<drab> a minute and a half to stop a blank container, that doesn't seem right
<drab> is there a way to figure out what's going on in cases like this?
<st3fann> does anyone here have any experience with solusvm/openvz?
<lynorian> !anyone
<st3fann> lynorian: ?
<lynorian> can you ask your question instead of saying anyone have expirence with solusvm/openvz
<lynorian> I unfortanetly do not
<st3fann> I have created a template from a vm that i had running on solusvm, and when I created a new VM, it is not able to boot
<st3fann> I don't see any errors, it tells me to look in: dmesg, and I have this error: EXT4-fs (ploop14464p1): loaded balloon from 12 (4096 blocks)
<st3fann> thanks
<cpaelzer> good morning
<lordievader> Good morning
<danpawlik> coreycb: Hello. I don't know if it is good, but nova-common from cloud-archive ocata "branch" is failing on installation
<sonu_nk> hi i installed phantomjs on my ubuntu server.. not i want to check where it is intalled .. how can do ?
<cpaelzer> sonu_nk: with "dpkg -l <pkg>" you can list files owned by a package
<cpaelzer> sonu_nk: sorry -L
<cpaelzer> sonu_nk: lower case lists install state andversion, upper case is content (--listfiles)
<sonu_nk> i installed using this command 	sudo apt-get install phantomjs
<sonu_nk> thankyou working cpaelzer
<sonu_nk> also one more thing .. using this command  sudo apt-get install phantomjs ubuntu installed its lower version .. Why ??? but its have its new version on  phantomjs site
<cpaelzer> sonu_nk: this is the version in the Ubuntu Archive for your Ubuntu release
<sonu_nk> ubuntu server installed 1.9.0 version but there is 2.1.1...
<sonu_nk> cpaelzer, so means 1.9.0 is good and tested
<sonu_nk> right
<cpaelzer> you are likely on Trusty
<cpaelzer> which is good, but to admit a 3 year old release
<cpaelzer> there 1.9 was current
<cpaelzer> on Later Ubuntu Releases (>=Xenial) you'd get 2.1.1
<coreycb> danpawlik, in what way does it fail to install?
<coreycb> danpawlik, fwiw i just installed nova-common from the ocata cloud archive successfully on a new xenial machine
<danpawlik> coreycb: strange
<danpawlik> coreycb: I will paste you error log
<danpawlik> coreycb: http://paste.openstack.org/show/8slHZRzdvr48sW3wThMt/
<danpawlik> coreycb: wait, This error is normall because I have sqllite parameter in nova.conf
<danpawlik> but there was also onother error that it want to execute command which was changed
<danpawlik> in ocata
<danpawlik> let me check one more time on clean host
<coreycb> danpawlik, ah right, the package will try to sync the db if you are using sqlite in nova.conf
<danpawlik> IMHO there should be condition for that... or?
<coreycb> danpawlik, yeah i don't think that accounds for the api database
<coreycb> danpawlik, so that needs to be fixed
<danpawlik> it just irritates me when I would like to deploy host "all in one" using puppet ;P
<coreycb> danpawlik, we might consider removing that sqlite bit since it's not meant for production use
<danpawlik> coreycb: if someone will test Openstack he/she must use something "better" :p
<danpawlik> It strange that Openstack developers doesn't drop support for sqllite
<danpawlik> IMHO
<coreycb> danpawlik, i opened a bug for that: https://bugs.launchpad.net/ubuntu/+source/nova/+bug/1671078
<ubottu> Launchpad bug 1671078 in nova (Ubuntu) "nova sqlite db migration failing for ocata" [Undecided,New]
<danpawlik> coreycb: nice, thanks
<frickler> oh, who had the funny idea of changing the group name libvirtd to libvirt for Ocata? how do you handle that for upgrades?
<cpaelzer> frickler: I think that was done post xenial to align with Debian
<cpaelzer> frickler: upgrades usually deal with this by dupping the gid
<cpaelzer> frickler: if there is nothing it adds libvirt (as it formerly added libvirtd)
<cpaelzer> frickler: if there is already a libvirtd it creates a new group libvirt with the same gid
<cpaelzer> frickler: that way old and new names are synonyms
<cpaelzer> I'm even more confused by libvirt vs libvirt-qemu groups sometimes
<cpaelzer> frickler: let me know if that explains (a bit)
<frickler> cpaelzer: o.k., thanks, now I just need to teach that to our cookbooks ;)
<coreycb> jamespage, zul: do you know if ocata-proposed has been tested? it'd be nice to get qemu promoted for bug 1667033.
<ubottu> bug 1667033 in qemu (Ubuntu) "nova instance console log empty" [High,Fix released] https://launchpad.net/bugs/1667033
<jamespage> coreycb: i've not done so - did the promotions late yesterday
<coreycb> jamespage, ok.  let me kick off some tests.  it looks like kolla is tripping over it in the gate.
<coreycb> danpawlik, It sounds like what you're hitting is similar to this so you are likely missing a step prior to installing ocata nova-common: https://bugs.launchpad.net/tripleo/+bug/1656791
<ubottu> Launchpad bug 1656791 in tripleo "Mitaka to Newton undercloud upgrade needs "nova db online_data_migrations" after the undercloud upgrade" [High,In progress]
<Genk1> Hello
<Genk1> Every mail client I use "Evolution, Thunderbird, mutt..." is based on DNS to resolve domain names
<Genk1> is there a way to tell the clients to use /etc/hosts instead
<Genk1> ?
<Genk1> I have a local server for test named : mail.example.com
<Genk1> but the client doesn't ask the hosts file instead he use the DNS frist
<danpawlik> coreycb: another beautiful log file: http://paste.openstack.org/show/47mfXRuNNEbt9OZ0q1IJ/
<odc> Genk1: isn't that what /etc/nsswitch.conf is for?
<coreycb> danpawlik, we'll need some context on that, ceph-mds installs ok for me on xenial
<danpawlik> dpkg -l | grep ceph
<danpawlik> ii  ceph                                 10.2.3-1xenial                        amd64        distributed storage and file system
<danpawlik> ii  ceph-base                            10.2.3-1xenial                        amd64        common ceph daemon libraries and management tools
<danpawlik> ii  ceph-common                          10.2.3-1xenial                        amd64        common utilities to mount and interact with a ceph storage cluster
<danpawlik> ii  ceph-fs-common                       10.2.3-1xenial                        amd64        common utilities to mount and interact with a ceph file system
<danpawlik> ii  ceph-fuse                            10.2.3-1xenial                        amd64        FUSE-based client for the Ceph distributed file system
<danpawlik> ii  ceph-mds                             10.2.3-1xenial                        amd64        metadata server for the ceph distributed file system
<danpawlik> ii  ceph-mon                             10.2.3-1xenial                        amd64        monitor server for the ceph storage system
<danpawlik> ii  ceph-osd                             10.2.3-1xenial                        amd64        OSD server for the ceph storage system
<Genk1> odc,  I already have : hosts:          files mdns4_minimal [NOTFOUND=return] dns
<danpawlik> ii  libcephfs1                           10.2.3-1xenial                        amd64        Ceph distributed file system client library
<danpawlik> ii  python-ceph                          10.2.3-1xenial                        amd64        Meta-package for python libraries for the Ceph libraries
<danpawlik> ii  python-cephfs                        10.2.3-1xenial                        amd64        Python libraries for the Ceph libcephfs library
<Genk1> so it means to look for hosts file first
<danpawlik> coreycb: Reading package lists... Done
<danpawlik> Building dependency tree
<danpawlik> Reading state information... Done
<danpawlik> The following packages were automatically installed and are no longer required:
<danpawlik>   liblttng-ust-ctl2 liblttng-ust0 liburcu4
<danpawlik> Use 'apt autoremove' to remove them.
<danpawlik> The following additional packages will be installed:
<danpawlik>   ceph-common ceph-mds libcephfs1 librados2 libradosstriper1 librbd1 librgw2 python-ceph python-cephfs python-rados python-rbd
<danpawlik> The following packages will be REMOVED:
<danpawlik>   ceph-base ceph-mon ceph-osd
<danpawlik> The following packages will be upgraded:
<danpawlik>   ceph ceph-common ceph-mds libcephfs1 librados2 libradosstriper1 librbd1 librgw2 python-ceph python-cephfs python-rados python-rbd
<danpawlik> 12 upgraded, 0 newly installed, 3 to remove and 58 not upgraded.
<danpawlik> 2 not fully installed or removed.
<danpawlik> Need to get 0 B/40.7 MB of archives.
<danpawlik> After this operation, 327 MB disk space will be freed.
<danpawlik> Do you want to continue? [Y/n]
<Genk1> danpawlik, ?
<danpawlik> (Reading database ... 77997 files and directories currently installed.)
<danpawlik> Preparing to unpack .../ceph-mds_10.2.5-0ubuntu0.16.04.1_amd64.deb ...
<danpawlik> Unpacking ceph-mds (10.2.5-0ubuntu0.16.04.1) over (10.2.3-1xenial) ...
<danpawlik> dpkg: error processing archive /var/cache/apt/archives/ceph-mds_10.2.5-0ubuntu0.16.04.1_amd64.deb (--unpack):
<danpawlik>  trying to overwrite '/usr/bin/cephfs-table-tool', which is also in package ceph-common 10.2.3-1xenial
<danpawlik> dpkg-deb: error: subprocess paste was killed by signal (Broken pipe)
<danpawlik> Processing triggers for ureadahead (0.100.0-19) ...
<danpawlik> Processing triggers for man-db (2.7.5-1) ...
<danpawlik> Errors were encountered while processing:
<danpawlik>  /var/cache/apt/archives/ceph-mds_10.2.5-0ubuntu0.16.04.1_amd64.deb
<danpawlik> E: Sub-process /usr/bin/dpkg returned an error code (1)
<danpawlik> I will remove all  cepch packages, install one more time 10.2.3 and upgrade to 10.2.5
<danpawlik> Genk1: sorry for spaming
<danpawlik> I should paste it on pastebin
<coreycb> danpawlik, next time please share a link to a pastebin
<danpawlik> sorry
<odc> wow
<odc> Genk1: i don't know then :(
<danpawlik> coreycb: http://paste.openstack.org/show/IF4qthaWuncT8tiSMkR6/
<coreycb> danpawlik, what is the source of those packages?  they don't appear to be coming from the ubuntu archive.
<coreycb> danpawlik, this is the xenial version of ceph-mds: 10.2.5-0ubuntu0.16.04.1
<danpawlik> coreycb: http://packages.ubuntu.com/xenial-updates/ceph
<coreycb> danpawlik, what does 'apt-cache policy ceph-mds' show?
<zul> coreycb: ok with this? http://pastebin.ubuntu.com/24139226/
<zioproto> zul: that is not good
<zioproto> it will make only 50 migrations
<zioproto> it is not sure that all the migrations are done
<zul> zioproto: do you have a suggestion then?
<zioproto> I am talking about su -s /bin/sh -c 'nova-manage db online_migrations' nova
<zioproto> zul: the user should run those migration by hand
<zioproto> because if you have a big database
<zioproto> that is a big impact
<zioproto> for this reason it is only 50 at the time
<zioproto> but running just 50 migrations in that script does not make any sense
<zul> zioproto/coreycb/jamespage: maybe we should not be configuring databases then
<zioproto> also it is the first time I see nova-manage db sync in the package
<zioproto> consider that the database migration cannot be downgraded
<coreycb> zul, i think the only reason we do that for sqlite is so the service will start by default
<zul> coreycb: yeah thats the reason
<jamespage> zul, zioproto, coreycb: I tend to agree that we should just stop trying todo any db syncs in the packaging - the sqlite is a waste of time and just delays install
<zioproto> zul: if you put a check that those commands are run only in case of sqlite than it makes sense
<jamespage> the packages should be checking for sqlite before running syncs
<zul> zioproto: that command only runs if there is a sqlite database anyways
<jamespage> otherwise its always a remote database, and you don't want N instances of nova-cloud-controller all trying todo a db sync during the same update
<danpawlik> coreycb: priv
<zul> http://pastebin.ubuntu.com/24139262/
<zioproto> ok sorry from the diff it was not evident that it was inside a if block for sqlite only
<zioproto> for sqlite maybe is okay
<zul> if we remove the sqlite stuff from the postinst then we would have to change the dep8 tests as well
<coreycb> jamespage, zul: i'm ok with dropping that db migration from the package.  the problem though is we probably will have services that don't start by default.
<coreycb> zul, yeah you'd probably have to use sqlite in the dep8 tests
 * jamespage spin out another thought
<jamespage> maybe we should not start services by default then
<zul> coreycb: or we can do mysql
<zul> jamespage: yes please
<jamespage> zul: using mysql in the dep8 tests is a good idea (see neutron)
<zul> jamespage: manila already uses mysql in the dep8 tests btw
<zul> so its pretty easy to do
<jamespage> zul: yeah there are a few projecst that just don't play nice with sqlite
<jamespage> zul: my original plan was to re-produce the functional test env for dep-8 tests
<zul> jamespage: ack
<jamespage> based on the openstack gate specs
<jamespage> but never quite got to that
<zul> im at ltitle hestiant to change services not to start this close to the end of the cycle though
<zul> but that online migration should be ok for sqlite databases though
<coreycb> zul, i'd hold off until pike for that
<cetex> so, i'm working on improving our automation a bit, we're currently building AMI's from scratch with a concoction of debootstrap and a couple of bash scripts.
<cetex> got stuck..
<cetex> what i'm wondering is: how does ubuntu currently provision their AMI's they have in aws?
<cetex> what tooling is used to build the ami?
<freakynl> Hi, I just installed Ubuntu 16.04 LTS fresh and updated it as a VMware VM. Gave it a reboot now, it's been hanging for over 5 minutes now on 'A start job is running for Unattended Upgrades Shutdown'. It's just been fully updated... Is this normal? It's a bare installed, removed open-iscsi (why is that running by default anyways?) and LVM (same question, don't use LVM) and nothing else yet.
<drab> any recommendation to figure out why a container takes a long time to stop?
<drab> I've had an idle container take 1.5min to stop and I'd like to figure out why
<drab> but couldn't see anything in lxc.log for the container or lxd.log that indicate reasons, just start stopping and stopped times
<nacc> freakynl: ubuntu server or desktop?
<nacc> cetex: may want to ask in #ubuntu-server
<drab> I thought this was ubuntu-server :)
<rbasak> It is :)
<rbasak> It might not be container-specific. If there's a service that fails to stop and systemd waits to kill it, then that could cause a delay too.
<Pici> nacc is lost
<drab> rbasak: yeah, I thought that may be the case, and maybe it just happened that one time for non lxc related reasons, been tarting and stopping the same container a lot for testing
<drab> just trying to make sure I iron out any issue before moving this to prod
<nacc> Pici: just responding to older messages :)
<nacc> Pici: and yes to the latter! :)
<nacc> cetex: sorry about that!
<drab> like they say, the best way to find oneself is to lose oneself in the service of others ;), seems a good fit for ubuntu/freenode help desk support :)
<cetex> nacc: no problem, i just wish someone knew how they do it ;D
<nacc> Odd_Bloke: --^ amazon ami generation question
<mamadg> what is OversignHeader means in Opendkim , i read document many time but i dont understand it , english is not my first , could anyone explain it to me ?
<nacc> mamadg: you've read the manpage for opendkim.conf?
<mamadg> nacc: yes i read man 5 opendkim.conf ...
<antoniobeyah> i asked this question in #ubuntu but was redirected here
<antoniobeyah> hello, it looks like there was an 16.04 lts release today/yesterday but I am unable to find the release notes- are they in progress?  https://uec-images.ubuntu.com/releases/16.04/release-20170307/unpacked/
<antoniobeyah> 1:03 PM that directory normally has a release_notes.txt but it is empty
<nacc> rcj: --^ ?
<antoniobeyah> i was redirected to http://cloud-images.ubuntu.com/xenial/20170307/unpacked/release_notes.txt, I may have just been looking in the wrong place
<antoniobeyah> thanks for the time, it looks like that has what I need to know
<sarnold> antoniobeyah: hrm maybe you caught it at a funny time? this loads for me now https://uec-images.ubuntu.com/releases/16.04/release-20170307/unpacked/release_notes.txt
<sarnold> antoniobeyah: thanks for pointing this out :) I've never seen these files but I like the look of them. useufl.
<antoniobeyah> ha, must have been the case.  it was certainly empty when I looked
<antoniobeyah> I'm not sure the different between uec-images and cloud-images but it seems the cloud-images one had the release_notes before the uec one.  I plan on using the cloud-images link going forward.  ( http://cloud-images.ubuntu.com/xenial/20170307/unpacked/release_notes.txt)
<nacc> yeah i assume there is  some syncing going on, and there is a delay
<aernan> how do I enable directory indexing of home directories with HTTPD/Apache2 from stock configuration?
<_ruben> what would be the "easiest" way to mimic an ubuntu server installation using debootstrap?
<_ruben> (or other tool that allows to do an install into a directory)
<Odd_Bloke> antoniobeyah: nacc: uec-images is deprecated, so cloud-images.ubuntu.com should be used in preference. :)
<antoniobeyah> Odd_Bloke: ah, thanks
<nacc> Odd_Bloke: thanks! :)
<yyyyy> anyone ever ran into an issue where a folder within a mount-point seems to have / mounted within it â i.e. a âloopâ?
<yyyyy> i have some volume group mounted on /sub/ and when i go to /sub/x i see /sub/x/bin, /sub/x/etc /sub/x/vmlinuz (!!!). there's no symbolic links on x and nothing mounted there on fstab or /proc/mounts.
<yyyyy> i'm at a loss over why this is happening.
<yyyyy> ubuntu server 16.04.1
<sarnold> yyyyy: check /proc/self/mounts
<yyyyy> sarnold: nothing there as well for the /sub/x entry that seems to have a loop.
<yyyyy> my other intuition would be some other sysadmin (or an attacker?) created hardlinks to that location
<yyyyy> insanely, i can even check /sub/x/proc and every single /proc entry is there!
<yyyyy> i have never seen this before, in about twenty years of using linux 8/
<jancoow> Hi there. My nfs server is starting on the wrong interface. Its on my "wan" port instead of my "lan" port
<jancoow> how can I specify the correct interface for the nfs kernel server?
<yyyyy> sarnold: is there some FUSE driver that could accomplish what i'm seeing?
<sarnold> yyyyy: probably, but it'd show up in the /proc/self/mounts output, no?
<yyyyy> i would assume so too
<yyyyy> my guess is someone made some hardlinks there. i'm going to backup running services and delete that directory. since it's a loop, it shouldn't delete the file itself as there will be another entry as count for that inode.
<yyyyy> awful, awful situation.
<sarnold> yyyyy: making hardlinks to directories is ot permitted
<sarnold> yyyyy: which is why I suspect it's bindmounts intstead
<sarnold> yyyyy: but maybe symlinks could give similarly confusing output depending upon which tool is reporting the paths
<yyyyy> it's definitely not a symlink for that directory. there are other files inside that are not shared with /.
<yyyyy> a reboot is not getting rid of it, also.
<yyyyy> i've checked with both `ls` and `exa` for the presence of links.
<yyyyy> and a `sudo umount /sub/x` gives a `umount: /sub/x: not mounted` error.
<yyyyy> plus, the files there seem to not always match the timestamps of what's on /
<sarnold> oh
<sarnold> did someone perhaps run debootstrap there?
<yyyyy> not that i'm aware of!
<yyyyy> would that account for the files?
<yyyyy> i'm assuming blasting it out is no problem, then.
<yyyyy> there's 80G in the /proc that's there (!!!)
<yyyyy> lost connection here. to clean up a leftover debootstrap is it enough to just delete the folder?
<powersj> nacc: I created a PPA for a package for someone to test, I want to also create a debdiff to attach to the bug. Should the debdiff changelog entry have the version from the ppa, what the release version should be, or does it matter?
<sarnold> yyyyy: you didn't miss anything while you were away; if it -is- a debootstrap that's probably fine to delete it. or maybe someone did an rsync -a / host:/sub/x/  ? it's really worth being -clear- you know why you're deleting it..
<nacc> powersj: for sponsorship, your debdiff should be what you want uploaded
<nacc> powersj: ideally the sponsor will review your debdiff, so if hte ppa version was there, they would complain and ask you to fix, or fix themsevles upon sponsoring (after discussing with you)
<powersj> nacc: ok thanks!
#ubuntu-server 2017-03-09
<lordievader> Good morning.
<kuku> hey guys, is there a way to have a list of logged for a specific user?
<ikonia> list of logged ?
<kuku> ikonia: i mean list off ssh connections for a specific user
<kuku> of*
<kuku> lastlog for example lists only the last connections for each user
<ducasse> is there a difference between the zfs.ko that comes with the kernel and the zfs-dkms package? both are the same version, afaict.
<ghone_> Hello all,
<ghone_> I'd like to ask you guys how do you cope with ubuntu server updates in environment where there is uat,dev,test,nfr (so all non-prod servers) and also prod servers.
<ghone_> If I do an upgrade of i.e. UAT environment, leave it for testing for a week (or longer), then upgrade, NFR (and again leave it for a while)
<ghone_> the whole process for non-prod servers might take a few weeks. By the time I get to prod servers there might be new packages released
<ghone_> but we need predictable result so reach some level of updates across all environments before do next round.
<ghone_> Red Hat has Satellite server where I can create channels snapshots.
<ghone_> Is there any way I can upgrade ubuntu servers with all patches released before YYYY-MM-DD ?
<rbasak> Canonical has Landscape.
<rbasak> I believe there are various other third party tools you can use.
<rbasak> Or you can run your own mirror manually using reprepro or similar.
<ghone_> rbasak: thanks :-)
<coreycb> jamespage, ocata proposed tests passed for xenial-proposed and zesty-proposed, minus the volume boot charm issue
<jamespage> coreycb: I concur - promotion in progress
<jamespage> zul: is nova-lxd 13.3.0 in a queue somewhere?
<zul> jamespage: it should be
<jamespage> zul: don't see it here - https://launchpad.net/ubuntu/xenial/+queue?queue_state=1&queue_text=
<jamespage> zul: nm I'm blind - its there
<zul> jamespage: heh
<zioproto> hello guys. I am migrating in Mitaka from LBaaSv1 to LBaaSv2. I managed to do the migration and the horizon panels for LBaaS disappeared. Is this stuff packaged in ubuntu ? https://github.com/openstack/neutron-lbaas-dashboard
<zioproto> I always have 'enable_lb': True, in my horizon config
<zioproto> coreycb, jamespage who is familiar with the ubuntu packaging for Horizon ?
<frickler> zioproto: I don't think it is packaged, we install from pypi: http://git.openstack.org/cgit/openstack/cookbook-openstack-dashboard/tree/recipes/neutron-lbaas-dashboard.rb
<zioproto> frickler: so I can add it with 'pip install ??'
<zioproto> frickler: all the infrastructure now is installed with .deb packages here ... I should not fish files with pip ... it is difficult to reproduce the deployment.
<frickler> zioproto: yes, you need to install version 1.0.0 for mitaka+newton and also get the panel file
<zioproto> what is the pip package name ?
<zioproto> neutron-lbaas-dashboard ?
<frickler> yes
<zioproto> but if I do 'pip install neutron-lbaas-dashboard' it will destroy half of my system ? :D
<coreycb> zioproto, frickler, neutron-lbaas-dashboard is packaged in ocata
<zioproto> I am afraid that 'include_recipe 'openstack-dashboard::horizon'' means destroy the already installed horizon :D
<zioproto> coreycb: yes but LBaaSv1 is dropped in Newton, and to have the web interface for LBaaSv2 we need that package ! :O
<zioproto> Looks like I will have to run a Ocata Horizon against a Mitaka cloud
<frickler> coreycb: ah, nice, but you'll need 2.0.0 for ocata I think
<zioproto> this LBaaS is the most unsupported feature ever in Openstack ! #rant
<jamespage> zioproto: frickler, coreycb: we can update the dashboard for lbaas v2 still
<frickler> coreycb: also I cannot find the package in UCA, is it in -proposed only?
<zioproto> guys I had to implement the alembic migration my self in neutron to upgrade from LBaaSv1 to LBaaSv2, a nightmare
<zioproto> now, what happens if somebody deployed a LBaaSv1 with ubuntu charms ? how to you do the migration to LBaaSv2 ? you also implemented a alembic migration for this in the charm ?
<zioproto> or... we can confirm I am the ONLY production user in the world for Openstack LBaaS ?? :)
<zioproto> jamespage: LBaaSv2 it is supported in the charm! :) https://github.com/openstack/charm-neutron-gateway/blob/master/templates/newton/lbaas_agent.ini
<zioproto> jamespage: do you have also a migration strategy ?
<zioproto> from LBaaSv1 ?
<jamespage> zioproto: yes its supported in the charm since lbaasv1 was removed
<jamespage> zioproto: no we don't have a migration strategy - I don't think there is one right?
<zioproto> jamespage: yes, there is one now ! I migrated today
<zioproto> I miss only the web panels
<jamespage> zioproto: yeah cause the dashboard does not have native support - needs the extra project
<jamespage> zioproto: is your migration approach something that could be contributed into lbaas?
<zioproto> jamespage: everything I did is summarized here: http://lists.openstack.org/pipermail/openstack-dev/2017-March/113628.html
<zioproto> jamespage: there is a guy that contributed with a partial script for alembic migration.
<zioproto> I had to do some small patching to that script, and the migration worked, but it is not very robust
<zioproto> I tested on our staging cloud
<zioproto> it will be fun next week when I try the migration against the production db
<coreycb> frickler, jamespage, zul, yeah we could use a 2.0.0 update for lbaas-dashboard
<coreycb> for ocata
<zul> we could..
<zul> coreycb: gimme a sec :P
<frickler> 1.0.0 is a year old and pretty buggy. I must admit that I haven't tested 2.0.0, though
<coreycb> frickler, well, 2.0.0 was released last month
<frickler> coreycb: yes, I was talking with johnsom at the time when trying to figure out which version to use for Newton. and he told me that 2.0.0 is for Ocata and 1.0.0 was for Mitaka, but since no new release was made for Newton, I should continue to use 1.0.0 there
<coreycb> frickler, ok thanks
<coreycb> frickler, i don't think we can provide the lbaas-dashboard to mitaka/newton without significant changes to openstack-dashboard
<coreycb> zul, jamespage ^
<zul> coreycb: no we cant
<zioproto> I plan to run Horizon directly in Ocata even if the rest of the infrastructure is Mitaka/Newton. I dont see another solution
<zioproto> I will move Horizon to a different VM or Docker container ...
<zul> coreycb: we changed how horizon was installed didnt we?
<jamespage> zul: doing a run through vmware-nsxlib, vmware-nsx and neutron-taas for ocata release
<jamespage> they all popped out shortly afterwards
<grendal_prime> i got a werid one here...i have a kvm virt host that i also use as the router for several virtual and phisical legs of a network.  the network is segmented so that if we need to change the media to connect to any of the legs, (ie put in a cellular mifi or wireless  bridge) we can just change the route at the server to point to the different subnet.
<zul> jamespage: thanks one off my todo list
<zul> jamespage: i think neutron-taas is still a git snapshot though
<jamespage> zul: no there is a 1.0.0 release but its not up on tarballs.openstack.org
<jamespage> only in git
<grendal_prime> one of these legs goes through some calamp viper radios (ip over rf super slow but work)  the come happens every 60 seconds and then fails,  if i sniff the subnetwork at the router  it continus to work.??
<zul> jamespage: what about pypi?
<jamespage> zul: no cigar - I expect its a misconfiguration in project-config - I'll follow up afterwards
<zul> jamespage: ack
<jamespage> https://www.irccloud.com/pastebin/ivxpiRQh/
<jamespage> zul: awesome ^^
<zul> jamespage: i get that all the time though especially with anything keystone related though
<coreycb> zul, yes we moved static assets from /usr/share/ to /var/lib
<coreycb> zul, and the additional dashboards always used /var/lib
<zul> coreycb: oic
<zul> coreycb/jamespage/anyone else: lbaas-dashboard is uploaded
<zul> jamespage: i tested ceph in my ppa i think its ok but i only smoked tested it
<jamespage> zul: push your stuff to git and upload to the staging PPA's we can smoke test if directly once in proposed
<zul> ack
<hh2010> hello.  i keep having issues managing two network interfaces on my Amazon AWS.  i did a system reboot yesterday and now theres no incoming traffic coming through on eth1.  any ideas what i should look into?
<hh2010> ip route seems to be set up well.  the second interface says it is up and running with private ip that works on loopback.  but cannot connect to it from other hosts, even on the same network
<patdk-wk> hh2010, nothing you said means anything, aws networking is NOT the same network, EVER
<hh2010> hrmm the only reaosn i said that was that in the past ive been able to connect using SSH or do SCP to the private ip address
<hh2010> from another AWS instance
<hh2010> but i guess thats just because i was connected to both
<patdk-wk> aws is virtualized, aws could be having issues with their network, hosts, ...
<patdk-wk> or you could have applied a security policy to the instance, network, ...
<hh2010> ok... do you have any thoughts on how i could test either of those?
<hh2010> i feel like it might not be AWS becuase this happened after i did a system reboot yesterday
<hh2010> wait...
<hh2010> i think i got it
<hh2010> the iprule for eth1 wasnt getting added on reboot
<hh2010> because i added "metric 150" to eth1 in /etc/network/interfaces... for some reason that stops it from adding the ip rule to lookup the table for default gateway
<patdk-wk> heh
<patdk-wk> hh2010, best way to test for an aws issue, is to stop the instance, and restart it
<aesthetik> Finish Quest and get $110!
<aesthetik> https://richmondberks.com/?ref=rbd118972
<aesthetik> - Make 1,5% Daily profit !
<aesthetik> - Invite a friend and get 1$ as a gift !
<aesthetik> - Comissions of 10% !
<DammitJim> is there an appropriate place to place ssl certificates on an ubuntu server?
<sarnold> /etc/ssl/ ?
<DammitJim> thanks sarnold
<DammitJim> probably /etc/ssl/certs?
<DammitJim> it doesn't matter if they are provided or self signed, right?
<sarnold> and private/ for the key
<DammitJim> I do need keys, don't I?
<sarnold> it depends what you're doing with the cert
<DammitJim> a python application is going to be accessing these
<tomreyn> and do what with them?
<tomreyn> either way, /etc/ssl/{certs,private} is the right place to store X.509 certificates
<DammitJim> thanks
<jgrimm> nacc, can you remind me the location of the file that showed intentionally skipped/bad autopkgtesting? .. context you noticed python-boto was in that list
<jgrimm> tho i'll note that python-boto seems to have 1) gotten demoted to universe 2) seems to have disappeared from 'update-excuses'? tho i just got a kindly nag note.
<jgrimm> nacc, doh i was looking at debian. never mind to #2 comment
<Doow> Hi, I'm trying to figure out why apache isn't starting automatically on my server (ubuntu server 16.10). It's enabled in /etc/rc2-5.d, but I can't find anything about it in the logs at all. It starts without problems if I start it manually
#ubuntu-server 2017-03-10
<nacc> jgrimm: https://bazaar.launchpad.net/~ubuntu-release/britney/hints-ubuntu/view/head:/pitti#L164
<nacc> jgrimm: i don't actually know the context of that file, beyond I believe it's what the AA's use
<adrian_1908> On a fresh server installation with OpenSSH selected, do the host keys in  /etc/ssh  already exist, or do they have to be created manually by the admin?
<sarnold> I believe they are created at the first boot
<nacc> or whenever sshd first runs?
<sarnold> yeah
<adrian_1908> i haven't found a clear answer online, but i think most texts hint at what you're suggesting.
<lordievader> Good morning.
<freakynl> Hi, how do I add Ubuntu Trusty to the list on launchpad here? https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1605494
<ubottu> Launchpad bug 1605494 in linux (Ubuntu Yakkety) "vmxnet3 LRO IPv6 performance issues (stalling TCP)" [Undecided,Fix released]
<ronator> Hi. I am learning systemd unit files. I have a 'stupid' php process I need to stop. Only way is with kill. On CMD it works really fast: "kill -15 $(pidof php)". But if I do this with systemctl (ExecStop) it takes almost exactly 1:30 minutes to stop/kill the process. Is that a systemd problem? What am I doing wrong?
<ronator> Any systemd pro may help me? This is the (edited) service unit file http://paste.ubuntu.com/24151186/ ; I checked with "watch + ps" that the service is really stopping only after 90 seconds (so its not systemd waiting for a timeout or so I guess)
<ronator> I may have found the error: -> Mar 10 12:22:48 HOSTNAME systemd[1]: someproxy.service: State 'stop-sigterm' timed out. Killing.
<Doow> What exactly is it that triggers apache on boot (16.10)? I see no indications in the logs of it even trying to start on my server.
<ronator> there shoud be a apache.service file somewhere on your system - or not (/lib/systemd or /etc/systemd)
<ronator> or apache2.service
<ronator> "service" now also uses systemctl so what does "sude service apache status" or similiar say?
<Doow> ronator, is that what actually triggers it? because "sudo systemctl enable apache2.service" says that it can't be enabled via systemd (gimme a sec and I'll pastebin it)
<ronator> I think I read that apache still does not offer unit files for systemd ...
<ronator> no sure
<Doow> http://paste.ubuntu.com/24151223/
<ronator> well you could get a basic apache systemd unit file and drop it into /etc/systemd/system - or you could use nginx (different syntax but some like it more than apache - and it has systemd unit files)
<ronator> Doow: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=798430
<ubottu> Debian bug 798430 in apache2 "apache2: please add systemd service file" [Wishlist,Fixed]
<ronator> exactly
<Doow> ronator, it *can* start automatically, it's just that something went broke on my system
<Doow> and I can't figure out what
<ronator> check /var/log/syslog?
<ronator> and dmesg - if something went broke you need to find out what - or windows-style re-install
<Doow> nothing, I can't find any trace of it in any logs (which is I wanted to know what exactly is supposed to trigger it)
<ronator> well from my understanding it cant start automatically because no systemd unit file is there and system cant for some reason create it on the fly
<Doow> I'm not even sure it tries to start
<ronator> did you upgrade from 15.10 or 14.10 or so?
<Doow> no, clean install
<ronator> that's a shame, apache ...
<ronator> clean install should not have messed up your system ;-)
<Doow> I of course have done things on the system, but after the install =)
<ronator> so i think it is still the case of the missing systemd file
<ronator> suggestion: quick install of nginx, see how that behaves on your system
<ronator> if that behaves better, blame apache
<Doow> that isn't really helpful though I'm trying to solve the problem, not find someone/something to blame =P
<ronator> well but to solve it you must find the reason that is to blame
<ronator> and i guess it is a huge problem that apache ships without systemd file (if that is still true)
<ronator> I can only tell you, I assume it is missing system files for apache. so with nginx you could somehow prove that (if nginx has no issues). And if yiou then decide to try a systemd unit file for apache, you may well take the nginx one, modify it and boom
<ronator> make sure you work in /etc/systemd/system path for such experiments
<Doow> it ships with a systemd file, it just don't have an [install] section. So you can't set it to automatically start from there.
<ronator> mokay let me think a sec
<Doow> there's a setup of glue scripts to let systemd work with it (as mentioned in the bug you linked)
<ronator> [Install] WantedBy=multi-user.target
<ronator> if the install section is missing, systemd does not know at what "runlevel" to start apache!
<ronator> this is the minimum config for that
<ronator> afk 10 minutes - let me know how it goes
<zioproto> hello, if I have to build a container for Horizon Ocata, that is the best Ubuntu distro version ? Should I use Xenial ?
<ronator> zioproto: not sure because ubuntu has a habit of not using bleeding edge software so maybe check what container version (docker.io?) you get there. If you want to use Xenial you should know a bit about systemd I guess.
<Genk1> Hello
<Genk1> I have just generated a new SSL certificate
<Genk1> with default options
<Genk1> but I am wondering what was the CSR that was used to generate this certificate ?
<Genk1> I need to inform Dovecot about the CA dir
<Genk1> But I don't know where it is
<ronator> you are not forced to create a csr e.g. for self-signed certificates - the csr would be needed to let a CA create the certificate, usually you would only create the key
<ronator> (and the CSR for the CA)
<ronator> Genk1: create the KEY:  openssl genrsa -out www.someserver.com.key 4096
<ronator> Genk1: create the CSR:  openssl req -new -key ./www.someserver.com.key -sha256 -out www.someserver.com.csr
<Genk1> ronator, it's already done  but Dovecot is asking me the ca dir in the parameter : ssl_client_ca_dir
<ronator> Genk1: wouldnt that bee sth like /etc/ssl ?
<ronator>   ssl_client_ca_dir = (''your distribution's trusted TLS CA store (Fedora / CentOS / Redhat uses /etc/pki/tls/ ))
<Genk1> I have already  gave it ssl_client_ca_dir = /etc/ssl/certs
<ronator> could you post the error message? (i guess you reloaded dovecot)
<Genk1> ronator, OK
<Genk1> doveadm(email1@ki.localdomain): Fatal: Disconnected from remote: Received invalid SSL certificate: self signed certificate: /C=MA/ST=Casablanca/L=Casablanca/O=KI/OU=IT
<ronator> is that really _your_ certificate?
<ronator> either it does not like the self signed or it complains about the file itsself : invalid certificate
<Genk1> ronator, Yes it a local certificate
<Genk1> I will use it in prod also
<ronator> should be not a problem if you can roll out this cert
<ronator> where is the common name of the server? CN?
<ronator> you should enter the CN in the certificate, it should match the hostname
<ronator> i cant see it from here
<ronator> not sure if this causes a disconnect in general
<Genk1> ronator, you're right, but is it mandatory to have to have this ?
<ronator> well, in terms of webservers, no: if the CN does not match the DNS name, most browsers will complain. not sure about dovecot. i use postfix with no "internal" ssl certificate.
<ronator> but I would try that direction because "invalid ceritificate" sound ambitious
<ronator> you could try to open the certificate with a desktop application - this should quickly tell you if the format is broken
<Genk1> ronator, I am doing the same thing for postfix and it works like a charm
<ronator> wow
<Genk1> the problem is with dovecot
<Genk1> especially dovecot replication
<ronator> the I cannot really help you but doing the same as you would, searching the internet :D
<ronator> maybe there is a dovecot option to allow self signed? I am totally guessing right now.
<Genk1> ronator, usually I don't came here frist when I have an issue
<Genk1> I always start by the official documentation
<Genk1> then google
<Genk1> then IRC :P
<ronator> no offense, just making my point why I cant help you effectively :)
<Genk1> ronator, no problem, thank you so much
<ronator> you are welcome
<ronator> @systemd: I found out, if you set KillMode= and KillSignal= , you do not need ExecStop --> http://man7.org/linux/man-pages/man5/systemd.kill.5.html
<ronator> [solved]
<jgrimm> thanks nacc!
<DirtyCajun>  /msg NickServ identify matthew1
<DirtyCajun> thank god that was the wrong pass
<jge> hey all good morning, I'm about to start building some Ubuntu 16.04 LTS servers that are not connected to the internet (intended), my network guys tell me I need to let them know what IP:port I need to reach to allow access.. I'm thinking access to http://us.archive.ubuntu.com is all I need for initial install, packages, security updates etc
<jge> any other URL I'm missing?
<ronator> jge: http/https should be enough - just check /etc/apt/sources.list for default URLs ...
<ronator> or /etc/apr/sources.list.d/* in case ...
<Genk1> is there a way to log root activity in syslog ?
<scottjl> like the commands root does? just check their history.
<scottjl> anything root does, they could erase out of syslog, unless you're using an external server
<Genk1> scottjl, hmm
<Genk1> well I need such thing in a centralized log server
<scottjl> syslog can be centralized.
<scottjl> but it doesn't log shell commands
<Genk1> where I check who has executed root commands
<scottjl> http://backdrift.org/logging-bash-history-to-syslog-using-traps
<scottjl> but. if someone is root. they could slip out of things like this. spawning subshells, scripting, etc.
<scottjl> if someone has root access, there are too many ways for them to mask what they are doing
<Genk1> I see
<scottjl> might be better to have them work thru sudo
<scottjl> and have sudo log everything
<Genk1> thanks for the link
<scottjl> no problem
<Genk1> scottjl, that's what I suggested, but you can't change the mind of a whole team
<scottjl> well. if i have root access to your server, i don't care what kind of logging is going on, i can easily mask what i'm doing.
<Genk1> scottjl,  I understand what do you say
<scottjl> so your team has to decide if they really want security, or just the illusion
<Genk1> it's useless to log root activity
<scottjl> right. i could easily copy in some command i shouldn't be doing to the name of 'ls' or something and run that. reviewing root logs wouldn't show anything strange. or write a script. name it whatever. again. logging doesn't show anything strange.
<scottjl> you can't do that thru sudo. well not as easily.
<scottjl> logging bash commands to an external server will give you some more protection, but doesn't prevent masquerading
<genii> bash log is of no use because a space before any command will prevent it from being logged but still executes
<nacc> jgrimm: yw
<drab> Genk1: at a job I worked at we used a modified shell for that
<drab> Genk1: a common one is "rootsh"
<drab> the other common tool for that is "snoopy"
<drab> and "sniffy"
<drab> it was a while back tho, dunno if those projects are still active/working
<drab> the more modern and possible "correct" way of doing it is using "auditd", which can be configured to track all exec syscalls
<drab> https://www.scip.ch/en/?labs.20150604 has some examples
<drab> and http://blog.ptsecurity.com/2010/11/requirement-10-track-and-monitor-all.html
<drab> altho examples are on RH it should work just fine on ubuntu
<ThiagoCMC> Hey guys! With QEmu 2.5 and Libvirt 1.3.1 (Ubuntu 16.04 plus Newton Cloud Archive, just to get new DPDK and new OVS), I was able to run KVM with hugepages and numa placement, like this:
<ThiagoCMC> "<cell id='0' cpus='0-3' memory='8388608' unit='KiB' memAccess='shared'/>"
<ThiagoCMC> Works great!
<ThiagoCMC> However, now, I upgraded it to QEmu 2.8 and Libvirt 2.5 (Ocata Cloud Archive), and my VM is not booting anymore, with the following error: "Error starting domain: unsupported configuration: Shared memory mapping is supported only with hugepages"
<ThiagoCMC> What is happening?
<ThiagoCMC> I had to remove the "memAccess", like this: "<cell id='0' cpus='0-3' memory='8388608' unit='KiB'/>"
<ThiagoCMC>  So, the VM booted but, why?
<ThiagoCMC> hugepages are enabled and I don't get why facing that error...   :-(
<ThiagoCMC>    Any clue?
<nacc> ThiagoCMC: memAccess=shared does not refer to hugepages
<nacc> ThiagoCMC: it just indicates the memory map is shared and not private
<nacc> ThiagoCMC: it sounds like you are missing a <memoryBacking> stanza maybe?
<ThiagoCMC> nacc, here is my Libvirt XML (simple Jinja2) that was working until Ocata Cloud Archive: https://github.com/tmartinx/svauto/blob/dev/ansible/roles/libvirt/templates/virtual-machines/stack-1-pts-1.xml.j2
<ThiagoCMC> memoryBacking is there... Otherwise, it would not work with previous OVS+DPDK / Libvirt / QEmu...
<ThiagoCMC> If it does not refer to hugepages, why it is complaining that it needs hugepages?
<nacc> ThiagoCMC: i meant, shared on its own does not imply hugepages
<nacc> the memorybacking does
<nacc> ThiagoCMC: is your guest using hugepages (in practice0?
<ThiagoCMC> Previously, yes, for sure, now, I just starting playing with new versions, I'm not 100% yet...
<nacc> ThiagoCMC: ok, well, memAccess=shared only works with hugepages -- so if for some reason your guest isn't bakced by hugepages and you request shared, i think it's an error
<ThiagoCMC> I see, I'll double check that... Thank you!
<nacc> ThiagoCMC: that's just my reading of the libvirt XML spec :)
<nacc> ThiagoCMC: but yeah, why it's not backed by hugepages would be the first thing to check
#ubuntu-server 2017-03-11
<ThiagoCMC> Cool! It is weird that it exactly same Libvirt XML works with previous versions available on Ubuntu 16.04 but, after upgrading to Ocata Cloud Archive, memAccess not good anymore...
<ThiagoCMC> This is a common setup that you can find on OVS+DPDK / Libvirt / KVM tutorials across the Internet.
<ThiagoCMC> Including this one:
<ThiagoCMC> https://help.ubuntu.com/lts/serverguide/DPDK.html
<ThiagoCMC> Not working anymore...   =/
<nacc> ThiagoCMC: i know little about all of the various bits together -- that is strange
<ThiagoCMC> That's okay...   =)
<Jordan_U> Hi. I have a fresh Ubuntu server installation with apache2 installed and I would like to simply configure it so that for any page that is not found the user is sent to /dnshelp.html . This is the full contents of my /etc/apache2/sites-enabled/000-default.conf http://paste.ubuntu.com/24154871/ . I have only changed it by adding lines 30 and 31. I still get a generic apache 404 error page though.
<Jordan_U> I'm assuming I'm missing something simple, anyone see what it is? :)
<sarnold> Jordan_U: did you reload the apache configuration? what entries do you get in the error.log and access.log when making requests that should use this 404/
<Jordan_U> sarnold: I've run "sudo systemctl restart apache2.service" which gives the following warning: http://paste.ubuntu.com/24154901/ .
<sarnold> Jordan_U: aha, run the suggested command and try again
<Jordan_U> sarnold: Unfortunately makes no change. If I restart apache2 again afterward I get the same error.
<sarnold> okay, good. so, next step, what's in the apache logs?
<Jordan_U> sarnold: access.log: 10.190.32.21 - - [13/Feb/2016:10:38:05 -0800] "GET /asdfasdfasdf HTTP/1.1" 404 624 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.98 Safari/537.36"
<Jordan_U> sarnold: http://paste.ubuntu.com/24154925/
<sarnold> Jordan_U: hrm the log entries with dates look a month old
<Jordan_U> sarnold: http://paste.ubuntu.com/24154939/ . I guess I should fix that first :)
<sarnold> ah :)
<Jordan_U> This is an old laptop that's been sitting in storage for who knows how long, but I would have expected installing Ubuntu to have updated the RTC.
<Jordan_U> Seems our network blocks NTP servers for some reason. :(
<sarnold> ewwww
<sarnold> for the next few months you might able to use tlsdate
<Jordan_U> sarnold: Well, my date is now correct but I still don't get the 404 page I want. How would you go about setting a custom (simple, static html) 404 page on a fresh Ubuntu installation?
<Jordan_U> Well, I have to leave this problem until tomorrow. Thanks for the help so far though.
<sarnold> Jordan_U: I think I would have done exactly what you did, but only way slower, because I don't know apache very well; I always found nginx easier to configure
<mystified> not sure if i'm on the right channel if, not pls tell me where to go. BUT Nicely Pls
<mystified> broke my usb port on my printer. not wifi compatiable. only option is ethernet.
<mystified> don't know how to configure. I'm not a techie
<cpaelzer> ThiagoCMC: nacc: hi, I've seen the change you are facing in libvirt
<cpaelzer> ThiagoCMC: nacc: Newer libvirt needs you to specify the page size
<cpaelzer> ThiagoCMC: that is not a "bug" in the to-be-fixed sense
<cpaelzer> ThiagoCMC: and the doc is for 16.04 still :-/
<cpaelzer> ThiagoCMC: in the past I already made FYI updates there for newer openvswitch versions that changed
<cpaelzer> ThiagoCMC: I'll do so again, for this, but doc releases take time
<cpaelzer> ThiagoCMC: until then a change like following will fix it for you
<cpaelzer> ThiagoCMC: https://git.launchpad.net/~ubuntu-server/ubuntu/+source/dpdk-testing/commit/?id=8289749a59b79567fb7c0b94054571be8f6efdcc
<adrian_1908> hello. If I use `ssh-copy-id user@server.net` and I have root (password) access to that server, can I complete the task using that password, or does it not work because user isn't root?
<ducasse> adrian_1908: you need that user's password, or you can login as root and put the key there manually.
<adrian_1908> ducasse: yeah, thanks. I recall having used the command with success but not how exactly I did it. So I would simply invoke `ssh-copy-id user@server`, enter the system password of user and it should work?
<ducasse> adrian_1908: yep.
<adrian_1908> thanks!
<jiffe> so I've started install of ubuntu on a machine a couple times now to play with configuration, the network interface list seems kind of strange.  I've got my cable plugged into nic0, initially the list shows enO0 and rename[123], then it showed eno1 with rename[123], now its showing eno1 with rename[345]
<jiffe> and I'm having to guess which rename is actually eno0
<tomreyn> jiffe: whats this "rename[123]" and "rename[345]"?
<jiffe> rather than typing rename1, rename2 etc I combined them
<jiffe> that's the name of the devices in the list
<tomreyn> you are aware of this right? https://www.freedesktop.org/wiki/Software/systemd/PredictableNetworkInterfaceNames/
<tomreyn> about interface names and enumeration in general
<jiffe> this seems very unpredictable as it keeps changing
<tomreyn> well it should not be changing afaik
<jiffe> then I think we need another round of QA :)
<tomreyn> i still don'T get what the rename1 ... is
<jiffe> I'll likely be going through this again so I can take a screenshot here in a bit
<tomreyn> are you saying these are kernel processes renaming the network interfaces?
<jiffe> I don't know whats doing the renaming, when I load the ubuntu install disk and it gets to the point of listing network interfaces, those are the names of the interfaces (eno1, rename3, rename4, rename5), there are 4 interfaces
<tomreyn> oh, well i've never come across network interfaces called "rename*"
<jiffe> I don't know why it would name one accordingly and label the rest rename* either
<tomreyn> whats this hardware + driver?
<jiffe> IntelÂ® i350 Gigabit Ethernet https://www.supermicro.com/products/system/2u/6027/ssg-6027r-e1r12n.cfm
<tomreyn> and which command returns the 'rename*' interfaces?
<jiffe> I'm not issues commands, this is on the install screen
<tomreyn> hmm, well yes do show screenies then
<tomreyn> https://bugs.launchpad.net/ubuntu/+source/biosdevname/+bug/1284043 seems related
<ubottu> Launchpad bug 1284043 in biosdevname (Ubuntu) "udev renaming the same hardware network i/f to different name, breaks networking and firewall" [High,Confirmed]
<tomreyn> jiffe: which version are you installing there, 14.04?
<jiffe> 16.04.1
<tomreyn> oh, i hadn't expected it to happen there
<tomreyn> note comment #4
<tomreyn> so this is clearly a hardware / driver specific issue
<jiffe> one thing I'm noticing now that I'm watching this is the detecting network hardware screen is taking a long time
<jiffe> http://nsab.us/public/nethw.jpg
<jiffe> so here's another question, is it possible to install ubuntu 16.04 server on a zfs mirror so that it is completely redundant including boot information?
<jiffe> the alternative I think is to use software raid1 for / and GPT and zfs for the remainder
<compdoc> should be able to, but I use zfs for storage, and a small ssd to boot from. makes maintence easier
<xok> hello all...
<xok> I can't get LVM working in automatic installation...
<xok> the instructions are simply ignored, the installer creates "root" volume and "swap_1" though I name them differently and even removealtogether the swap partition but it ignores my instructions...
#ubuntu-server 2017-03-12
<jiffe> yeah there is something definitely funky here, I've installed with one of the NICs listed in the interfaces list, but after I've completed install and reboot into the OS, that NIC no longer exists
<jiffe> I don't suppose I can turn off
<jiffe> "predictable" network stuff
<m4xx> if i create a raid 10 with 4 1tb disks using mdadm giving me 2tb storage, is it possible to add an additional 2 disks to give me 3tb of storage?
<xok> hello all...
<xok> I've got automatic ubuntu 16.04 installation done with preseed...
<xok> the LVM part doesn't seem to be working...
<xok> the minimal configuration makes the partman scream and say that the expert recipe is not possible...
<xok> because the physical storage is less than required
<xok> though the setup requires far less than the warning says...
<xok> Hello, I get "available space too small for expert recipe"...
<xok> is this a bug or what happens?...
<tammy> How can I get on riatation to triage bugs
<tammy> I mean rotation
<rbasak> tammy: hi, you asked on the mailing list about joining the bug squashing party I think?
<tammy> OK
<tammy> Cool
<st3fann> Hello, I am trying to git clone a directory onto my server, fresh install of debian, I just set the dns servers and for some reason it clones most directories, then randomly fails at one: Clone of 'https://github.com/QuickBox/quickbox_themes.git' into submodule path 'themes' failed
<st3fann> it doesn't always fail at the same one either
<Impaloo> How do I disable jujud?
<Impaloo> freaking memory hog
#ubuntu-server 2018-03-05
<halvors> Why is cloud init enabled on the default ubuntu server image?
<halvors> Whese are cloud images now? http://cdimage.ubuntu.com/ubuntu-server/daily-live/20180304/
<Alabaster> hello if anyone is awake
<frickler> halvors: I'm using these but they do look a bit out of date indeed http://cloud-images.ubuntu.com/bionic/current/
<andol> Nitpicking, but https://cloud-images.ubuntu.com/bionic/current/ is a slightly better link to share. That is https:// rather than http://.
<Alabaster> so does anyone have any idea why sometimes Desktop icons don't show up when you boot or restart linux until I go into tweak tools and turn them off to turn them on????
<OpenTokix> halvors: Because it is widly used, and pretty fiddly to enable by yourself. Why would you not have it on a server image?
<lordievader1> Good morning
<Alabaster> hey i might be in the wrong channel but I have a question if I may?
<lordievader1> Alabaster: This is the wrong place for desktop questions, yes. Those you want to ask in the room more specific towards your flavour of Ubuntu.
<OpenTokix> Have anyone built a bootable iso with embedded preseed? - Whatever I do I get stuck on install initramfs
<Sircle> How do I redirect all www urls to non www? I have done this but it seems not working https://pastebin.mozilla.org/9079136
<beisner> tinwood coreycb jamespage - fyi, promoted nova-lxd 17.0.0-0ubuntu1~cloud0 to queens UCA update, now in line with bionic main.
<coreycb> beisner: +1
<frickler> coreycb: do you know something about bionic cloud image builds being broken? most recent one seems to be 10 days old
<coreycb> frickler: hmm, i don't but i can find someone who might
<coreycb> rcj: is this your realm by any chance? ^
<Odd_Bloke> coreycb: frickler: Yeah, we're seeing issues during the build that we're working to debug.
<Odd_Bloke> xnox was briefly looking earlier; I don't know if he got anywhere.
<coreycb> Odd_Bloke: ok great you're all over it. thanks.
<tinwood> beisner, thanks!
<xnox> Odd_Bloke, it's in proposed.
<Odd_Bloke> xnox: What is "it" in this context?
<frickler> Odd_Bloke: thanks, are the build logs public? do you have a dedicated channel where you would discuss this?
<Odd_Bloke> frickler: The build logs aren't public, unfortunately (because we build the public images and some private images in the same build process).
<Odd_Bloke> frickler: This is the appropriate channel. :)
<frickler> Odd_Bloke: great, thanks. I'll just wait for things to get fixed, then. ;)
<Odd_Bloke> frickler: https://paste.ubuntu.com/p/PcSXDMKqtc/ is the relevant error message, FWIW.
<frickler> Odd_Bloke: ah, so that has the fix in proposed, nice one, thx
<coreycb> tinwood: ok james opened an MIR bug already so i'll just fill in the blanks
<coreycb> https://bugs.launchpad.net/ubuntu/+source/python-requests-toolbelt/+bug/1751093
<ubottu> Launchpad bug 1751093 in python-requests-toolbelt (Ubuntu) "[MIR] python-requests-toolbelt" [Undecided,Incomplete]
<tinwood> coreycb, ah, I see.
<coreycb> tinwood: ok i filled in the blanks and subscribed the mir team so we can just wait on it a bit now and keep an eye on the bug
<tinwood> coreycb, great!  Thanks very much :)
<coreycb> tinwood: np!
<coreycb> tinwood: thanks for nova-lxd and pylxd :)
<tinwood> coreycb, well, getting there.
<Epx998> Does /etc/fstab.d work in xenial?  I remember issues with it in precise
<nacc> Epx998: never heard of such a thing
<nacc> Epx998: and it's not mentioned in the manpage for /etc/fstab
<Epx998> hmm
<Epx998> https://www.kernel.org/pub/linux/utils/util-linux/v2.21/v2.21-ReleaseNotes
<nacc> lol that same blurb mentions it's removal
<Epx998> oh? lol
<Epx998> thats funny
<jerichowasahoax> nacc: it seems to have been removed from libmount and added to mount?
<jerichowasahoax> personally i'm not sure why anyone would need more than the one /etc/fstab anyway but i may just be confused
<nacc> jerichowasahoax: oh you're right
<nacc> but yes, +1 to your last commend
<nacc> *comment
<nacc> https://askubuntu.com/questions/168290/why-cant-mount-read-files-in-etc-fstab-d
<nacc> it was subsequently reverted
<nacc> and you can pass --fstab if you really want it
<nacc> but i don't understand a use case
<Epx998> jerichowasahoax: we like to keep some files clean and vanilla as possible
<jerichowasahoax> Epx998: "we"?
<Epx998> yes. we.
<jerichowasahoax> Epx998: as in, who is "we"?
<Epx998> jerichowasahoax: my team here at work.
#ubuntu-server 2018-03-06
<lordievader> Good morning
<halvors> OpenTokix: Because it's overwriting my network config, and it's on a bare metal server.
<papajo> hello everyone!!!!
<mordof> hoping someone can shed some light on this for me:  running ubuntu in AWS, mounted a drive created from a backup.   both of these drives do not have a partition table, and yet ext4 seems to be functioning properly on them. I had thought a drive must have a partition table before a file system can be placed on it. so what's the deal there? how does
<mordof> this work? is it a safe situation?
<mordof> i ask here because i'm not sure if this is something specific to the way aws handles their drives, or if all drives are ok to behave like this
<sarnold> you don't need a partition table for a filesystem
<sdeziel> mordof: if you don't need a boot loader (like grub) to reside on the same drive, it's safe and it makes FS resizes easier
<TJ-> mordof: you can have a file-system inside a regular file; partition tables are generally only needed for a bootable device
<mordof> ooh. is this also true of windows drives? lol..  or more specifically.. is this special to a specific filesystem like ext4? or has this always been the case for everything
<sdeziel> mordof: I don't know for Windows (but I think it creates a partition table by default) but on Linux any filesystem can run on direct drive
<mordof> awesome, thanks for the details :)  very much appreciated
<sdeziel> np
<patdk-lap> just make sure you don't EVER use something like openfiler that ASSUME all disks have a partition table, and writes one on them if they don't
<mordof> oooh that's a good point, lol
<patdk-lap> partition tables where invented so the bios could load the boot code
<patdk-lap> know where that boot code is
<rbasak> nacc: in https://bugs.launchpad.net/bugs/1753800, do you know why the tree fails to match?
<ubottu> Launchpad bug 1753800 in usd-importer "libffi fails to import, due to orphan tags" [Undecided,New]
<nacc> rbasak: not yet
<nacc> rbasak: but in theory, it can happen, i suppose
<nacc> rbasak: i've not dug into it at all, i was just peeking at the bastion to see where it's at and saw our first failure (out of ~250 packages)
<nacc> rbasak: i might provide you a very naive fix that needs some optimization, just to get the code out there for you to lok at
<nacc> *look
<rbasak> OK
<nacc> naive in that it needs refactoring due to code duplication
<rbasak> I'm not sure I'll get much time on it this week though
<nacc> rbasak: understood
<nacc> rbasak: have you landed your import_uanpplied_spi tests?
<nacc> rbasak: https://code.launchpad.net/~nacc/usd-importer/+git/usd-importer/+merge/340869
<nacc> rbasak: fwiw, the libffi import failure appears to be due to not matching the debian version's tree, but i've not dug deeper
<kyle__> Is anyone else using 16.04 + hwe kernel + mdadm for root? Curious.  I can't get grub to be happy with it
<rbasak> nacc: not landed the tests yet. I have a branch that exercises it but to actually verify the result I need to finish my commit comparator, which got pre-empted by the test components you needed in that other bug.
<rbasak> nacc: we could land it early and leave a bug open to remind us that it doesn't verify the result yet if that would be helful.
<nacc> rbasak: can you just point me at an MP or the branch again? then I can use ita s areference for the tests i just mentioned in my MP (and the ones i need to write for a few other bugs)
<rbasak> nacc: https://code.launchpad.net/~racb/usd-importer/+git/usd-importer/+ref/import-tests - still wip of course, not rebased recently.
<nacc> rbasak: totally fine, just wanted to structure my tests the same way
<nacc> rbasak: thanks!
<nacc> rbasak: i'll rebase and add some basic verification and send you a MP :)
<rbasak> nacc: thanks :)
<nacc> rbasak: and i think i figured out how to create the pristine-tar on-demand
<nacc> rbasak: https://code.launchpad.net/~nacc/usd-importer/+git/usd-importer/+merge/340874
<nacc> rbasak: i think that should be a priority to review this week, so we can land that infra
<nacc> rbasak: it needs cleaning up, but does pass now
<nacc> rbasak: and based upon that, https://code.launchpad.net/~nacc/usd-importer/+git/usd-importer/+merge/340876 which adds testcase 1
<hallyn> smoser: did you use to talk about a program that could make an ext2fs the way mksquashfs does?
#ubuntu-server 2018-03-07
<papajo> i need help!!!!
<papajo> anyone professional with ubuntu server ? i'm a student and learning
<nacc> papajo: you should just ask your question(s)
<papajo> sorry i was distracted , i'm trying to set up my cyberduck ftp client to be able to upload to my www folder on my ubunutu server and i'm not sure what i'm doing wrong, i gave all the correct permission for my user i followed the ubunutu server documentation
<papajo> i also tried Configure the user's home directory and i get this usermod: user ************ is currently used by process 1759
<genii> From usermod manpage. "You must make certain that the named user is not executing any processes when this command is being executed if the user's numerical user ID, the user's name, or the user's home directory is being changed."
<genii> This why it's advantagous to have a second user with sudo ability, in case the primary one requires doing something like this with usermod
<stiltzkin> Figure I'll ask here as well as the #ubuntu channel - I'm trying to determine the root cause for a consistent system hang issue I'm running into. At random, during approx 8-48 hour periods, the server hangs to a black screen. It's not recoverable by killing X, by switching virtual terminals, or with REISUB. I have to physically reset the machine.
<stiltzkin> Today the system hung and there was something printed to the console: https://i.imgur.com/wzl5HuI.jpg
<stiltzkin> Any ideas appreciated.
<mason> stiltzkin: that looks like it died on boot, as it couldn't get a root device. Look at regenerating initramfs, updating grub, etc.
<stiltzkin> But the system boots correctly
<stiltzkin> upon reset
<stiltzkin> so I have no idea why that would be the case
<mason> Oh, that's a bit odd.
<mason> stiltzkin: Maybe check SMART status or somesuch. Maybe you have a marginal disk. There's probably a better explanation, but I'm not sure what it would be.
<stiltzkin> SMART checks out
<stiltzkin> the message printed to console confuses me since it should not be looking to /dev/md* for the root disk
<mason> stiltzkin: So, the system couldn't find a component of its root MD-RAID1 or somesuch... Maybe it didn't spin up on cold boot, in time, but did on reboot?
<stiltzkin> Root is not on the RAID
<stiltzkin> this is a fileserver with a single host SSD
<mason> Oh! Heh.
<stiltzkin> so it shouldn't have to look to /dev/md* for root
<mason> Welcome to systemd making everything so very nearly transparent.
<mason> Yeah.
<stiltzkin> lol.
<stiltzkin> I have noticed one other tidbit: sometimes I will recover from one of these hangs with a hard reset and the system will not boot because the UEFI drive to boot from in BIOS becomes randomly unchecked. I have to boot into BIOS, select 'ubuntu' as the UEFI drive to boot from, and reboot to get the system up
<mason> Also a bit odd.
<stiltzkin> That to me makes me think the drive is failing (responding too slow on boot to show as a boot target?) but the drive seems fine
<mason> Lately dpkg-reconfigure grub-uefi (IIRC) erases my boot entries entirely and errors out, which is fun on kernel upgrades...
<stiltzkin> hmm so maybe that's something else then
<mason> Yeah, that's a bit odd too. Maybe see if there's a firmware upgrade available...? That seems like it should be related, that UEFI bit.
<mason> The funny bit is, with a single disk... where did it get the initramfs and kernel, if the root disk isn't available?
<stiltzkin> for the drive? there may be. it's a 2 year old SSD
<mason> If you can get it back into busybox sometime, poke around and see what devices are there, etc.
<stiltzkin> in the picture I sent the system is completely hung so there's no chance of keyboard input
<stiltzkin> but I have it fully back up now, everything seems normal
<mason> Ah... That's also not a fantastic sign.
<mason> But nothing is leaping out at me as a plausible cause.
<stiltzkin> but there's a good chance when I check in the morning, the system will be down. Or if not, then it will be down sometime tomorrow afternoon or tomorrow night. Guaranteed
<mason> So, it's spontaneously rebooting to get you to that spot?
<mason> That seems like marginal hardware.
<stiltzkin> I've actually never seen the screen I sent before. Every other time it does this it hangs to a completely black screen
<stiltzkin> First time I've seen those messages is today
<mason> Either way... A spontaneous reboot is a bad sign, and I'd be hard-pressed to blame even systemd.
<stiltzkin> running extended smart test on the host ssd now...
<mason> I'd also maybe watch heat, watch dmesg remotely... Let's see...
<mason> stiltzkin: https://www.cyberciti.biz/tips/linux-netconsole-log-management-tutorial.html
<mason> Get that going, and maybe you'll see badness emerging before whatever event is taking the system out.
<stiltzkin> yeah that's a good idea
<stiltzkin> yeah the test checks out, looks normal on the drive
<mason> Sometimes if you have an issue that freezes you up like that, the system won't log anything, you won't be able to take a crash dump, nothing, but the udp log can catch the initial badness.
<stiltzkin> mhm
<stiltzkin> good advice
<mason> I had to use that recently to confirm that Nouveau is bad and doesn't work on my work laptop.
<stiltzkin> this sounds like a job for the raspberry pi in my drawer
<mason> That could do it.
<mason> Note that I've had issues with predictably bad interface naming and netconsole.
<mason> If you have issues setting it up, try net.ifnames=0 on your kernel command line.
<stiltzkin> OK
<stiltzkin> Good to know, thank you
<smoser> hallyn: i may well have talked of one before.
<smoser> i think there might be one in buildroot...or in yocto
<smoser> i think i'd just use libguestfs or a qemu in some way and do it all in the guest. heavier but more flexible.
<hallyn> yeah libguestfs is an option, as is us fuseext2.  (using fuseext2 right now but it hangs on umount)  i'll look at buildroot, thx
<hallyn> oh, maybe i can use e2tools?
<hallyn> yup that'll work :)
<lordievader> Good morning
<tobasco> jamespage: coreycb i can see that zunclient is packaged, is there any plans on packaging the zun project?
<coreycb> zul: no immediate plans that i know of
<coreycb> zul: would be happy to help usher it through if it were contributed of course
<coreycb> zul: sorry!
<coreycb> tobasco: ^
 * coreycb needs coffee
<zul> coreycb:  Freudian slip?
<coreycb> zul: possibly :)
<zul> heh
 * zul goes back to enjoying caffeinated beverage
<tobasco> coreycb: ok thanks for the info, sorry to bother but is there any docs on the packaging procedure for a packaging-novice? :)
<coreycb> tobasco: sure, i'll paste a couple of links
<coreycb> for working with Ubuntu OpenStack packages in general: https://wiki.ubuntu.com/OpenStack/CorePackages
<coreycb> Ubuntu packaging overview: http://packaging.ubuntu.com
<coreycb> tobasco: for a new package i would typically start by cloning the source for say, keystone, as a starting point
<coreycb> and then start updating it for the new project
<coreycb> tobasco: package source is all here btw: https://code.launchpad.net/~ubuntu-server-dev/+git
<tobasco> coreycb: thanks! i will educate myself and hopefully learn a few things :)
<coreycb> tobasco: cool, i'll be here if you have questions.
<jelly> is 18.04 frozen now, there an installation image somewhere to test all the interesting ways my software will break on it before it's out?
<TJ-> jelly: Feature-freeze last week but a lot can still change as bugs get ironed out
<jelly> of course
<sarnold> this might be a good starting point http://cdimage.ubuntu.com/daily-live/current/
<TJ-> well! that saved me some copy/pasting :p
<jelly> thanks
<TJ-> or the daily/ (as opposed to daily-live)
<sarnold> I wish we had a nice guide to all the various images
<jelly> even if I'm going to prefer http://cdimage.ubuntu.com/ubuntu-server/daily/current/ and try to plug it to our pxe/preseed thingy
<sarnold> there's something like thousands of them and my firefox history doesn't have them all :)
<rbasak> ahasenack: https://code.launchpad.net/~nacc/usd-importer/+git/usd-importer/+merge/336804
<nacc> rbasak: were you able to look at my pushes to add tests to the importer?
<rbasak> nacc: yeah. I'm still pondering that.
<nacc> rbasak: ack, some of the fixlets in that branch are probably not ideal -- I tried to document in the MP what I wanted to test for
<nacc> rbasak: I think I'm correctly testing for what I described; perhaps we can extend the tests in the future, if you have further criteria?
<rbasak> nacc: it's the structure of the tests themselves. I think I'd like to see what you defined what you wanted to test represented as a data structure of your expectations, rather than checking each individual thing in code. However, I don't think it's needed to block at all, in that if you're testing what we want to test, it's fine to land and then refactor the tests later.
<rbasak> nacc: but I think that branch is still a wip, right?
<nacc> rbasak: do you have an example (even pseudocode) of what you mean by a structure of expectations?
<nacc> rbasak: you mean like something that defines expected import tags, expected orphan tags, expected branch commits, etc?
<nacc> rbasak: https://code.launchpad.net/~nacc/usd-importer/+git/usd-importer/+merge/340874 this one is 'ready'
<nacc> rbasak: the other, which actually includes real fixes is WIP, as I need to write the tests I mentioned in that MP
<rbasak> nacc: it'll be a really common pattern for importer tests I think. "When the set of publishes looks like X, I expect to see the imported git structure to look like Y"
<nacc> rbasak: yeah, that's a good point
<nacc> rbasak: just trying to figure out how to descirbe the git structure without having to describe hashes, etc.
<rbasak> nacc: separately, I think I'd like to try to more formally specify the importer in terms of the results.
<rbasak> nacc: yeah, that's the challenge.
<nacc> rbasak: unless what i wrote is what you meant (tags, branches, etc)
<rbasak> nacc: combining the two things, it'd be nice if the specification then maps directly to the tests.
<rbasak> nacc: got time for a HO?
<nacc> rbasak: ack
<nacc> rbasak: standup?
<rbasak> omw
<DexDeadly> Hello.  I'm having an issue.  I have ubuntu 16.04 installed and its been running fine for a while.  However now when I try to access the server via \\ip i keep getting not found
<Odd_Bloke> DexDeadly: I don't entirely follow; what server are you trying to access, and how are you trying to access it?
<DexDeadly> I have samba installed on the ubuntu server but I can't access it
<DexDeadly> it used to work but it is not any more
<Odd_Bloke> Did you make any changes?
<DexDeadly> I can ping it
<DexDeadly> I didn't.  One thing I noticed recently was my /dev/sda1 boot was full so I cleared that, made sure all the apt-get update/upgrade all was done
<Odd_Bloke> DexDeadly: Is the Samba service definitely running?
<DexDeadly> sudo service status smbd says active
<Odd_Bloke> I've never really used Samba, I'm afraid, so I'm now out of my depth.
<DexDeadly> ok
<TJ-> DexDeadly: check there are no firewall rules blocking it; check the various samba services are listening on the correct network interfaces with "sudo ss -tnlp"
<DexDeadly> hmm ok i just disabled my windows firewall, i thought it was
<DexDeadly> now im getting can not access
<nacc> rbasak: 100% phasing is 4943 packages
<xpistos> Hey all. How do I use /etc/cron.d ? I have a file called "test" that has a cronjob in it to call a script but it does't work? Do I have to enable it or something?
<DexDeadly> So I still can't seem to get in, anything else?
<DexDeadly> Is my smb.conf correct.  This worked before
<DexDeadly> https://pastebin.com/BGN9an0i
<DexDeadly> I still can't access the samba share
<DexDeadly> sorry lost connection.  Anyone have an idea of what else I can try
<patdk-lap> your smb.conf is 100% wrong
<patdk-lap> atleast if you want to connect to anything >windows xp
<DexDeadly> may I ask what
<sdeziel> DexDeadly: it may be easier for others to review your samba conf if you pasted the output of "testparm -s" instead of the smb.conf file
<DexDeadly> cause it used to work
<DexDeadly> sure i can do that
<patdk-lap> define, used to work
<patdk-lap> something changed
<patdk-lap> like upgrading from windows 7 to windows 10
<DexDeadly> It worked when I originally had set it up.
<patdk-lap> disabling smb1 cause it's so insecure
<DexDeadly> I have always used windows 10
<patdk-lap> odd
<patdk-lap> maybe you didn't have smb1 disabled and now you do
<patdk-lap> there are a lot of settings I have to change in smb.conf to make it work for me
<patdk-lap> enable signing, enable spnego, disable the low quality password hashing
<DexDeadly> https://pastebin.com/BErX8fC9
<DexDeadly> theres the testparm -s
<patdk-lap> smb encrypt=auto
<patdk-lap> server min protocol = SMB2
<patdk-lap> client min protocol = SMB2
<patdk-lap> client ntlmv2 auth = yes
<patdk-lap> ntlm auth = no
<patdk-lap> server signing = mandatory
<patdk-lap> client signing = mandatory
<patdk-lap> those are my basic settings
<DexDeadly> the smb.conf was just the default that was created and I just added what I needed at the end
<patdk-lap> yes, and that will be the default from that version of samba, that is pretty old, and it's defaults won't match what is in use today
<patdk-lap> all it takes is a single microsoft patch, and it's no longer compatable
<DexDeadly> that does not suprise me
<DexDeadly> do you clear out all those settings
<sdeziel> DexDeadly: I don't have time to look into yours but mine works well with Windows 7 clients (older are not supported by design) https://paste.ubuntu.com/p/kjj72jb93w/
<DexDeadly> thanks I'll take a look
<DexDeadly> I just added those lines you mentioned to the bottom of my smb.conf file
<patdk-lap> how does that work?
<DexDeadly> still no go
<patdk-lap> they need to be in the general section
<patdk-lap> maybe you need to start with the samba manual
<DexDeadly> ahh wait thats my issue
<DexDeadly> yea im gonna have to read the new way
<DexDeadly> i thought it was something simple but this may need redone
<patdk-lap> the signing = mandatory might cause you issues, but shouldn't
<patdk-lap> I require signing on all mine machines so no one can inject data
<sdeziel> signing = mandatory is the new default (which is why it doesn't show up in testparm -s)
<sdeziel> DexDeadly: are you sure samba wasn't upgraded without your knowing? zgrep samba /var/log/apt/history*
<sdeziel> IIRC, the signing default value was changed due to the set of SMB vuln that were addressed not too long ago
<patdk-lap> sdeziel, shows up in mine
<patdk-lap> but I am on trusty on this server I'm looking at
<sdeziel> patdk-lap: trusty has the same version xenial has
<sdeziel> patdk-lap: I'm sorry, I was wrong on the "server signing" default value.
<DexDeadly> sorry i'm at work to lol let me get to this
<DexDeadly> nope took out server signing and still same thing
#ubuntu-server 2018-03-08
<nacc> rbasak: fixed the CI issue i think with my branch, just a thinko in the pristine-tar refactor (integration test ftw)
<nacc> rbasak: and it passed :)
<lordievader> Good morning
<boxrick> Does anyone have a pre-seed formula for lvmraid?
<elfranne> trying to apply file descriptor limit by making a conf file in /etc/security/limits.d/ but the default values are still used (even after a reboot)... where can i start looking )
<groubas> kvm or xen?
<groubas> is it -safe- to run a firewall like pfsense on an ubuntu server host?
<sarnold> elfranne: /etc/security/ stuff is used by PAM. if your service isn't started on the other side of a PAM session setup they are ignored entirely
<sarnold> elfranne: the best answer is to configure systemd unit file or upstart configuration to include the limits you want
<elfranne> sarnold, oh i see.
<elfranne> sarnold, thanks for the info
<coreycb> dosaboy: i updated 1752838 with some analysis. i'll have package updates tested soon for bionic. i will want to run them by jamespage first too.
 * dosaboy checks
<dosaboy> coreycb: thanks for working through that
<dosaboy> coreycb: on the whole i agree with your comments/suggestions
<coreycb> dosaboy: great thanks for looking
<dosaboy> coreycb: i need to go back and check for myself but i think i did also see similar behaviour to seyeongkim on ocata
<dosaboy> i.e. neutron-l3-agent and neutron-dhcp-agent will not start until ovs-cleanup has finished
<dosaboy> but i need to go back and checl for sure
<coreycb> dosaboy: ok yes that should be the case today but only if they are started at the same time
<coreycb> dosaboy: which i think is the case at boot
<Ussat> Does anyone here use spacewalk to manage/update their servers ?
<dosaboy> coreycb: ah interesting
<coreycb> dosaboy: yeah, adding Requires= and After= tightens things up to where the ovs-cleanup will have to be started already, or will get started, by l3-agent or dhcp-agent
<average-guy> I just made a new home server VM w/Ubuntu server 18.04.  I was shocked by the new installer.  It looked nice and (seemed like, at least) ran faster.  Props
<compdoc> cant wait
<Ussat> Yea I have it also, kidos
<Ussat> been testing because gonna be updating work crap eventually
<Ussat> been testing upgrades from 16.04LTS on test systems
<tomreyn> upgrades wont be supported until july most likely
<nacc> rbasak: sorry, meant to ask that here, of course
<nacc> rbasak: if you're still there, have a 5 second gist of how easily it would be to add the treeish to the code?
<nacc> i realize for case (3) i need 3 distinct trees in the repo
<nacc> [for the same version]
<nacc> rbasak: i came up with something
<soahccc> I want to return a hosted server and therefore scramble the data on it (SSD). Everything I read says "make sure it's not frozen" but it is and I don't know how to unfreeze it. Since I'm not necessarily interested in the life condition of the disk what are my easy alternatives? Just dd it? It doesn't have to be NSA level erase
#ubuntu-server 2018-03-09
<OpenTokix> soahccc: dd /dev/zero is more then enough.
<OpenTokix> soahccc: There is even papers on it
<OpenTokix> soahccc: or /dev/urandom if you want to wait longer
<yutaka-m> I have an issue, that Japanese and Chinese are not displayed in the installer of ubuntu-server (bionic) daily build March 6th iso image. And, should I where to report? thank you for your read.
<lordievader> Good morning
<xnox> rharper, for the dhcpclient pivot to root, would it be sufficient to continue running dhcpclint from the initramfs, post pivot? or for example continue running dhcplient post-pivot, in addition to / in competition to netwokrd?
<xnox> rharper, is there a MAAS bug you mentioned, w.r.t. recovery on bionic?
<rharper> smoser: ^
<xnox> things will not be killed post pivot if their argv[0] is @
 * xnox <3 hacks & cookies
<smoser> dhcp in the initramfs is klibc
<smoser> which does nothing but one shot
<smoser> if you wanted to run dhclient, that might be sane
<smoser> but you'd have to deal with moving its open file handles and such over
<xnox> ugh
<smoser> you can probalby run it in the initramfs in a way that it writes its leases to /run/
<smoser> but that doesnt happen now.
<xnox> ack
<xnox> or just generate /run/systemd/network/*.network file which basically says to dhcp
<xnox> but name it zzzz-something.network
<xnox> such that if and when nplan/real networking config is generate it takes priority
<xnox> as _only_ the first matching .network file is in effect
<xnox> (alphanumerical ordering as per systemd(tm) algorithm - patent pending)
<smoser> that seemed like it could work.
<xnox> smoser, rharper - cause when maas recovery / emergency was mentioned.... was that far enough in the boot, that e.g. networkd was actually available?
<saban> is there a bug that i cant add secondary dns to interfaces? im using dns-nameservers 8.8.8.8 8.8.4.4 and when i restart network or ivn reboot in resolv.conf only shows first dns?
<saban> ubuntu 16.04 server
<TJ-> saban: where are you adding that option?
<saban> ./etc/network/interfaces
<TJ-> you've definitely got an 's' on the end of dns-nameservers? no dns-nameserver ?
<saban> yes dns-nameservers 127.0.0.1 10.0.0.230
<saban> i tride ivn this add nameserver 127.0.0.1 nameserver 8.8.8.8 in file /etc/resolvconf/resolv.conf.d/base
<saban> and secondary gets ignored
<TJ-> saban: as I recall, ifupdown has scripts hooked by resolvconf via /etc/resolvconf/update.d/ or related directories which handle it
<adylas> Hello, Is ubuntu can be used as L1 (First level of VM) in a nested virtualization setup ? I'm having hard time to enable it to spin up another KVM instance ("Hardware not found")
<compdoc> run a vm inside a vm guest?
<sdeziel> adylas: should work. What do you get when running "egrep -c '(vmx|svm)' /proc/cpuinfo" inside the VM?
<adylas> sdeziel, Hi, nothing. The L1 (Ubuntu 16.04) is not unaware.
<adylas> *is _not_ aware
<sdeziel> adylas: if your host has an intel CPU, make sure it has the nested param enable (it does by default)
<sdeziel> adylas: also check that your VM's CPU allow passing the required flags (vmx or svm)
<sdeziel> adylas: "<cpu mode='host-passthrough'>" should do it
<adylas> Yeah, its ovirt, its supported in there and my hypervisor has kvm-intel.nested=1
<adylas> sdeziel, Is this in the config of the L1 guest ? Or the L2 guest ?
<sdeziel> adylas: the nested param needs to be enabled in the host. The first layer of virtualization (L1) needs the right CPU flag.
<adylas> sdeziel, interesting
<sdeziel> adylas: the L2 shouldn't need anything special AFAIK
<adylas> sdeziel, The hook did the trick. This one : https://github.com/oVirt/vdsm/blob/master/vdsm_hooks/nestedvt/before_vm_start.py
<adylas> Thanks for your help !!
<sdeziel> adylas: great
#ubuntu-server 2018-03-10
<MACscr> if im running php-fpm and apache2, why am i getting this warning everytime php is updated with apt? http://paste.debian.net/1014048/
<MACscr> ive confirmed with phpinfo that it is indeed using fpm
<LennyKravitz> Hey all, I have an HP Proliant DL380 G7 server and i installed Ubuntu Server 64bit. What are some projects that i could do with this baby. I got the server from work which was going to be toss out. its in perfectly working condition.
#ubuntu-server 2019-03-04
<ruben23> hi there guys whats the difference in terms of version of applicationn from ubuntu server 12.04.5 lts going to 18.04.02 did they upgraded all application versions.?
<tomreyn> ruben23: it is usually so that newer / higher versioned ubuntu releases provide higher version application and service versions, too.
<tomreyn> https://packages.ubuntu.com can be used to check these.
<tomreyn> ruben23: unless you are using !ESM as part of a canonical support contract, your ubuntu 12.04 systems have los support in 2017 and have since been running without security patches, accumulating publicly disclosed security vulnerabilities.
<ruben23>  tomreyn: my only problem is i have application perfectly running with ubuntu server 12.04.5 lts now trying to adjust how the new version would break those application
<tomreyn> ruben23: your problem is that you haven't migrated your software during (up to) 5 years of running an LTS release
<tomreyn> if you depend on software which can't be upgraded you're doing things wrong.
<tomreyn> it is common to plan release upgrades about *at least* a year before the OS release it runs on goes EOL
<tomreyn> i'm not meaning to blame oyu there, just telling you how to operate in a reasonable way.
<ruben23>  tomreyn: you are correct im trying to find way to make it work on ubuntu serve rlatest version
<tomreyn> latest LTS release if you ask me, i don't like the idea of having to migrate again after 9 months
<tomreyn> also, this is my personal opinion (and experience?), LTS releases are better supported than the 9 months ones.
<Sebastien> hey, im trying to install something and i get this error, anyway to install it anyway?
<Sebastien> Package libpqxx-4.0 is not available, but is referred to by another package. This may mean that the package is missing, has been obsoleted, or is only available from another source
<Sebastien> E: Package 'libpqxx-4.0' has no installation candidate
<Gerowen> Sebastien: That means the package is not available in the repos to install.  I see that there's a libpqxx-6.2 package in synaptic for my 18.10 machine, do you "have" to have version 4.0 specifically, or will newer versions work?
<Sebastien> technically, i think i need to have that specific version. but i can try with your version and see what happens
<Sebastien> heh. thanks.
<Sebastien> i just rebuilt my server a second ago. ill try again from fresh and see if this works.
<Gerowen> Sebastien: If it doesn't have a billion other dependencies that would prevent you from doing so, I was able to find the 4.0 debs on packages.ubuntu.com, so you could download the deb from here and install it.
<Gerowen> https://packages.ubuntu.com/search?keywords=libpqxx-4.0&searchon=names&suite=all&section=all
<Sebastien> thanks
<Sebastien> a update worked and allowed it to install
<Sebastien> weird
<lordievader> Good morning
<ruben23> hi there guys this package are not supported anymore.? in ubuntu 18.04.3 lts.?   ---> php5-mysql , php5-cli, php5, any idea guys.?
<kstenerud> cpaelzer can you help me with crafting an appropriate changelog for the new php? I'm not really sure what goes where when we are the ones maintaining the package
<lordievader> ruben23: I think 18.04 moved to php7.
<ruben23> lordievader: what version does php5 is still being used.?
<lordievader> ruben23: I was just speculating... look at the repo. 16.04 might still have php5. However, it would be a good idea to update your application so you can move on to php7.
<cpaelzer> kstenerud: yeah, standup HO in a bit
<kstenerud> ok
<kstenerud> ruben23: Last ubuntu with php5 is trusty (14.04). You can technically use that, but you should really consider updating your app to use a newer php because trusty EOL is in April.
<cpaelzer> kstenerud: I'm there you can dial in safely
<ruben23> hi guys what php7 version we have for ubuntu server 18.04.2..?
<rbasak> ruben23: 7.2
<rbasak> ruben23: easy way to check: https://packages.ubuntu.com/bionic/php
<ruben23> ok how do i install php7 on ubuntu server 18.04.2
<lordievader> `sudo apt install php`?
<hellerz> Hello , I have installed xrdp on ubuntu 16.04 and it worked fine. After I upgraded to ubuntu 18.04 . now xrdp doesn't work properly. Here is the xrdp log file: https://pastebin.com/Hjric1j0
<hellerz> sesman log file: https://pastebin.com/Uru4AK28
<sarnold> hellerz: note that those log lines look truncated, you may not be seeing the whole context
<sarnold> hellerz: "warning, RSA key len 512 bits or less" looks bad
<teward> hellerz: don't try and copy data out from nano to get log data, cat the logs instead and then copy-paste the logs in
<teward> because those truncated lines're probably going to block some useful data
<teward> Cannot read private key file /etc/xrdp/key.pem <-- this is a pretty obvious 'problem'
<teward> sarnold: ^
<teward> RSA key length aside the lack of a private key file is probably one reason it's failing
<sarnold> hah
<hellerz> teward here you go: https://pastebin.com/nrFeAkpt
<teward> here's your problem: [20190304-10:21:37] [ERROR] Cannot read private key file /etc/xrdp/key.pem: Permission denied
<teward> your private key file is either unreadable by xrdp as the user it's running under
<teward> or is nonexistent
<teward> go fix your perms
<hellerz> teward It does exist
<hellerz> ls -l key.pem
<hellerz> lrwxrwxrwx 1 root root 38 Mar 4 08:39 key.pem -> /etc/ssl/private/ssl-cert-snakeoil.key
<sarnold> namei -l that thing
<hellerz> sarnold here is the output: https://pastebin.com/uksNvSsD
<teward> and keep in mind that's a symlink so the actual location of the snakeoil cert is where we need to check the perms on :P
<teward> oh well lookie
<teward> it says the symlink is BROKEN
<teward> what you see is a symlink
<teward> it's broken if you don't have `ssl-cert` installed
<teward> "ssl-cert-snakeoil.key - No such file or directory" <-- ERR:NONEXISTENT
<teward> which means the symlink points to nothing really and therefore the file referenced by key.pem doesn't exist (Therefore "not readable")
<sarnold> Hmmmm. I *think* namei is giving a *stupid* error message here.
<teward> hellerz: check if /etc/ssl/private/ssl-cert-snakeoil.key exists
<teward> sarnold: unless the file doesn't actually exist
<sarnold> so sad. I thought this tool was awesome. so sad to see it make this mistake.
<sarnold> teward: http://paste.ubuntu.com/p/kKGmVMWdJv/
<teward> check with sudo? :P
<teward> sarnold: by default that's rw by root/ssl-cert only I think
<teward> and not other users :P
<teward> STOP SENDING ME A TON OF BUG MAIL LP I DON'T NEED MY WATCH BUZZING EVERY 6 SECONDS >.<
<teward> *grumble grumble*
<hellerz> teward
<hellerz> dim@dim-KVM:/etc/ssl$ cd private
<hellerz> bash: cd: private: Permission denied
<sarnold> teward: that's the thing. the error message should clearly say Permission Denied rather than Does Not Exist.
<teward> hellerz: sudo file /etc/ssl/private/ssl-cert-snakeoil.key
<teward> if the file exists then check the user that xrdp runs as and that they have access, they may not
<hellerz> teward output: /etc/ssl/private/ssl-cert-snakeoil.key: ASCII text
<teward> so it exists but xrdp doesn't have permissions to read it
<teward> sarnold: i have to go fix a flapping switch here at work, can you help them figure out getting xrdp permissions, or how to copy the key locally to /etc/xrdp/ so it's not relying on the restricted access folder where snakeoil certs sit?
<teward> *goes to fix flapping internet uplinks at work*
<sarnold> teward: sure, thanks
<hellerz> sarnold thanks in advance
<sarnold> hellerz: so.. easiest would be to copy this snake oil cert to the /etc/xrdp directory..
<hellerz> sarnold just did that. Should I change any permissions now?
<sarnold> hellerz: if there's an xrdp user and group, probably it should be set so that user can read the file, and no one else can
<hellerz> sarnold I tried to pico ssl-cert-snakeoil.key which is /etc/xrdp but I'm getting permission denied
<hellerz> which is in*
<sarnold> hellerz: what user account are you using when you try to edit the file? do the permissions on the /etc/xrdp directory allow that user to traverse the directory?
<hellerz> sarnold user account is dim , I can see the file/folders when using this account ya
<hellerz> *on /etc/xrdp directory*
<Entry_lvl_dev> does anyone know how to create an nginx rewrite similiar to this: 'RewriteRule ^([A-Za-z0-9]+)/?$ php/$1.php [NC]; RewriteCond %{REQUEST_FILENAME} !-d; RewriteCond %{REQUEST_FILENAME} !-f'
<Entry_lvl_dev> this: 'https://whatever.com/Super-cool-cats; should rewrite to 'https://whatever.com/php/Super-cool-cats.php'
<teward> Entry_lvl_dev: #nginx might.  I don't, though.
<sdeziel> Entry_lvl_dev: I'd try this: https://paste.ubuntu.com/p/GKt825t9TG/
<teward> sdeziel: that won't change the URL though
<teward> that'll only change how it 'tests' the locations IIRC
<teward> unless I'm too tired to remember :D
<sdeziel> teward: sigh, ETOOTIRED ;)
<teward> sdeziel: EHECOMES
<teward> :p
<teward> *chugs cocacola to refresh his caffeine levels*
<teward> *does stupid tests*
<teward> oh good nginx stopped FTBFS in PPA
#ubuntu-server 2019-03-05
<nakamaki> anyone experienced in stopping ipv6 leaking on an openvpn through ds-lite?
<nakamaki> im running the openvpn server on a non-ipv6 server
<lordievader> Good morning
<jamespage> cpaelzer: I have a 2.11 release of ovs in preparation but its failing one test under s390x only - raised upstream
<jamespage> cpaelzer: I'll upload with that disabled for s390x
<jamespage> cpaelzer: oh wait - do you remember which test 2767 was?
<jamespage> I see we already skipped it
<cpaelzer> we skipped that one already
<cpaelzer> yes
<cpaelzer> and AFAIK you already reported upstream
<kstenerud> cpaelzer: exim4 merge is ready https://code.launchpad.net/~kstenerud/ubuntu/+source/exim4/+git/exim4/+merge/363958
<cpaelzer> kstenerud: uploaded
<cpaelzer> kstenerud: you see rbasak saying "nicely done dep3 headers" :-) that is why I handed you the template :-)
<rbasak> :)
<rbasak> cpaelzer: taking a_hasenack's sssd MP as I'm in review mode
<rbasak> s/as/while/
<cpaelzer> rbasak:  I just wanted to ask as you have grabbe dthat 9h ago :-)
<cpaelzer> ok, when you are on that I can go for lunch
<rbasak> cpaelzer: that was date requested, not date grabbed :)
<cpaelzer> rbasak: ack - makes more sense
<HyP3r> Hello, I just trying to install ubuntu server on a hyperv (microsoft) server. With the last Linux (Debian) servers I had the problem that the dynamic hard disc was growing all the time. So I created a thread and the solution is to create the ext4 partition with "-G 4096" (Flex block group size). And now the the question is how I can install ubuntu server and can tell the "mkfs.ext4" to do that:
<HyP3r> mkfs.ext4 -G 4096 /dev/sdX1
<HyP3r> https://social.technet.microsoft.com/Forums/en-US/e1928b52-70ee-41a8-98b5-f6e8cc03f642/dynamically-growing-vhdx-debian-stretch?forum=winserverhyperv
<HyP3r> In the installer I can only specifcy the Mountpoint :(
<HyP3r> And its also impossible to convert partitions
<RoyK> HyP3r: boot up on a live thing and create the partitions/lvm/filesystems needed manually, boot up the installer and install the system without changing anything. With the old installer you can do this by hand by pressing alt+right and then run fdisk/lvm-things/mkfs manually. Dunno about the new one (never liked it)
<RoyK> HyP3r: then use that vm to make a template, so that you don't need to do it manually next time - or use debootstrap to automate things
<HyP3r> RoyK: I allready created the ext4 partition with the installar but I can't select those partitions for installing the system
<RoyK> HyP3r: oh - the new installer? the old one should work well with this
<kstenerud> rbasak: For the unicode changes to php 7.2.15, I've found a bunch of other commits that deal with the internationalization stuff. Should they all be included? Some of them move away from deprecated API calls
<RoyK> HyP3r: it's called the "traditional" install
<RoyK> simple ncurses thing with a lot of more options than the new one
<rbasak> kstenerud: I think it's OK to just do the minimal that works.
<rbasak> (but I'd like that minimal to be correctly and cleanly minimal, etc)
<rbasak> If cherry-picking upstream is obtuse and awkward, then comiong up with a minimal patch like it sounds like you did is fine.
<rbasak> But we should perhaps explain that in the patch header to explain what and wy etc.
<rbasak> PHP upstream is a pain for this IME. They seem to tend to iterate on master so cherry-picks are awful.
<kstenerud> yeah, I've noticed :P
<HyP3r> RoyK: I have just started the ubuntu-18.04.2-live-server-amd64.iso and have choosen "Install Ubuntu Server". The Interface for installation is not graphical ist also just a ncurses thing...
<whislock> HyP3r: Correct. Servers don't generally involve graphical interfaces.
<RoyK> HyP3r: the live-server is the new thing and it's not very good - just something made to look better or more "userfriendly" - use the traditional one
<whislock> I like the new installer. >.>
<RoyK> well, it looks nice, but it's not as good as the old one, where you can do whatever you want, more or less
<whislock> True. I mostly deal with VMs anymore, where the new installer is sufficient. At least, for me.
<RoyK> whislock: obviously not for HyP3r ;)
<whislock> Â¯\_(ãï)_/Â¯
<amcclure> hello
<lotuspsychje> welcome amcclure
<amcclure> I've been in this channel before
<amcclure> probably just not for a while
<amcclure> ty anyways :)
<HyP3r> RoyK and whislock how can I now set those extra command line arguemtns to mkfs.ext4?
<RoyK> HyP3r: no need - just use the filesystems you have created, or, as I said, press alt+F2 or alt+right and get a commandline and do it manually before you choose to "use this filesystem for xxxxx" and "do not format"
<HyP3r> RoyK: ok. So I have to download a different ISO where I can do this?
<RoyK> HyP3r: yes
<RoyK> HyP3r: as I said, the traditional installer - you can find it on ubuntu.com
#ubuntu-server 2019-03-06
<lordievader> Good morning
<kstenerud> Is there a way to get multipass to see other multipass hosts via dns? I keep getting a lookup failure. I know there's libnss-libvirt, but that doesn't seem to affect multipass
<cpaelzer> kstenerud: other hosts or other guests?
<kstenerud> other guests. So multipass launch a, launch b, b: ping a
<cpaelzer> kstenerud: using libvirt or the default multipass backend?
<kstenerud> using default, but if possible I'd rather use libvirt since I've already redirected lxd to it
<ahasenack> multipass's libvirt is a different one...
<cpaelzer> kstenerud: as andreas said, it is its own one
<kstenerud> ok. Then whatever works. I don't absolutely need it to talk to other techs
<cpaelzer> kstenerud: with the default backend you ahve not much - I think they spawn a dnsmasq as well, setting that as DNS server maybe?
<cpaelzer> ask saviq in #multipass
<cpaelzer> he might know
<ahasenack> rbasak: how does debian put tarballs in their git in salsa? pristine-tar?
<rbasak> ahasenack: it's entirely up to individual maintainers. Some may not at all, others use gbp (which uses pristine-tar), etc.
<ahasenack> rbasak: trying to figure out how I would propose a version upgrade to a package in salsa. I should check their previous upgrades then
<rbasak> ahasenack: for "3.0 (quilt)" an MR for just the debian/ directory might be sufficient. Maintainers generally use uscan or other automated methods so it shouldn't be difficult for them to handle the upstream part. That's what I'd do, at least. Then you don't have to learn/screw up the maintainer's individual method.
<ahasenack> I see
<rbasak> I would explain that it's debian/ only in the MR of course.
<ahasenack> it would be a MR that doesn't built
<ahasenack> it would mention a version in d/changelog that is not there, etc
<rbasak> True.
<ahasenack> s/built/build/
<rbasak> But the maintainer could pull in the new upstream, and then merge that MR, etc.
<ahasenack> ok
<rbasak> I guess CI would fail if that's in use.
<ahasenack> I can always ask
<ahasenack> just wanted to get a feeling how it's usually done
<rbasak> Last time I asked this kind of thing in #debian-alioth (OFTC) nobody had a good answer.
<rbasak> That was on salsa issues vs. BTS.
<rbasak> I think it's too new for Debian to have any sense of "usually" yet.
<ahasenack> rbasak: sorry about misunderstanding your MP comment yesterday in sssd
<ahasenack> rbasak: you wrote it correctly, I just focused too much on the branch name I thought it was about that
<rbasak> No worries. I could have been clearer.
<ahasenack> I don't think you could :)
<rbasak> Just wait until you see my next review :-P
<ahasenack> hehe
<lunaphyte> hi.  i understand that loading of processor microcode updates from within a virtual guest is ignored/rejected by the hypervisor - but is there a scenario where a guest might be able to load microcode in the context of its "view" of the processor?
<lunaphyte> or is that just a fundamentally invalid premise from the start?
<lunaphyte> i'm equally curious about the linux-firmware package, and all of its firmware files.  are those applicable to a virtual guest?
<lordcirth__> I don't think you should need that package in a VM
<lunaphyte> that's the sense i had too.  i was hoping to formulate the why not part so i could understand it well
<Deihmos> Is it normal for the server to get updated packages and even kernel updates? I thought there were no package update
<sarnold> can you rephrase your question?
<Deihmos> I thought the only updates that you will get on the server are security updates
<sarnold> that's up to you -- if you have the -updates pocket configured in your apt sources, you'll get non-security updates in addition to the security updates when you use apt-get upgrade / dist-upgrade / apt upgrade
<sarnold> unattended-upgrades I believe can also be configured to install from -updates, but should do -security as the default
<sbeattie> Deihmos: kernel updates almost invariably include security updates.
<tomreyn> it does not seem like Deihmos is still close to their web browser.
#ubuntu-server 2019-03-07
<Ham62_> how do I roll back to the pervious server version after installing an update
<Ham62> I had a server running 12.04 fine and it kept nagging me to update so I just finished the update to 14.04 and after it booted into the login screen the entire display is just white with little black outlines where text is supposed tobe
<Ham62> I can't read anything so I want to roll back to 12.04 so at least the local terminal is usable
<Ham62> this is what I get when it boots: https://i.imgur.com/BKvV5yq.jpg
<Ham62> I typed in the username and password at the top and this is the greeting message with the bash prompt on the bottom
<Ham62> I don't have any GUI or anything installed this is just running on the text mode
<lotuspsychje> Ham62: 12.04 is end of life
<Ham62> 14.04 has brought the end of usability to my system so I think that I don't have much choice
<lotuspsychje> Ham62: its not a good idea to upgrade from an eol version, would you still trust it?
<Ham62> I don't need the latest security updates and everythign I'm just using it on my LAN
<lotuspsychje> Ham62: also, 14.04 will be eol soon too
<lotuspsychje> Ham62: would be wise backing up your data and start fresh 16.04 or 18.04
<Ham62> you think that doing further updates would fix the video issues going 12 -> 14?
<lotuspsychje> Ham62: you just said your on inside lan? sno not connected to internet?
<Ham62> it has internet but it has nothing ported forward
<lotuspsychje> Ham62: then its not wise to upgrade from eol
<lotuspsychje> !eolupgrade
<ubottu> End-Of-Life is the time when security updates and support for an Ubuntu release stop, see https://wiki.ubuntu.com/Releases for more information. Looking to upgrade from an EOL release? See https://help.ubuntu.com/community/EOLUpgrades
<lotuspsychje> but its your system Ham62 we can only advice
<Ham62> my media center PC on my TV is still running XP and has no issues it's not going to become part of a massive botnet just from having a connection behind a firewall
<lotuspsychje> Ham62: a firewall isnt a 100% proof of not getting exploited
<Ham62> if no one is connecting into you you won't get exploited
<Ham62> if there is no access point for them to exploit you you can't be exploited
<Ham62> and I'm not running a web browser or anything connecting to other sites so it won't get malware that way
<lotuspsychje> Ham62: what makes you so sure nobody connects you on your EOL server?
<Ham62> because I have nothing ported forward
<Ham62> there is no way to access this system from outside the LAN
<lotuspsychje> Ham62: you receive updates to your server right
<Ham62> when I tell it to
<lotuspsychje> so your connected
<Ham62> this is the first time installing an update to it in 2 years
<lotuspsychje> !usn
<ubottu> Please see https://usn.ubuntu.com/ for information about recent Ubuntu security updates.
<lotuspsychje> check how many exploits out there on eol versions
<Ham62> I see lots of exploits for escaping a virtual machine
<Ham62> which 1) requires running the native code on the VM and 2) having a VM installed
<Ham62> and PHP vulnerablility which again you need to be running a PHP server ported forward
<lotuspsychje> listen im not gonna kee argue, i advice you a fresh 16.04 or 18.04
<lotuspsychje> if you decide upgrading to 14.04, in a month its also eol and youl need to upgrade to 16.04 anyway
<lordievader> Good morning
<kstenerud> Who would be the person to talk to about debugging incorrect systemd configurations?
<kstenerud> As in, figuring out why systemd reports things like: Failed with result 'exit-code'
<kstenerud> or: -- The result is RESULT.
<cpaelzer> coreycb: thank you for the testing
<blackflow> kstenerud: depends on the package, perhaps start with a bugreport
<kstenerud> it's with corosync, which I'm taking over. But first I need to debug why the service fails to start
<kstenerud> but it looks like systemd is getting faked info in the result codes, which makes this difficult to debug
<blackflow> or it can't tell because it's a forking service
<blackflow> ideally with sd, wherever possible daemons should run as Type=simple or notify if it supports that
<blackflow> that's why I said start with the package, as I've seen packages with forking type where it shouldn't have been. nginx, redis just to name the two recent examples. and hell, redis even supports notify
<kstenerud> hmm looks like it's type notify
<blackflow> I guess the service is not informing systemd properly then. is there a specifc application log?
<kstenerud> there is, but it's empty
<blackflow> are there any confinements? ProtectSystem= ? seccomp fileters? disable temporarily all confinements?
<kstenerud> uhh... sorry where would I find those?
<blackflow> in the service unit file
<kstenerud> Nothing like that I can see: https://pastebin.ubuntu.com/p/YvTDpTXVdq/
<blackflow> kstenerud: can you pastebin the output of journalctl -xe   right after you attemp to start it and it fails?
<kstenerud> sure hang on
<blackflow> google can't seem to find any mention of it supporting systemd notify. usually daemons have a config option you can flip to tell them they're run under systemd and they should enable the notify API, I don't see that for corosync
<kstenerud> https://pastebin.ubuntu.com/p/TMfRKMgYrk/
<blackflow> kstenerud: try Type=simple.  that -f in the unit means "start application in foreground".  Maybe it just does not support the notify api
<kstenerud> ok let's see...
<kstenerud> wow! It was just that??? Crazy. It works now
<kstenerud> thanks!
<blackflow> you're welcome. it'd be wise to get yourself acquainted with systemd manuals and documentation if you're gonna maintain packages like that.  use the systemd.directives(7) manapge as reference point for all the config directives
<kstenerud> ok, thanks
<siavoshkc> Hi. I have a django server running correctly as I see. But in the log I see some errors:
<siavoshkc> [Thu Mar 07 13:54:57.251327 2019] [wsgi:error] [pid 6129] Not Found: /
<siavoshkc> [Thu Mar 07 13:54:57.617238 2019] [wsgi:error] [pid 6129] Forbidden: /quest/
<siavoshkc> [Thu Mar 07 16:50:07.829690 2019] [wsgi:error] [pid 6129] Not Found: /favicon.ico
<siavoshkc> [Thu Mar 07 16:55:09.896277 2019] [wsgi:error] [pid 6129] Forbidden: /quest/
<siavoshkc> [Thu Mar 07 16:55:09.898376 2019] [wsgi:error] [pid 6129] Not Found: /
<siavoshkc> Ignoring favicon.ico, I don't know about the others
<ahasenack> siavoshkc: looks like a scan for vulnerabilities
<Ussat> yup
<siavoshkc> Who is scanning?
<Ussat> We see that wen our infosec scans also
<ahasenack> "the internet"
<siavoshkc> So its noise
<siavoshkc> My security is rock solid.
<Ussat> Thats what is normally said right before a hack
<mason> God Himself could not sink this ship.
<Ussat> "Titanic Baby"
<leftyfb> siavoshkc: How do you know your security is rock solid if you don't understand what you see in those logs?
<Ussat> just stop with the logic leftyfb
<rbasak> cpaelzer: confused by the posgres MRE. I thought we concluded that we wouldn't revert the ABI change as it's a "produces bad data" bug otherwise?
<rbasak> Is this a different ABI change? What happened to the one we previously discussed?
<siavoshkc> leftyfb: Good question.
<cpaelzer> rbasak: I stated that in the bug, the "(potentially) produces bad data" change wasn't the ABI changing rename
<cpaelzer> I only found that when sitting down and trying to prepare the checks for the extensions
<rbasak> Ah
<rbasak> I read your comment 19, but I couldn't find anything referring to the bad data bug.
<cpaelzer> let me check which one #19 was
<cpaelzer> rbasak: yeah the "other" change - that one about the client_min_messages would have a chance to cause bad data
<cpaelzer> rbasak: which is not the ABI one
<cpaelzer> rbasak: but, that client_min_messages has to be used incorrectly to cause that problem
<cpaelzer> rbasak: unfortunately comments are immutable so we have a bunch of misleading comments collected over the time we worked on this :-/
<cpaelzer> rbasak: the bug description should have the most current and most reasonable description
<cpaelzer> rbasak: I made sure I mentioned all that in Regression potential
<cpaelzer> in fact let me add something very important that I thought about last night
<rbasak> cpaelzer: which bit of the regression potential refers to the bad data bug?
<cpaelzer> rbasak: adding that as well more clearly
<cpaelzer> rbasak: updated the description again to hopefully be even better now
<cpaelzer> rbasak: the important bit I added on my own is the fact that by our choices we don't CHANGE anything on the two debated commits
<cpaelzer> we take the MRE minus those two
<cpaelzer> which makes the MRE less regression-likely
<rbasak> cpaelzer: got time for a HO please? I'm still confused - trying to correct my old understanding with the corrections I think. A HO will probably be quickest.
<cpaelzer> rbasak: I'm in one already, I'll ping you once I'm ready
<rbasak> ack
<coreycb> sahid: i've uploaded cinder, nova and swift to the bionic unapproved queue for bug 1818069 where they're awaiting review by the sru team: https://launchpad.net/ubuntu/bionic/+queue?queue_state=1&queue_text=
<ubottu> bug 1818069 in swift (Ubuntu Bionic) "[SRU] queens stable releases" [High,Triaged] https://launchpad.net/bugs/1818069
<coreycb> also pushed to https://code.launchpad.net/~ubuntu-server-dev/+git
<coreycb> thanks for those
<sahid> coreycb: thanks
<ahasenack> cpaelzer: I added X-Python3-Version: 3.7 to d/control
<ahasenack> cpaelzer: the XS- variant is for python 2 only
<ahasenack> I still get the warning about ${python3:Versions} being unused, well, it's really ununsed
<ahasenack> your suggestion was to add it like X-Python3-Version: ${python3:Versions} (you mentioned the XS- variant, though)
<ahasenack> right now, I think ${python3:Versions} expands to 3.7 only, or something like >= 3.7, < 3.8 (have to check)
<ahasenack> I didn't find the text "python3:Versions" in the dh_python manpage, nor in https://www.debian.org/doc/packaging-manuals/python-policy/ch-module_packages.html
<ahasenack> rbasak: do you know something about that?
<ahasenack> the warning we are talking about is:
<ahasenack> dpkg-gencontrol: warning: package python3-tdb: substitution variable ${python3:Versions} unused, but is defined
<rbasak> ahasenack: where's the source please?
<ahasenack> rbasak: https://code.launchpad.net/~ahasenack/ubuntu/+source/tdb/+git/tdb/+ref/disco-tdb-1.3.18
<ahasenack> I didn't commit the "X-Python3-Version: 3.7" change to d/control
<ahasenack> but it's literally that line
<cpaelzer> ahasenack: I haven't found the string in the man page either
<cpaelzer> ahasenack: I only got there by grepping through all kind of packages and seeing them use it at that attribute
<ahasenack> I see
<ahasenack> my single example on my disk:
<ahasenack> apparmor/apparmor/debian/control:XS-Python-Version: ${python3:Versions}
<cpaelzer> ahasenack: http://paste.ubuntu.com/p/kmxSdrYwyP/
<ahasenack> that is even incorrect, the policy says to use X-Python3-Version for python3
<cpaelzer> yep
<cpaelzer> that would be http://paste.ubuntu.com/p/NKvgnfqKdm/
<cpaelzer> and http://paste.ubuntu.com/p/CmxKBsvQ9n/
<ahasenack> "Similarly, the optional fields X-Python-Version or XS-Python-Version were used to specify the versions of Python 2 supported by the source package. They are obsolete and can be removed now that only Python 2.7 is supported."
<ahasenack> at least that grep showed them being used for python2
<teward> ahasenack: uhm
<teward> the Debian bug?  I doubt it'll be acted on
<teward> AIUI, we shouldn't be updating units to *specifically* target network-online.target
<teward> wrt https://bugs.launchpad.net/ubuntu/+source/nginx/+bug/1818574
<ubottu> Launchpad bug 1818574 in nginx (Ubuntu) "Nginx cannot bind static IPv6 address on boot" [Low,Triaged]
<teward> ahasenack: and the workaround AFAICT is to bind to all v6 *and* the IP they specifically want; at least, per Maxim's suggestions on that thread for workarounds
<teward> ahasenack: and network-online.target *might* not solve the issue, necessarily, AIUI because 'network online' isn't clearly defined either.
<sdeziel> teward: I tried binding to all IPs (listen [::]:443...; + listen [2001::...]:443...;) and it didn't work. Have you tried what Maxim suggested?
<sdeziel> I was kind of surprised that NGINX didn't support IP_FREEBIND
<sdeziel> but maybe I'm doing it wrong
<sdeziel> as soon as I add the 2001::... IP to an interface, nginx is happy again
<teward> sdeziel: not recently i haven't checked.  Her'es a question, does Apache support IP_FREEBIND as well?
<teward> if *they* don't then the question is "Why should NGINX" (from NGINX's perspective)
<teward> if none of them support it then the question is why not?
<sdeziel> teward: because it's really handy in HA setups
<lordcirth__> sdeziel, on ipv4 I had to enable nonlocal_bind in sysctl. Perhaps there's a similar option?
<lordcirth__> This was for HAProxy + keepalived
<sdeziel> lordcirth__: yeah, I think the sysctl key make it works for v4 but I haven't tested
<sdeziel> lordcirth__: apache2 is happy binding a non-existent v4 once the sysctl is turned on
<teward> sdeziel: but not without that set in sysctl?
<lordcirth__> Without that set, the kernel will reject the syscall. Program doesn't get a choice.
<sdeziel> teward: nope and I couldn't find a way to tell Apache to explicitly use IP_FREEBIND
<teward> if kernel is 4.3+, then in theory net.ipv6.ip_nonlocal_bind would exist.
<teward> sdeziel: then that's probably why NGINX isn't using it - nobody is.
<teward> lordcirth__: see my sysctl message two lines up
<lordcirth__> Yeah I saw it, thanks
<teward> sdeziel: test if setting net.ipv6.ip_nonlocal_bind lets Apache or NGINX bind to nonexistent v6?
<lordcirth__> It exists on my 18.04 machine
<teward> i'm currently on my commute so I cna't pull an image down for lxd/
<teward> to do testing
<sdeziel> teward: wow, I wasn't aware of that sysctl, works with Apache
<teward> sdeziel: Google Is My Friend!
<teward> *shot*
<teward> (found it at https://serverfault.com/questions/236626/how-to-bind-a-non-local-ipv6-address)
<lordcirth__> Btw, sysctl variables set in LXC don't persist properly in 16.04
<lordcirth__> They do in 18.04, though
<teward> lordcirth__: LXC or LXD?
<teward> and I have an 18.04 host and use 18.04 containers usually ;)
<lordcirth__> It's a systemd version thing
<lordcirth__> So probably both
<teward> ah
<teward> that darned systemd evil!
<teward> :P
<sdeziel> teward: and it also works with NGINX
<teward> sdeziel: i'm not yet willing to suggest that we change sysctl but I'll propose that as a workaround
<lordcirth__> I hacked it into an 'up' line in eth1.cfg :P But now that's gone, yay
<sdeziel> teward: yeah, that's opt-in behavior IMHO too
<lordcirth__> Why wouldn't you change sysctl?
<lordcirth__> Or do you mean by default in Ubuntu?
<teward> lordcirth__: i mean by default
<teward> sdeziel: this is also why I'm not a huge fan of IP_FREEBIND because this sounds a lot like 'opt-in' behavior
<teward> not 'should be default' behavior
<sdeziel> teward: would make good, ExecStartPre lines
<teward> HA isn't exactly a common setup.
<lordcirth__> Ah, yeah I think normally I would want things to fail if I mess up their IP config, not silently do nothing
<teward> sdeziel: example of such lines? so I can add examples
<sdeziel> teward: sec
<sdeziel> teward: https://paste.ubuntu.com/p/gvCcP7JxZY/
<sdeziel> teward: as for nginx and IP_FREEBIND, I would have assume it was just another listen arg that needed to be added
<teward> sdeziel: possibly.  I've opened a Trac ticket upstream, to get reasoning, but I'm pretty sure it's easier to, on an as-needed basis, set the proper sysctl rules on individual systems/servers rather than rely on NGINX implementing it
<teward> that said, my focus recently has been work related things and working on my coredev application.
<sdeziel> teward: good luck on that coredev application!
<teward> it ain't filed yet :p
<teward> (est. 3 weeks out at most from filing the application officially)
<The_Actor> Guys, I am looking to find a good distro to build a webserver on, and due to recent privacy issues (Cannonical deciding to collect info and share with third parties without concent) have been hesitant to try Ubuntu. Are there such issues on the server products? Also does Ubuntu offer a Virtulization server, as in full-on web interface LXE/KVM management like Antsle and RedHat Virtulization
<The_Actor> Server? Thanks
<sdeziel> The_Actor: do you have pointers to info collection done without consent?
<mason> The_Actor: I think that's largely historical.
<mason> sdeziel: I suspect he means the Amazon search results from 14.04.
<mason> Or... whatever version it was.
<sdeziel> so much for recent
<mason> I'm just guessing.
<Gerowen> Which wasn't "collecting information" even then, it just forwarded search results to Amazon and displayed relevant results in the Unity menu, and had an option to be disabled.
<Gerowen> I mean it forwarded search "queries" to Amazon
<The_Actor> sdeziel: I dont understand the question "do you have pointers to info collection done without consent?"
<mason> The_Actor: He was confused because the issue is somewhat historical at this point.
<sdeziel> The_Actor: which privacy issues are your referring to?
<Ussat> Dude, internet.......basically toss privacy out the window
<mason> And then there's stuff like popcon.
<The_Actor> I recently saw a video on YouTube by somone reviewing Ubuntu, he stated that desktop search results and part of the index are sent to Canonical. A later video I saw Richard Stallman making noise that Ubuntu is sharing this with third parties . . .
<sdeziel> The_Actor: OK so that confirms what mason was saying, that's old, not really controversial (if you ask me) and desktop only
<The_Actor> I see
<sarnold> who knew that using the 'search amazon' feature would send search queries to amazon :)
<The_Actor> So I am trying to decide between building an LXE Ununtu Server Image or an LXE SUSE image for a webserver platform. Is there anything that would give Ubuntu a clear advantage over SUSE?
<sarnold> what a crazy time to be alive
<The_Actor> Would there be any advantages to say managing Apache on Ububtu, or perhaps good security profiles?
<sarnold> both ubuntu and opensuse have apparmor
<The_Actor> No clear winner then?
<sarnold> depends upon whether you prefer apt or zypper, deb or rpm, other packaged tools, etc.
<The_Actor> I guess I would want whichever is cleaner and has less of a history of destroying a working system
<sdeziel> The_Actor: best is probably to try both
<The_Actor> maybe
<sdeziel> cause clearly asking in here will come with a certain bias...
<sarnold> from personal experience, I've had one reiserfs3 tree destroyed on suse, and one 16.04 -> 18.04 upgrade go poorly (but recoverable). advantage to ubuntu there. :)
<tomreyn> ubuntu LTS may have a longer free support life.
<tomreyn> *lifecycle
<The_Actor> I just need something with a clear cut guide that sticks to the distros standards so I dont have large gaping security holes on a public facing test webserver
<tomreyn> opensuse leap "is expected to be maintained for at least 36 months, until the next major version of Leap is available", ubuntu LTS releases get security + bug fixes for 5 years
<The_Actor> Good point. Is Ubuntu LTS commonly used as a Webserver OS?
<tomreyn> there are many web servers which run on ubuntu.
<The_Actor> Interesting . . . Do you know of any web hosting business who use Ubuntu LTS?
<The_Actor> I thought it was mostly a RedHat, SUSE, and CloudLinux
<sarnold> the last numbers I've seen suggested roughly 60% of the workload on the major cloud platforms is ubuntu
<The_Actor> wow
<sarnold> millions of ubuntu machines come and go every day
<sarnold> red hat certainly owns US federal contracting
<sarnold> suse does great in europe
<The_Actor> Are there any specific management tools that make Ubuntu diffrent?
<mason> Red Hat is in a lot of the infrastructure. Then you can run anything atop it, and that tends to include a lot of Ubuntu.
<mason> As I understand it.
<The_Actor> I see
<sarnold> maas is great for managing fleets of bare boxes; juju for orchestrating workloads on various clouds; landscape for per-server views; lxd for container-based hypervisor kinds of things..
<sarnold> of course you can probably run lxd on rhel or sles too; I'm less sure about juju and maas
<The_Actor> Is there a Web Based LXD / KVM management system?
<mason> I haven't heard of Juju before. Is it equivalent to OpenShift?
<sarnold> mason: give me a second to learn about openshift :)
<mason> Ah, it is.
<mason> sarnold: Both Kubernetes.
<sarnold> mason: juju's not specific to kubernetes.. or at least it wasn't last time I used it :) heh
<sarnold> mason: cool, thanks
<mason> Ah, I'll have to learn more then. New to me.
<sarnold> mason: we'll use juju twice on a single cloud, even :) once with maas as the provider, to stand up the openstack cluster, and then again using openstack as the provider, to run the workloads on the cloud :)
<mason> Ah, cool.
#ubuntu-server 2019-03-08
<Ham62> I was wondering why I had such an old version of ubuntu on this system before
<Ham62> for some reason the setup CD for any version past 12 hangs trying to access the disk
<Ham62> 14.04.4 just fails out saying it can't mount the media, 14.04.1 almost makes it into the partitioning screen but then just hangs at a blank purple screen
<sarnold> you might want to try 14.04.6, 16.04.6, or 18.04.2, all of which are significantly newer than 14.04.4
<Ham62> I don't know where my blank CD-ROMs are those are the only versions I had laying around
<Ham62> so I'm gonna finish this 12.04 setup then do thr upgrade to 16.04 through the update program
<Ham62> this will also be good practice for if I want to upgrade my main server system from 14 to 16 at some point
<Ham62> but I heard that's the last version with 32bit support so I'm afraid that might break everything
<sarnold> that's fine I think all those images are too large to burn to a CD anyway, most folks use memory sticks if they're not pxebooting or similar
<sarnold> 18.04 LTS appears to still support x86 http://archive.ubuntu.com/ubuntu/dists/bionic-updates/main/ -- note the i386 directories
<Ham62> huh... I wonder what that was that I read about dropping i386 then
<Ham62> because someone at uni just brought it up to me a couple days ago when I was talking about maybe updating my system
<sarnold> I believe we make people type something to confirm if they want to upgrade their x86 18.04 machines to 18.10
<Ham62> ah
<Ham62> I just need to be really careful with that system because I even noticed some programs on the package manager wouldn't run on the system
<Ham62> they were using SSE2 or something which my CPU didn't support
<sarnold> those discussions were long enough ago that I've forgotten the outcome, but I'm pretty sure 18.04 LTS is the last LTS release we're going to do for x86
<Ham62> and that was just a text editor that was using SSE2 for some reason... apparently someone messed up the Go compiler config
<sarnold> ahhhh, that makes some ense
<Ham62> someone told me to try recompiling it from source but the Go compiler package used the same instructions lol
<Ham62> and I didn't really feel like recompiling Go from source
<lordievader> Good morning
<vtq> Hi! I need to override some rules in an apparmor profile. That is, I want to create a profile that goes: #include <blah> (which includes deny /foo) ; then override that with an allow /foo. Can I do that? I've been trying and I can't seem to get it to work
<lotuspsychje> !apparmor | vtq can this help?
<ubottu> vtq can this help?: For information about the AppArmor security framework employed in Ubuntu (since Gutsy Gibbon), see https://help.ubuntu.com/community/AppArmor
<vtq> ubottu: seen it already, yes
<ubottu> I have no seen command
<rbasak> kstenerud: looks like there's an issue between php7.2 and horde :-/
<rbasak> http://people.canonical.com/~ubuntu-archive/proposed-migration/update_excuses.html#php7.2
<blackflow> vtq: afaik no, once denied, you can't allow.
<kstenerud> rbasak I've updated the MP for php7.2 to include a depends for libicu
<kstenerud> https://code.launchpad.net/~kstenerud/ubuntu/+source/php7.2/+git/php7.2/+merge/363924
<rbasak> kstenerud: replied in the MP, thanks.
<kstenerud> One question: If I'm going to create a new MP with a new ubuntu version (ubuntu2 instead of ubuntu1), does that mean that the changelog requires a new entry (keep the ubuntu1 changelog entry as is, and add a new entry for ubuntu2)? Or do we just pretend ubuntu1 never happened and put everything together?
<ahasenack> add a new entry for ubuntu2
<rbasak> kstenerud: what ahasenack says, but note that you should be able to infer that from my MP comment and your question. We can't pretend ubuntu1 never happened - see my MP comment. And I did ask for a "new changelog entry"!
<lufi> Hi. I have two nics. 1 dhcp and 1 static. My problem is there are 2 default routes with the static network being priority. How can I set the dhcp the priority?
<lufi> the server is a vm with static as hostonly and dhcp bridged (connecting to internet). here is my initial configuration of netplan/50-cloud-init.yaml https://pastebin.com/8QAZX2fQ
<lufi> running `ip route` gives this defaults https://pastebin.com/pGP0YQLM
<ahasenack> cpaelzer: thanks for the careful on the complicated samba related MPs
<qman__> lufi: the DHCP one already has a metric, so set the static one's metric higher
<ahasenack> cpaelzer: the samba versioning has a precedent from the other time we went ahead of debian
<ahasenack> where I added ~ubuntu to the +dfsg suffix
<lufi> qman__ how do I do that? using `routes` in netplan?
<ahasenack> the only reason is the dfsg big
<ahasenack> had it been the upstream tarball directly, I would have used just +dfsg-0ubuntuN
<ahasenack> but maybe my concern is invalid?
<ahasenack> i.e., our tarball differing from whatever debian will create eventually
<qman__> I don't know anything about netplan, but surely there must be a metric option
<lufi> Something like this? https://pastebin.com/8zzMucqu
<qman__> if you use the normal /etc/network/interfaces file, and have ifmetric installed, it's just "metric NNN"
<lufi> oh ok. I've been trying that routes thing
<lufi> yeah 18 has a lot going on
<lufi> qman__ solved it by doing this https://pastebin.com/Pvqw3sNv
<mike802> hello all!
<mike802> i want to work on getting a publicly visible url for my ubuntu server, but i don't know where to start
<mike802> my php/apache site looks fine over a lan, and i've reserved the domain name on godaddy.....
<mike802> should i perhaps start in #ubuntu?
<sdeziel> mike802: go to godaddy's panel, add the server's public IP under the name you want
<sdeziel> mike802: here is the right place IMHO
<mike802> alright
<rbasak> cpaelzer: are you sure the git-ubuntu change doesn't count as a feature change?
<mike802> how do i look up my public ip?
<mike802> on windows i just type that into google
<sdeziel> mike802: I'd first check if you server has it directly configured: "ip addr"
<mike802> nope...
<sdeziel> mike802: OK so that probably means it's configured on a router/firewall in front of it that does NAT to translate it to its private IP
<sdeziel> mike802: if that's the case, you will likely need to punch a hole in that firewall/router to do a port forward in order for people on the Internet to be able to reach your web server
<Ussat> I would be very carefull and make sure php is secure
<Ussat> php is known for exploits
<mike802> alright, sounds like i might not be ready for a full roll-out
<mike802> some good points to consider though
<sdeziel> running a public service require a bit more attention to security indeed
<Ussat> yup
<mike802> i know, i could post my link to the wrong channel and have all kinds of issues
<mike802> :/
<sdeziel> mike802: I'd recommend not relying on the "hidden" nature of the link in question
<mike802> alright.....
<mike802> as far as my php goes, i've barely even started scrubbing input for whitespace and reserved words, etc
<mike802> anyway, good stuff to consider, thanks
<mike802> alright, so i've barely used godaddy before, what an i looking for
<mike802> *am
<mike802> my account -> account settings -> domain reg defaults -> dns control - enter nameservers?
<sdeziel> mike802: at this point, I'd suggest you stick with godaddy's provided nameservers
<sdeziel> mike802: you likely want to add an "A" record
<mike802> ?
<tomreyn> mike802: the server you are planning on bringing online, is this hosted with godaddy, too, or is this at your home?
<mike802> it is at my home
<tomreyn> (or somewhere else entirely)
<cpaelzer> rbasak: you meant uvtool right?
<mike802> as i mentioned, over a lan it looks fine
<rbasak> cpaelzer: yes sorry
<mike802> i am trying to get away from using a 192-based url
<cpaelzer> rbasak: well, it is both - a fix to avoid guests with issues on cirrus to work better - and a feature to have much more modern things
<mike802> trying to find a starting point (not married to godaddy)
<tomreyn> mike802: i see. then you need to find out whether your ISP does dynamic or static ip address assignment, i.e. does your public ip address change over time?
<cpaelzer> rbasak: I'm fine having it 19.10 as we have adressed the majority of issues in xorg as well
<mike802> alright, i'll come back later
<rbasak> cpaelzer: OK, thanks. There should be a PPA available.
<rbasak> I also want to add support for network-config.
<leftyfb> Are there any downsides to removing cloud-init from an ubuntu server install?
<leftyfb> Seems like for bare metal, not being managed by MAAS or juju or anything, it just gets in the way
<rbasak> How does it get in the way?
<rbasak> If there's no datasource I don't think it's even active.
<leftyfb> rbasak: it's multiple steps to set a hostname
<rbasak> leftyfb: and how does removing cloud-init change anything?
<rbasak> You set /etc/hostname, and /etc/hosts, and you're done.
<leftyfb> rbasak: good luck with that
<rbasak> OK, well if you don't want to explain to Ubuntu developers what the problem actually is, what are you doing on this channel?
<teward> rbasak: he *may* be running into the defaults for how cloud-init is
<teward> let me pull up that subiquity bug..
<leftyfb> rbasak: That in insufficient. You need to use hosnamectl set-hostname and you need to disable preserve_hostname: true in cloud.cfg. Otherwise cloud-init keeps the original hostname. Removing cloud-init allows you to just edit /etc/hostname
<leftyfb> rbasak: sorry, I was still typing
<teward> https://bugs.launchpad.net/ubuntu/+source/cloud-init/+bug/1780867
<ubottu> Launchpad bug 1780867 in subiquity "hostname unchangeable / some daemon changes and resets /etc/hostname" [High,Triaged]
<teward> leftyfb: rbasak: ^ read up, known 'issue'
<leftyfb> hm, I'm not so sure it's invalid for cloud-init. Let me check
<teward> re-reported by me in December.  cloud-init needs preserve_hostname in /etc/cloud/cloud.cfg to be set to "true"
<teward> leftyfb: ultimately not a bug in cloud-init but a bug in the config file that Subiquity leaves as-is
<teward> Subiquity could alter that file :P
<sdeziel> I can relate to that. cloud-init does revert hostname changes on reboots by default
<teward> ^ this
<rbasak> Thanks
<leftyfb> So shouldn't the bug be that cloud-init should set the default to not revert? As opposed to subiquity changing it at install?
<rbasak> That's definitely a valid bug.
<rbasak> But I'm confused as I didn't think cloud-init was active after a subuiqity install.
<rbasak> If it is, and it's meant to be, then removing it probably isn't a good idea.
<rbasak> Fixing the bug of course is :-/
<leftyfb> https://photos.app.goo.gl/iQCS5LwWY4TqF1Zb7
<leftyfb> cloud-init is definitely active on a fresh install
<rbasak> I guess subiquity injects a data source then
<rbasak> TIL
<metabsd> Hi :)
<metabsd> Can I use clearpart with curtin or preseed in recent ubuntu version ?
<teward> rbasak: cloud-init *is* active, I can confirm that.  BUT it needs its defaults altered, IIRC that can be done as a subiquity "cleanup" task before the installer finishes, but that's a discussion for the Subiquity devs
<teward> i'm not super familiar with the subiquity internals ;)
<leftyfb> ok, so bottom line, removing cloud-init from a subiquity install has no adverse affect, correct?
<teward> I can't verify that unfortunately leftyfb, YMMV.
<coreycb> sahid: neutron-vpnaas 12.0.1 is now uploaded to the unapproved queue for bionic. i'll add the sru team to the bug now.
<sahid> coreycb: ack thanks
<Blueking> are there ways to find out what is where about finding what folders is where on multiple hdd's ?
<metabsd> There a way to do templating storage layout and network config in MaaS ?
<The_Actor> Hey guys
<lordcirth__> Hello
<The_Actor> I am trying to set up an LXE container to upload to my virtulization server for practicing web development. Is there a base LXE image for download, or do I have to create it?
<ahasenack> you mean LXD?
<ahasenack> if you mean lxd, you can easily launch almost any release of ubuntu, debian, centos, fedora, etc, like this:
<The_Actor> no LXE as in a virtual container that can run on a virtulized environment as opposed to a KVM image
<ahasenack> lxc launch ubuntu-daily:bionic
<ahasenack> I don't know what lxe is
<teward> The_Actor: there is no such thing as an "LXE" container
<teward> unless you mean LXE *hypervisors*
<teward> (which is similar to OpenVZ)
<teward> but that's close to LXC/LXD in how it operates
<teward> which is far easier to get 'working' than OpenVZ or similar systems
<The_Actor> There are two popular types of virtulization, the first is KVM and the newest cool way of doing it is via LXE. LXE is not a full virtulization and adds the bennefit of shared resources such as free RAM.
<ahasenack> it sounds like you are describing lxd
<teward> The_Actor: you've just described LXD
<The_Actor> I am looking for a base image to upload to my virtulization server and make it into a practice webserver
<The_Actor> one second
<ahasenack> the launch command I pasted above will download the image (if you haven't it already) and launch the container
<teward> LXE is "not new" technology, neither is OpenVZ.  LX*D* is the 'newest' cool way of doing containerization and resource sharing on many host OSes, Ubuntu included.
<teward> I think LXD is what you are actually looking at :P
<The_Actor> I know it as LXC with the LXE file type extention
<The_Actor> "LXC (Linux Containers) is an operating-system-level virtualization method for running multiple isolated Linux systems (containers) on a control host using a single Linux kernel."
<The_Actor> Am I confused?
<lordcirth__> I have never heard of LXE, and I use LXC containers lots
<lordcirth__> What does a .LXE file do?
<The_Actor> Ok well, I am running an EdgeLinux Server, I want to upload an LXC image to it. Do you know if there is a base image that is supported and adheres to the standards I can use to start?
<ahasenack> do you have ubuntu installed on that server?
<sdeziel> edgelinux seems to be a gentoo derivative that uses libvirt to drive KVM and LXC
<lordcirth__> He's gone, anyway
<ahasenack> I wasn't sure if he meant a server type, or an OS
<mason> I'm confused by something. I see a number of files in /usr/share/doc/libzfs2linux that aren't registered as belonging to any package, when I'd have expected them to belong to libzfs2linux.
<mason> Maybe they're holdovers from when this box was 16.04.
<lordcirth_> mason, possibly. You can use apt-file search to check
<mason> lordcirth_: as with dpkg -S, it doesn't find anything - that said, I'll look on a Xenial box and see
<mason> Not there either. Odd. /usr/share/doc/libzfs2linux/README.Debian is one of them.
<sdeziel> mason: on Bionic, those files are all symlinks to files owned by libnvpair1linux, exception made of /usr/share/doc/libzfs2linux/copyright.
<mason> sdeziel: Ah, hah. Good catch. I hadn't considered that they might not be regular files.
<mason> And I guess I never realized that dpkg -S doesn't track symlinks.
<sdeziel> it seems like it does though: https://paste.ubuntu.com/p/S8cMtS8pNV/
<mason> Hrm. Wonder where my README.Debian came from then. I see it in the source package, but I don't see where it's being told to be installed.
<mason> And you don't seem to have it in your paste.
<mason> I don't see it in a fresh install of the library on a Xenial box, so that's not it.
<mason> This is down a rabbit hole and probably not important, but I'm pondering using libzfs for an expansion of some stuff that's current sh.
<mason> currently*
<sdeziel> mason: I know there is/was a PPA for ZoL so maybe it left some files hanging around?
<mason> So I looked for a man page, didn't see one, and then looked for plain docs, and noticed bits not registered as being part of a package.
<mason> Maybe. I don't think I ever used it, but they came from somewhere.
<sdeziel> on Xenial, I see no symlinks
<sdeziel> FYI: https://paste.ubuntu.com/p/xb2Xpqfqx4/
<mason> hrm
#ubuntu-server 2019-03-09
<nima> hi
<nima> Guys I was getting some advice earlier today and was unfortunately disconnected. Does anyone here have experiece with building LXC containers?
<jtnunley> uhh
<jtnunley> so, the fileserv i want will have potentially a lot of files on it
<jtnunley> and there will be an app (more specifically a middleware server) that downloads files from it at the request of a user
<jtnunley> lotuspsychje: thoughts?
<lotuspsychje> jtnunley: if volunteers have ideas, they will think along with you mate, idle a bit
<jtnunley> sorry
<fleabeard> hello friends, how would I go about completely removing cloud-init from my ubuntu server? I think I was forced to install it back when I initially installed the server and would like it gone from my system if possible.
<tomreyn> who forced you to install it then? was it brute force?
<tomreyn> try: sudo apt purge cloud-init
<fleabeard> tomreyn, iirc, I couldn't advance the installation of the server unless I chose it from a list of many other services.
<tomreyn> so... nobody forced you to do things against your will, phew.
<fleabeard> tomreyn, right, my wording may have been a bit misleading sorry about that :) Anyways, what you suggested seems to work so thank you very much!
<tomreyn> fleabeard: ;-)  you're welcome
#ubuntu-server 2019-03-10
<bigon> hi
<bigon> Could someone have a look at https://bugs.launchpad.net/ubuntu/+source/selinux/+bug/1805350 and https://bugs.launchpad.net/ubuntu/+source/selinux-policy-dummy/+bug/1819316 ?
<ubottu> Launchpad bug 1805350 in selinux (Ubuntu) "Please remove selinux package from the archive" [Undecided,New]
<ubottu> Launchpad bug 1819316 in selinux-policy-dummy (Ubuntu) "Please remove selinux-policy-dummy package from the archive" [Undecided,New]
<bigon> IMVHO, these two packages are creating more issues that they try to solve and should be removed
<blackflow> bigon: "not needed now that ubuntu has switched to systemd"   how does that follow? not sure I understand the problem.
<bigon> the selinux package installs a LSB initscript
<bigon> that scripts breaks systemd
<bigon> boot using systemd*
<bigon> (/me is the "maintainer" of SELinux in debian)
<bigon> s/not/now
<bigon> (well the sentence was actually ok, need more coffee on Sunday morning)
<bigon> the (init)script was needed for upstart basically
<blackflow> I see, but why remove whole package?
<blackflow> (as opposed to fixing/removing the initscript, or separating into, say, selinux-sysv  or whatev)
<bigon> because in debian we have a meta package
<bigon> as well
<bigon> https://packages.qa.debian.org/s/selinux-basics.html
<bigon> (I'm thinking about merging the ubuntu "selinux" package in the debian ons
<bigon> one
<blackflow> ah the selinux-basics?
<blackflow> I see now.
<bigon> (or re
<bigon> (or renaming or something)
<blackflow> so this is not about removing selinux support completely, just package recombination
<bigon> just the meta package
<bigon> the rest of course stays (and comes directly from debian AFAICS)
<bigon> I need to go now, I can discuss later if anybody wants
<blackflow> bigon: thanks for maintaining it ;)
<uzee>  Hi, can anyone here help a little bit with Ubuntu desktop automated installation? I've setup a kickstart server to do automated installas for RHEL, Ubuntu & CentOS server editions. There is a need for a desktop automated install only for ubuntu
<uzee> reposting:  Hi, can anyone here help a little bit with Ubuntu desktop automated installation? I've setup a kickstart server to do automated installas for RHEL, Ubuntu & CentOS server editions. There is a need for a desktop automated install only for ubuntu
<the_actor> Guys I am really lost and could use some help. My end goal is to have a working Ubuntu Server running in a LXE container. I just want to stick to the official upgrade path so I end up with a secure working system with the correct packages. Any guidence would be greatly appreciated.
<the_actor> Does anyone here have experience setting up ubuntu server in an LXC container?
<blackflow> the_actor: perhaps ask specific questions about things you have problems with?
#ubuntu-server 2020-03-02
<theborger> hey everyone i sm having all kinds of issues with yaml. when i add the 2 networks and then run netplan apply it just keeps saying the same error over and over
<theborger> /etc/netplan/50-cloud-init.yaml:7:11: Error in network definition: bond0: interface 'enp0s25' is not defined
<theborger> - enp0s25
<theborger>           ^
<theborger> erm the ^ is pointing at the e
<Havenstance> running into an odd issue using cifs-utils to mount a share from Windows Server on my Ubuntu Server. I can access just fine, but I cannot seem to for whatever reason delete any files, and some programs are saying they can't access the folders. Is there some way of mounting that would fix this? or has anyone in here ever tried this type of setup? I'm thinking it's a permission issue between windows/ubuntu svr yet I'm not even sure where to
<Havenstance> look for it
<Havenstance> I may have found the solution to this issue, sharing a root drive is something windows flat will not do, I moved the library to a folder inside the drive, shared that, and will know in a moment if it fixed it
<lordievader> Good morning
<TJ-> Is there a specific channel for Canonical kubernetes (install) issues?
<mason> TJ-: https://wiki.ubuntu.com/IRC/IrcTeam/Scope
<mason> TJ-: Then again, there are channels that aren't listed, like #netplan, so maybe there's an unofficial channel.
<TJ-> mason:  indeed; with snaps its got stuipidly difficult to figure out where support should be
<mason> TJ-: Ah, https://ubuntu.com/kubernetes/docs/get-in-touch notes #cdk8s
<TJ-> mason:  nice find! thanks
<TJ-> I tried querying alis but without result
<hggdh> Q: I am lookinv for docs on what modules come in linux-modules-extra. I knew (of old) of some sort of docs, but I cannot find it anymore. Anyone has a pointer?
<sdeziel> hggdh-msft: something like this https://packages.ubuntu.com/focal/amd64/linux-modules-extra-5.4.0-14-generic/filelist maybe?
<mason> hggdh-msft: There's always https://packages.ubuntu.com/ or just downloading the package and breaking it open.
<hggdh-msft> yes, I looked at it (and this is how I found bout the module I needed). But what I am missing, for the client is some wording on why, and how it was split into tewo packages
<hggdh-msft> (actually I found it via apt-file search gtp.ko first)
<mason> hggdh-msft: For "why" you'd need to maintain the package maintainer.
<mason> or email him
<mason> ENOCOFFEE
<hggdh-msft> apw, methinks... will ping him
<hggdh-msft> oh, already done :-)
<thelounge5173> I've got a headless ubuntu server runninng. ISP has gone out twice in the past week and both times the network will not recover on this machine. Has never been an issue before and restarting systemd-networkd does not solve the issue. Full reboot required. Any way to troubleshoot for a solution?
<mason> thelounge5173: Did you try ifdown/ifup ?
<thelounge5173> mason I didn't. I can try and replicate this issue to see if that solves it. But I'm hoping it's a configuration issue causing it to not come back automatically.
<mason> Then again, I'm only probably 90% certain those exist for netplan.
<thelounge5173> yeah, ifdown "command not found"
<TJ-> thelounge5173: firstly, if SD-ND restart doesn't bring it back up, and it's a regular wired Ethernet that suggest a hardware/link issue
<mason> Hrm. I don't think 'netplan apply' matters here since you're not changing the config. What happens when you... do you say "restart systemd-networkd" or do you say "stop" and then "start"?
<thelounge5173> mason I tried both
<mason> TJ-: Aren't there cases where restart won't work but stop/start will? ISTR reading something to that effect recently.
<mason> kk
<thelounge5173> TJ- I tried swapping out the cable before restarting thinking it could have been a connection issue. also tried different switch port. no luch
<TJ-> mason: I think those only apply to the semantics of how SD tries to restart a service
<thelounge5173> luck*. Only system reboot fixed it so far
<TJ-> thelounge5173:  how about checking the kernel log? seeing what 'ethtool' reports... could be a power-save issue. would help to know the exact hardware "lspci -nn -d ::0200"
<thelounge5173> Intel Corporation Ethernet Controller 10-Gigabit X540-AT2
<mason> TJ-: Are there any relevant logs from the ineffective restart attempts?
<TJ-> thelounge5173:  "journalctl -b -1" would show the log from the last boot. -2 -3 -4 the previous boots and so on
<thelounge5173> Only think in syslog with 'ethtool' in it: https://pastebin.com/YUfusQrf
<TJ-> thelounge5173: what is the [vendor:device] that lspci -nn reports at end of line
<thelounge5173> full line: 05:00.0 Ethernet controller [0200]: Intel Corporation Ethernet Controller 10-Gigabit X540-AT2 [8086:1528] (rev 01)
<TJ-> thelounge5173: so the driver for that is "grep -i '8086.*1528' /lib/modules/$(uname -r)/modules*" => " /lib/modules/5.3.0-25-lowlatency/modules.alias:alias pci:v00008086d00001528sv*sd*bc*sc*i* ixgbe "
<TJ-> thelounge5173: try to identify a boot where the link didn't come back up from "journalctl --list-boots" ... then, if for example you decide it was -4, do 'pastebinit <( journalctl -b -4 -u systemd-networkd)" and give us the link
<thelounge5173> well it's not that it doesn't come back from boot, it just doesn't come back when the internet goes down and comes back up (ISP outage)
<thelounge5173> not sure if that's different.
<TJ-> thelounge5173: I know... what I'm hoping you can find is a boot where that happened, so we can find clues in the logs when the link doesn't come back up
<thelounge5173> ah
<thelounge5173> well FWIW it's not that SD-ND never came back, its status was showing as running, but there was no network on my interface
<thelounge5173> does that matter?
<TJ-> thelounge5173:  no... we're hunting clues. if the SD-ND log doesn't help we'll widen the scope and grab the kernel log for that boot, instead
<thelounge5173> 10-4
<TJ-> thelounge5173: it could be the link comes back up but fails to gain an IP address, for example, which would point to a DHCP issue
<thelounge5173> ah
<thelounge5173> got it
<TJ-> ooo... CB speak, good-buddy :)
<thelounge5173> :P
<thelounge5173> Ok, so nothing wrong that i can tell with journalctl's boot logs
<TJ-> thelounge5173: if the ISP link does down, presumably the PC itself is connected to a gateway/router on your LAN, so the wired link shouldn't change in any respect
<TJ-> thelounge5173: in which case the issue could be in the gateway device
<thelounge5173> So my router?
<thelounge5173> Possible. I've been meaning to increase the DHCP range in case I do hit the limit since I do have a good chunk blocked off for static IPs
<thelounge5173> well, although this server has a static IP
<thelounge5173> but could be another issue with it I suppose (the gateway I mean)
<TJ-> thelounge5173: so when the ISP drops does the server lose its IP address? is it IPv4, IPv6, or both? how are you determining the network doesn't recover - what tests are you doing
<TJ-> thelounge5173: e.g. is it only name resolution that fails, which would point to DNS not connectivity
<thelounge5173> no. I'm unable to shell into it from the same network or outsite, opening a console on the physical machine I'm unable to 'ping google.com' OR 'ping 8.8.8.8'
<thelounge5173> 'ip addr' shows no IP set for that interface either
<TJ-> thelounge5173:  so it loses the IPv4 address, yet you say it is set to static?
<thelounge5173> yes
<thelounge5173> unless I didn't set that up properly
<TJ-> thelounge5173:  is it 'static' as in set on the server via netplan or systemd-networkd config, or 'static' in the DHCP server?
<thelounge5173> but it does have the proper IP address :P
<thelounge5173> here's my /etc/netplan/50-cloud-init.yml: http://paste.ubuntu.com/p/hJYyBkjGQk/
<thelounge5173> so on the host itself
<TJ-> thelounge5173: the weird part is the interface losing the IPv4 ... that would generally only happen if the Ethernet link itself drops. When the ISP link fails does the gateway device reboot or do anything else 'weird' ?
<thelounge5173> nope
<thelounge5173> checking uptime of the gateway just to be sure...
<thelounge5173> well.. maybe something happened: uptime: 4h 50m 44s
<thelounge5173> so yeah, something did happen with the gateway
<TJ-> thelounge5173: so let's imagine a scenario. Server starts, link to router/gateway comes up, everything fine. ISP link drops, for some reason the gatway device powers off/restarts, which means the Ethernet link to server drops, so SD-ND removes the IP address... link comes back up but for some reason SD-ND doesn't reset the IPv4
<TJ-> thelounge5173:  is the ISP device the same as the LAN gateway?
<thelounge5173> no
<thelounge5173> Got a USG for the gateway
<thelounge5173> Interesting it rebooted. My server or Pi didn't, but there is a UPS. I would swear that the USG is on that UPS but can't confirm until I get home.
<thelounge5173> which is curious why the gateway rebooted....
<thelounge5173> But regardless, still unusual that SD-ND didn't reset the IPv4. Even after I restarted its service.
<TJ-> thelounge5173: if the link dropped the IPv4 would be removed... not sure if it'd be re-added on link returning I'd have to test that, but I think it does. What is weirder is restarting SD-ND not restoring it
#ubuntu-server 2020-03-03
<dazage> Hi there, I'd like to upgrade a non-essential of mine to 20.04 before released. My question is just how strongly inadvisable is that?
<oerheks> as it is an LTS version, long support, sure you can upgrade and expect no huge issues.
<dazage> Even if I'm upgrading a month or so before it's official release?
<oerheks> sure, the feature freeze is in place. https://wiki.ubuntu.com/FocalFossa/ReleaseSchedule
<oerheks> the testing week is about to start.
<dazage> oh wonderful, in that case I've got perfect timing. :-P
<oerheks> Yes, that is where we are at
<tomreyn> !ubuntu+1
<ubottu> Focal Fossa is the codename for Ubuntu 20.04 - Support only in #ubuntu+1
<oerheks> oops my bad :-P
<dazage> splendid. If I have my debian correct, `sed -i.bak 's/bionic/focal/g' /etc/apt/sources.list` with an update&reboot should do the trick, correct?
<oerheks> that is the debian way, please use  the release update tool with -d development, it does some more checks.
<dazage> "You have to download a total of 373 M. This download will take about 47 minutes with a 1Mbit DSL connection and about 14 hours with a 56k modem."
<dazage> Haha, seeing the 56k modem cracked me up. Good times.
<sarnold> :)
<dazage> aand we're live. Ubuntu Focal Fossa (Dev Branch) :-)
<dazage> Anything I should keep in mind/do for when 20.04 releases?
<sarnold> keep a careful eye on those apt upgrades to make sure it doesn't decide to remove something important to resolve a conflict :)
<sarnold> I've been running it on my laptop for a while and it's certainly got more issues than 18.04
<sarnold> don't hesitate to file bugs
<dazage> Will do, thanks a ton oerheks and sarnold.
<tomreyn> and ubottu!
<sarnold> haha
<lordievader> Good morning
<Ussat> So, um...I assume we have a patch for this:  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1938
<sdeziel> Ussat: https://people.canonical.com/~ubuntu-security/cve/2020/CVE-2020-1938.html shows the packages as 'needs-triage'
<Ussat> OK
<Ussat> Thanks
<Ussat> so, what means, what exactly ?
<sdeziel> I'm not sure, would be best to ask directly in #ubuntu-hardened which is where the security team is
<kiokoman> under esxi i have 2 ubuntu server running 5.3.0-40-generic if i run iperf3 from another machine (same subnet) server 1 say 238 Mbits/sec server 2 say  633 Mbits/sec both are vmxnet3 driver, any suggestion on how to troubleshoot this ?
<ahasenack> are you using virtio for the nic on the slow server?
<ahasenack> ah, you said both are using vmxnet3
<ahasenack> I don't know then
<teward> powersj: rbasak: FYI re 1865948 I think it's too late to consider this for Focal, as we are past FF.  Any objections to adding this to a discussion point post-Focal release as a consideration for G-series?
<teward> s/FYI//
<powersj> bug 1865948
<ubottu> bug 1865948 in nginx (Ubuntu) "Add a config dir for stream definitions" [Wishlist,Triaged] https://launchpad.net/bugs/1865948
 * powersj needs a link :P
<teward> powersj: blame irccloud derping and missing a word
<teward> :P
<teward> but I think its past FF so it's a little late to start adding new features even to the packaging in Ubuntu (it's also an extra delta NOT proposed yet in Debian)
<teward> (though we are extremely diverged from Debian at this point heh)
<powersj> agreed in general, but let me tie off with why the request has come in and what version he is targeting
<teward> yep.
<teward> I just dont want to start making package changes which only one or two people use (the data about who uses the stream module is not available just yet)
<teward> hence the multiping ;)
<teward> oh @powersj also they are suggesting changes to nginx.conf which affect all packages (nginx-common is a dep for all NGINX flavors in the repo) - which is why it's a larger discussion
<teward> nginx-common is included for all current nginx-{core,full,light extras} installs
<teward> powersj: dug into the build rules.  This change would break nginx-light in it's current state.  we would have to have the stream module a dependency for it.  It's currently only in full, extras, and core.  Light will error with an invalid directive in the config if stream is added as-is.
<teward> so unless we ship multiple config versions based on the NGINX version installed it will break as is.  we need a larger discussion on whether to enable the stream module globally or not before we have that change
<teward> as proposed, anyways.
<teward> powersj: more data, it looks like this is almost HAProxy-esque functionality in NGINX now with TCP socket streams as well
<teward> so it might be something we can enable for all versions but not for Focal.  Needs a discussion with the canonical team on their thoughts.
<teward> (I am not on the Canonical server team xD)
<powersj> teward, spoke to reporter and +1 on post-focal
<teward> ok.  I will set up some kind of notepad on my thoughts on this - mostly because adding this config change will break nginx-light as is
<teward> stream support isnt a default feature it's an optional one
<teward> do we still have etherpad?
<teward> I forget if we do...
<powersj> I think we do, but don't know the link off hand
<teward> ok.  I will do a brain dump on a blueprint...
<teward> itll be huge but it will have my thoughts.  is there a Canonical server team group on LP I can set as reviewer?
<teward> ... which is disabled >.>
<powersj> teward, yes https://launchpad.net/~canonical-server
<teward> powersj: rbasak: http://pad.ubuntu.com/ny2VtEsNlE  <-- in case you want to see what I've got so far.
<teward> i've split this all into a running list of G-series considerations, including two changes to feature availability in the package I've made (one related to the requested 'stream' functon changes, and one that would remove the 'this breaks nginx-light' issue entirely)
<teward> i'm going to go get food now.
#ubuntu-server 2020-03-04
<HeliNomad> Hey guys can I ask a support question?
<tomreyn> !ask | HeliNomad
<ubottu> HeliNomad: Please don't ask to ask a question, simply ask the question (all on ONE line and in the channel, so that others can read and follow it easily). If anyone knows the answer they will most likely reply. :-) See also !patience
<tomreyn> so yes, please do. and if you can't get a response after some time, ask in #ubuntu instead. after all, this channel stilll thinks the latest LTS release is 16.04.
<HeliNomad> I'm getting an error with this code:  sudo mount -t cifs -o username=username //192.168.1.2/ShareVolume ~/ShareLoc/
<HeliNomad> mount error(13): Permission denied
<HeliNomad> Password isn't the issue.
<HeliNomad> Share is hosted on a Mac
<HeliNomad> Just trying to mount it...can't figure it out.
<lordievader> Good morning
<lordievader> HeliNomad: What do you see when you add the `-v` flag?
<rbasak> teward: thanks!
<rbasak> teward: please make sure you don't burn out on this though. I appreciate your work, but I just want to make sure you don't feel obliged to do it. The people who want the features can be expected to do most of the work :)
<HeliNomad> lordievader This is what I get: user@skunky1:~$ sudo mount -t cifs -o username=user //10.10.1.81/LaCie ~/SharePoint/ -v
<HeliNomad> Password for user@//10.10.1.81/LaCie:  **********
<HeliNomad> mount.cifs kernel mount options: ip=10.10.1.81,unc=\\10.10.1.81\LaCie,user=user,pass=********
<HeliNomad> mount error(13): Permission denied
<HeliNomad> Refer to the mount.cifs(8) manual page (e.g. man mount.cifs)
<lordievader> Is your user allowed to access both the share and the sharepoint?
<HeliNomad> Yes.  I am able to mount the share on my mac using smb://10.10.1.81 with the same credentials
<HeliNomad> I found this article but not sure how to change my line to implement the "fix" they are talking about.  Seems that they are doing this in fstab and I just want the mount to done on demand, not on startup: https://ubuntuforums.org/showthread.php?t=2209987
<sdeziel> HeliNomad: You'd use something like this: sudo mount -t cifs -o username=user,sec=ntlmssp,nounix //10.10.1.81/LaCie ~/SharePoint/ -v
<sdeziel> HeliNomad: I'd try to leave out "nounix" first
<HeliNomad> Oh I see needs a comma after user
<HeliNomad> I was trying to append the sec= to the end
<HeliNomad> sorry I'm new to linux
<sdeziel> HeliNomad: sec=ntlmssp is reported to be the "new" default already so it likely won't help
<HeliNomad> Yeah didn't change anything in the results
<HeliNomad> Should I try adding the nounix?
<sdeziel> sure
<sdeziel> HeliNomad: there are many more values that sec= accepts, see "man mount.cifs"
<HeliNomad> Yes I see that
<HeliNomad> Let me run through those
<sdeziel> HeliNomad: I'm not sure if "Permission denied" could be due to a version mismatch but this definitely changed no the linux side. If I were you, I'd try adding vers=1.0
<sdeziel> HeliNomad: and if that doesn't work, I'd go with vers=2.1
<HeliNomad> where do you add that
<sdeziel> HeliNomad: sudo mount -t cifs -o username=user,vers=1.0 //10.10.1.81/LaCie ~/SharePoint/ -v
<sdeziel> LaCie sounds like a potentially old'ish NAS which is why I'd try an old version
<HeliNomad> and to add sec?  just:  sudo mount -t cifs -o username=user,vers=1.0,sec=ntlmssp //10.10.1.81/LaCie ~/SharePoint/ -v
<sdeziel> HeliNomad: I would recommend to try the command I provided as is first
<HeliNomad> That gives me a:  mount error(22): Invalid argument
<sdeziel> HeliNomad: was that with or without the sec=ntlmssp?
<HeliNomad> without
<sdeziel> HeliNomad: hmm, what kernel version are you running? "uname -r" will tell you
<HeliNomad> 4.15.0-88-generic
<HeliNomad> Everything is up to date
<sdeziel> OK good, could you share the output of "tail /var/log/kern.log"
<HeliNomad> Mar  4 14:53:28 skunky1 kernel: [592441.451291] CIFS VFS: cifs_mount failed w/return code = -13
<HeliNomad> Mar  4 14:53:46 skunky1 kernel: [592458.868524] Status code returned 0xc000006d NT_STATUS_LOGON_FAILURE
<HeliNomad> Mar  4 14:53:46 skunky1 kernel: [592458.868543] CIFS VFS: Send error in SessSetup = -13
<HeliNomad> Mar  4 14:53:46 skunky1 kernel: [592458.868655] CIFS VFS: cifs_mount failed w/return code = -13
<HeliNomad> Mar  4 14:54:17 skunky1 kernel: [592489.546557] Status code returned 0xc000006d NT_STATUS_LOGON_FAILURE
<HeliNomad> Mar  4 14:54:17 skunky1 kernel: [592489.546575] CIFS VFS: Send error in SessSetup = -13
<HeliNomad> Mar  4 14:54:17 skunky1 kernel: [592489.546691] CIFS VFS: cifs_mount failed w/return code = -13
<HeliNomad> Mar  4 14:54:30 skunky1 kernel: [592502.726243] Status code returned 0xc000006d NT_STATUS_LOGON_FAILURE
<HeliNomad> Mar  4 14:54:30 skunky1 kernel: [592502.726257] CIFS VFS: Send error in SessSetup = -13
<HeliNomad> Mar  4 14:54:30 skunky1 kernel: [592502.726353] CIFS VFS: cifs_mount failed w/return code = -13
<sdeziel> HeliNomad: thanks but please use a pastebin service next time for multiline outputs ;)
<HeliNomad> Oops sorry
<sdeziel> HeliNomad: are you 100% sure you have the password right? Have you tried typing it somewhere where you can visually inspect it to catch errors introduced by the wrong keyboard layout for example
<HeliNomad> Yes 100%.  I am able to mount the drive in Mac OS using Connect to Server: smb://10.10.1.81 logging in with the same credentials and it works.
<HeliNomad> I have a feeling it has to do with Mac OS Catalina's SMB file sharing protocol not jiving with CIFS in mount.cifs
<sdeziel> HeliNomad: it's possible I'd try putting the username/password in a file as explained here https://thinkinginsoftware.blogspot.com/2011/09/cifs-vfs-cifsmount-failed-return-code.html
<HeliNomad> Sure I can.  But just practically speaking what would be the difference.
<sdeziel> in theory it would be identical, in practice it's worth trying. Worst case, you'll save keystrokes when mounting the share ;)
<HeliNomad> So do I need to store the password file in /root/cifs/cifs_credentials.txt
<sdeziel> no, a file in your home will do. Make sure to "chmod 0600" the file as it contains your creds
<HeliNomad> chmod 0600 does what?
<genii> Makes the file immutable
<sdeziel> "chmod 0600 cifs_credentials.txt" would make sure the file is only read/writable by it's owner
<HeliNomad> got it
<HeliNomad> doing it now...i'll report back
<sdeziel> to be pedantic, it's not immutable as that would be "chattr +i" ;)
<HeliNomad> File created, new command is:  sudo mount -t cifs -o credentials=~/creds/cifs_credentials.txt //10.10.1.81/LaCie ~/SharePoint/
<HeliNomad> Still getting:  mount error(13): Permission denied
<sdeziel> HeliNomad: I've seen some suggesting to add this to your credentials file: domain=WORKGROUP
<HeliNomad> sdeziel Yes I've tried all the arguments suggested in that article you shared
<HeliNomad> All produce the same output
<HeliNomad> For what it's worth, I just tried it with a windows share and it works
<HeliNomad> Something about the Mac is causing the issues here
<sdeziel> domain= was not in the blog post I provided though
<sdeziel> HeliNomad: I'm sorry I couldn't help you. At this point I'm out of ideas and would iterate through various param vers=, nounix, etc until it starts working .... :/
<HeliNomad> Thanks.  Yes it's a head scratcher.  If I find the fix I'll report back
<teward> rbasak: burnout working on nginx and such?  Nope not happening heh.  This is a welcome addition to my regular tasks.  Theres a higher risk of burnout at my regular job than working with Ubuntu packages and tasks ;)
<teward> Its why I am always willing to put effort in as volunteering right now - its things I can actually fix heh
<teward> (In reply to the really ancient pings heh)
<rbasak> teward: happy that you're volunteering. Thank you!
<rbasak> I just wanted to make sure that you didn't feel obligated.
#ubuntu-server 2020-03-05
<lordievader> Good morning
<pgnd> i'm working on upgrading servers to python 3.8.  on an ubu 18.04LTS server, I've installed the pkg, and updated alternative ... but  on exec, 'apt *' or 'apt-get *' complains about "no module named 'apt_pkg'"
<pgnd> can't seem to (re)install python3-apt in my current state; co catch 22?
<pgnd> here's what I see: https://pastebin.com/TJArWK47
<pgnd> how do I get myself out of this mini-mess?
<pgnd> and, python-apt reports "Requirement already satisfied: python-apt in /usr/lib/python3/dist-packages" ...
#ubuntu-server 2020-03-06
<jge> hey all, I'm trying to get an 802.3ad bond interface going in Ubuntu but when I restart networking it hangs for a long time eventually timing out https://i.imgur.com/CcBaESb.jpg
<jge> any idea what I'm doing wrong? my interface config looks like this https://i.imgur.com/0s7ASPL.jpg
<lordievader> Good morning
<LarsErikP> coreycb: jamespage: Hi there! Can we please get python[3]-openstacksdk 0.27.0 released in the stein UCA? :)
<coreycb> LarsErikP: any patches in particular or bugs that need fixing?
<LarsErikP> coreycb: well it is the latest (last?) release in stable/stein and it seems to fix a rather nasty thread handling bug, where some horizon-dashboard would accumulate threads, and eventually kill the webserver
<coreycb> LarsErikP: ack if you have some pointers we can likely cherry-pick the patches. would you be able to also help test the fix once we get it in proposed?
<LarsErikP> I have not managed to get a clear answer to exactly wich commit that fixed it though..
<LarsErikP> here is the changes: https://github.com/openstack/openstacksdk/compare/0.26.0...0.27.0
<LarsErikP> I'll be happy to help testing!
<LarsErikP> The problem we're having is with octavia-dashboard. If you leave a browser at the load-balancer page, apache starts to accumulate threads, and will eventually run out of memory. I recently tested by installin openstack 0.27.0 with pip, and that fixed the issue
<LarsErikP> openstacksdk*
<LarsErikP> I've spoken with a few guys over at both #openstack-horizon and #openstack-sdks and they were aware of the issue, but they couldn't really tell exaclty what fixed it..
<LarsErikP> But it is indeed fixed in 0.27.0, as far as I can see.. :p
<coreycb> LarsErikP:  it's hard to move forward without a bug. the one commit that seems relevant has a non-existing story board number Story: 2005306
<coreycb> https://github.com/openstack/openstacksdk/commit/41740827c4702e8fcaebdf6adf7a2d49a557ec14
<coreycb> *seems* relevant but if you're installing from pip who knows what other updates are getting pulled in from other dependencies
<LarsErikP> https://paste.ubuntu.com/p/28wsrFjBqJ/ here is the outpupt from pip3
<LarsErikP> so, no other dependecies was pulled, I guess?
<LarsErikP> I guess I don't fully understand the process here.. Why isn't the new versions "automatically" released in UCA when they are released? There certaninly must have been _some_ bugs leading to the release of 0.27.0 anyways..?
<LarsErikP> coreycb: btw, that storyboard number exists: https://storyboard.openstack.org/#!/story/2005306
<LarsErikP> and seems to be relevant; and fixed by the commit you pasted? :)
<coreycb> LarsErikP: thanks, search fail I guess :)
<LarsErikP> \o/
<LarsErikP> it's friday afterall ;p
<coreycb> LarsErikP: to answer your question we have 300+ dependencies for openstack so we can't just automatically release code all over the place in stable releases
<coreycb> LarsErikP: we do point releases on a regular cadence with thorough testing for core packages and generally cherry-pick fixes as needed for dependencies with testing as well
<LarsErikP> aha
<LarsErikP> I see :)
<LarsErikP> but since we found the bug, this can be done? :)
<coreycb> LarsErikP: Let's track this via https://bugs.launchpad.net/cloud-archive/+bug/1866361 - I'll take some time deal with this probably early next week.
<ubottu> Launchpad bug 1866361 in Ubuntu Cloud Archive stein "[SRU] Connections to Neutron are not closed properly in v0.26.0" [Undecided,Triaged]
<LarsErikP> coreycb: fantastic! thanks <3 and, I'll be happy to help testing, at least for the issue I am experiencing. Maybe the guy that reported the bug in storyboard is also hanging around in launchpad?
<coreycb> LarsErikP: I think between your testing + some regression testing on our end we'll be covered
<LarsErikP> okok :)
<LarsErikP> i'll be watching the lp bug :)
<benl90> Hello, I want to ask, I set cron to be 5 0 * * * /home/ben/.bash_scripts/backup-db.sh, but it won;'t run on 00:05 instead it run on 07:05. is there any explanation about why It run on 07:05 instead of 00:05? Thank you
<sdeziel> benl90: maybe your crond runs with a different timezone than you are using in your own session?
<benl90> is it because I change the date using timedatectl and not restart the cron service and the rsyslog service could result on it? Thank you.
<benl90> sdeziel, how to check that sir?
<sdeziel> benl90: that sounds likely ;)
<benl90> hmm.. ok. just let
<benl90> 's see if it will trigger on 00:05
<benl90> sdeziel,  so after setting the timedatectl, we need to restart rsyslog and cron service ?
<sdeziel> benl90: actually, I'm not even sure that would let crond pick up the new TZ
<benl90> so crond will still use UTC time zone?
<sdeziel> benl90: after thinking a bit more, I think restarting cron will do
<rbasak> cron probably uses /etc/localtime
<benl90> how to see the localtime?
<rbasak> ls -l /etc/localtime
<benl90> oh ls -al, I run cat -_-. oops
<rbasak> But I agree - a restart is probably required
<benl90> rbasak, it already set to the zoneinfo of Asia/Jakarta. Hmm..
<rbasak> timedatectl might have changed it
<benl90> seems it require restart, let's see. At first I think I wrote the wrong config.
<rbasak> I only mention it because it's worth checking if you're confused
<sdeziel> benl90: yes, that's what your timedatectl probably did
<benl90> hmm.. okay, let's see. Thank you
<sdeziel> benl90: but presumably, when cron was started /etc/localtime pointed elsewhere (Etc/UTC)
<smoser> rbasak: sshd over lxc exec is awesome.
<teward> rbasak: do we know what PHP we're shipping for Focal>
<teward> is it 7.3 or 7.4?
<rbasak> teward: I believe the transition to 7.4 is still in progress
<rbasak> smoser: thanks :)
<teward> rbasak: do we expect it to be 7.4 by release?
<teward> because if so I have to push a tweak to the nginx default config we ship (match socket version numbering)
<rbasak> teward: I believe so, yes
<teward> ok then I should push this now while it's fresh (doesn't add/remove any features, so shouldn't need an FFe)
<rbasak> teward: https://launchpad.net/ubuntu/+source/php-defaults/73ubuntu1 - when that migrates
<teward> ok
<teward> rbasak: should I push now assuming we're going to be landing 7.4 or should I wait?  (I'd have to push a fix to make it 7.3 anyways even if we're not certain 7.4 will land in time.)
<teward> (it doesn't affect the default *runtime* but it affects the commented-out example config that would allow PHP to work)
<teward> we've had several bugs about complaints about the version strings not matching up so i'm being extra diligent on that atm
<rbasak> teward: personally I'd wait
<teward> ack
<teward> i'll prep it on paper my side and wait
<teward> (I keep watching those PHP Triage messages that go over the lists heh)
<rbasak> Only because it saves a bunch of question about the UX for users following the release pocket
<rbasak> bryce: FYI ^
<teward> indeed.
<teward> rbasak: that said...
<teward> I have an idea for that too.
<teward> which is to ship a PHP config in /etc/nginx/snippets/ which would contain PHP configuration and then just have an `include` in the nginx site configuration that would include the php location directly.
<teward> which would allow easier enablement of PHP functions for users
<teward> we'd still have to *edit* the socket version there, but it'd be easier for people to enable PHP interop in their site definitions
<Rockwood> hi
<Rockwood> any active?
<sdeziel> Rockwood: It's better to ask your question and wait for someone to answer :)
<Rockwood> i am using webservices from VM's ubuntu 19.10 and my project folder (by sharing) in win 10 and i am attaching the folder to ubuntu
<Rockwood> but i am facing issue --> https://paste.ubuntu.com/p/ZZVmFdM674/ and output is "File not found." on chrome
<Rockwood> sdeziel, this is my question how solve this?
<sdeziel> Rockwood: looks like your web server (apache?) doesn't have permissions to read from /var/www/html/projects/cyberia/public/
<Rockwood> sdeziel, i tried lots of time but its not accepting permissions
<Rockwood> win 10 (projects) and ubuntu (projects)
<Rockwood> sdeziel, i am using nginx
<sdeziel> Rockwood: OK, then files are accessed as the 'www-data' user by default
<sdeziel> Rockwood: you need to make sure this user can access that public dir
<Rockwood> how can tell the win folder that is?
<Rockwood> means how to add this?
<sdeziel> what's the output of "ls -l  /var/www/html/projects  /var/www/html/projects/cyberia" ?
<sdeziel> err, I wanted "ls -la /var/www/html/projects  /var/www/html/projects/cyberia"
<Rockwood> sdeziel, https://paste.ubuntu.com/p/b7FnFy4pDb/
<Rockwood> oh
<Rockwood> one sec
<Rockwood> sdeziel, https://paste.ubuntu.com/p/DB9BFtvSRW/ of https://paste.ubuntu.com/p/DB9BFtvSRW/
<Rockwood> lol
<Rockwood> ls -la /var/www/html/projects  /var/www/html/projects/cyberia
<Rockwood> output of this command
<sdeziel> Rockwood: is /var/www/html/projects shared from a host running VirtualBox?
<Rockwood> yes i am using VirtualBox
<sdeziel> OK, I never used those but I'll assume it's mounted "rw". Have you tried this: sudo chmod o+x /var/www/html/projects /var/www/html/projects/cyberia  /var/www/html/projects/cyberia/public
<Rockwood> on win C:\Users\Professional\projects\cyberia  this is the path
<Rockwood> sdeziel, https://ibb.co/Q9GS6CX
<sdeziel> Rockwood: if you don't want to chmod dirs, you will have to tweak the mount options to have the share mounted with different permissions (or owner or group)
<sdeziel> for that, you'd probably need to look in /etc/fstab
<Rockwood> sdeziel, i dont ve any problem with change anything bcz this is my dev server
<Rockwood> i applied this -->sudo chmod o+x /var/www/html/projects /var/www/html/projects/cyberia  /var/www/html/projects/cyberia/public
<Rockwood> but isn't help in solve issue
<sdeziel> Rockwood: the thing is that only root and members of vboxsf can access your share which means nginx running as www-data won't be able to access those
<Rockwood> okay
<sdeziel> Rockwood: what do you get from: grep -F /var/www/html/projects /etc/fstab ?
<Rockwood> nothing
<Rockwood> cyberia@cyberia:~$ grep -F /var/www/html/projects /etc/fstab
<Rockwood> cyberia@cyberia:~$ sudo grep -F /var/www/html/projects /etc/fstab
<Rockwood> cyberia@cyberia:~$
<sdeziel> mount | grep projects
<Rockwood> cyberia@cyberia:~$  mount | grep projects
<Rockwood> projects on /var/www/html/projects type vboxsf (rw,nodev,relatime,iocharset=utf8,uid=0,gid=998,dmode=0770,fmode=0770,tag=VBoxAutomounter)
<Rockwood> sdeziel, ^^
<sdeziel> Rockwood: not sure that's the proper way but found https://askubuntu.com/questions/323392/how-to-access-shared-folders-in-ubuntu-vmoracle-virtualbox-and-link-them-to-th
<sdeziel> Rockwood: so I'd try: sudo adduser www-data vboxsf && sudo service nginx upgrade
<Rockwood> sdeziel, https://paste.ubuntu.com/p/BQZxdf5w6V/
<sdeziel> Rockwood: try browsing the site now?
<Rockwood> no
<Rockwood> still the same error
<Rockwood> File not found.
<Rockwood> browser
<sdeziel> Rockwood: are you still seeing the same errors in nginx logs?
<Rockwood> i am chking that
<Rockwood> https://paste.ubuntu.com/p/ckrxJtMM2y/  its changed now in logs i think
<Rockwood> sdeziel,
<sdeziel> that looks better (after 2020/03/06 18:50:39). Your problem seems to be with fastcgi now
<sdeziel> or how you interface with fastcgi from your nginx config
<Rockwood> fastcgi_pass   127.0.0.1:9000;
<Rockwood> something like this
<Rockwood> by ip and port
<sdeziel> I'd check fastcgi's logs for clues
<Rockwood> i am unable to find the fastcgi logs
<Rockwood> sdeziel, i am got new error file there
<Rockwood> sdeziel, i got new error file there
<Rockwood> error.loges
<Rockwood> why? its generated
<Goop> I just bought a domain that is 6 characters long for the sole purpose of giving short URL's, so when I orally tell/write people links and email addresses, it's super long. What's the best solution you guys suggest, as far as putting on the webserver?
<lordcirth> Goop, you want to run your own link shortener?
<Goop> lordcirth, yes. For private purposes (in other words, no everyone can create their own link).
<Rockwood> sdeziel, what should i do now?
<sdeziel> Rockwood: what's in the logs?
<Rockwood> fastcgi isn't any separate log file
<sdeziel> Rockwood: that's surprising to me. What's the package that provides your fastcgi daemon?
<Rockwood> php-fpm
<sdeziel> nothing in /var/log/php*-fpm.log ?
<Rockwood> yes before this i chk another thing i just https://paste.ubuntu.com/p/4jxWStzRDx/
<Rockwood> now i am ppasting logs
<Rockwood> https://paste.ubuntu.com/p/hN4hpyrdxK/  http://php7.3-fpm.log/     sdeziel
<Rockwood> https://paste.ubuntu.com/p/hN4hpyrdxK/  <--- php7.3-fpm.log     sdeziel
<sdeziel> Rockwood: since php-fpm also runs as www-data, you need to restart that service too
<Rockwood> okay doing
<Rockwood> sdeziel, same issue at browser
<Rockwood> sdeziel, there?
<sdeziel> Rockwood: yes, at work
<Rockwood> oh sorry
<sdeziel> Rockwood: what's in your nginx logs now?
<Rockwood> chkig
<bryce> teward, there's just two php packages left on the 7.4 transition list, which both have weird problems but I have ideas to try today.  Then just need to finish clearing any remaining proposed migration issues.  I'm expecting 7.3 can be removed from the archive next week, and am hoping for early in the week.  If that helps with your planning.
<teward> Yep it does iâll follow up next week :)
<Rockwood> sdeziel, https://paste.ubuntu.com/p/SKbRqtJzq8/
<sdeziel> Rockwood: those log lines are truncated in your paste for some reason.
<Rockwood> means?
<sdeziel> Rockwood: I cannot see the full error
<Rockwood> i for get the pastebinit for make output link
<Rockwood> i forget the pastebinit for make output link
<sdeziel> Rockwood: tail /path/to/log/file.log | pastebinit
<sdeziel> Rockwood: that said, I think your problem matches this https://serverfault.com/questions/517190/nginx-1-fastcgi-sent-in-stderr-primary-script-unknown so the first answer should be looked at
<halvors> My /etc/fstab is missing a filesystem mounted on /boot where does my server get the information needed for booting?
<kiokoman> halvors: probably from systemd
<kiokoman> halvors: ls -l /run/systemd/generator/
<kiokoman> halvors: check -.mount
<kiokoman> where -.mount is for / root  filesystem you probably have others
<kiokoman> systemctl -t mount  List currently mounted systemd units
<halvors> kiokoman: the file -.mount seems right, but it still boots from the root of the btrfs filesystem not the subvolume @
<halvors> just so that i mention it, the install was installed on the root of the btrfs filesystem without subvolumes.
<halvors> And i created @ and @hoome
<halvors> home*
<halvors> the original root filesystem still exists.
<halvors> does it scan thru the filesystem or something?
<halvors> Do i need to delete anything other than @ and @home?
<halvors1> With the newest 18.04 server installer iso it does not install on @ and @home subvolumes when using btrfs?
<tomreyn> i wuldn't be surprised. you might need to    snap refresh subiquity    on the installer, but this may not help either and you'll need to use the alternative installer (debian-installer)
<tomreyn> that is, i do not actually know, have not actually tried.
<halvors1> ok thanks, trying with the old installer now
<jge> strange, so I have a bonded interface (mode 4) but do not see any LACP messages being sent out when doing a tcpdump
<tds> jge: what does /proc/net/bonding/foo look like?
<jge> actually erase that, I was dumping on bond0 when I do it on the child ifaces I see LACP messages being sent out
<jge> it says that is up @tds but Partner churn state is churned, is that expected?
<jge> the problem I have is that my upstream switch bundle interface is not coming up..
<tds> hmm, that doesn't sound normal, checking a box here it's none on all interfaces
<tds> do you see lacp messages from the other side when tcpdumping?
<jge> yeah I see it in both directions
<jge> from the switch and from the server
<xar-> Hello, is it unusual for the major kernel version to change between LTS minor point releases? I couldn't help but notice that 18.04 went from 4.15 to 5.0.
<rbasak> xar-: see https://wiki.ubuntu.com/Kernel/LTSEnablementStack
<xar-> rbasak: great, thank you
#ubuntu-server 2020-03-07
<MJCD> hey all
<MJCD> not sure if anyone here is from the dos days
<MJCD> but i'm looking for a CLI interface style launcher and file manager
<MJCD> like a gui
<MJCD> quickmenu on dos is a good example, as well as many others
<MJCD> I don't want to run xorg in any capacity but still want maybe a menu.lst gui launcher
<MJCD> and then as I say, similar sort of thing i'm looking for but in a file manager
<MJCD> a dos'alike there would be xtree
<MJCD> but really not too fussy
<MJCD> I can't find anything on google that isn't just basically "install xorg"
<lotuspsychje> easy on the enter button MJCD
<oerheks> mc is a filemanager for terminal
<MJCD> sorry; I have untreated ADHD, i'll do my best
<oerheks> !info mc
<ubottu> mc (source: mc): Midnight Commander - a powerful file manager. In component universe, is optional. Version 3:4.8.19-1 (bionic), package size 462 kB, installed size 1452 kB
<MJCD> oerheks, that looks great
<MJCD> I only knew of mc for windows
<MJCD> should be a good choice
<oerheks> :-)
<oerheks> have fun!
<MJCD> what about the other more random thing haha
<MJCD> I mean we are going to eventually offer X11 compatible wayland protocol forwarding
<MJCD> for remote desktops on the servers
<MJCD> but that doesn't mean I can't make the CLI usable at the basic level either
<halvors> I added a file with "btrfs ALL=(root:nobody) NOPASSWD:NOEXEC: /bin/btrfs" to /etc/sudoers.d
<halvors> But i still cannot run /bin/btrfs as sudo for the user btrfs.
<ncuxo> when configuring autofs for nfs and samba shares do I still have to do the fstab entry or I will relly on autofs only?
<runelind_q> well this is interesting.  I have a dozen or so containers, one of which is unable to find the package magic-wormhole when doing apt-cache search
<runelind_q> they're all 18.04 containers
<runelind_q> it can find plenty of other packages
<Rockwood> hi
<Rockwood> any active?
<Rockwood> https://paste.ubuntu.com/p/gVnW3pYDS2/
<Rockwood>   i am stuck on this error
<runelind_q_> somehow iptables got turned on with my ubuntu 18.04 server.  how can I see how it got turned on and make sure it doesn't get turned on again?
#ubuntu-server 2020-03-08
<theborger> anyone know a reason that BCM5709 would not work when doing an install?
<mTeK> I'm trying to test a zfs pool write speed and dd keeps telling me that "dd: failed to open" the path to the zpool
<mTeK> I can touch a file in the directory so why wouldn't dd be able to write there?
<mTeK> "oflag=direct" removing that fixes the issue.
<mTeK> Must be a zfs thing according to google.
<jge> if I have a bond0 interface with lacp on, would I see those lacp messages being sent out with tcpdump?
<M^tt> Good day, I've just started playing with uvtool and cloud images. I'm wondering where the hostname is set? as it seems to reset on each boot
<M^tt> ok so its the datasource disk, i can see it has been pulled out into /run/cloud-init/instance-data.json, just not sure what format that disk is in ? best way to adjust it ?
<M^tt> nevermind i guess im just mixing up hostname vs fqdn, it strips out the domain
<M^tt> really should be able to set that fqdn though i think
<hallyn> omg the 'new' ubuntu server install is annoying (over a slow remote console)
<lotuspsychje> hallyn: new as in wich version?
<hallyn> it's bionic
<hallyn> was trying to do 'manual' disk setup
<hallyn> near as i can tell, every time i go down a field, after 1s it times out and goes back to the top, and there are no shortcuts for 'back' (to reread bc i set it up in a shell) or 'done'
<pennTeller> Hi guys, can I get your input on how to find the latest network outage on my ubuntu server?
<TJ-> pennTeller: what kind of outage?
<pennTeller> TJ- my website was down for a few minutes a couple of days ago and I woud like to find out why
<pennTeller> TJ- so at the moment it was either my ubunt server failed somehow or my router was blocking visitors
<pennTeller> so I am tying to find from the logs if the network was marked as having gone down
<TJ-> pennTeller: well, start with the web-server logs, it may be the web server restarted. If not, then look at the kernel log, or various logs via journalctl
<TJ-> pennTeller: for a hard loss of ethernet link, check the kernel log ("journalctl -b 0 -k")
<pennTeller> TJ- thanks, I agree. I just don't know what I should be "grepping" for
<pennTeller> thanks for that suggestion
<TJ-> pennTeller: if you know the approx time it happened try using a timestamp to narrow it down
<pennTeller> thank you, do you know any particular "greppable" termns?
<TJ-> pennTeller: you can do things like "journalctl -b 0 --since 2 days ago' --until '1 day ago' "
<TJ-> pennTeller: you can use exact dates/times in those expressions
<pennTeller> thanks I will give that a show
<TJ-> pennTeller: is systemd-networkd used to manage the network? if so "journalctl -b 0 -u systemd-networkd" may help
<SuperLag> I understand it's considered good practice to not leave SSH Host keys on servers you intend for use with cloning. So you delete them.
<SuperLag> However, I mistakenly assumed that Ubuntu Server would *automatically* generate new host keys when SSHD starts on boot. It does not. You're left with a machine you cannot log into remotely. Is this intended behavior?
<SuperLag> RHEL and CentOS generate the new host keys, automatically, the next time sshd gets restarted
<SuperLag> I logged in from the hypervisor console and ran "dpkg-reconfigure openssh-server" and this was the resolution. However, that seems like it shouldn't be necessary. Am I mistaken?
<TJ-> SuperLag: that's the way it's done, from openssh-server.postinst script. I'm not aware of any boot-time detection/tooling to do that
<SuperLag> TJ-: So if you're prepping a VM for cloning...what is your recourse?
<SuperLag> the idea being you don't have a bunch of VMs with the same host key..
<TJ-> SuperLag: cloud-init
<TJ-> SuperLag: see e.g. https://github.com/canonical/cloud-init/blob/master/doc/examples/cloud-config-ssh-keys.txt
